Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hjC50Ds1J6vn7yJk1IZlKVS4FWQ.roa
File: hjC50Ds1J6vn7yJk1IZlKVS4FWQ.roa (raw, json)
Hash identifier: OMkygMjje2VQw1hxwzrKX3NOdxxOIIc6bFQ84tAAosY=
Subject key identifier: 86:30:B9:D0:3B:35:27:AB:E7:EF:22:64:D4:86:65:29:54:B8:15:64
Certificate issuer: /CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Certificate serial: 0EEC28FE
Authority key identifier: DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hjC50Ds1J6vn7yJk1IZlKVS4FWQ.roa
Signing time: Sat 01 Jan 2022 11:00:37 +0000
ROA not before: Sat 01 Jan 2022 11:00:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49964
IP address blocks: 185.99.48.0/24 maxlen: 24
193.105.133.0/24 maxlen: 24
193.138.101.0/24 maxlen: 24
109.69.218.0/24 maxlen: 24
128.127.180.0/24 maxlen: 24
185.192.44.0/24 maxlen: 24
185.192.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250358014 (0xeec28fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de456cdb4d140345c3dcaebfc7634d4e7cdcb913
Validity
Not Before: Jan 1 11:00:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8630b9d03b3527abe7ef2264d486652954b81564
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:46:9f:50:5c:b2:76:ba:10:d3:ed:5b:c2:ce:
a2:07:2e:1d:b8:24:8d:4f:44:38:95:88:cf:3d:a1:
db:e9:f9:7a:08:b1:bf:fc:84:31:71:39:59:bc:5c:
c5:b5:ec:5f:af:f1:a1:87:7b:93:0d:da:a1:4e:0c:
d9:68:a8:2d:40:25:20:6b:a5:79:0b:04:87:73:0b:
81:ce:26:b4:23:3b:9e:38:45:06:a4:a5:ad:9f:2a:
7f:92:c6:00:b3:44:08:e0:41:97:5e:6b:48:87:97:
62:e8:c2:ce:9f:ba:f5:29:e1:30:ed:84:d7:a6:1c:
1e:11:9c:db:5a:6f:a4:27:99:3b:d7:4f:2b:86:2f:
ce:36:36:2e:a6:40:65:5d:d1:a6:61:86:bf:17:7f:
09:3a:05:51:e0:52:87:da:50:28:f5:4d:50:da:0d:
3e:56:ac:8d:51:e2:77:7d:96:49:7b:b9:9d:98:56:
19:86:68:fe:cd:30:23:1e:d1:f0:b1:5b:99:de:a5:
f6:52:af:91:c8:3d:c8:85:79:90:22:f4:cc:59:7a:
64:9b:8b:43:d1:78:45:da:a0:d5:52:2a:b4:4e:45:
7f:b7:aa:91:a0:f0:41:8b:46:c4:2e:8c:92:a5:15:
3b:f6:cf:ac:8e:19:e5:5c:39:24:c5:0b:a1:1b:8f:
f8:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:30:B9:D0:3B:35:27:AB:E7:EF:22:64:D4:86:65:29:54:B8:15:64
X509v3 Authority Key Identifier:
keyid:DE:45:6C:DB:4D:14:03:45:C3:DC:AE:BF:C7:63:4D:4E:7C:DC:B9:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3kVs200UA0XD3K6_x2NNTnzcuRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/hjC50Ds1J6vn7yJk1IZlKVS4FWQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/20cb33-e2bf-46aa-abfa-928e7bc69570/1/3kVs200UA0XD3K6_x2NNTnzcuRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.69.218.0/24
128.127.180.0/24
185.99.48.0/24
185.192.44.0/23
193.105.133.0/24
193.138.101.0/24
