Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/HrDwQMMXKr92vg28x9AKQVRO8-4.roa
File: HrDwQMMXKr92vg28x9AKQVRO8-4.roa (raw, json)
Hash identifier: x9lth/x3s/OD9iyl0I0qyzm/gosMaro1o4gjZ7LxDhc=
Subject key identifier: 1E:B0:F0:40:C3:17:2A:BF:76:BE:0D:BC:C7:D0:0A:41:54:4E:F3:EE
Certificate issuer: /CN=b4f33f6fd29baf03cc4d485af5f6b70da6b0099f
Certificate serial: 756D6D
Authority key identifier: B4:F3:3F:6F:D2:9B:AF:03:CC:4D:48:5A:F5:F6:B7:0D:A6:B0:09:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/HrDwQMMXKr92vg28x9AKQVRO8-4.roa
Signing time: Sat 01 Jan 2022 00:52:08 +0000
ROA not before: Sat 01 Jan 2022 00:52:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8511
IP address blocks: 195.38.160.0/19 maxlen: 19
2a11:a380::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7695725 (0x756d6d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f33f6fd29baf03cc4d485af5f6b70da6b0099f
Validity
Not Before: Jan 1 00:52:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1eb0f040c3172abf76be0dbcc7d00a41544ef3ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:56:1f:14:be:68:77:41:57:c5:21:f2:45:7a:
eb:ea:b9:5e:aa:d4:15:21:50:f3:aa:e7:16:ff:9b:
ec:ee:9c:c4:b5:69:e2:c4:48:2c:76:70:c5:f0:c7:
4b:90:15:d7:89:7e:1e:89:cc:98:6e:58:26:ba:c6:
0d:f9:82:84:95:e2:41:6b:d1:2a:35:4d:0c:a2:cc:
21:55:65:cd:74:c0:51:48:50:3b:32:a4:fa:80:ff:
12:32:26:46:e5:bf:38:8a:a1:c0:33:e0:54:2c:52:
8a:0e:d7:c2:55:e7:bc:41:d7:83:dc:e3:b1:59:cf:
41:bb:44:ff:5a:3f:f6:ad:c0:4b:d8:fe:24:79:0d:
c8:9e:3e:df:7f:8e:44:a7:b3:c4:35:80:64:12:d7:
4c:db:af:78:3c:ea:d9:3a:d6:81:8d:c6:79:73:3d:
af:59:a5:75:ed:6b:da:be:c4:6c:8f:11:a6:fb:0a:
7d:a5:43:8b:e6:f3:8c:0c:7c:e0:45:55:7c:35:39:
80:2d:ca:aa:25:66:4b:78:15:47:17:1a:3e:eb:d2:
b8:dd:43:b5:6f:cc:fa:6d:e6:f5:14:cf:3f:3a:1a:
34:6c:7b:d2:4a:48:49:52:98:69:9f:db:81:44:22:
fe:2a:01:fd:60:79:57:92:cd:a4:49:33:e9:00:94:
9c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B0:F0:40:C3:17:2A:BF:76:BE:0D:BC:C7:D0:0A:41:54:4E:F3:EE
X509v3 Authority Key Identifier:
keyid:B4:F3:3F:6F:D2:9B:AF:03:CC:4D:48:5A:F5:F6:B7:0D:A6:B0:09:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPM_b9KbrwPMTUha9fa3DaawCZ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/HrDwQMMXKr92vg28x9AKQVRO8-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/90a5cf-e484-4bb2-a285-6a49b5a31294/1/tPM_b9KbrwPMTUha9fa3DaawCZ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.38.160.0/19
IPv6:
2a11:a380::/29
Signature Algorithm: sha256WithRSAEncryption
46:6f:9d:b1:ec:b5:3a:34:24:f0:89:40:8e:6c:a8:eb:66:9c:
