Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/55de73-dd5e-414f-a3d4-21d7de2499de/1/HQn7L4Dm1BsfIq-CROiWNbPhibg.roa
File: HQn7L4Dm1BsfIq-CROiWNbPhibg.roa (raw, json)
Hash identifier: VQ6YV/4FS5+Gs3l28VlzaowRir/Y1dyeJs3Hfzlp4uU=
Subject key identifier: 1D:09:FB:2F:80:E6:D4:1B:1F:22:AF:82:44:E8:96:35:B3:E1:89:B8
Certificate issuer: /CN=85af77d448a811387a71527fc334dcc4ff71de8f
Certificate serial: 02217B0E
Authority key identifier: 85:AF:77:D4:48:A8:11:38:7A:71:52:7F:C3:34:DC:C4:FF:71:DE:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ha931EioETh6cVJ_wzTcxP9x3o8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/55de73-dd5e-414f-a3d4-21d7de2499de/1/HQn7L4Dm1BsfIq-CROiWNbPhibg.roa
Signing time: Sat 01 Jan 2022 14:59:04 +0000
ROA not before: Sat 01 Jan 2022 14:59:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 192.175.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 35748622 (0x2217b0e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85af77d448a811387a71527fc334dcc4ff71de8f
Validity
Not Before: Jan 1 14:59:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d09fb2f80e6d41b1f22af8244e89635b3e189b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:29:5e:a7:18:a1:00:64:0f:12:b0:ee:fa:8b:
e2:9c:a5:e8:0d:66:10:2f:e1:41:5b:93:fb:22:34:
b0:2e:62:be:8a:b3:05:4d:74:b7:57:d6:42:b7:78:
43:c5:cc:d2:39:26:d1:b5:e2:5f:59:a2:66:15:a1:
e0:9b:a6:e7:e5:a6:0e:68:70:1b:07:a5:62:c7:61:
91:70:fb:29:50:9e:60:e3:ec:1c:67:2f:34:38:3f:
89:26:6a:58:be:41:46:15:a8:e5:da:e3:cc:1d:06:
9a:95:6a:cb:65:0a:13:de:71:25:d0:a3:80:38:33:
7e:38:61:40:2a:a2:ce:38:f3:47:16:6f:b7:06:42:
74:a5:54:95:83:21:86:50:98:ba:43:47:ff:6f:77:
91:bf:65:d9:0c:ca:be:b8:41:18:34:6b:ab:69:fd:
94:75:da:0a:d7:cf:95:60:35:32:e1:a7:8c:79:d2:
17:57:1a:53:b6:05:24:63:be:72:41:88:30:4f:36:
fb:77:49:ee:34:7d:68:6e:49:56:35:17:77:2c:1c:
80:2f:b1:33:d8:97:e4:ec:0d:91:c8:91:6b:c1:51:
48:ba:57:9d:7c:31:3b:e8:c3:ea:be:ea:50:80:5a:
51:63:8e:99:38:47:27:fa:6f:db:2a:ae:dc:79:7c:
c2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:09:FB:2F:80:E6:D4:1B:1F:22:AF:82:44:E8:96:35:B3:E1:89:B8
X509v3 Authority Key Identifier:
keyid:85:AF:77:D4:48:A8:11:38:7A:71:52:7F:C3:34:DC:C4:FF:71:DE:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ha931EioETh6cVJ_wzTcxP9x3o8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/55de73-dd5e-414f-a3d4-21d7de2499de/1/HQn7L4Dm1BsfIq-CROiWNbPhibg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/55de73-dd5e-414f-a3d4-21d7de2499de/1/ha931EioETh6cVJ_wzTcxP9x3o8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.175.1.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:4d:8a:a7:cf:f0:a4:19:66:58:a1:d9:a2:36:00:6e:28:e9:
88:04:dc:a2:cc:07:aa:f9:c6:97:99:29:04:ea:b4:af:1d:5d:
9c:42:19:cb:fe:58:a9:cd:b0:16:cd:0b:bd:f0:95:87:58:19:
c8:98:47:f4:ed:e6:46:c2:d7:9c:9b:77:3c:bf:31:20:34:10:
e6:0a:53:82:a3:7f:7a:61:43:04:b3:8c:67:0f:6a:91:c2:76:
90:29:53:98:e1:80:0b:85:11:a1:47:90:e5:e5:be:07:37:2f:
96:b2:f3:86:5b:b4:c8:04:18:04:d3:78:cd:65:1e:65:17:46:
d2:cb:77:6e:c2:29:18:3f:d3:12:d2:51:75:19:41:aa:45:00:
ec:a5:90:a1:ce:d8:83:78:50:ad:72:06:ef:7a:19:35:be:2d:
dc:01:13:06:d5:71:97:04:09:13:cd:e4:a5:f5:da:e7:60:bb:
1a:1d:1f:7a:d7:94:d9:c1:17:d2:35:09:c0:1e:ed:06:7f:42:
ff:2d:00:ba:f9:a1:39:a9:7b:09:b5:1a:db:ff:1c:04:92:49:
e9:d1:3a:ac:be:7d:2c:3c:39:e1:d9:b3:c4:2c:f7:dc:8a:0f:
1b:86:2b:c3:5d:96:e0:b9:4b:99:08:4a:bc:7c:b2:b4:67:f6:
c2:9a:6b:50
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAiF7DjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWFmNzdkNDQ4YTgxMTM4N2E3MTUyN2ZjMzM0ZGNjNGZmNzFkZThmMB4XDTIyMDEw
MTE0NTkwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQwOWZiMmY4MGU2
ZDQxYjFmMjJhZjgyNDRlODk2MzViM2UxODliODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKApXqcYoQBkDxKw7vqL4pyl6A1mEC/hQVuT+yI0sC5ivoqz
BU10t1fWQrd4Q8XM0jkm0bXiX1miZhWh4Jum5+WmDmhwGwelYsdhkXD7KVCeYOPs
HGcvNDg/iSZqWL5BRhWo5drjzB0GmpVqy2UKE95xJdCjgDgzfjhhQCqizjjzRxZv
twZCdKVUlYMhhlCYukNH/293kb9l2QzKvrhBGDRrq2n9lHXaCtfPlWA1MuGnjHnS
F1caU7YFJGO+ckGIME82+3dJ7jR9aG5JVjUXdywcgC+xM9iX5OwNkciRa8FRSLpX
nXwxO+jD6r7qUIBaUWOOmThHJ/pv2yqu3Hl8wr0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdCfsvgObUGx8ir4JE6JY1s+GJuDAfBgNVHSMEGDAWgBSFr3fUSKgROHpx
Un/DNNzE/3HejzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hhOTMxRWlvRVRoNmNWSl93elRjeFA5eDNvOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNTVkZTczLWRkNWUtNDE0Zi1hM2Q0LTIxZDdkZTI0OTlkZS8x
L0hRbjdMNERtMUJzZklxLUNST2lXTmJQaGliZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NTVkZTczLWRkNWUtNDE0Zi1hM2Q0LTIxZDdkZTI0OTlkZS8xL2hhOTMxRWlvRVRo
NmNWSl93elRjeFA5eDNvOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMCvATANBgkqhkiG9w0BAQsFAAOC
AQEAek2Kp8/wpBlmWKHZojYAbijpiATcoswHqvnGl5kpBOq0rx1dnEIZy/5Yqc2w
Fs0LvfCVh1gZyJhH9O3mRsLXnJt3PL8xIDQQ5gpTgqN/emFDBLOMZw9qkcJ2kClT
mOGAC4URoUeQ5eW+BzcvlrLzhlu0yAQYBNN4zWUeZRdG0st3bsIpGD/TEtJRdRlB
qkUA7KWQoc7Yg3hQrXIG73oZNb4t3AETBtVxlwQJE83kpfXa52C7Gh0feteU2cEX
0jUJwB7tBn9C/y0AuvmhOal7CbUa2/8cBJJJ6dE6rL59LDw54dmzxCz33IoPG4Yr
w12W4LlLmQhKvHyytGf2wpprUA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:47 2023 by rpki-client on console-ams.rpki-client.org