Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/RHE5faNSX2pajZffCAJwNFXKGwY.roa
File: RHE5faNSX2pajZffCAJwNFXKGwY.roa (raw, json)
Hash identifier: xP1okF67KTdWlNk+0BJtuBzeIDoDgw2H5NzKkZnazgo=
Subject key identifier: 44:71:39:7D:A3:52:5F:6A:5A:8D:97:DF:08:02:70:34:55:CA:1B:06
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 08B2F4B5
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/RHE5faNSX2pajZffCAJwNFXKGwY.roa
Signing time: Sun 13 Mar 2022 05:33:57 +0000
ROA not before: Sun 13 Mar 2022 05:33:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.186.216.0/22 maxlen: 24
91.186.220.0/22 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.212.0/22 maxlen: 24
83.147.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 145945781 (0x8b2f4b5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Mar 13 05:33:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4471397da3525f6a5a8d97df0802703455ca1b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:16:10:74:2d:ec:2f:0e:0f:ad:4d:4a:7c:b6:
00:72:94:e8:56:d0:03:6b:64:64:2b:59:cf:3b:0d:
ff:a9:8f:cd:d9:c3:04:a5:fa:20:d4:86:bc:f5:86:
0d:a6:03:83:77:00:ba:09:ce:9a:a3:c6:19:36:6d:
e9:99:be:90:8f:51:67:62:2d:de:0b:1a:77:3e:9c:
a6:85:4f:40:6d:4c:35:41:16:14:c3:ba:a5:3c:7b:
3d:32:be:c8:26:74:97:ff:42:08:3c:93:19:0c:73:
2e:b8:72:4e:19:b6:35:0d:da:87:0f:30:50:30:5a:
a5:4d:21:c2:b3:4e:53:b6:76:6b:be:9d:d0:bb:5e:
eb:f7:8e:d2:a5:05:82:37:3d:51:f3:f9:1e:2f:68:
b8:96:26:5c:59:39:dc:16:6e:26:7b:af:40:1e:e5:
bb:9f:ea:67:de:dd:d6:13:92:e4:42:6e:bd:62:27:
4f:37:ff:9a:42:db:51:84:ca:24:16:68:8f:62:bb:
13:59:b1:07:22:55:9e:0c:80:95:f9:47:e3:97:79:
f4:3d:a5:87:95:47:9b:82:ec:e4:55:63:2f:23:6f:
52:28:07:8a:42:b3:01:bf:91:29:4e:f3:35:b9:24:
6e:2e:aa:37:2f:00:ff:15:ba:19:c3:d9:30:eb:f4:
d2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:71:39:7D:A3:52:5F:6A:5A:8D:97:DF:08:02:70:34:55:CA:1B:06
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/RHE5faNSX2pajZffCAJwNFXKGwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.212.0/22
83.147.232.0/22
91.186.216.0/21
94.241.176.0/21
Signature Algorithm: sha256WithRSAEncryption
16:3b:ad:75:fb:0c:36:fe:f9:93:e4:e6:84:32:c9:e3:b1:5b:
e4:9c:7a:38:23:30:da:7c:2a:a0:73:d8:10:35:f8:63:a8:3b:
45:c6:5b:e0:ea:40:80:19:5b:0e:e1:e8:ed:b4:39:95:da:fd:
9b:6a:82:b3:2b:41:22:ea:1d:ec:1b:8c:ef:4d:13:e0:83:0b:
2c:5d:e4:48:b3:91:cc:9c:9b:d1:6a:c9:5a:44:1b:eb:55:2a:
8c:f7:f7:f4:b6:a8:1f:0c:fd:9c:fa:7d:e2:ac:26:65:08:04:
8a:38:17:e4:8f:36:cc:6f:ba:c5:e9:94:6f:c7:5f:c3:52:62:
50:9b:b9:36:42:65:64:9f:a8:8a:ec:9e:91:17:62:10:31:64:
97:fb:69:6b:83:ae:75:c6:45:a6:7a:a1:0a:7f:62:fc:0a:4c:
80:fa:ea:e3:5c:22:c9:74:8c:85:d4:84:f4:94:fe:a6:58:b4:
ed:cd:d7:dd:c5:d1:13:9f:e9:bf:1a:ae:1b:7a:2a:c9:e6:93:
26:5f:34:cd:11:66:c8:01:29:86:0c:1e:3e:79:ee:fd:62:28:
11:18:57:af:14:4f:d9:60:ba:9f:3d:ea:3e:02:ff:2b:0e:28:
ac:12:d9:f9:f5:e4:05:a1:fe:f4:c3:5e:65:ba:f4:2a:25:c4:
dc:6f:c4:66
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIECLL0tTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDMx
MzA1MzM1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDQ3MTM5N2RhMzUy
NWY2YTVhOGQ5N2RmMDgwMjcwMzQ1NWNhMWIwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM8WEHQt7C8OD61NSny2AHKU6FbQA2tkZCtZzzsN/6mPzdnD
BKX6INSGvPWGDaYDg3cAugnOmqPGGTZt6Zm+kI9RZ2It3gsadz6cpoVPQG1MNUEW
FMO6pTx7PTK+yCZ0l/9CCDyTGQxzLrhyThm2NQ3ahw8wUDBapU0hwrNOU7Z2a76d
0Lte6/eO0qUFgjc9UfP5Hi9ouJYmXFk53BZuJnuvQB7lu5/qZ97d1hOS5EJuvWIn
Tzf/mkLbUYTKJBZoj2K7E1mxByJVngyAlflH45d59D2lh5VHm4Ls5FVjLyNvUigH
ikKzAb+RKU7zNbkkbi6qNy8A/xW6GcPZMOv00jUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBREcTl9o1JfalqNl98IAnA0VcobBjAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L1JIRTVmYU5TWDJwYWpaZmZDQUp3TkZYS0d3WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAlOT1AMEAlOT6AMEA1u62AMEA17x
sDANBgkqhkiG9w0BAQsFAAOCAQEAFjutdfsMNv75k+TmhDLJ47Fb5Jx6OCMw2nwq
oHPYEDX4Y6g7RcZb4OpAgBlbDuHo7bQ5ldr9m2qCsytBIuod7BuM700T4IMLLF3k
SLORzJyb0WrJWkQb61UqjPf39LaoHwz9nPp94qwmZQgEijgX5I82zG+6xemUb8df
w1JiUJu5NkJlZJ+oiuyekRdiEDFkl/tpa4OudcZFpnqhCn9i/ApMgPrq41wiyXSM
hdSE9JT+pli07c3X3cXRE5/pvxquG3oqyeaTJl80zRFmyAEphgwePnnu/WIoERhX
rxRP2WC6nz3qPgL/Kw4orBLZ+fXkBaH+9MNeZbr0KiXE3G/EZg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org