Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/hRzZq9dq-o4BsHYvppxRr-TEplI.roa
File: hRzZq9dq-o4BsHYvppxRr-TEplI.roa (raw, json)
Hash identifier: /VJGlTXok+wVEf8sWNIdriKlkrxusjp+njHHr9bwxig=
Subject key identifier: 85:1C:D9:AB:D7:6A:FA:8E:01:B0:76:2F:A6:9C:51:AF:E4:C4:A6:52
Certificate issuer: /CN=896a82a725ed22bb46847ae568912078de25c108
Certificate serial: 0EADA813
Authority key identifier: 89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/hRzZq9dq-o4BsHYvppxRr-TEplI.roa
Signing time: Sat 01 Jan 2022 08:03:09 +0000
ROA not before: Sat 01 Jan 2022 08:03:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8841
IP address blocks: 193.220.216.0/22 maxlen: 22
193.220.208.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 246261779 (0xeada813)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=896a82a725ed22bb46847ae568912078de25c108
Validity
Not Before: Jan 1 08:03:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=851cd9abd76afa8e01b0762fa69c51afe4c4a652
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:56:65:bb:fc:50:46:d5:e4:93:c4:e3:02:91:
fe:69:8f:a7:ab:c6:39:94:b0:3d:f9:9f:74:15:e2:
41:35:d3:3a:f5:d2:36:7f:ea:b4:81:be:f6:75:94:
8e:b9:6a:ea:9e:64:c4:20:5d:3d:a5:c3:a8:a3:7d:
df:d6:db:ad:00:4f:6b:d4:2d:b5:e7:5a:c5:9b:17:
2e:bf:4e:ad:ae:e3:4e:9b:a6:b0:5e:03:be:c7:39:
8f:18:ed:0c:52:e6:13:bb:61:0e:00:5e:09:e8:5e:
a5:98:9a:c7:c9:30:bf:a3:d0:3f:e6:2c:9b:98:65:
31:3c:99:95:3e:bb:ab:0d:5b:64:cf:36:ea:2e:7b:
46:ca:ec:cb:9d:de:6b:e4:46:3d:82:a0:97:95:52:
57:bc:35:20:63:bc:0f:31:5d:cc:18:fb:29:c7:54:
1d:8b:94:ac:2e:6a:74:db:74:8f:71:b5:1e:22:86:
69:54:77:56:24:87:74:7c:00:86:7f:fb:2a:6f:1e:
c4:0d:a8:65:ea:53:4e:e6:2a:c4:2f:84:49:65:0f:
a8:79:55:40:40:ab:78:85:5a:ed:46:f5:6d:5e:78:
ba:ca:22:cd:aa:a4:55:26:d8:66:31:19:c1:0d:66:
0c:6b:af:94:82:f6:a5:f6:05:93:a0:35:dc:0d:d7:
aa:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:1C:D9:AB:D7:6A:FA:8E:01:B0:76:2F:A6:9C:51:AF:E4:C4:A6:52
X509v3 Authority Key Identifier:
keyid:89:6A:82:A7:25:ED:22:BB:46:84:7A:E5:68:91:20:78:DE:25:C1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iWqCpyXtIrtGhHrlaJEgeN4lwQg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/hRzZq9dq-o4BsHYvppxRr-TEplI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3fc8da-3515-434d-9f0e-040127102209/1/iWqCpyXtIrtGhHrlaJEgeN4lwQg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.220.208.0-193.220.219.255
Signature Algorithm: sha256WithRSAEncryption
0a:c8:8a:b8:73:c1:7b:89:4b:9e:8b:b0:87:64:3a:bd:5f:09:
