Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/03ca23-a143-4df0-afb9-a24e3a0a31ef/1/HcTCSmb7Fe6dbZKfeI4V1T058K0.roa
File: HcTCSmb7Fe6dbZKfeI4V1T058K0.roa (raw, json)
Hash identifier: E88nCMSSyHhXGVLA3QH4PYC4NsckW37hX2cCFBdFwKc=
Subject key identifier: 1D:C4:C2:4A:66:FB:15:EE:9D:6D:92:9F:78:8E:15:D5:3D:39:F0:AD
Certificate issuer: /CN=98728e8a27d30c83aee5f496240985ee40cb378b
Certificate serial: 07498C79
Authority key identifier: 98:72:8E:8A:27:D3:0C:83:AE:E5:F4:96:24:09:85:EE:40:CB:37:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mHKOiifTDIOu5fSWJAmF7kDLN4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/03ca23-a143-4df0-afb9-a24e3a0a31ef/1/HcTCSmb7Fe6dbZKfeI4V1T058K0.roa
Signing time: Sat 01 Jan 2022 15:03:20 +0000
ROA not before: Sat 01 Jan 2022 15:03:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8873
IP address blocks: 45.154.28.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122260601 (0x7498c79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98728e8a27d30c83aee5f496240985ee40cb378b
Validity
Not Before: Jan 1 15:03:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dc4c24a66fb15ee9d6d929f788e15d53d39f0ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:5c:41:3e:9b:15:f9:63:a5:b0:55:e3:86:ab:
88:c7:5d:56:af:1a:aa:62:b0:ed:4d:77:5a:2a:fc:
94:e5:2e:43:7f:4c:7b:ae:2b:14:b9:59:bf:72:c9:
58:a6:38:3d:4d:85:ff:b5:54:39:9d:d6:42:02:0b:
b0:ac:65:15:41:91:e8:e6:c2:0a:09:78:9e:1d:ea:
f8:19:28:c2:83:99:48:50:c0:89:5c:b1:5c:e0:0e:
7b:ba:ee:fa:e7:ae:06:4f:5c:9e:d7:6e:8c:0c:bf:
98:1a:81:e3:15:e6:4e:1d:c9:04:43:80:79:40:60:
20:23:6d:13:a5:1f:01:1d:27:85:b4:2f:5b:3a:0b:
d9:bb:d0:13:07:6d:07:74:25:7e:32:78:e2:70:65:
e9:e8:35:94:c7:63:3c:21:8d:56:8d:db:90:25:66:
4f:33:2c:71:4d:98:65:e7:69:7a:66:16:36:66:fc:
cb:1d:52:ef:91:01:43:00:02:0b:99:18:bb:92:9d:
e0:10:f7:16:04:43:54:a8:58:1c:ad:36:fd:bd:ab:
4c:2d:b3:0b:de:80:99:ac:f0:82:74:79:7c:4c:29:
f0:23:f0:fb:ba:1c:2a:c2:98:59:ac:b6:5c:77:82:
81:2a:eb:8c:b0:f3:fe:2d:d9:1c:e8:a2:2c:94:c9:
bc:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C4:C2:4A:66:FB:15:EE:9D:6D:92:9F:78:8E:15:D5:3D:39:F0:AD
X509v3 Authority Key Identifier:
keyid:98:72:8E:8A:27:D3:0C:83:AE:E5:F4:96:24:09:85:EE:40:CB:37:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mHKOiifTDIOu5fSWJAmF7kDLN4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/03ca23-a143-4df0-afb9-a24e3a0a31ef/1/HcTCSmb7Fe6dbZKfeI4V1T058K0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/03ca23-a143-4df0-afb9-a24e3a0a31ef/1/mHKOiifTDIOu5fSWJAmF7kDLN4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.28.0/22
