Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/HDjG6evD6Wd1gAO3D4JtDhz5oGE.roa
File: HDjG6evD6Wd1gAO3D4JtDhz5oGE.roa (raw, json)
Hash identifier: vptDTYbHUU9qXr5EPukiiayvqJbUMXMoCunZucSd01w=
Subject key identifier: 1C:38:C6:E9:EB:C3:E9:67:75:80:03:B7:0F:82:6D:0E:1C:F9:A0:61
Certificate issuer: /CN=abf60aa994a34cd4ad3ddba65b9af4d30aa34ce7
Certificate serial: 0184818D2D592244FCF5919DE4F3A60BE6C6
Authority key identifier: AB:F6:0A:A9:94:A3:4C:D4:AD:3D:DB:A6:5B:9A:F4:D3:0A:A3:4C:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_YKqZSjTNStPdumW5r00wqjTOc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/HDjG6evD6Wd1gAO3D4JtDhz5oGE.roa
Signing time: Wed 16 Nov 2022 17:47:03 +0000
ROA not before: Wed 16 Nov 2022 17:47:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60287
IP address blocks: 5.42.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:81:8d:2d:59:22:44:fc:f5:91:9d:e4:f3:a6:0b:e6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abf60aa994a34cd4ad3ddba65b9af4d30aa34ce7
Validity
Not Before: Nov 16 17:47:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c38c6e9ebc3e967758003b70f826d0e1cf9a061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:94:d1:2b:9f:ca:43:ae:a8:2d:7b:99:4c:57:
82:a6:95:63:8b:2c:88:5b:fa:bb:1f:e4:4b:89:e2:
29:c4:42:31:52:84:45:06:54:ef:50:90:9c:21:04:
8e:61:67:09:10:5f:f8:34:f9:fc:66:f2:d3:64:46:
6f:7e:9a:19:91:c8:5f:d6:eb:8d:6f:a8:e5:89:d2:
49:41:77:54:4e:b8:07:b2:fd:dc:2b:da:c3:b4:bd:
dc:09:68:cd:29:99:4a:7b:0c:48:47:10:b0:49:c3:
fe:e5:56:77:e9:c8:ab:1f:b8:65:57:62:c9:d0:c9:
5f:57:a4:88:5c:06:80:1e:37:20:74:45:1b:63:30:
a7:c9:3b:8d:a7:fc:66:bb:d0:a2:4b:d7:b5:70:de:
61:1c:86:5e:32:ea:13:29:8d:20:4d:d8:4f:9a:c1:
16:70:eb:2c:b0:ff:13:c5:98:a5:74:e6:14:b2:7d:
89:d9:92:39:6d:8c:75:8d:5b:d9:15:50:81:82:51:
bb:f6:4c:47:54:05:2e:85:b4:52:f0:58:76:c5:7b:
5a:17:ad:8d:7f:55:41:bd:eb:c0:87:58:ba:13:57:
e1:8a:e7:40:42:8f:84:7a:d5:f3:65:29:f1:0f:9a:
aa:1f:16:13:c9:1c:7f:dc:0d:f8:c8:3e:47:fe:cb:
9d:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:38:C6:E9:EB:C3:E9:67:75:80:03:B7:0F:82:6D:0E:1C:F9:A0:61
X509v3 Authority Key Identifier:
keyid:AB:F6:0A:A9:94:A3:4C:D4:AD:3D:DB:A6:5B:9A:F4:D3:0A:A3:4C:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_YKqZSjTNStPdumW5r00wqjTOc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/HDjG6evD6Wd1gAO3D4JtDhz5oGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a22660-38ef-4768-af43-e94122087b3f/1/q_YKqZSjTNStPdumW5r00wqjTOc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.214.0/24
