Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/H9lspHJqHGxTUCZZHlE3kKr1kJY.roa
File: H9lspHJqHGxTUCZZHlE3kKr1kJY.roa (raw, json)
Hash identifier: YguIW+TuhYkbg/YNflFAQ3ZDBc5RNZCOYc5AoDpQxPY=
Subject key identifier: 1F:D9:6C:A4:72:6A:1C:6C:53:50:26:59:1E:51:37:90:AA:F5:90:96
Certificate issuer: /CN=855c5d0fe25935ac91ab5aada6452600e58d25a5
Certificate serial: 12F2FD9F
Authority key identifier: 85:5C:5D:0F:E2:59:35:AC:91:AB:5A:AD:A6:45:26:00:E5:8D:25:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hVxdD-JZNayRq1qtpkUmAOWNJaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/H9lspHJqHGxTUCZZHlE3kKr1kJY.roa
Signing time: Sat 01 Jan 2022 10:02:53 +0000
ROA not before: Sat 01 Jan 2022 10:02:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208332
IP address blocks: 185.135.240.0/22 maxlen: 22
185.135.240.0/24 maxlen: 24
185.135.242.0/24 maxlen: 24
185.135.243.0/24 maxlen: 24
185.135.241.0/24 maxlen: 24
2a06:f700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 317914527 (0x12f2fd9f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=855c5d0fe25935ac91ab5aada6452600e58d25a5
Validity
Not Before: Jan 1 10:02:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1fd96ca4726a1c6c535026591e513790aaf59096
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:30:3d:63:7c:6d:4a:42:d0:af:bb:c8:fc:43:
66:1a:93:64:bf:c8:d0:9c:49:17:32:19:b8:18:76:
85:6b:9f:26:8d:20:05:31:e3:09:aa:f3:81:d1:0e:
aa:d5:a1:b3:ab:34:a7:25:a0:65:0c:85:5a:ac:06:
9b:75:12:1a:57:50:5b:42:fc:fc:32:d9:cd:5d:a6:
33:f0:b9:68:25:f0:4a:ce:90:63:ec:9a:e3:2b:6e:
3e:e8:7e:ec:07:7c:a7:99:5a:9a:62:9d:41:0c:ee:
90:a1:f4:ec:0b:13:1f:fe:7d:d1:e5:44:0f:28:bf:
7c:72:92:15:cf:b1:44:e8:ef:c5:9b:f6:30:d8:58:
58:87:24:54:03:e1:9c:2e:93:87:8d:8c:03:8e:71:
af:ee:f8:dc:17:6e:df:90:22:f5:27:4b:74:52:67:
7a:01:fb:6c:67:0f:cc:dc:70:84:cc:ac:f0:56:d1:
e6:fd:08:0a:98:c3:d1:24:8d:c7:20:9e:0e:76:15:
43:d5:0d:e6:85:1a:2c:e7:b1:24:e3:79:dc:45:db:
ce:25:e8:1d:10:10:12:6f:a9:f8:5c:81:d6:1e:a1:
19:99:09:36:bd:d1:ce:18:fe:bd:32:40:e1:bd:4c:
ec:29:bc:9a:f2:eb:bf:94:e0:c6:ed:61:1f:51:27:
44:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:D9:6C:A4:72:6A:1C:6C:53:50:26:59:1E:51:37:90:AA:F5:90:96
X509v3 Authority Key Identifier:
keyid:85:5C:5D:0F:E2:59:35:AC:91:AB:5A:AD:A6:45:26:00:E5:8D:25:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hVxdD-JZNayRq1qtpkUmAOWNJaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/H9lspHJqHGxTUCZZHlE3kKr1kJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a2b051-3a23-4835-b30d-2af4791d96eb/1/hVxdD-JZNayRq1qtpkUmAOWNJaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.135.240.0/22
