Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/6f4bf4-f1aa-47e7-9df1-80070af0eb5e/1/HlLmT4SY1A-BozNh1RWo8e1OIFQ.roa
File: HlLmT4SY1A-BozNh1RWo8e1OIFQ.roa (raw, json)
Hash identifier: oHy+sCBnRMT60YKuI/u/SPj66F0el8kVvG6sfp0724s=
Subject key identifier: 1E:52:E6:4F:84:98:D4:0F:81:A3:33:61:D5:15:A8:F1:ED:4E:20:54
Certificate issuer: /CN=e5e7b034b4e7ca86d716b1140fca5b590f3e78c0
Certificate serial: 01856E820465229A418D07B658D83E6C84E1
Authority key identifier: E5:E7:B0:34:B4:E7:CA:86:D7:16:B1:14:0F:CA:5B:59:0F:3E:78:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5eewNLTnyobXFrEUD8pbWQ8-eMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/6f4bf4-f1aa-47e7-9df1-80070af0eb5e/1/HlLmT4SY1A-BozNh1RWo8e1OIFQ.roa
Signing time: Sun 01 Jan 2023 18:04:52 +0000
ROA not before: Sun 01 Jan 2023 18:04:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 38927
IP address blocks: 91.213.232.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:82:04:65:22:9a:41:8d:07:b6:58:d8:3e:6c:84:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5e7b034b4e7ca86d716b1140fca5b590f3e78c0
Validity
Not Before: Jan 1 18:04:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1e52e64f8498d40f81a33361d515a8f1ed4e2054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:51:7e:5b:72:4e:ca:5b:c2:77:32:7b:55:61:
85:06:ce:6c:0a:1f:b4:cc:d2:81:f0:01:be:11:41:
cf:ec:7a:f0:a9:c7:6a:6f:38:7d:b2:1f:46:bf:70:
80:2a:00:23:42:81:c9:f3:ff:f1:37:03:41:32:a4:
18:a2:47:b8:aa:07:a9:35:1e:f1:2d:ab:fe:c4:66:
c0:e6:24:d0:d7:f4:3f:b2:02:c7:fe:62:5f:bb:42:
f6:2e:07:75:ad:89:d3:93:00:6a:19:19:c0:bd:96:
65:ce:04:05:3d:86:54:6c:44:e6:94:f1:7f:b3:2c:
73:e1:77:e8:a6:91:f5:29:aa:ae:13:ab:29:02:af:
58:58:99:5d:c1:47:d2:0e:5e:fa:d1:59:35:a6:c7:
f6:69:53:c6:89:85:07:60:30:5c:0f:4a:66:98:4c:
13:71:d1:72:65:1f:00:b3:7e:63:f0:45:3a:77:d6:
91:db:1d:90:97:f8:df:28:37:4e:7b:77:94:53:7e:
b0:17:78:c3:61:1c:fc:16:71:b1:77:d0:45:45:19:
fd:ed:8b:11:f2:94:68:ea:83:ed:98:9f:74:9f:12:
51:f6:85:3a:0a:f9:6a:8c:99:35:3d:5a:64:57:8b:
96:2c:d8:37:14:a9:8b:3f:0c:1d:18:b5:1e:cb:e5:
26:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:52:E6:4F:84:98:D4:0F:81:A3:33:61:D5:15:A8:F1:ED:4E:20:54
X509v3 Authority Key Identifier:
keyid:E5:E7:B0:34:B4:E7:CA:86:D7:16:B1:14:0F:CA:5B:59:0F:3E:78:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5eewNLTnyobXFrEUD8pbWQ8-eMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6f4bf4-f1aa-47e7-9df1-80070af0eb5e/1/HlLmT4SY1A-BozNh1RWo8e1OIFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/6f4bf4-f1aa-47e7-9df1-80070af0eb5e/1/5eewNLTnyobXFrEUD8pbWQ8-eMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.232.0/24
