Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/HSBTJXbEvTOZ_EKW75u_f8N_LT4.roa
File: HSBTJXbEvTOZ_EKW75u_f8N_LT4.roa (raw, json)
Hash identifier: vyfYHAFJNdK5Pq/EBEYyw7B43qg6bpw9He8fBw1/L60=
Subject key identifier: 1D:20:53:25:76:C4:BD:33:99:FC:42:96:EF:9B:BF:7F:C3:7F:2D:3E
Certificate issuer: /CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Certificate serial: F40CAE
Authority key identifier: 42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/HSBTJXbEvTOZ_EKW75u_f8N_LT4.roa
Signing time: Sat 01 Jan 2022 12:57:09 +0000
ROA not before: Sat 01 Jan 2022 12:57:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 139.28.192.0/22 maxlen: 22
139.28.192.0/23 maxlen: 23
139.28.194.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 15994030 (0xf40cae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4285821bb7a8445efbf433d4c19890a7fa949fa8
Validity
Not Before: Jan 1 12:57:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d20532576c4bd3399fc4296ef9bbf7fc37f2d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6c:a9:fb:9c:3d:75:23:55:02:5a:c0:35:79:
62:af:49:a3:70:b1:00:c6:6e:88:76:71:7b:09:fb:
a5:d0:60:70:84:7d:39:47:68:24:8e:70:ae:1a:07:
a3:c6:da:15:8e:e3:e4:ba:ef:56:3d:56:d4:6c:2f:
9d:fd:f7:9b:54:21:23:66:f8:37:f9:e8:6e:b2:30:
fc:d1:aa:07:78:90:fc:3c:f2:a4:2f:4b:47:e5:70:
d3:4d:ad:47:20:ad:42:17:b7:68:fa:fd:ce:15:3e:
5b:c9:d5:62:64:d4:b3:e5:f8:81:39:26:64:e6:cb:
51:dc:68:dc:bd:ac:83:29:d9:d2:af:c6:f7:21:d8:
7d:b6:38:b1:0b:6e:56:79:33:81:cd:f1:5d:7d:52:
bb:21:4f:8c:60:a1:ee:3e:47:98:2f:ac:87:cd:5c:
08:c0:72:35:8a:58:8a:fb:91:4c:08:ce:7c:2c:ae:
4e:d9:d7:ac:9d:c7:e0:87:7a:aa:ca:17:32:ea:32:
ed:3d:4f:41:15:d6:87:16:9e:6b:b9:ec:d2:fb:54:
76:63:db:df:72:9d:17:a4:8b:23:18:d4:6f:66:7a:
e7:b3:ad:12:5f:2e:41:fe:4b:74:bd:29:ef:c0:d6:
0a:f1:be:b4:74:d8:0b:04:26:05:5c:2a:d4:cc:9a:
58:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:20:53:25:76:C4:BD:33:99:FC:42:96:EF:9B:BF:7F:C3:7F:2D:3E
X509v3 Authority Key Identifier:
keyid:42:85:82:1B:B7:A8:44:5E:FB:F4:33:D4:C1:98:90:A7:FA:94:9F:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoWCG7eoRF779DPUwZiQp_qUn6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/HSBTJXbEvTOZ_EKW75u_f8N_LT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/f9342c-57a9-48f3-9e67-8a3d8dc358eb/1/QoWCG7eoRF779DPUwZiQp_qUn6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.192.0/22
Signature Algorithm: sha256WithRSAEncryption
73:18:1b:9e:08:a0:35:57:78:b4:d1:7c:47:3c:28:61:e4:8a:
