Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/HJpKrh-DFQEnMn5Er3_dn4XbQWY.roa
File: HJpKrh-DFQEnMn5Er3_dn4XbQWY.roa (raw, json)
Hash identifier: ExwA11rIsBV87uuznAYWTk909Ob/Vj4NT8ZgrhkvrIc=
Subject key identifier: 1C:9A:4A:AE:1F:83:15:01:27:32:7E:44:AF:7F:DD:9F:85:DB:41:66
Certificate issuer: /CN=6e43d52cf5c721616638a1ab9c3d89fa9a97dc6d
Certificate serial: 11CCD7B6
Authority key identifier: 6E:43:D5:2C:F5:C7:21:61:66:38:A1:AB:9C:3D:89:FA:9A:97:DC:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bkPVLPXHIWFmOKGrnD2J-pqX3G0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/HJpKrh-DFQEnMn5Er3_dn4XbQWY.roa
Signing time: Sat 01 Jan 2022 16:10:51 +0000
ROA not before: Sat 01 Jan 2022 16:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51833
IP address blocks: 194.0.21.0/24 maxlen: 24
2001:678:98::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 298637238 (0x11ccd7b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e43d52cf5c721616638a1ab9c3d89fa9a97dc6d
Validity
Not Before: Jan 1 16:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c9a4aae1f83150127327e44af7fdd9f85db4166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e5:28:fb:51:d8:91:c3:5d:18:45:a3:fc:f1:
8e:e4:b5:50:21:c6:8d:e1:c6:62:a5:9d:6a:d3:01:
2d:b8:36:f1:74:05:65:64:72:a9:7e:21:cd:56:76:
79:b2:45:00:b6:04:22:b8:2f:b4:a5:82:23:44:ca:
c2:e3:17:f4:1f:9d:8b:65:3a:e5:d9:a2:f6:3d:f2:
29:8d:a8:dc:57:bf:f1:32:98:43:3b:02:e5:97:c8:
be:d4:5e:03:47:ee:8f:30:3b:a5:57:7d:8d:cc:ee:
74:d4:3d:6f:99:16:c7:e0:cc:4d:fd:28:f4:b3:b2:
5a:81:d0:e9:65:85:44:f1:1a:8c:59:e8:c5:f1:f6:
c3:27:99:06:8d:83:1b:cf:1e:af:ed:19:54:d8:8c:
27:f1:e4:1d:fa:9c:7f:09:10:58:fc:ca:6b:7c:56:
3f:54:60:36:76:df:c1:29:27:39:ce:f4:52:44:0c:
52:f1:d4:7b:82:19:33:3e:81:7f:52:43:63:b6:e0:
a7:51:af:60:b9:52:7c:b7:49:fb:22:7b:4b:2d:b3:
82:a6:dd:41:7e:c4:5d:4b:93:34:a5:fe:28:ce:3b:
ec:52:c5:e9:7e:83:d7:ea:42:33:e7:90:2f:cc:a2:
c6:f0:18:0b:38:2d:98:f9:46:fe:31:3f:2b:f5:7f:
f8:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:9A:4A:AE:1F:83:15:01:27:32:7E:44:AF:7F:DD:9F:85:DB:41:66
X509v3 Authority Key Identifier:
keyid:6E:43:D5:2C:F5:C7:21:61:66:38:A1:AB:9C:3D:89:FA:9A:97:DC:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bkPVLPXHIWFmOKGrnD2J-pqX3G0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/HJpKrh-DFQEnMn5Er3_dn4XbQWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7d03ea-8702-4b4c-a117-6b1c82ce716d/1/bkPVLPXHIWFmOKGrnD2J-pqX3G0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.21.0/24
IPv6:
2001:678:98::/48
Signature Algorithm: sha256WithRSAEncryption
