Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/ADV-qaZtlyI8BUtRLVb7eGlNlgE.roa
File: ADV-qaZtlyI8BUtRLVb7eGlNlgE.roa (raw, json)
Hash identifier: t8Biqatejp/8rjuNWBYhRmB6623G1M+HlFgHPl3TiYs=
Subject key identifier: 00:35:7E:A9:A6:6D:97:22:3C:05:4B:51:2D:56:FB:78:69:4D:96:01
Certificate issuer: /CN=86afaae2e3e054073a38aab635dc96460eef487e
Certificate serial: 03606F3B
Authority key identifier: 86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/ADV-qaZtlyI8BUtRLVb7eGlNlgE.roa
Signing time: Sat 01 Jan 2022 16:06:58 +0000
ROA not before: Sat 01 Jan 2022 16:06:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212216
IP address blocks: 185.73.226.0/24 maxlen: 32
80.249.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56651579 (0x3606f3b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86afaae2e3e054073a38aab635dc96460eef487e
Validity
Not Before: Jan 1 16:06:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=00357ea9a66d97223c054b512d56fb78694d9601
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bb:a2:41:7d:18:dc:9b:70:c6:18:7d:bc:a8:
b0:33:70:e8:72:bc:e4:97:18:94:fa:d9:1f:0e:26:
e9:1e:58:63:38:a1:f8:cf:eb:31:32:34:62:f5:89:
d5:30:16:a2:89:27:24:58:50:05:20:60:49:c3:29:
93:ae:38:f1:a2:91:b5:eb:7c:b2:60:d1:b9:72:a1:
72:ee:30:47:5c:a7:98:49:62:10:8d:9a:46:8d:ce:
62:b9:8d:b4:1b:99:c4:df:fd:84:77:5f:06:66:cf:
b7:fd:d3:a3:11:84:da:8f:a3:19:88:75:6d:5e:05:
18:81:92:12:d8:a2:15:a3:78:3c:d5:15:5b:66:f4:
08:42:e0:48:ef:c0:6c:c2:8e:65:09:8d:c6:04:0f:
af:d6:e4:13:2e:8f:38:84:38:3e:20:72:88:46:4b:
ca:18:20:1b:9a:1e:15:6c:1c:3d:91:1b:7e:41:3f:
7e:ac:70:ad:cd:9d:bb:24:ed:18:51:09:53:eb:13:
d1:86:e3:11:aa:5e:3c:f0:17:e5:db:58:24:02:02:
29:96:cf:64:4c:32:89:8b:cc:b3:a4:91:fd:7a:a2:
74:16:fa:59:e1:6a:5a:ee:c3:02:e9:1e:04:dc:1c:
55:c6:91:27:c1:52:d7:4b:b2:73:62:a1:d8:97:0e:
91:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:35:7E:A9:A6:6D:97:22:3C:05:4B:51:2D:56:FB:78:69:4D:96:01
X509v3 Authority Key Identifier:
keyid:86:AF:AA:E2:E3:E0:54:07:3A:38:AA:B6:35:DC:96:46:0E:EF:48:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hq-q4uPgVAc6OKq2NdyWRg7vSH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/ADV-qaZtlyI8BUtRLVb7eGlNlgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/e76a1a-3724-495b-ac72-472040b247f6/1/hq-q4uPgVAc6OKq2NdyWRg7vSH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.115.0/24
185.73.226.0/24
Signature Algorithm: sha256WithRSAEncryption
46:73:f9:48:6f:65:5f:0c:ce:75:03:23:67:2c:8c:dc:8d:92:
a8:99:50:f7:8b:64:f5:8f:4e:b0:9c:ad:46:3b:93:e9:1a:a8:
ae:f8:f3:f3:b0:85:eb:2c:d5:72:72:60:47:e6:d7:17:88:0c:
7e:c8:06:b6:9e:4a:f5:f0:6f:7e:11:e7:4e:db:3b:8b:1a:f4:
a3:e8:92:e6:f4:15:40:94:93:f4:48:14:63:c4:ee:93:06:47:
ec:48:87:df:fe:de:f6:c6:3e:ad:7f:e3:c2:75:1f:1c:3f:9c:
6f:09:b2:72:39:d2:a8:5d:82:9e:0c:83:1e:5c:ec:18:8b:a6:
7c:d4:54:91:3d:fd:d9:fc:82:72:22:fb:ca:f4:08:c6:07:16:
1a:40:38:39:61:24:a0:01:d6:aa:85:f3:d4:ca:2d:66:9f:5b:
17:5c:99:03:b6:3d:ae:68:7b:0f:fa:c8:9a:45:a6:e7:08:3c:
7e:86:90:1e:09:be:bc:fe:00:08:d5:da:22:1d:1c:bd:05:c4:
89:45:92:c9:60:10:76:4d:60:24:e6:7b:c8:76:bb:45:46:29:
db:56:d1:8a:ca:90:15:e4:b1:14:ff:ee:a5:bf:ac:02:df:61:
81:ec:2a:ae:16:66:5c:7a:07:64:a0:e5:d7:49:7f:0a:01:dc:
1e:b2:11:34
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA2BvOzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NmFmYWFlMmUzZTA1NDA3M2EzOGFhYjYzNWRjOTY0NjBlZWY0ODdlMB4XDTIyMDEw
MTE2MDY1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDAzNTdlYTlhNjZk
OTcyMjNjMDU0YjUxMmQ1NmZiNzg2OTRkOTYwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALC7okF9GNybcMYYfbyosDNw6HK85JcYlPrZHw4m6R5YYzih
+M/rMTI0YvWJ1TAWooknJFhQBSBgScMpk6448aKRtet8smDRuXKhcu4wR1ynmEli
EI2aRo3OYrmNtBuZxN/9hHdfBmbPt/3ToxGE2o+jGYh1bV4FGIGSEtiiFaN4PNUV
W2b0CELgSO/AbMKOZQmNxgQPr9bkEy6POIQ4PiByiEZLyhggG5oeFWwcPZEbfkE/
fqxwrc2duyTtGFEJU+sT0YbjEapePPAX5dtYJAICKZbPZEwyiYvMs6SR/XqidBb6
WeFqWu7DAukeBNwcVcaRJ8FS10uyc2Kh2JcOkW0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQANX6ppm2XIjwFS1EtVvt4aU2WATAfBgNVHSMEGDAWgBSGr6ri4+BUBzo4
qrY13JZGDu9IfjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hxLXE0dVBnVkFjNk9LcTJOZHlXUmc3dlNINC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvZTc2YTFhLTM3MjQtNDk1Yi1hYzcyLTQ3MjA0MGIyNDdmNi8x
L0FEVi1xYVp0bHlJOEJVdFJMVmI3ZUdsTmxnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
ZTc2YTFhLTM3MjQtNDk1Yi1hYzcyLTQ3MjA0MGIyNDdmNi8xL2hxLXE0dVBnVkFj
Nk9LcTJOZHlXUmc3dlNINC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFD5cwMEALlJ4jANBgkqhkiG9w0B
AQsFAAOCAQEARnP5SG9lXwzOdQMjZyyM3I2SqJlQ94tk9Y9OsJytRjuT6Rqorvjz
87CF6yzVcnJgR+bXF4gMfsgGtp5K9fBvfhHnTts7ixr0o+iS5vQVQJST9EgUY8Tu
kwZH7EiH3/7e9sY+rX/jwnUfHD+cbwmycjnSqF2CngyDHlzsGIumfNRUkT392fyC
ciL7yvQIxgcWGkA4OWEkoAHWqoXz1MotZp9bF1yZA7Y9rmh7D/rImkWm5wg8foaQ
Hgm+vP4ACNXaIh0cvQXEiUWSyWAQdk1gJOZ7yHa7RUYp21bRisqQFeSxFP/upb+s
At9hgewqrhZmXHoHZKDl10l/CgHcHrIRNA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:23 2024 by rpki-client on console-fra.rpki-client.org