Signature Algorithm: sha256WithRSAEncryption
c5:52:25:b2:cd:b2:32:60:ea:d8:b8:51:89:16:a2:50:23:17:
4e:b5:91:61:b8:38:b5:70:cf:e8:50:1d:5f:ba:1b:fc:0c:a2:
ce:cb:4e:ba:e9:d5:42:10:e0:eb:94:13:f4:7b:e2:31:ba:ab:
95:d4:7f:1d:dd:fa:e3:57:fe:fa:93:f7:e8:d2:2d:33:f6:31:
4f:72:da:6a:12:10:e8:47:6f:8f:21:be:eb:29:67:2f:18:a0:
5c:84:37:36:c5:f6:67:f2:99:34:63:51:d0:9d:2f:03:92:16:
4a:83:69:3d:ff:ab:bd:5d:6c:1d:4c:56:e8:4e:f4:60:c8:d7:
44:da:bb:99:52:34:35:36:d0:5e:4d:92:45:d8:7b:a0:fb:61:
35:8b:a9:b7:a6:92:92:0f:3e:c1:3b:34:bb:5c:43:df:65:a6:
d9:6e:ed:f1:16:bd:68:98:dc:e4:ce:2f:70:c5:0c:51:a8:7f:
1b:97:64:b2:80:d7:98:15:85:35:f7:38:45:54:ed:a2:aa:05:
9f:95:26:84:55:2b:1b:87:6e:ff:7b:7e:5f:86:96:ab:e7:15:
08:f7:89:17:1d:51:5e:ff:93:bf:f2:49:b6:f2:d7:6d:57:5d:
ed:51:be:d3:d4:1d:5d:22:ff:f9:4b:63:20:40:c9:8c:4e:7f:
a5:04:eb:fc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSBjS1ZIkT89ZGd5POmC+bGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZjYwYWE5OTRhMzRjZDRhZDNkZGJhNjViOWFmNGQzMGFh
MzRjZTcwHhcNMjIxMTE2MTc0NzAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzM4YzZlOWViYzNlOTY3NzU4MDAzYjcwZjgyNmQwZTFjZjlhMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpTRK5/KQ66oLXuZTFeCppVjiyyI
W/q7H+RLieIpxEIxUoRFBlTvUJCcIQSOYWcJEF/4NPn8ZvLTZEZvfpoZkchf1uuN
b6jlidJJQXdUTrgHsv3cK9rDtL3cCWjNKZlKewxIRxCwScP+5VZ36cirH7hlV2LJ
0MlfV6SIXAaAHjcgdEUbYzCnyTuNp/xmu9CiS9e1cN5hHIZeMuoTKY0gTdhPmsEW
cOsssP8TxZildOYUsn2J2ZI5bYx1jVvZFVCBglG79kxHVAUuhbRS8Fh2xXtaF62N
f1VBvevAh1i6E1fhiudAQo+EetXzZSnxD5qqHxYTyRx/3A34yD5H/sudaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBw4xunrw+lndYADtw+CbQ4c+aBhMB8GA1UdIwQY
MBaAFKv2CqmUo0zUrT3bplua9NMKo0znMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcV9ZS3FaU2pUTlN0UGR1bVc1cjAwd3FqVE9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hMjI2NjAtMzhlZi00NzY4LWFmNDMt
ZTk0MTIyMDg3YjNmLzEvSERqRzZldkQ2V2QxZ0FPM0Q0SnREaHo1b0dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hMjI2NjAtMzhlZi00NzY4LWFmNDMtZTk0MTIyMDg3YjNm
LzEvcV9ZS3FaU2pUTlN0UGR1bVc1cjAwd3FqVE9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABSrWMA0G
CSqGSIb3DQEBCwUAA4IBAQDFUiWyzbIyYOrYuFGJFqJQIxdOtZFhuDi1cM/oUB1f
uhv8DKLOy0666dVCEODrlBP0e+IxuquV1H8d3frjV/76k/fo0i0z9jFPctpqEhDo
R2+PIb7rKWcvGKBchDc2xfZn8pk0Y1HQnS8DkhZKg2k9/6u9XWwdTFboTvRgyNdE
2ruZUjQ1NtBeTZJF2Hug+2E1i6m3ppKSDz7BOzS7XEPfZabZbu3xFr1omNzkzi9w
xQxRqH8bl2SygNeYFYU19zhFVO2iqgWflSaEVSsbh27/e35fhpar5xUI94kXHVFe
/5O/8km28tdtV13tUb7T1B1dIv/5S2MgQMmMTn+lBOv8
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:59 2023 by rpki-client on console.sobornost.net