79:65:27:0b:84:dd:98:ba:df:1b:3e:40:79:86:60:00:d2:71:
52:67:63:d5:70:5d:7d:61:d3:7e:34:e7:54:9c:39:c3:87:40:
47:ac:b4:09:4d:8d:df:91:c8:30:44:61:9d:92:ff:ff:ae:ee:
5d:5a:02:7a:8a:93:86:cf:fc:c8:98:a1:ab:75:e4:41:a9:ca:
80:b2:cf:f7:cf:76:05:5a:1e:e7:28:43:3a:c5:42:85:66:57:
e8:40:20:e7:e8:6f:92:6e:6b:7b:16:92:9c:10:ea:48:49:b7:
cc:e9:7c:0e:f3:70:0b:25:b4:c1:cb:23:d8:f1:45:d6:0e:3f:
fb:6c:0e:bb:e8:67:8d:35:58:cb:a7:31:6b:f4:e2:df:7b:28:
6e:93:3f:7b:93:24:c0:c2:f4:0a:a0:83:46:26:d5:fd:ea:b6:
71:42:dc:39:e3:59:93:cc:fe:80:bb:cc:2c:d4:95:dc:65:40:
0e:81:ac:f5:1a:79:f0:21:6b:d2:26:ea:ae:f8:f2:9b:c7:04:
7b:20:1c:b4:69:b0:ee:78:38:47:22:c1:e2:f4:35:4f:66:1f:
d4:e7:f0:d0:68:b7:0f:6b:2a:dc:6d:35:aa:92:4c:28:65:2e:
da:f3:22:c1
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEDq2oEzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OTZhODJhNzI1ZWQyMmJiNDY4NDdhZTU2ODkxMjA3OGRlMjVjMTA4MB4XDTIyMDEw
MTA4MDMwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUxY2Q5YWJkNzZh
ZmE4ZTAxYjA3NjJmYTY5YzUxYWZlNGM0YTY1MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZWZbv8UEbV5JPE4wKR/mmPp6vGOZSwPfmfdBXiQTXTOvXS
Nn/qtIG+9nWUjrlq6p5kxCBdPaXDqKN939bbrQBPa9QttedaxZsXLr9Ora7jTpum
sF4Dvsc5jxjtDFLmE7thDgBeCehepZiax8kwv6PQP+Ysm5hlMTyZlT67qw1bZM82
6i57Rsrsy53ea+RGPYKgl5VSV7w1IGO8DzFdzBj7KcdUHYuUrC5qdNt0j3G1HiKG
aVR3ViSHdHwAhn/7Km8exA2oZepTTuYqxC+ESWUPqHlVQECreIVa7Ub1bV54usoi
zaqkVSbYZjEZwQ1mDGuvlIL2pfYFk6A13A3XqocCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBSFHNmr12r6jgGwdi+mnFGv5MSmUjAfBgNVHSMEGDAWgBSJaoKnJe0iu0aE
euVokSB43iXBCDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lXcUNweVh0SXJ0R2hIcmxhSkVnZU40bHdRZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvM2ZjOGRhLTM1MTUtNDM0ZC05ZjBlLTA0MDEyNzEwMjIwOS8x
L2hSelpxOWRxLW80QnNIWXZwcHhSci1URXBsSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
M2ZjOGRhLTM1MTUtNDM0ZC05ZjBlLTA0MDEyNzEwMjIwOS8xL2lXcUNweVh0SXJ0
R2hIcmxhSkVnZU40bHdRZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQEwdzQAwQCwdzYMA0GCSqGSIb3
DQEBCwUAA4IBAQAKyIq4c8F7iUuei7CHZDq9Xwl5ZScLhN2Yut8bPkB5hmAA0nFS
Z2PVcF19YdN+NOdUnDnDh0BHrLQJTY3fkcgwRGGdkv//ru5dWgJ6ipOGz/zImKGr
deRBqcqAss/3z3YFWh7nKEM6xUKFZlfoQCDn6G+Sbmt7FpKcEOpISbfM6XwO83AL
JbTByyPY8UXWDj/7bA676GeNNVjLpzFr9OLfeyhukz97kyTAwvQKoINGJtX96rZx
Qtw541mTzP6Au8ws1JXcZUAOgaz1GnnwIWvSJuqu+PKbxwR7IBy0abDueDhHIsHi
9DVPZh/U5/DQaLcPayrcbTWqkkwoZS7a8yLB
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:31 2024 by rpki-client on console-ams.rpki-client.org