Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Huj9tfoYG0QdDwLjpLXzTe3vgrE.roa
File: Huj9tfoYG0QdDwLjpLXzTe3vgrE.roa (raw, json)
Hash identifier: 4rWW+fCJrhQaAAnsyHlFJKSxRBeWsWCyZME67N2NdrE=
Subject key identifier: 1E:E8:FD:B5:FA:18:1B:44:1D:0F:02:E3:A4:B5:F3:4D:ED:EF:82:B1
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01838E12026EC9599E8C2707BB98599B47F9
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Huj9tfoYG0QdDwLjpLXzTe3vgrE.roa
Signing time: Fri 30 Sep 2022 11:04:48 +0000
ROA not before: Fri 30 Sep 2022 11:04:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 996
IP address blocks: 85.239.144.0/24 maxlen: 24
85.239.145.0/24 maxlen: 24
85.239.146.0/24 maxlen: 24
85.239.147.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:8e:12:02:6e:c9:59:9e:8c:27:07:bb:98:59:9b:47:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Sep 30 11:04:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ee8fdb5fa181b441d0f02e3a4b5f34dedef82b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:bb:d4:c1:97:93:4f:9d:5d:5d:7b:fc:c0:c8:
d7:52:11:ac:53:fc:26:30:5a:5f:10:2e:75:52:3b:
6a:7f:4f:2c:44:fa:91:67:d7:09:c8:e3:10:45:3d:
0a:ef:c8:bb:61:7f:80:1c:9e:ce:fd:2d:44:15:78:
c0:b1:f4:ba:95:9b:1f:dc:41:04:dc:fc:41:da:d4:
9d:17:e9:90:86:ed:a8:9d:f1:84:79:81:3e:a9:d2:
41:9a:54:a3:b8:da:63:7c:36:c1:ad:0f:c1:29:21:
d0:62:8b:6e:de:bd:45:9f:21:c5:4f:6c:3d:53:3c:
cb:75:12:6d:db:e4:e9:92:6c:60:5d:ef:2d:f4:98:
58:1d:9e:5f:69:b4:c9:21:02:cd:c1:0a:a3:b6:13:
48:0f:fe:13:8b:35:bf:2b:c7:c8:db:00:b6:8b:c4:
37:09:b8:e4:ca:7c:86:bc:0d:03:1c:75:df:6b:9f:
67:f9:d2:cb:c6:2a:f6:5f:30:b0:60:99:36:20:6a:
94:3d:1a:20:5d:55:04:72:a0:73:b9:0e:06:f9:95:
4b:5c:9a:57:9f:6e:a1:50:77:40:66:8e:2f:d9:de:
10:de:a5:b5:19:12:67:d4:fc:11:f9:1c:7c:fa:50:
6b:89:0b:1d:bc:6a:d7:ec:a9:b1:ca:aa:15:67:74:
47:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:E8:FD:B5:FA:18:1B:44:1D:0F:02:E3:A4:B5:F3:4D:ED:EF:82:B1
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/Huj9tfoYG0QdDwLjpLXzTe3vgrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.144.0/22
Signature Algorithm: sha256WithRSAEncryption
ae:03:b1:19:14:67:ab:98:72:d3:36:48:5d:d7:8b:ec:ae:ef:
86:27:43:63:5a:5a:98:a2:78:c1:b2:df:a7:df:90:f7:34:c2:
6c:ba:f7:bf:fc:89:33:e7:e0:de:7e:82:fb:73:c6:f6:2a:32:
c8:e3:03:cb:2b:e9:83:ed:c6:48:2c:c4:78:71:36:50:9a:e3:
4c:a4:68:2c:f8:7c:7b:09:b7:5a:c1:fb:10:cd:29:29:e3:c5:
05:fb:20:06:93:7a:aa:a1:8f:46:9f:ec:f4:c7:ce:a0:ca:88:
a6:0d:08:1c:86:3d:1b:a0:bc:a2:f8:81:3a:79:5f:8c:db:65:
6d:0b:2b:ad:ee:2a:6c:4c:af:4f:84:34:a3:bb:88:c3:86:ba:
ae:bd:ec:95:e3:fb:26:e9:7d:f4:47:32:d1:ae:aa:8b:18:75:
01:3e:15:79:55:d5:1c:4e:a5:27:20:7a:03:69:8d:3e:b4:29:
a9:59:c1:61:8b:db:ee:52:86:e2:e0:98:8e:58:c3:ef:31:ed:
dc:e9:c4:ee:d8:0d:98:c4:5c:a0:52:d3:51:d9:b0:8e:00:0e:
f4:54:23:fd:ec:48:fa:b8:fc:dc:31:54:f5:cb:68:94:41:9d:
ea:7a:4c:2f:2c:bd:01:e1:7d:db:d2:0d:0b:d7:2e:6b:ff:69:
d2:f0:0a:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYOOEgJuyVmejCcHu5hZm0f5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjIwOTMwMTEwNDQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWU4ZmRiNWZhMTgxYjQ0MWQwZjAyZTNhNGI1ZjM0ZGVkZWY4MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbvUwZeTT51dXXv8wMjXUhGsU/wm
MFpfEC51Ujtqf08sRPqRZ9cJyOMQRT0K78i7YX+AHJ7O/S1EFXjAsfS6lZsf3EEE
3PxB2tSdF+mQhu2onfGEeYE+qdJBmlSjuNpjfDbBrQ/BKSHQYotu3r1FnyHFT2w9
UzzLdRJt2+TpkmxgXe8t9JhYHZ5fabTJIQLNwQqjthNID/4TizW/K8fI2wC2i8Q3
CbjkynyGvA0DHHXfa59n+dLLxir2XzCwYJk2IGqUPRogXVUEcqBzuQ4G+ZVLXJpX
n26hUHdAZo4v2d4Q3qW1GRJn1PwR+Rx8+lBriQsdvGrX7KmxyqoVZ3RH4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7o/bX6GBtEHQ8C46S1803t74KxMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvSHVqOXRmb1lHMFFkRHdManBMWHpUZTN2Z3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVe+QMA0G
CSqGSIb3DQEBCwUAA4IBAQCuA7EZFGermHLTNkhd14vsru+GJ0NjWlqYonjBst+n
35D3NMJsuve//Ikz5+DefoL7c8b2KjLI4wPLK+mD7cZILMR4cTZQmuNMpGgs+Hx7
CbdawfsQzSkp48UF+yAGk3qqoY9Gn+z0x86gyoimDQgchj0boLyi+IE6eV+M22Vt
Cyut7ipsTK9PhDSju4jDhrquveyV4/sm6X30RzLRrqqLGHUBPhV5VdUcTqUnIHoD
aY0+tCmpWcFhi9vuUobi4JiOWMPvMe3c6cTu2A2YxFygUtNR2bCOAA70VCP97Ej6
uPzcMVT1y2iUQZ3qekwvLL0B4X3b0g0L1y5r/2nS8AqA
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:53 2024 by rpki-client on console-fra.rpki-client.org