Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/hnqzwiJFM5pFY2-TeHCoVhv6nxw.roa
File: hnqzwiJFM5pFY2-TeHCoVhv6nxw.roa (raw, json)
Hash identifier: LsjS5w2OaVogGCWHktLDrVjFKjMOU6NUxa2daNuOTrQ=
Subject key identifier: 86:7A:B3:C2:22:45:33:9A:45:63:6F:93:78:70:A8:56:1B:FA:9F:1C
Certificate issuer: /CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Certificate serial: 0182EF4BDDD4F861777637FD5C4FF52C319B
Authority key identifier: 9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/hnqzwiJFM5pFY2-TeHCoVhv6nxw.roa
Signing time: Tue 30 Aug 2022 15:08:22 +0000
ROA not before: Tue 30 Aug 2022 15:08:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205199
IP address blocks: 194.35.182.0/24 maxlen: 24
194.35.78.0/24 maxlen: 24
194.35.95.0/24 maxlen: 24
194.35.92.0/24 maxlen: 24
185.157.168.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ef:4b:dd:d4:f8:61:77:76:37:fd:5c:4f:f5:2c:31:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f3720e970faa0e07f50a6389e7ae53afa439dab
Validity
Not Before: Aug 30 15:08:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=867ab3c22245339a45636f937870a8561bfa9f1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:2a:4d:f8:e7:99:2c:ab:7b:ab:57:fc:0a:ff:
8f:3d:71:9e:86:9e:4c:f4:0a:f8:11:6f:a7:01:79:
11:88:fb:6e:d9:cb:81:1a:20:7e:83:1c:4b:58:20:
0f:c4:5d:3e:ef:66:9e:bc:21:44:cc:b4:59:68:6f:
b7:cf:c1:aa:45:65:8a:ae:fc:72:ee:68:f5:ca:b0:
f7:0d:22:c3:6a:fa:ee:4f:c9:5c:e6:72:35:b3:38:
b0:50:e9:82:f5:11:34:4f:0d:6f:1a:11:5f:aa:bb:
72:b4:a3:d1:26:48:5e:75:70:c0:d7:f4:06:5e:aa:
e8:3d:42:08:53:c8:ec:ce:db:7d:03:6e:c9:f5:db:
d4:53:70:63:a2:d3:8d:2d:b9:8f:c6:49:98:9f:c0:
6c:39:f4:59:88:f1:a1:55:de:f9:25:98:86:62:24:
6b:3f:af:44:71:1d:c9:c0:60:28:ec:20:b9:da:3a:
b8:3f:06:10:0d:a6:f9:45:8f:ac:ce:29:cb:db:31:
db:70:93:f0:c5:91:d0:42:63:a9:b9:a7:8f:8f:a4:
01:f7:25:73:d2:2a:66:eb:1f:c2:7f:26:58:18:93:
af:5e:f2:4b:26:3c:77:92:32:d6:27:18:bf:d1:1f:
f6:1e:17:f1:0b:e0:b5:25:04:90:51:ed:d7:2c:a6:
7c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7A:B3:C2:22:45:33:9A:45:63:6F:93:78:70:A8:56:1B:FA:9F:1C
X509v3 Authority Key Identifier:
keyid:9F:37:20:E9:70:FA:A0:E0:7F:50:A6:38:9E:7A:E5:3A:FA:43:9D:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nzcg6XD6oOB_UKY4nnrlOvpDnas.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/hnqzwiJFM5pFY2-TeHCoVhv6nxw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/bb7c0e-ee68-4bf8-bb34-12e6a0d4318a/1/nzcg6XD6oOB_UKY4nnrlOvpDnas.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.168.0/22
194.35.78.0/24