Signature Algorithm: sha256WithRSAEncryption
62:cd:1b:39:ad:8a:cc:d2:57:b8:5d:1c:67:f5:0b:d0:24:b1:
4e:d7:3f:76:a9:c0:12:4a:0a:61:73:3d:61:55:0f:8a:f1:c9:
69:ea:89:45:1a:49:60:15:b8:99:2e:0b:31:34:3d:0c:c5:53:
f0:a0:eb:37:0f:23:d3:95:9d:24:2e:79:23:55:c1:2c:c6:ac:
66:9f:26:a9:67:8e:31:18:59:51:ad:26:25:ec:20:b1:8a:02:
6a:f2:3e:c8:b4:9b:59:bb:e9:27:4c:f4:90:7f:d6:b9:30:b4:
70:96:22:ad:0e:fc:01:c8:d3:97:d7:38:3a:d7:91:1d:da:c2:
65:8e:d3:92:4f:8c:5d:53:63:a0:99:e6:0a:07:8d:cb:68:31:
aa:df:b9:ee:1d:a0:8b:39:17:75:df:fd:18:80:c2:fa:7b:85:
61:10:f5:a5:bf:21:79:96:a3:8b:07:a6:3d:ae:9e:79:63:fb:
b8:92:d9:1c:03:fe:b1:cd:94:91:5b:51:ed:07:cf:b9:99:e9:
0c:e7:95:b3:e4:ab:ae:f2:a3:dd:84:df:40:12:03:4b:11:4e:
07:2f:a0:96:86:c0:26:d1:ee:62:4b:c8:e9:bd:bb:47:a3:29:
fb:9e:99:db:4e:3b:47:da:6b:db:ec:ba:91:30:39:d7:fd:2a:
6f:49:be:ae
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEB0mMeTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODcyOGU4YTI3ZDMwYzgzYWVlNWY0OTYyNDA5ODVlZTQwY2IzNzhiMB4XDTIyMDEw
MTE1MDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRjNGMyNGE2NmZi
MTVlZTlkNmQ5MjlmNzg4ZTE1ZDUzZDM5ZjBhZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBcQT6bFfljpbBV44ariMddVq8aqmKw7U13Wir8lOUuQ39M
e64rFLlZv3LJWKY4PU2F/7VUOZ3WQgILsKxlFUGR6ObCCgl4nh3q+BkowoOZSFDA
iVyxXOAOe7ru+ueuBk9cntdujAy/mBqB4xXmTh3JBEOAeUBgICNtE6UfAR0nhbQv
WzoL2bvQEwdtB3QlfjJ44nBl6eg1lMdjPCGNVo3bkCVmTzMscU2YZedpemYWNmb8
yx1S75EBQwACC5kYu5Kd4BD3FgRDVKhYHK02/b2rTC2zC96AmazwgnR5fEwp8CPw
+7ocKsKYWay2XHeCgSrrjLDz/i3ZHOiiLJTJvG8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQdxMJKZvsV7p1tkp94jhXVPTnwrTAfBgNVHSMEGDAWgBSYco6KJ9MMg67l
9JYkCYXuQMs3izAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21IS09paWZURElPdTVmU1dKQW1GN2tETE40cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWQvMDNjYTIzLWExNDMtNGRmMC1hZmI5LWEyNGUzYTBhMzFlZi8x
L0hjVENTbWI3RmU2ZGJaS2ZlSTRWMVQwNThLMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWQv
MDNjYTIzLWExNDMtNGRmMC1hZmI5LWEyNGUzYTBhMzFlZi8xL21IS09paWZURElP
dTVmU1dKQW1GN2tETE40cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAi2aHDANBgkqhkiG9w0BAQsFAAOC
AQEAYs0bOa2KzNJXuF0cZ/UL0CSxTtc/dqnAEkoKYXM9YVUPivHJaeqJRRpJYBW4
mS4LMTQ9DMVT8KDrNw8j05WdJC55I1XBLMasZp8mqWeOMRhZUa0mJewgsYoCavI+
yLSbWbvpJ0z0kH/WuTC0cJYirQ78AcjTl9c4OteRHdrCZY7Tkk+MXVNjoJnmCgeN
y2gxqt+57h2gizkXdd/9GIDC+nuFYRD1pb8heZajiwemPa6eeWP7uJLZHAP+sc2U
kVtR7QfPuZnpDOeVs+SrrvKj3YTfQBIDSxFOBy+globAJtHuYkvI6b27R6Mp+56Z
2047R9pr2+y6kTA51/0qb0m+rg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:42 2024 by rpki-client on console-fra.rpki-client.org