Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/HqEw1VIU6T2d_c98WXtqcTlXt7o.roa
File: HqEw1VIU6T2d_c98WXtqcTlXt7o.roa (raw, json)
Hash identifier: 7fRuIuwaSL6XGzdMGqRKOXWmPdY0b+UJY3gcQ1kY0hs=
Subject key identifier: 1E:A1:30:D5:52:14:E9:3D:9D:FD:CF:7C:59:7B:6A:71:39:57:B7:BA
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018361E3043C9D11770B052BDA641D04E514
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/HqEw1VIU6T2d_c98WXtqcTlXt7o.roa
Signing time: Wed 21 Sep 2022 21:10:11 +0000
ROA not before: Wed 21 Sep 2022 21:10:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205220
IP address blocks: 91.186.220.0/22 maxlen: 24
178.253.38.0/23 maxlen: 24
178.253.44.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:61:e3:04:3c:9d:11:77:0b:05:2b:da:64:1d:04:e5:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Sep 21 21:10:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ea130d55214e93d9dfdcf7c597b6a713957b7ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d7:55:20:21:f7:af:33:3f:58:7c:92:a0:3a:
07:4f:63:5a:09:0e:ca:1b:b5:75:aa:97:38:08:4f:
62:3a:ee:a5:0f:2a:16:f6:09:bd:51:51:8d:5c:30:
85:1c:84:9b:8a:8a:99:cc:57:92:ba:7b:69:11:3d:
6f:0f:f5:c8:6e:94:32:64:fc:c7:b4:41:b4:4f:41:
d4:d2:f1:1d:61:88:3f:25:7a:bc:d9:4c:27:60:83:
d2:67:fd:4c:77:4b:ab:a2:77:29:a7:f9:9b:4b:28:
bf:b4:65:83:f9:d7:35:e1:b4:ce:4e:2f:72:21:d9:
0d:3a:1b:65:2b:d9:71:a9:85:06:b5:57:2e:20:a3:
7c:f9:b4:ac:02:6b:55:b8:90:16:2f:46:39:9c:19:
9e:16:dc:73:a3:ed:5c:e7:e8:60:2a:a3:47:34:dc:
b1:44:ae:fd:d9:b1:2b:14:a3:e8:fd:e4:13:5c:aa:
c6:2e:6b:0c:ab:c6:dc:92:f8:6f:13:3b:24:c2:1d:
1d:7b:f5:77:10:fd:5f:93:e7:48:c9:7d:14:7d:63:
49:b5:41:04:5a:ee:63:98:25:c3:d9:8d:5a:41:19:
50:1e:e3:9b:46:6f:f5:24:be:82:07:1b:f2:22:50:
31:86:f9:cc:ca:18:47:cf:43:71:74:11:f2:1c:fc:
bb:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A1:30:D5:52:14:E9:3D:9D:FD:CF:7C:59:7B:6A:71:39:57:B7:BA
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/HqEw1VIU6T2d_c98WXtqcTlXt7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.186.220.0/22
178.253.38.0/23
178.253.44.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:a6:45:6b:c2:ee:19:77:60:1a:fb:ef:2d:6f:e7:5f:4b:41:
61:56:5a:ce:bf:03:f2:7f:6f:0e:40:5f:dd:54:6e:8c:4e:47:
a8:57:f8:a6:b7:d0:54:2f:52:e5:84:5c:4d:cd:ed:1c:5d:2b:
18:53:19:52:e2:3e:d1:82:5e:89:6d:7e:86:b6:6b:58:8c:c2:
ab:39:16:12:eb:88:9d:6d:17:3c:61:2a:35:98:bb:94:4c:93:
97:fd:19:1e:fb:28:7d:34:c9:68:10:37:13:7c:db:9f:03:9c:
13:91:5f:8d:6a:96:00:50:51:f4:63:0c:6a:6c:b6:60:75:20:
d1:a4:d9:e7:06:4a:af:ff:a7:4f:17:2f:75:3d:17:3e:0e:f0:
46:cf:e8:0f:d8:fe:f3:55:92:7a:f9:a9:07:57:31:32:25:10:
26:da:3a:e7:9b:f1:d9:c9:75:cb:82:18:f5:14:32:25:bf:c4:
8d:12:03:42:53:e9:5e:63:1b:d1:99:ac:34:1e:90:54:29:54:
c7:9e:92:85:ef:e0:a9:86:3f:70:25:0e:68:5b:a9:0c:96:21:
e5:d6:5d:7a:8b:50:09:3c:e8:60:23:c8:2d:42:81:7a:57:d9:
e2:ce:83:46:e1:e3:3c:7b:92:1c:44:4a:1f:fb:ac:5d:1d:ff:
e8:ee:ad:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYNh4wQ8nRF3CwUr2mQdBOUUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIwOTIxMjExMDExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWExMzBkNTUyMTRlOTNkOWRmZGNmN2M1OTdiNmE3MTM5NTdiN2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNdVICH3rzM/WHySoDoHT2NaCQ7K
G7V1qpc4CE9iOu6lDyoW9gm9UVGNXDCFHISbioqZzFeSuntpET1vD/XIbpQyZPzH
tEG0T0HU0vEdYYg/JXq82UwnYIPSZ/1Md0uroncpp/mbSyi/tGWD+dc14bTOTi9y
IdkNOhtlK9lxqYUGtVcuIKN8+bSsAmtVuJAWL0Y5nBmeFtxzo+1c5+hgKqNHNNyx
RK792bErFKPo/eQTXKrGLmsMq8bckvhvEzskwh0de/V3EP1fk+dIyX0UfWNJtUEE
Wu5jmCXD2Y1aQRlQHuObRm/1JL6CBxvyIlAxhvnMyhhHz0NxdBHyHPy7DQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB6hMNVSFOk9nf3PfFl7anE5V7e6MB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvSHFFdzFWSVU2VDJkX2M5OFdYdHFjVGxYdDdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW7rcAwQB
sv0mAwQBsv0sMA0GCSqGSIb3DQEBCwUAA4IBAQBbpkVrwu4Zd2Aa++8tb+dfS0Fh
VlrOvwPyf28OQF/dVG6MTkeoV/imt9BUL1LlhFxNze0cXSsYUxlS4j7Rgl6JbX6G
tmtYjMKrORYS64idbRc8YSo1mLuUTJOX/Rke+yh9NMloEDcTfNufA5wTkV+NapYA
UFH0YwxqbLZgdSDRpNnnBkqv/6dPFy91PRc+DvBGz+gP2P7zVZJ6+akHVzEyJRAm
2jrnm/HZyXXLghj1FDIlv8SNEgNCU+leYxvRmaw0HpBUKVTHnpKF7+Cphj9wJQ5o
W6kMliHl1l16i1AJPOhgI8gtQoF6V9nizoNG4eM8e5IcREof+6xdHf/o7q3K
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:40:19 2024 by rpki-client on console-ams.rpki-client.org