32:83:1e:88:eb:aa:f6:ff:9e:62:73:0e:e3:ce:14:9c:77:94:
ac:4b:81:de:cc:e8:52:07:21:6d:ab:6a:48:2b:9b:0f:95:73:
98:db:be:89:14:d1:a2:c7:ec:a1:14:6f:ba:d1:3a:53:3b:fb:
b5:ad:c4:ee:1b:66:79:a2:6e:c3:5d:89:59:e9:e3:49:e7:44:
ae:b3:00:a2:7c:12:a2:a6:cd:d9:c9:0b:9b:9f:80:d7:78:0e:
b8:4f:e9:f5:85:11:e3:bd:d6:e0:d3:f3:6e:05:33:49:ae:3b:
7c:c4:2e:31:ca:17:eb:a0:e0:35:94:af:a7:25:fd:85:fb:15:
86:b0:a8:91:2a:49:45:1f:70:35:e9:4b:2f:cd:77:11:c4:dd:
c7:81:e9:fb:4d:85:a0:c9:15:ff:80:f8:12:9b:2c:78:e6:25:
05:82:0d:65:17:bc:73:a1:75:02:c3:e7:81:93:d1:35:5f:f7:
6b:93:fd:e1:2b:c6:bf:5a:b3:8a:0b:4b:c5:7e:ca:ad:a5:0e:
c1:88:7f:3d:d7:90:7c:8d:e7:00:2c:53:ff:f8:d2:d8:76:46:
7a:ff:46:71:6b:d1:12:d8:69:45:94:be:a0:fd:35:6a:a1:19:
f2:b5:9a:05
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAPQMrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
Mjg1ODIxYmI3YTg0NDVlZmJmNDMzZDRjMTk4OTBhN2ZhOTQ5ZmE4MB4XDTIyMDEw
MTEyNTcwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQyMDUzMjU3NmM0
YmQzMzk5ZmM0Mjk2ZWY5YmJmN2ZjMzdmMmQzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ9sqfucPXUjVQJawDV5Yq9Jo3CxAMZuiHZxewn7pdBgcIR9
OUdoJI5wrhoHo8baFY7j5LrvVj1W1Gwvnf33m1QhI2b4N/nobrIw/NGqB3iQ/Dzy
pC9LR+Vw002tRyCtQhe3aPr9zhU+W8nVYmTUs+X4gTkmZObLUdxo3L2sgynZ0q/G
9yHYfbY4sQtuVnkzgc3xXX1SuyFPjGCh7j5HmC+sh81cCMByNYpYivuRTAjOfCyu
TtnXrJ3H4Id6qsoXMuoy7T1PQRXWhxaea7ns0vtUdmPb33KdF6SLIxjUb2Z657Ot
El8uQf5LdL0p78DWCvG+tHTYCwQmBVwq1MyaWPcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdIFMldsS9M5n8Qpbvm79/w38tPjAfBgNVHSMEGDAWgBRChYIbt6hEXvv0
M9TBmJCn+pSfqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FvV0NHN2VvUkY3NzlEUFV3WmlRcF9xVW42Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvZjkzNDJjLTU3YTktNDhmMy05ZTY3LThhM2Q4ZGMzNThlYi8x
L0hTQlRKWGJFdlRPWl9FS1c3NXVfZjhOX0xUNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
ZjkzNDJjLTU3YTktNDhmMy05ZTY3LThhM2Q4ZGMzNThlYi8xL1FvV0NHN2VvUkY3
NzlEUFV3WmlRcF9xVW42Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAoscwDANBgkqhkiG9w0BAQsFAAOC
AQEAcxgbngigNVd4tNF8RzwoYeSKMoMeiOuq9v+eYnMO484UnHeUrEuB3szoUgch
batqSCubD5VzmNu+iRTRosfsoRRvutE6Uzv7ta3E7htmeaJuw12JWenjSedErrMA
onwSoqbN2ckLm5+A13gOuE/p9YUR473W4NPzbgUzSa47fMQuMcoX66DgNZSvpyX9
hfsVhrCokSpJRR9wNelLL813EcTdx4Hp+02FoMkV/4D4EpsseOYlBYINZRe8c6F1
AsPngZPRNV/3a5P94SvGv1qzigtLxX7KraUOwYh/PdeQfI3nACxT//jS2HZGev9G
cWvREthpRZS+oP01aqEZ8rWaBQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:37 2023 by rpki-client on console-ams.rpki-client.org