194.35.92.0/24
194.35.95.0/24
194.35.182.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:73:e3:49:47:da:96:2d:70:c3:f6:ff:71:2c:c8:c6:2e:83:
e8:29:86:70:d4:c9:42:a6:dd:ec:a9:03:b2:3e:b4:e9:b9:63:
63:53:ab:5c:6a:80:9a:ae:49:7e:0d:25:bd:27:89:62:6d:1e:
9f:a1:a5:a9:bf:d6:4e:1c:71:36:66:e8:b9:73:e0:7e:aa:34:
91:48:62:88:ff:f7:e7:20:e5:d6:ab:db:8e:52:34:24:a4:7a:
4b:50:bc:fd:be:0e:3f:5e:fa:a0:0e:a5:e0:8b:c4:88:eb:6d:
2f:ad:9e:03:47:a3:4a:0f:48:62:bb:6e:33:3d:be:75:fa:0a:
63:03:9a:1e:4f:c4:77:f3:4b:9c:f2:56:9b:b9:5e:14:73:7b:
c7:02:ab:85:23:5c:f3:f8:99:b8:1d:fe:07:56:02:17:e1:60:
a4:12:dc:55:8b:60:5e:9b:ab:3c:04:e6:37:c4:74:dc:de:bc:
d8:9a:d5:d9:b7:b4:91:c1:35:01:87:68:c0:e5:4b:b3:64:04:
f1:90:39:dc:a3:da:6a:e8:10:1a:57:33:aa:ab:c2:3b:f3:65:
8c:e9:a4:cd:08:34:21:62:79:8b:8d:57:21:32:0b:52:48:9e:
52:e1:9b:7a:ae:ee:7c:d0:39:1b:20:ba:be:aa:84:e2:e5:49:
1c:3d:04:6a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYLvS93U+GF3djf9XE/1LDGbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmMzcyMGU5NzBmYWEwZTA3ZjUwYTYzODllN2FlNTNhZmE0
MzlkYWIwHhcNMjIwODMwMTUwODIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdhYjNjMjIyNDUzMzlhNDU2MzZmOTM3ODcwYTg1NjFiZmE5ZjFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkSpN+OeZLKt7q1f8Cv+PPXGehp5M
9Ar4EW+nAXkRiPtu2cuBGiB+gxxLWCAPxF0+72aevCFEzLRZaG+3z8GqRWWKrvxy
7mj1yrD3DSLDavruT8lc5nI1sziwUOmC9RE0Tw1vGhFfqrtytKPRJkhedXDA1/QG
XqroPUIIU8jsztt9A27J9dvUU3BjotONLbmPxkmYn8BsOfRZiPGhVd75JZiGYiRr
P69EcR3JwGAo7CC52jq4PwYQDab5RY+szinL2zHbcJPwxZHQQmOpuaePj6QB9yVz
0ipm6x/CfyZYGJOvXvJLJjx3kjLWJxi/0R/2HhfxC+C1JQSQUe3XLKZ84QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIZ6s8IiRTOaRWNvk3hwqFYb+p8cMB8GA1UdIwQY
MBaAFJ83IOlw+qDgf1CmOJ565Tr6Q52rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQt
MTJlNmEwZDQzMThhLzEvaG5xendpSkZNNXBGWTItVGVIQ29WaHY2bnh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9iYjdjMGUtZWU2OC00YmY4LWJiMzQtMTJlNmEwZDQzMThh
LzEvbnpjZzZYRDZvT0JfVUtZNG5ucmxPdnBEbmFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuZ2oAwQA
wiNOAwQAwiNcAwQAwiNfAwQAwiO2MA0GCSqGSIb3DQEBCwUAA4IBAQAOc+NJR9qW
LXDD9v9xLMjGLoPoKYZw1MlCpt3sqQOyPrTpuWNjU6tcaoCarkl+DSW9J4libR6f
oaWpv9ZOHHE2Zui5c+B+qjSRSGKI//fnIOXWq9uOUjQkpHpLULz9vg4/XvqgDqXg
i8SI620vrZ4DR6NKD0hiu24zPb51+gpjA5oeT8R380uc8labuV4Uc3vHAquFI1zz
+Jm4Hf4HVgIX4WCkEtxVi2Bem6s8BOY3xHTc3rzYmtXZt7SRwTUBh2jA5UuzZATx
kDnco9pq6BAaVzOqq8I782WM6aTNCDQhYnmLjVchMgtSSJ5S4Zt6ru580DkbILq+
qoTi5UkcPQRq
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:49 2024 by rpki-client on console-fra.rpki-client.org