Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/HwmFsuHHIxcfaTVnk4ibTFB6390.roa
File: HwmFsuHHIxcfaTVnk4ibTFB6390.roa (raw, json)
Hash identifier: cPIuJgHWKBcNdt7sHwIMn/w/Z9Q4RtupJoPDw1RQIwU=
Subject key identifier: 1F:09:85:B2:E1:C7:23:17:1F:69:35:67:93:88:9B:4C:50:7A:DF:DD
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 01856B5329035DB364A8928290074F1F08E3
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/HwmFsuHHIxcfaTVnk4ibTFB6390.roa
Signing time: Sun 01 Jan 2023 03:14:50 +0000
ROA not before: Sun 01 Jan 2023 03:14:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50013
IP address blocks: 109.160.50.0/24 maxlen: 24
109.160.49.0/24 maxlen: 24
109.160.48.0/24 maxlen: 24
109.160.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:53:29:03:5d:b3:64:a8:92:82:90:07:4f:1f:08:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 03:14:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1f0985b2e1c723171f69356793889b4c507adfdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:21:fc:a6:ca:83:02:d2:53:c1:14:dd:60:60:
20:88:70:20:e1:ba:01:54:bd:a1:6f:7d:56:75:5f:
a6:ec:6f:33:a8:48:51:92:25:7d:f3:e7:b8:a4:e7:
bc:9b:a5:cc:63:ea:15:48:82:62:0d:a7:72:7a:31:
cd:21:42:43:f9:6b:a1:09:42:35:83:97:2c:85:d7:
25:24:5b:d1:b7:0c:7e:db:7a:7b:71:d1:68:55:35:
ca:d7:9d:e6:74:1b:ab:f9:23:69:23:73:28:e6:d1:
c6:28:ad:f3:9e:36:03:b5:6e:ac:ce:b5:c7:93:66:
ef:59:d6:5d:09:7a:1b:4c:f0:be:0a:93:6c:d1:d2:
e3:7f:b4:41:a5:50:7d:ad:f3:cb:5e:76:2f:a6:97:
97:df:c8:9e:a1:23:77:9e:7a:60:4f:58:12:91:d7:
f2:91:84:60:2a:de:e6:94:1a:ac:2d:84:88:d8:c5:
61:70:64:22:bf:16:1d:75:8e:2e:5a:e1:ef:6b:08:
ef:88:e2:ce:f2:ac:e7:89:13:04:ee:37:36:b2:7f:
87:60:3a:cb:59:b5:cf:62:50:23:4e:f9:95:95:cd:
6a:25:80:23:39:fa:6b:ac:ff:38:2c:07:1b:fb:1a:
f7:a4:87:92:40:84:4a:54:14:f9:9e:9c:d2:88:a8:
41:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:09:85:B2:E1:C7:23:17:1F:69:35:67:93:88:9B:4C:50:7A:DF:DD
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/HwmFsuHHIxcfaTVnk4ibTFB6390.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.48.0/22
Signature Algorithm: sha256WithRSAEncryption
39:3d:b9:40:b3:ab:38:b0:16:3a:87:dc:94:13:0e:00:35:e6:
49:fb:77:d0:86:2f:f6:d4:c7:7d:b9:d0:13:fc:d0:97:04:41:
cc:af:3c:0d:89:71:5a:f4:12:7b:c3:93:cf:64:18:da:4c:0c:
78:bf:5e:2b:ab:f9:36:27:97:bf:7e:06:3f:02:fa:fb:0d:42:
0d:c0:d6:86:d7:c5:99:3e:a8:3d:68:68:72:3b:dd:98:5d:2b:
22:b9:de:b5:65:b2:a7:dd:2c:1d:11:40:f3:f6:6c:ce:11:7e:
dd:e7:f6:16:3f:90:09:98:c2:b7:d5:e1:fb:d0:75:35:2d:5a:
85:97:1f:c6:04:d7:5e:a5:34:66:79:87:e5:d2:62:e9:fc:b5:
21:54:47:c2:89:37:78:de:5b:5f:d7:3d:03:e1:0c:88:ca:d7:
ff:e7:b1:c5:33:51:fc:89:14:1c:6f:bf:92:b4:de:2f:ed:29:
15:9e:6b:d8:55:a0:93:5d:53:2a:f5:86:bf:bf:db:1c:4c:59:
cf:50:e4:74:6e:19:5a:59:5a:4c:d6:af:dd:44:f7:2c:ce:dd:
88:d6:f3:07:aa:65:53:3d:68:19:1b:4d:dc:6d:d4:a6:93:2f:
c0:36:cf:40:71:27:d1:4c:1f:94:32:90:b5:a3:28:92:b4:f6:
ab:2d:28:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrUykDXbNkqJKCkAdPHwjjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjMwMTAxMDMxNDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjA5ODViMmUxYzcyMzE3MWY2OTM1Njc5Mzg4OWI0YzUwN2FkZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryH8psqDAtJTwRTdYGAgiHAg4boB
VL2hb31WdV+m7G8zqEhRkiV98+e4pOe8m6XMY+oVSIJiDadyejHNIUJD+WuhCUI1
g5cshdclJFvRtwx+23p7cdFoVTXK153mdBur+SNpI3Mo5tHGKK3znjYDtW6szrXH
k2bvWdZdCXobTPC+CpNs0dLjf7RBpVB9rfPLXnYvppeX38ieoSN3nnpgT1gSkdfy
kYRgKt7mlBqsLYSI2MVhcGQivxYddY4uWuHvawjviOLO8qzniRME7jc2sn+HYDrL
WbXPYlAjTvmVlc1qJYAjOfprrP84LAcb+xr3pIeSQIRKVBT5npzSiKhB6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB8JhbLhxyMXH2k1Z5OIm0xQet/dMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvSHdtRnN1SEhJeGNmYVRWbms0aWJURkI2MzkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbaAwMA0G
CSqGSIb3DQEBCwUAA4IBAQA5PblAs6s4sBY6h9yUEw4ANeZJ+3fQhi/21Md9udAT
/NCXBEHMrzwNiXFa9BJ7w5PPZBjaTAx4v14rq/k2J5e/fgY/Avr7DUINwNaG18WZ
Pqg9aGhyO92YXSsiud61ZbKn3SwdEUDz9mzOEX7d5/YWP5AJmMK31eH70HU1LVqF
lx/GBNdepTRmeYfl0mLp/LUhVEfCiTd43ltf1z0D4QyIytf/57HFM1H8iRQcb7+S
tN4v7SkVnmvYVaCTXVMq9Ya/v9scTFnPUOR0bhlaWVpM1q/dRPcszt2I1vMHqmVT
PWgZG03cbdSmky/ANs9AcSfRTB+UMpC1oyiStParLShI
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:38 2025 by rpki-client