Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/hgG-ggkbsSVZCv0dF6tnX41wQX4.roa
File: hgG-ggkbsSVZCv0dF6tnX41wQX4.roa (raw, json)
Hash identifier: si51Eiqt6QXO3H5GIi+b54k7jWy32AasZgxmF3tT0KY=
Subject key identifier: 86:01:BE:82:09:1B:B1:25:59:0A:FD:1D:17:AB:67:5F:8D:70:41:7E
Certificate issuer: /CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Certificate serial: 01879CCBE7AC682CE45597728AB4FB4618DA
Authority key identifier: F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/hgG-ggkbsSVZCv0dF6tnX41wQX4.roa
Signing time: Thu 20 Apr 2023 03:53:41 +0000
ROA not before: Thu 20 Apr 2023 03:53:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 0
IP address blocks: 123.253.212.0/23 maxlen: 23
46.175.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:9c:cb:e7:ac:68:2c:e4:55:97:72:8a:b4:fb:46:18:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04eb204f358004788224e2fb18e4d5e74bebf8d
Validity
Not Before: Apr 20 03:53:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8601be82091bb125590afd1d17ab675f8d70417e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f1:db:ef:f3:00:4e:a4:4d:f4:4d:08:15:7d:
b9:91:e5:4b:c5:80:bd:5d:3b:b6:b1:49:93:fb:6e:
54:7c:ff:0b:c7:e9:ef:57:8e:46:bd:d8:58:7f:58:
9b:75:eb:71:34:07:ab:53:19:59:03:fb:b4:6b:99:
ae:ac:69:e9:2d:a8:d9:ca:67:09:96:2a:31:16:0b:
f8:db:47:61:9a:d7:17:ab:5b:e5:82:4b:bf:f4:c1:
b5:db:9a:ba:af:7f:9c:24:f6:c8:0c:9b:28:25:10:
9c:dc:44:f0:e2:cc:0a:47:a0:41:67:26:46:e5:7d:
64:40:e4:8e:6a:cb:6a:ff:e4:25:fb:d3:05:34:44:
a6:62:ac:a6:44:80:7e:60:2d:5b:21:86:bf:40:1e:
02:51:54:cd:59:1b:2f:9d:c6:f1:34:82:72:31:f5:
a1:2f:f3:0e:a6:38:99:aa:77:ca:1f:83:fb:51:18:
ce:07:8e:47:39:bd:ad:fb:f9:f6:a1:49:0c:62:e2:
1e:57:39:7e:a2:9b:7a:8e:4f:d3:f0:63:36:70:af:
c0:a7:18:d3:9e:bf:a8:1a:25:fc:46:20:74:48:61:
73:97:d6:bc:76:b8:6b:44:d3:48:f2:d5:b5:ea:f0:
84:81:d2:c7:ae:b7:c3:52:3f:7b:1e:c8:ca:ce:c1:
5e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:01:BE:82:09:1B:B1:25:59:0A:FD:1D:17:AB:67:5F:8D:70:41:7E
X509v3 Authority Key Identifier:
keyid:F0:4E:B2:04:F3:58:00:47:88:22:4E:2F:B1:8E:4D:5E:74:BE:BF:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8E6yBPNYAEeIIk4vsY5NXnS-v40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/hgG-ggkbsSVZCv0dF6tnX41wQX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/9ab42a-df92-4e42-9e33-5c5892afa487/1/8E6yBPNYAEeIIk4vsY5NXnS-v40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.175.130.0/24