56:01:89:df:43:40:c8:98:ff:f6:23:17:ac:cd:e2:17:81:94:
06:00:b7:9b:33:cf:40:08:d9:a9:11:69:0a:1e:5a:1a:ea:8b:
30:91:d4:9d:82:0b:7d:1c:fd:e0:15:83:7a:a5:b8:02:74:bc:
d6:fb:dc:8b:ec:51:5f:a8:51:2a:ac:49:84:34:b5:b4:04:a1:
1b:65:b4:3b:0c:4c:70:a9:c9:8b:8a:a6:53:56:d4:79:ac:2b:
57:dd:48:bf:b4:c2:3f:33:b1:84:bd:1a:e3:87:db:18:b3:f1:
af:65:8e:7d:67:97:ad:ab:c8:c3:52:f0:48:34:91:67:80:7e:
e7:db:8f:3e:07:33:d2:17:e8:0f:b1:b9:76:2d:a7:a7:d8:f2:
e2:b6:73:0a:10:f7:6c:2c:12:90:7a:48:be:72:49:e5:92:c9:
2c:4c:24:a8:c2:e9:dc:da:b2:f0:1d:ff:8d:83:3d:4c:8c:31:
2b:16:f1:d2:66:b0:3e:0f:c2:c9:80:50:fd:f5:b3:93:c3:2b:
6c:a7:d4:79:65:f2:36:7d:37:72:d8:94:af:c5:20:64:fd:ef:
9e:dd:4b:dc:47:d0:4e:5b:aa:88:07:a3:16:2e:8c:15:be:79:
1b:46:21:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIDdW1tMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGI0
ZjMzZjZmZDI5YmFmMDNjYzRkNDg1YWY1ZjZiNzBkYTZiMDA5OWYwHhcNMjIwMTAx
MDA1MjA4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxZWIwZjA0MGMzMTcy
YWJmNzZiZTBkYmNjN2QwMGE0MTU0NGVmM2VlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAzlYfFL5od0FXxSHyRXrr6rleqtQVIVDzqucW/5vs7pzEtWni
xEgsdnDF8MdLkBXXiX4eicyYblgmusYN+YKEleJBa9EqNU0MoswhVWXNdMBRSFA7
MqT6gP8SMiZG5b84iqHAM+BULFKKDtfCVee8QdeD3OOxWc9Bu0T/Wj/2rcBL2P4k
eQ3Inj7ff45Ep7PENYBkEtdM2694POrZOtaBjcZ5cz2vWaV17WvavsRsjxGm+wp9
pUOL5vOMDHzgRVV8NTmALcqqJWZLeBVHFxo+69K43UO1b8z6beb1FM8/Oho0bHvS
SkhJUphpn9uBRCL+KgH9YHlXks2kSTPpAJScXQIDAQABo4ICGDCCAhQwHQYDVR0O
BBYEFB6w8EDDFyq/dr4NvMfQCkFUTvPuMB8GA1UdIwQYMBaAFLTzP2/Sm68DzE1I
WvX2tw2msAmfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
dFBNX2I5S2Jyd1BNVFVoYTlmYTNEYWF3Q1o4LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9kOC85MGE1Y2YtZTQ4NC00YmIyLWEyODUtNmE0OWI1YTMxMjk0LzEv
SHJEd1FNTVhLcjkydmcyOHg5QUtRVlJPOC00LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85
MGE1Y2YtZTQ4NC00YmIyLWEyODUtNmE0OWI1YTMxMjk0LzEvdFBNX2I5S2Jyd1BN
VFVoYTlmYTNEYWF3Q1o4LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMC4G
CCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFwyagMA0EAgACMAcDBQMqEaOAMA0G
CSqGSIb3DQEBCwUAA4IBAQBGb52x7LU6NCTwiUCObKjrZpxWAYnfQ0DImP/2Ixes
zeIXgZQGALebM89ACNmpEWkKHloa6oswkdSdggt9HP3gFYN6pbgCdLzW+9yL7FFf
qFEqrEmENLW0BKEbZbQ7DExwqcmLiqZTVtR5rCtX3Ui/tMI/M7GEvRrjh9sYs/Gv
ZY59Z5etq8jDUvBINJFngH7n248+BzPSF+gPsbl2Laen2PLitnMKEPdsLBKQeki+
cknlksksTCSowunc2rLwHf+Ngz1MjDErFvHSZrA+D8LJgFD99bOTwytsp9R5ZfI2
fTdy2JSvxSBk/e+e3UvcR9BOW6qIB6MWLowVvnkbRiEc
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:01 2024 by rpki-client on console-ams.rpki-client.org