Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/5f4524-234c-491b-9964-182f1bac640a/1/HvtAavwiOTv6kOyceGOTktIdEsg.roa
File: HvtAavwiOTv6kOyceGOTktIdEsg.roa (raw, json)
Hash identifier: swc4DeAcAirygkR2CIC0724REBziCSI954fb1JIs74o=
Subject key identifier: 1E:FB:40:6A:FC:22:39:3B:FA:90:EC:9C:78:63:93:92:D2:1D:12:C8
Certificate issuer: /CN=e5bf8c181b280e3d2828da1b2477b9102355955a
Certificate serial: 05091B62
Authority key identifier: E5:BF:8C:18:1B:28:0E:3D:28:28:DA:1B:24:77:B9:10:23:55:95:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b-MGBsoDj0oKNobJHe5ECNVlVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/5f4524-234c-491b-9964-182f1bac640a/1/HvtAavwiOTv6kOyceGOTktIdEsg.roa
Signing time: Sat 01 Jan 2022 05:57:51 +0000
ROA not before: Sat 01 Jan 2022 05:57:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48943
IP address blocks: 91.211.32.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 84482914 (0x5091b62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf8c181b280e3d2828da1b2477b9102355955a
Validity
Not Before: Jan 1 05:57:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1efb406afc22393bfa90ec9c78639392d21d12c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:ed:1f:e1:bc:c2:6d:59:63:19:fc:da:b3:ca:
33:07:ab:d6:06:61:a1:2d:da:e7:e8:bd:8a:6d:ec:
8b:81:7f:e3:d2:eb:66:fd:3f:6f:29:3c:98:4f:24:
3c:c0:4a:58:5f:56:d1:8a:3b:ed:b3:02:11:87:45:
37:25:47:e4:ec:25:f6:a3:80:e6:24:d3:94:cd:a6:
3f:db:be:a5:a2:c5:58:48:d6:1d:98:50:3f:67:87:
9b:7d:24:9c:1c:57:b7:4e:22:d2:f5:2e:3d:36:c2:
01:61:7e:a5:db:8f:5a:37:c5:e0:a2:31:45:ac:42:
01:7b:d9:de:7e:73:c6:66:3b:8f:de:d0:05:5f:55:
35:59:f9:2e:45:2b:10:07:ff:f9:71:28:6f:ac:e3:
0d:ba:81:25:b8:03:4d:12:5c:60:74:5b:e9:67:73:
9d:ae:d7:20:59:6e:ce:f4:56:c1:45:78:5c:c1:23:
07:cf:4c:c6:e3:dd:29:4d:c4:06:ff:73:a7:98:eb:
af:7d:24:23:bf:a0:a6:81:86:2c:b9:e3:e3:dd:80:
f6:4d:32:38:e2:09:f5:04:bc:95:2d:13:32:59:e5:
85:52:8d:58:84:e6:81:20:89:81:24:36:e8:8b:d2:
c0:4a:a7:5f:01:f8:02:38:06:90:f9:ac:4f:3e:8c:
66:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FB:40:6A:FC:22:39:3B:FA:90:EC:9C:78:63:93:92:D2:1D:12:C8
X509v3 Authority Key Identifier:
keyid:E5:BF:8C:18:1B:28:0E:3D:28:28:DA:1B:24:77:B9:10:23:55:95:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b-MGBsoDj0oKNobJHe5ECNVlVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5f4524-234c-491b-9964-182f1bac640a/1/HvtAavwiOTv6kOyceGOTktIdEsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/5f4524-234c-491b-9964-182f1bac640a/1/5b-MGBsoDj0oKNobJHe5ECNVlVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.32.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:54:86:41:ab:2d:00:8f:6d:0e:71:96:03:41:28:d0:b4:e5:
