Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/hhHhKGoseuzAJNIH1jaKZRMSRpA.roa
File: hhHhKGoseuzAJNIH1jaKZRMSRpA.roa (raw, json)
Hash identifier: NLwB4eW0hh4uLFaY8QXzug7kHhccxUqT0eWCd5CpgEY=
Subject key identifier: 86:11:E1:28:6A:2C:7A:EC:C0:24:D2:07:D6:36:8A:65:13:12:46:90
Certificate issuer: /CN=afcc1d30edeeab54b5812a990a943e3e8fe8391d
Certificate serial: 0184E12FAEC19FFCDC58E3300638FF1B8135
Authority key identifier: AF:CC:1D:30:ED:EE:AB:54:B5:81:2A:99:0A:94:3E:3E:8F:E8:39:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/hhHhKGoseuzAJNIH1jaKZRMSRpA.roa
Signing time: Mon 05 Dec 2022 07:28:29 +0000
ROA not before: Mon 05 Dec 2022 07:28:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199298
IP address blocks: 185.21.220.0/22 maxlen: 22
2a00:5c20::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:2f:ae:c1:9f:fc:dc:58:e3:30:06:38:ff:1b:81:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=afcc1d30edeeab54b5812a990a943e3e8fe8391d
Validity
Not Before: Dec 5 07:28:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8611e1286a2c7aecc024d207d6368a6513124690
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:cd:40:f9:9c:99:00:24:8a:62:63:45:ca:86:
8d:be:a1:e3:49:92:9c:5b:68:6c:a7:f5:3a:c6:d7:
f7:3a:33:de:db:fe:d0:04:80:66:02:f1:7c:ab:0a:
e5:07:3f:37:25:69:30:d6:68:c3:a1:b3:fa:2d:12:
d5:95:e6:b0:48:cb:0c:c9:e8:76:ae:bc:43:e7:4a:
06:f4:7c:81:4a:a3:b3:c4:be:49:2d:ff:de:4a:2c:
2a:fa:31:aa:3e:cd:cc:ac:80:06:8e:94:12:9f:78:
50:a6:57:bf:94:1c:66:56:f6:02:4f:93:fc:1e:b6:
d2:9b:aa:5f:c2:f6:d7:f3:43:75:e9:a3:32:37:c8:
3c:d1:c7:fb:42:6c:63:fc:96:2f:ab:73:6a:9b:65:
ae:5a:26:ca:77:33:b4:14:bb:c0:27:43:00:0b:93:
90:6e:c5:59:41:8c:93:1a:b9:7d:60:65:72:f1:ca:
5e:0a:50:38:bb:42:5c:b0:91:87:19:eb:46:a9:56:
1f:22:a7:60:2e:f1:fd:20:cb:5c:ca:5f:f7:21:64:
fa:bd:4a:a2:5a:9a:52:4f:18:0c:a4:18:46:19:70:
0a:c6:0b:b1:34:a8:f5:9b:87:96:43:f5:24:10:02:
79:5f:8e:4c:f2:ad:3e:ab:84:a3:2f:57:18:53:f7:
fe:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:11:E1:28:6A:2C:7A:EC:C0:24:D2:07:D6:36:8A:65:13:12:46:90
X509v3 Authority Key Identifier:
keyid:AF:CC:1D:30:ED:EE:AB:54:B5:81:2A:99:0A:94:3E:3E:8F:E8:39:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/hhHhKGoseuzAJNIH1jaKZRMSRpA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/0217c2-7354-4061-9ef7-a220fe6a2a25/1/r8wdMO3uq1S1gSqZCpQ-Po_oOR0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.21.220.0/22
IPv6:
2a00:5c20::/32
Signature Algorithm: sha256WithRSAEncryption
1d:8f:24:54:50:7d:2a:28:07:96:24:83:3c:6b:a6:48:4c:46:
3e:ba:70:d5:ae:e1:8f:1b:80:55:27:b7:88:3c:45:5d:d9:8a:
0a:a3:c0:0b:e4:93:32:47:39:ad:2b:0b:9e:b1:22:e7:ea:4f:
94:f6:48:8f:b6:7c:8e:4d:c9:cc:88:5a:07:15:b9:24:ba:b4:
a3:43:b3:e4:9e:d5:44:2b:50:0f:af:33:68:27:e6:9f:66:2c:
61:ae:ba:12:54:bc:90:fb:f4:5b:75:db:cb:1b:9c:49:b7:ab:
09:37:70:c2:e3:85:a3:eb:b3:9e:8e:7f:f7:f9:ad:ba:74:21:
4e:d7:eb:29:84:bb:35:4e:8e:51:42:1f:0a:f5:b6:7a:52:6f:
43:f2:e9:57:4a:d0:1b:81:52:82:22:c8:c8:24:00:25:60:be:
1f:a8:42:35:84:c4:0e:f0:9f:6d:5d:02:97:01:89:05:a1:86:
52:1b:64:f5:3e:b5:4e:75:fe:ae:f7:ec:2e:73:b7:24:ab:7d:
84:3b:6a:ca:73:87:34:3a:78:70:41:78:65:c3:5c:ba:a1:11:
6c:ce:f1:a4:a0:b6:67:04:c9:cc:16:76:f3:bb:07:cc:c5:33:
34:35:c0:7b:0a:dc:d1:39:f6:bd:27:60:1e:5f:2b:05:e3:d2:
43:90:8e:4f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYThL67Bn/zcWOMwBjj/G4E1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmY2MxZDMwZWRlZWFiNTRiNTgxMmE5OTBhOTQzZTNlOGZl
ODM5MWQwHhcNMjIxMjA1MDcyODI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjExZTEyODZhMmM3YWVjYzAyNGQyMDdkNjM2OGE2NTEzMTI0NjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzc1A+ZyZACSKYmNFyoaNvqHjSZKc
W2hsp/U6xtf3OjPe2/7QBIBmAvF8qwrlBz83JWkw1mjDobP6LRLVleawSMsMyeh2
rrxD50oG9HyBSqOzxL5JLf/eSiwq+jGqPs3MrIAGjpQSn3hQple/lBxmVvYCT5P8
HrbSm6pfwvbX80N16aMyN8g80cf7Qmxj/JYvq3Nqm2WuWibKdzO0FLvAJ0MAC5OQ
bsVZQYyTGrl9YGVy8cpeClA4u0JcsJGHGetGqVYfIqdgLvH9IMtcyl/3IWT6vUqi
WppSTxgMpBhGGXAKxguxNKj1m4eWQ/UkEAJ5X45M8q0+q4SjL1cYU/f+LwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIYR4ShqLHrswCTSB9Y2imUTEkaQMB8GA1UdIwQY
MBaAFK/MHTDt7qtUtYEqmQqUPj6P6DkdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjh3ZE1PM3VxMVMxZ1NxWkNwUS1Qb19vT1IwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8wMjE3YzItNzM1NC00MDYxLTllZjct
YTIyMGZlNmEyYTI1LzEvaGhIaEtHb3NldXpBSk5JSDFqYUtaUk1TUnBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8wMjE3YzItNzM1NC00MDYxLTllZjctYTIyMGZlNmEyYTI1
LzEvcjh3ZE1PM3VxMVMxZ1NxWkNwUS1Qb19vT1IwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuRXcMA0E
AgACMAcDBQAqAFwgMA0GCSqGSIb3DQEBCwUAA4IBAQAdjyRUUH0qKAeWJIM8a6ZI
TEY+unDVruGPG4BVJ7eIPEVd2YoKo8AL5JMyRzmtKwuesSLn6k+U9kiPtnyOTcnM
iFoHFbkkurSjQ7PkntVEK1APrzNoJ+afZixhrroSVLyQ+/RbddvLG5xJt6sJN3DC
44Wj67Oejn/3+a26dCFO1+sphLs1To5RQh8K9bZ6Um9D8ulXStAbgVKCIsjIJAAl
YL4fqEI1hMQO8J9tXQKXAYkFoYZSG2T1PrVOdf6u9+wuc7ckq32EO2rKc4c0Onhw
QXhlw1y6oRFszvGkoLZnBMnMFnbzuwfMxTM0NcB7CtzROfa9J2AeXysF49JDkI5P
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:41 2024 by rpki-client on console-ams.rpki-client.org