Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/HrG1ChV7m4ByS0EkjaPYhRZWEgA.roa
File: HrG1ChV7m4ByS0EkjaPYhRZWEgA.roa (raw, json)
Hash identifier: v/TFVFwFPYmEruu3OSG5E09lFGpFP/kgnhs7ASXZD4o=
Subject key identifier: 1E:B1:B5:0A:15:7B:9B:80:72:4B:41:24:8D:A3:D8:85:16:56:12:00
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0850444A
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/HrG1ChV7m4ByS0EkjaPYhRZWEgA.roa
Signing time: Mon 04 Apr 2022 07:50:54 +0000
ROA not before: Mon 04 Apr 2022 07:50:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 193.37.196.0/22 maxlen: 24
193.37.196.0/24 maxlen: 24
193.37.199.0/24 maxlen: 24
193.37.197.0/24 maxlen: 24
193.37.198.0/24 maxlen: 24
147.78.198.0/24 maxlen: 24
147.78.199.0/24 maxlen: 24
147.78.197.0/24 maxlen: 24
147.78.196.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 139478090 (0x850444a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Apr 4 07:50:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1eb1b50a157b9b80724b41248da3d88516561200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:cc:b5:af:70:27:47:a3:50:31:cc:f1:55:0c:
eb:a2:8e:48:38:71:23:90:3e:1f:46:38:ff:04:1c:
c5:4d:55:ae:13:51:30:f4:d5:50:3b:71:66:a0:93:
5b:f3:a2:27:42:94:73:fd:5a:c5:22:e6:0b:97:08:
1b:ce:86:ef:14:a2:ee:3d:58:aa:c2:fc:7a:bf:03:
1f:63:84:fb:3b:eb:95:64:22:76:b0:2c:89:70:01:
df:8c:31:bd:e6:9b:7e:c0:e8:a8:ae:a8:45:fa:02:
7b:de:a7:63:1e:11:c4:ba:56:1b:bc:4d:50:f4:8c:
16:51:af:ec:eb:50:17:c8:18:6a:4e:4c:79:fb:a9:
43:bd:bb:7d:23:9d:19:b4:a8:cb:d5:e1:af:41:9f:
e7:43:b7:5f:c6:f1:4c:46:c3:c4:02:5e:3b:94:78:
df:8b:ff:d4:c9:38:57:6a:17:c4:6c:c8:3c:6b:a5:
36:b9:a2:57:43:f7:0b:08:93:3a:40:09:b2:cd:f2:
e4:8f:91:22:dc:8d:dc:29:a2:77:fb:63:c3:17:c2:
b5:d9:af:fa:98:2a:7b:45:c4:7a:7a:1b:8d:c8:31:
fe:7c:d8:c7:06:bc:1d:25:c6:5e:45:7f:05:b1:df:
64:12:0c:dd:1f:59:f2:7e:77:94:6d:37:d3:14:1d:
19:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B1:B5:0A:15:7B:9B:80:72:4B:41:24:8D:A3:D8:85:16:56:12:00
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/HrG1ChV7m4ByS0EkjaPYhRZWEgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.78.196.0/22
193.37.196.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:6d:c4:fd:5b:2b:ec:d3:58:df:85:13:a1:ab:e2:a9:38:ba:
3e:43:dd:2f:30:e1:f5:50:88:4b:c2:33:f6:aa:f8:0a:fc:5c:
5a:cb:e2:bd:bd:0e:fc:65:44:a7:7f:4d:69:59:b9:90:10:98:
92:9d:af:ff:09:f1:ce:07:bd:f5:a7:ab:94:4f:f4:c8:ad:8a:
e9:32:09:02:bf:82:21:1d:4e:bf:f2:58:3c:65:de:74:ee:d3:
e2:5f:35:c8:08:53:d7:b9:a6:1b:cd:c0:bd:13:d2:80:35:54:
3b:f1:f9:8c:19:b2:67:13:d5:a4:ab:07:8d:9b:49:f1:ee:5a:
06:80:be:d5:c3:1e:6a:85:c2:59:0d:a3:bc:f6:99:27:1b:04:
fd:7e:01:c4:c6:83:29:7e:eb:60:65:93:be:1f:b5:0f:48:cf:
de:a1:64:85:3e:24:f4:92:6e:71:b3:c3:47:f8:47:46:4f:b9:
ff:39:d0:cc:fd:b9:6b:f6:87:3c:4a:b7:e2:ac:af:2b:dc:09:
75:c3:93:a0:d1:e1:06:32:9b:ab:e1:26:25:9f:22:1f:c8:60:
ab:80:31:38:05:0d:6b:76:7a:aa:b9:ea:59:dc:da:70:a0:ef:
06:dd:26:82:90:c7:65:bf:f8:57:a8:88:5f:2e:db:8b:62:1f:
dc:62:b4:d7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECFBESjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzY3N2Q3Y2I5MjcxY2UzNjEyNTZlOTgzM2NjN2IxNGZkMDIzZWJlMB4XDTIyMDQw
NDA3NTA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWViMWI1MGExNTdi
OWI4MDcyNGI0MTI0OGRhM2Q4ODUxNjU2MTIwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMjMta9wJ0ejUDHM8VUM66KOSDhxI5A+H0Y4/wQcxU1VrhNR
MPTVUDtxZqCTW/OiJ0KUc/1axSLmC5cIG86G7xSi7j1YqsL8er8DH2OE+zvrlWQi
drAsiXAB34wxveabfsDoqK6oRfoCe96nYx4RxLpWG7xNUPSMFlGv7OtQF8gYak5M
efupQ727fSOdGbSoy9Xhr0Gf50O3X8bxTEbDxAJeO5R434v/1Mk4V2oXxGzIPGul
NrmiV0P3CwiTOkAJss3y5I+RItyN3Cmid/tjwxfCtdmv+pgqe0XEenobjcgx/nzY
xwa8HSXGXkV/BbHfZBIM3R9Z8n53lG030xQdGcsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQesbUKFXubgHJLQSSNo9iFFlYSADAfBgNVHSMEGDAWgBSTZ318uScc42El
bpgzzHsU/QI+vjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2syZDlmTGtuSE9OaEpXNllNOHg3RlAwQ1ByNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8x
L0hyRzFDaFY3bTRCeVMwRWtqYVBZaFJaV0VnQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTljNmRhLThlYTAtNDZiNy1hMWE2LTk5YWNiOTljZTc1NC8xL2syZDlmTGtuSE9O
aEpXNllNOHg3RlAwQ1ByNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEApNOxAMEAsElxDANBgkqhkiG9w0B
AQsFAAOCAQEAOm3E/Vsr7NNY34UToaviqTi6PkPdLzDh9VCIS8Iz9qr4CvxcWsvi
vb0O/GVEp39NaVm5kBCYkp2v/wnxzge99aerlE/0yK2K6TIJAr+CIR1Ov/JYPGXe
dO7T4l81yAhT17mmG83AvRPSgDVUO/H5jBmyZxPVpKsHjZtJ8e5aBoC+1cMeaoXC
WQ2jvPaZJxsE/X4BxMaDKX7rYGWTvh+1D0jP3qFkhT4k9JJucbPDR/hHRk+5/znQ
zP25a/aHPEq34qyvK9wJdcOToNHhBjKbq+EmJZ8iH8hgq4AxOAUNa3Z6qrnqWdza
cKDvBt0mgpDHZb/4V6iIXy7bi2If3GK01w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:35 2024 by rpki-client on console-fra.rpki-client.org