4d:d3:bf:72:d9:ac:53:eb:df:9d:16:8c:41:1d:14:4b:13:36:
d6:a4:20:44:09:17:0a:2d:73:76:2b:bd:3f:5d:c3:3a:d7:d3:
75:5b:ec:97:93:bb:f7:93:32:f9:8e:6a:f8:82:c8:4f:5d:42:
5a:c4:e0:c8:64:f3:8f:21:37:8f:54:37:64:d2:88:8e:75:41:
c0:16:88:22:2f:22:9a:f5:65:84:46:5d:2d:ca:b9:5e:c2:e8:
eb:55:d8:a4:3e:84:ea:ba:f6:83:0a:13:79:a9:a9:2d:39:5e:
a7:a3:30:13:d6:d6:f9:bb:d5:fc:9e:c7:9f:43:12:cb:a0:fb:
53:28:23:c0:40:6b:86:1f:84:51:02:2e:f9:fc:3c:1e:52:8a:
ce:80:b7:0b:37:aa:7b:e8:5c:f6:9c:9c:54:df:2b:e7:d6:c2:
03:f4:e0:e5:29:01:51:de:c9:e9:87:95:71:1f:14:cd:34:6b:
68:f9:ff:47:8d:e9:11:ab:00:b2:0a:ac:73:06:65:34:6e:36:
12:06:4d:17:6c:93:45:00:b9:88:e8:b9:d2:0f:d7:59:bf:d5:
98:3f:11:32:34:36:fa:52:b9:4a:75:21:a1:9b:70:90:b5:c8:
e9:5b:a0:e3
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBQkbYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NWJmOGMxODFiMjgwZTNkMjgyOGRhMWIyNDc3YjkxMDIzNTU5NTVhMB4XDTIyMDEw
MTA1NTc1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVmYjQwNmFmYzIy
MzkzYmZhOTBlYzljNzg2MzkzOTJkMjFkMTJjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKPtH+G8wm1ZYxn82rPKMwer1gZhoS3a5+i9im3si4F/49Lr
Zv0/byk8mE8kPMBKWF9W0Yo77bMCEYdFNyVH5Owl9qOA5iTTlM2mP9u+paLFWEjW
HZhQP2eHm30knBxXt04i0vUuPTbCAWF+pduPWjfF4KIxRaxCAXvZ3n5zxmY7j97Q
BV9VNVn5LkUrEAf/+XEob6zjDbqBJbgDTRJcYHRb6Wdzna7XIFluzvRWwUV4XMEj
B89MxuPdKU3EBv9zp5jrr30kI7+gpoGGLLnj492A9k0yOOIJ9QS8lS0TMlnlhVKN
WITmgSCJgSQ26IvSwEqnXwH4AjgGkPmsTz6MZjkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQe+0Bq/CI5O/qQ7Jx4Y5OS0h0SyDAfBgNVHSMEGDAWgBTlv4wYGygOPSgo
2hskd7kQI1WVWjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzViLU1HQnNvRGowb0tOb2JKSGU1RUNOVmxWby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTEvNWY0NTI0LTIzNGMtNDkxYi05OTY0LTE4MmYxYmFjNjQwYS8x
L0h2dEFhdndpT1R2NmtPeWNlR09Ua3RJZEVzZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTEv
NWY0NTI0LTIzNGMtNDkxYi05OTY0LTE4MmYxYmFjNjQwYS8xLzViLU1HQnNvRGow
b0tOb2JKSGU1RUNOVmxWby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAlvTIDANBgkqhkiG9w0BAQsFAAOC
AQEApVSGQastAI9tDnGWA0Eo0LTlTdO/ctmsU+vfnRaMQR0USxM21qQgRAkXCi1z
diu9P13DOtfTdVvsl5O795My+Y5q+ILIT11CWsTgyGTzjyE3j1Q3ZNKIjnVBwBaI
Ii8imvVlhEZdLcq5XsLo61XYpD6E6rr2gwoTeampLTlep6MwE9bW+bvV/J7Hn0MS
y6D7UygjwEBrhh+EUQIu+fw8HlKKzoC3Czeqe+hc9pycVN8r59bCA/Tg5SkBUd7J
6YeVcR8UzTRraPn/R43pEasAsgqscwZlNG42EgZNF2yTRQC5iOi50g/XWb/VmD8R
MjQ2+lK5SnUhoZtwkLXI6Vug4w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:13 2023 by rpki-client on console-fra.rpki-client.org