Signature Algorithm: sha256WithRSAEncryption
82:44:35:25:61:1c:39:b1:23:bc:20:2a:0c:aa:a7:e8:5b:af:
13:46:b7:6f:96:22:16:52:6c:1d:fb:97:fb:f7:91:ad:49:6b:
3b:80:51:e9:9e:c3:2c:ec:d4:6e:d2:c3:0c:8b:24:f7:fd:3b:
4b:c2:c7:77:c3:31:ec:47:64:e0:72:e5:ee:84:ca:8c:05:ec:
47:e3:2a:2b:ac:48:c7:e6:45:90:48:cb:5c:d4:07:ec:59:a4:
36:64:77:84:75:3e:b5:d4:cf:3c:78:75:53:73:7b:bd:b9:36:
b4:40:e0:8d:1b:20:a1:14:07:2b:95:39:e8:83:8e:8f:71:3d:
3c:62:d4:f7:00:61:7a:ea:40:14:17:4e:a9:97:e5:10:f4:26:
8f:24:7d:8d:f4:ad:ed:96:9b:80:23:21:ba:87:f4:d5:d5:50:
4d:ba:22:65:2e:21:cd:73:3c:1d:31:a2:47:62:fa:c6:6c:0e:
14:cd:81:33:2c:83:0f:d2:68:cb:e3:ff:47:a0:d2:62:06:16:
1d:2a:c0:a6:2f:b2:73:3f:67:eb:65:af:b5:b4:b8:a3:2a:d0:
f6:97:31:05:fd:e5:c0:a8:28:da:5b:81:d6:9b:65:11:2c:23:
ff:0d:ad:06:0f:f7:32:15:6e:26:84:3d:58:d8:89:c0:b5:3a:
11:c5:49:a3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuggRlIppBjQe2WNg+bIThMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZTdiMDM0YjRlN2NhODZkNzE2YjExNDBmY2E1YjU5MGYz
ZTc4YzAwHhcNMjMwMTAxMTgwNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTUyZTY0Zjg0OThkNDBmODFhMzMzNjFkNTE1YThmMWVkNGUyMDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFF+W3JOylvCdzJ7VWGFBs5sCh+0
zNKB8AG+EUHP7Hrwqcdqbzh9sh9Gv3CAKgAjQoHJ8//xNwNBMqQYoke4qgepNR7x
Lav+xGbA5iTQ1/Q/sgLH/mJfu0L2Lgd1rYnTkwBqGRnAvZZlzgQFPYZUbETmlPF/
syxz4XfoppH1KaquE6spAq9YWJldwUfSDl760Vk1psf2aVPGiYUHYDBcD0pmmEwT
cdFyZR8As35j8EU6d9aR2x2Ql/jfKDdOe3eUU36wF3jDYRz8FnGxd9BFRRn97YsR
8pRo6oPtmJ90nxJR9oU6CvlqjJk1PVpkV4uWLNg3FKmLPwwdGLUey+UmtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB5S5k+EmNQPgaMzYdUVqPHtTiBUMB8GA1UdIwQY
MBaAFOXnsDS058qG1xaxFA/KW1kPPnjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWVld05MVG55b2JYRnJFVUQ4cGJXUTgtZU1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS82ZjRiZjQtZjFhYS00N2U3LTlkZjEt
ODAwNzBhZjBlYjVlLzEvSGxMbVQ0U1kxQS1Cb3pOaDFSV284ZTFPSUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS82ZjRiZjQtZjFhYS00N2U3LTlkZjEtODAwNzBhZjBlYjVl
LzEvNWVld05MVG55b2JYRnJFVUQ4cGJXUTgtZU1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9XoMA0G
CSqGSIb3DQEBCwUAA4IBAQCCRDUlYRw5sSO8ICoMqqfoW68TRrdvliIWUmwd+5f7
95GtSWs7gFHpnsMs7NRu0sMMiyT3/TtLwsd3wzHsR2TgcuXuhMqMBexH4yorrEjH
5kWQSMtc1AfsWaQ2ZHeEdT611M88eHVTc3u9uTa0QOCNGyChFAcrlTnog46PcT08
YtT3AGF66kAUF06pl+UQ9CaPJH2N9K3tlpuAIyG6h/TV1VBNuiJlLiHNczwdMaJH
YvrGbA4UzYEzLIMP0mjL4/9HoNJiBhYdKsCmL7JzP2frZa+1tLijKtD2lzEF/eXA
qCjaW4HWm2URLCP/Da0GD/cyFW4mhD1Y2InAtToRxUmj
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:27 2025 by rpki-client