5e:7b:1f:1c:3d:fc:c2:03:c9:55:02:f5:b4:b6:40:12:cc:2d:
47:06:c6:46:96:ef:20:59:3b:ba:a3:cb:4f:09:75:0a:11:c4:
3e:24:88:fe:f2:78:a7:26:a2:47:79:91:6d:85:42:53:c6:16:
68:7e:68:c2:05:dc:32:64:af:25:d0:d8:63:4d:a9:6c:6a:33:
2a:e9:1d:d1:64:18:9f:46:a8:69:5b:74:15:fd:f4:c1:2e:3c:
ac:c7:18:8e:a1:04:5f:4c:e3:21:e6:bb:8d:4a:58:42:7c:f4:
69:4d:a8:0f:6f:9e:e3:a1:55:fd:60:35:92:7c:1f:a0:9f:76:
8c:7f:16:d9:fd:ca:78:09:95:e6:66:62:6a:98:1c:d7:7a:16:
b4:cc:67:33:0d:cb:cf:8a:b8:87:e9:29:e6:ba:f8:ae:dc:e8:
49:6d:5a:d3:c8:91:75:b0:6d:bb:20:7a:80:cc:65:b2:94:61:
26:eb:a1:34:4f:c5:7a:1e:8f:a4:6c:46:75:8f:28:a8:09:9b:
c8:9b:0d:99:7b:da:3d:d5:5d:91:03:c1:4a:3c:44:5b:6e:f7:
aa:ce:8e:b1:74:ef:9c:35:29:0a:2a:fa:f7:5c:85:41:e1:d3:
cd:23:f6:69:e5:c4:17:69:d9:73:18:a3:92:5c:69:63:28:4f:
d6:79:9c:c0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEczXtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZTQzZDUyY2Y1YzcyMTYxNjYzOGExYWI5YzNkODlmYTlhOTdkYzZkMB4XDTIyMDEw
MTE2MTA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM5YTRhYWUxZjgz
MTUwMTI3MzI3ZTQ0YWY3ZmRkOWY4NWRiNDE2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/lKPtR2JHDXRhFo/zxjuS1UCHGjeHGYqWdatMBLbg28XQF
ZWRyqX4hzVZ2ebJFALYEIrgvtKWCI0TKwuMX9B+di2U65dmi9j3yKY2o3Fe/8TKY
QzsC5ZfIvtReA0fujzA7pVd9jczudNQ9b5kWx+DMTf0o9LOyWoHQ6WWFRPEajFno
xfH2wyeZBo2DG88er+0ZVNiMJ/HkHfqcfwkQWPzKa3xWP1RgNnbfwSknOc70UkQM
UvHUe4IZMz6Bf1JDY7bgp1GvYLlSfLdJ+yJ7Sy2zgqbdQX7EXUuTNKX+KM477FLF
6X6D1+pCM+eQL8yixvAYCzgtmPlG/jE/K/V/+MMCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQcmkquH4MVAScyfkSvf92fhdtBZjAfBgNVHSMEGDAWgBRuQ9Us9cchYWY4
oaucPYn6mpfcbTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JrUFZMUFhISVdGbU9LR3JuRDJKLXBxWDNHMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvN2QwM2VhLTg3MDItNGI0Yy1hMTE3LTZiMWM4MmNlNzE2ZC8x
L0hKcEtyaC1ERlFFbk1uNUVyM19kbjRYYlFXWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
N2QwM2VhLTg3MDItNGI0Yy1hMTE3LTZiMWM4MmNlNzE2ZC8xL2JrUFZMUFhISVdG
bU9LR3JuRDJKLXBxWDNHMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMIAFTAPBAIAAjAJAwcAIAEGeACY
MA0GCSqGSIb3DQEBCwUAA4IBAQBeex8cPfzCA8lVAvW0tkASzC1HBsZGlu8gWTu6
o8tPCXUKEcQ+JIj+8ninJqJHeZFthUJTxhZofmjCBdwyZK8l0NhjTalsajMq6R3R
ZBifRqhpW3QV/fTBLjysxxiOoQRfTOMh5ruNSlhCfPRpTagPb57joVX9YDWSfB+g
n3aMfxbZ/cp4CZXmZmJqmBzXeha0zGczDcvPiriH6Snmuviu3OhJbVrTyJF1sG27
IHqAzGWylGEm66E0T8V6Ho+kbEZ1jyioCZvImw2Ze9o91V2RA8FKPERbbveqzo6x
dO+cNSkKKvr3XIVB4dPNI/Zp5cQXadlzGKOSXGljKE/WeZzA
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:45 2023 by rpki-client on console-ams.rpki-client.org