Signature Algorithm: sha256WithRSAEncryption
51:8d:9f:c6:36:7d:9a:ff:7b:20:69:f8:a5:c3:8a:04:0f:b0:
3f:b7:2f:35:08:e2:5b:b0:2e:8b:d9:ae:5c:39:5c:f2:79:92:
55:d0:32:02:91:97:b3:0b:f4:e6:cc:80:e7:19:bc:82:3e:99:
99:b7:d0:85:ab:79:04:dc:7d:5e:7a:a2:81:12:43:f2:f8:18:
20:69:7a:fb:db:f7:dc:be:63:3f:c3:6a:87:92:62:41:6b:d2:
ff:39:25:e3:59:d3:d4:dc:63:ae:35:41:8c:65:19:be:ef:2c:
9b:df:59:b9:75:3e:60:84:16:92:38:f0:00:c6:54:52:62:c0:
78:d4:10:47:f2:a6:76:04:de:99:72:a0:94:53:17:4e:85:5a:
19:a4:54:b5:81:6d:b4:87:e3:bc:fe:4b:e6:8e:d5:91:29:c8:
03:6d:38:c2:eb:3a:c4:b4:67:19:7d:0a:03:0c:6e:3a:d0:0c:
ff:0c:bf:b4:60:d7:a5:50:a9:8e:0b:8b:63:18:fe:36:49:34:
5d:06:dd:48:9e:5b:23:8d:56:7b:dc:a1:71:04:0d:f7:10:5a:
33:bb:92:57:c4:c7:34:6b:84:14:b6:65:59:a9:bc:f1:a8:83:
7e:e2:43:a8:02:2d:6b:f3:23:df:70:1d:5a:82:ff:39:da:b1:
4f:2f:3d:b7
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEDuwo/jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTQ1NmNkYjRkMTQwMzQ1YzNkY2FlYmZjNzYzNGQ0ZTdjZGNiOTEzMB4XDTIyMDEw
MTExMDAzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYzMGI5ZDAzYjM1
MjdhYmU3ZWYyMjY0ZDQ4NjY1Mjk1NGI4MTU2NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlGn1Bcsna6ENPtW8LOogcuHbgkjU9EOJWIzz2h2+n5egix
v/yEMXE5WbxcxbXsX6/xoYd7kw3aoU4M2WioLUAlIGuleQsEh3MLgc4mtCM7njhF
BqSlrZ8qf5LGALNECOBBl15rSIeXYujCzp+69SnhMO2E16YcHhGc21pvpCeZO9dP
K4YvzjY2LqZAZV3RpmGGvxd/CToFUeBSh9pQKPVNUNoNPlasjVHid32WSXu5nZhW
GYZo/s0wIx7R8LFbmd6l9lKvkcg9yIV5kCL0zFl6ZJuLQ9F4Rdqg1VIqtE5Ff7eq
kaDwQYtGxC6MkqUVO/bPrI4Z5Vw5JMULoRuP+KkCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBSGMLnQOzUnq+fvImTUhmUpVLgVZDAfBgNVHSMEGDAWgBTeRWzbTRQDRcPc
rr/HY01OfNy5EzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNrVnMyMDBVQTBYRDNLNl94Mk5OVG56Y3VSTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvMjBjYjMzLWUyYmYtNDZhYS1hYmZhLTkyOGU3YmM2OTU3MC8x
L2hqQzUwRHMxSjZ2bjd5SmsxSVpsS1ZTNEZXUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
MjBjYjMzLWUyYmYtNDZhYS1hYmZhLTkyOGU3YmM2OTU3MC8xLzNrVnMyMDBVQTBY
RDNLNl94Mk5OVG56Y3VSTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAG1F2gMEAIB/tAMEALljMAMEAbnA
LAMEAMFphQMEAMGKZTANBgkqhkiG9w0BAQsFAAOCAQEAUY2fxjZ9mv97IGn4pcOK
BA+wP7cvNQjiW7Aui9muXDlc8nmSVdAyApGXswv05syA5xm8gj6ZmbfQhat5BNx9
XnqigRJD8vgYIGl6+9v33L5jP8Nqh5JiQWvS/zkl41nT1NxjrjVBjGUZvu8sm99Z
uXU+YIQWkjjwAMZUUmLAeNQQR/KmdgTemXKglFMXToVaGaRUtYFttIfjvP5L5o7V
kSnIA204wus6xLRnGX0KAwxuOtAM/wy/tGDXpVCpjguLYxj+Nkk0XQbdSJ5bI41W
e9yhcQQN9xBaM7uSV8THNGuEFLZlWam88aiDfuJDqAIta/Mj33AdWoL/OdqxTy89
tw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:17 2024 by rpki-client on console-fra.rpki-client.org