123.253.212.0/23
Signature Algorithm: sha256WithRSAEncryption
89:9e:89:11:2f:f4:e6:7f:c2:7a:f7:1a:11:dc:51:c2:00:79:
b4:f6:0c:e6:b0:76:5b:fc:69:14:d9:c0:b3:18:30:2a:34:bc:
5d:fd:46:e0:02:1c:de:6e:f5:7b:df:02:f9:81:a2:38:b2:bc:
cd:4f:0e:dc:0f:f3:7c:bf:44:a2:a2:aa:26:ba:56:d6:57:d6:
8f:47:18:ce:4e:75:0b:59:10:fa:49:60:21:b9:dc:53:03:7d:
fd:53:29:d3:9a:69:ea:36:fc:d8:10:5c:85:8c:48:02:21:87:
2c:19:90:8a:32:ff:0e:54:69:41:ae:fd:6d:ff:22:9e:d4:53:
3f:f0:d9:5c:e6:d8:11:02:86:4f:11:0e:e1:3f:0c:30:73:86:
6b:bb:aa:4c:0f:64:f2:7f:dc:80:fe:92:38:6a:f1:c8:b9:13:
08:ea:96:6e:22:95:a2:fc:ce:84:2f:4a:4d:9f:ce:6f:03:e7:
2f:88:f5:d2:d6:9e:9d:58:3a:f6:bd:5f:5c:8b:6c:f9:cf:1d:
d2:70:cb:75:29:8b:04:f9:9a:5d:83:6b:dd:a4:4f:c3:a0:92:
e4:21:52:36:64:e0:c3:7b:aa:ab:1f:61:64:df:14:ad:42:df:
50:0d:8e:e1:70:59:d0:a9:68:2d:cb:f4:6b:55:89:d4:8f:37:
9a:18:bd:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYecy+esaCzkVZdyirT7RhjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGViMjA0ZjM1ODAwNDc4ODIyNGUyZmIxOGU0ZDVlNzRi
ZWJmOGQwHhcNMjMwNDIwMDM1MzQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjAxYmU4MjA5MWJiMTI1NTkwYWZkMWQxN2FiNjc1ZjhkNzA0MTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfHb7/MATqRN9E0IFX25keVLxYC9
XTu2sUmT+25UfP8Lx+nvV45GvdhYf1ibdetxNAerUxlZA/u0a5murGnpLajZymcJ
lioxFgv420dhmtcXq1vlgku/9MG125q6r3+cJPbIDJsoJRCc3ETw4swKR6BBZyZG
5X1kQOSOastq/+Ql+9MFNESmYqymRIB+YC1bIYa/QB4CUVTNWRsvncbxNIJyMfWh
L/MOpjiZqnfKH4P7URjOB45HOb2t+/n2oUkMYuIeVzl+opt6jk/T8GM2cK/ApxjT
nr+oGiX8RiB0SGFzl9a8drhrRNNI8tW16vCEgdLHrrfDUj97HsjKzsFe4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIYBvoIJG7ElWQr9HRerZ1+NcEF+MB8GA1UdIwQY
MBaAFPBOsgTzWABHiCJOL7GOTV50vr+NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMt
NWM1ODkyYWZhNDg3LzEvaGdHLWdna2JzU1ZaQ3YwZEY2dG5YNDF3UVg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85YWI0MmEtZGY5Mi00ZTQyLTllMzMtNWM1ODkyYWZhNDg3
LzEvOEU2eUJQTllBRWVJSWs0dnNZNU5YblMtdjQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALq+CAwQB
e/3UMA0GCSqGSIb3DQEBCwUAA4IBAQCJnokRL/Tmf8J69xoR3FHCAHm09gzmsHZb
/GkU2cCzGDAqNLxd/UbgAhzebvV73wL5gaI4srzNTw7cD/N8v0SioqomulbWV9aP
RxjOTnULWRD6SWAhudxTA339UynTmmnqNvzYEFyFjEgCIYcsGZCKMv8OVGlBrv1t
/yKe1FM/8Nlc5tgRAoZPEQ7hPwwwc4Zru6pMD2Tyf9yA/pI4avHIuRMI6pZuIpWi
/M6EL0pNn85vA+cviPXS1p6dWDr2vV9ci2z5zx3ScMt1KYsE+Zpdg2vdpE/DoJLk
IVI2ZODDe6qrH2Fk3xStQt9QDY7hcFnQqWgty/RrVYnUjzeaGL2B
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:25 2025 by rpki-client