IPv6:
2a06:f700::/29
Signature Algorithm: sha256WithRSAEncryption
56:b8:3a:f3:f2:aa:9c:be:73:a4:65:7e:6a:af:af:83:05:7b:
20:ce:b1:20:70:66:2f:d9:ab:0c:27:b3:2a:d4:57:01:6b:33:
67:1d:ee:7d:90:6e:6e:77:28:81:98:6d:d3:22:e7:ed:27:27:
16:c7:2b:c8:53:5b:8b:19:93:4f:b1:88:60:0f:6f:87:d4:ac:
91:b4:f6:3e:75:a3:71:57:3a:a1:56:44:4c:b1:ff:b9:b9:56:
65:5d:32:d7:c7:0b:bd:89:14:51:25:ca:b5:7b:f4:47:e2:0a:
1d:ee:c2:85:8a:d7:a0:ae:78:fc:fd:d5:24:eb:f5:dc:47:11:
6a:79:41:da:30:2c:af:e1:e4:f0:14:08:f6:4e:61:5f:f6:7c:
09:e4:32:e7:6f:35:9f:fa:43:70:a4:06:aa:0e:21:e4:d8:35:
5a:50:f2:e1:26:d2:11:2a:5a:ec:36:d4:b4:5a:cd:5e:00:ad:
c5:fc:80:d1:5b:6f:29:9a:3e:88:46:a6:ab:11:97:57:46:52:
6d:59:7b:1f:49:eb:65:4c:e9:99:e7:19:6d:36:78:17:f0:ca:
91:2e:e0:83:37:02:95:a5:75:57:2e:84:d4:ed:da:80:c4:c0:
3b:c7:fc:fa:50:74:2a:05:7c:b7:fa:4e:3d:39:24:5d:65:18:
ca:96:c7:77
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEvL9nzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NTVjNWQwZmUyNTkzNWFjOTFhYjVhYWRhNjQ1MjYwMGU1OGQyNWE1MB4XDTIyMDEw
MTEwMDI1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZkOTZjYTQ3MjZh
MWM2YzUzNTAyNjU5MWU1MTM3OTBhYWY1OTA5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOswPWN8bUpC0K+7yPxDZhqTZL/I0JxJFzIZuBh2hWufJo0g
BTHjCarzgdEOqtWhs6s0pyWgZQyFWqwGm3USGldQW0L8/DLZzV2mM/C5aCXwSs6Q
Y+ya4ytuPuh+7Ad8p5lammKdQQzukKH07AsTH/590eVEDyi/fHKSFc+xROjvxZv2
MNhYWIckVAPhnC6Th42MA45xr+743Bdu35Ai9SdLdFJnegH7bGcPzNxwhMys8FbR
5v0ICpjD0SSNxyCeDnYVQ9UN5oUaLOexJON53EXbziXoHRAQEm+p+FyB1h6hGZkJ
Nr3Rzhj+vTJA4b1M7Cm8mvLrv5Tgxu1hH1EnRF0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQf2WykcmocbFNQJlkeUTeQqvWQljAfBgNVHSMEGDAWgBSFXF0P4lk1rJGr
Wq2mRSYA5Y0lpTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hWeGRELUpaTmF5UnExcXRwa1VtQU9XTkphVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvYTJiMDUxLTNhMjMtNDgzNS1iMzBkLTJhZjQ3OTFkOTZlYi8x
L0g5bHNwSEpxSEd4VFVDWlpIbEUza0tyMWtKWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
YTJiMDUxLTNhMjMtNDgzNS1iMzBkLTJhZjQ3OTFkOTZlYi8xL2hWeGRELUpaTmF5
UnExcXRwa1VtQU9XTkphVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmH8DANBAIAAjAHAwUDKgb3ADAN
BgkqhkiG9w0BAQsFAAOCAQEAVrg68/KqnL5zpGV+aq+vgwV7IM6xIHBmL9mrDCez
KtRXAWszZx3ufZBubncogZht0yLn7ScnFscryFNbixmTT7GIYA9vh9SskbT2PnWj
cVc6oVZETLH/ublWZV0y18cLvYkUUSXKtXv0R+IKHe7ChYrXoK54/P3VJOv13EcR
anlB2jAsr+Hk8BQI9k5hX/Z8CeQy5281n/pDcKQGqg4h5Ng1WlDy4SbSESpa7DbU
tFrNXgCtxfyA0VtvKZo+iEamqxGXV0ZSbVl7H0nrZUzpmecZbTZ4F/DKkS7ggzcC
laV1Vy6E1O3agMTAO8f8+lB0KgV8t/pOPTkkXWUYypbHdw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:12:15 2024 by rpki-client on console-ams.rpki-client.org