Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d6/bf17a6-d61b-493d-9a84-9bc55f62daba/1/hagHwk3h2HhhbjLaoyDsXEoTjVw.roa
File: hagHwk3h2HhhbjLaoyDsXEoTjVw.roa (raw, json)
Hash identifier: l1+Yd5Q7kYsASZ/l/fN5ZywLkNOLUh83jTbjtjn+EL0=
Subject key identifier: 85:A8:07:C2:4D:E1:D8:78:61:6E:32:DA:A3:20:EC:5C:4A:13:8D:5C
Certificate issuer: /CN=ff5a29ccda1dc8a8a163ac27781e8ec597e76db9
Certificate serial: 0BC1B4A0
Authority key identifier: FF:5A:29:CC:DA:1D:C8:A8:A1:63:AC:27:78:1E:8E:C5:97:E7:6D:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_1opzNodyKihY6wneB6OxZfnbbk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d6/bf17a6-d61b-493d-9a84-9bc55f62daba/1/hagHwk3h2HhhbjLaoyDsXEoTjVw.roa
Signing time: Sat 01 Jan 2022 16:02:48 +0000
ROA not before: Sat 01 Jan 2022 16:02:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205490
IP address blocks: 185.215.152.0/23 maxlen: 23
185.215.152.0/24 maxlen: 24
185.215.152.0/22 maxlen: 22
185.215.155.0/24 maxlen: 24
185.215.153.0/24 maxlen: 24
185.215.154.0/24 maxlen: 24
185.215.154.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197244064 (0xbc1b4a0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff5a29ccda1dc8a8a163ac27781e8ec597e76db9
Validity
Not Before: Jan 1 16:02:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85a807c24de1d878616e32daa320ec5c4a138d5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:ec:6e:a8:8d:39:bc:3b:5c:23:e4:56:bb:f0:
64:21:85:62:49:e1:97:8c:a2:ba:63:82:8c:01:f1:
c7:43:0d:ff:41:bc:23:44:7f:3e:4d:6e:67:22:02:
f6:e4:e5:0c:9b:95:0a:4d:32:b7:d8:f4:ec:cf:49:
0d:0e:61:0c:66:49:f8:14:0c:08:76:6e:e2:8e:0f:
37:38:bb:b9:a4:fd:a1:31:9c:53:58:55:bc:b4:d1:
ea:32:5d:90:6a:d3:2c:51:23:f3:fd:ae:51:e2:40:
96:43:96:06:79:0f:14:50:87:6c:9a:12:bc:35:6e:
97:f2:cb:af:23:19:73:89:d8:84:8a:31:04:6b:e5:
a7:6d:92:0c:33:a5:97:2e:d6:5a:ee:0c:85:99:8f:
90:a8:23:7b:f0:52:33:33:68:be:d3:01:c0:80:b7:
a0:ee:9d:86:d5:b1:23:fa:6f:ab:ad:04:78:4d:12:
fd:26:85:47:3c:41:1b:d7:27:ec:7f:4f:93:0d:02:
5f:31:bc:e7:4c:0c:c7:cd:d8:9d:80:0b:f7:2e:89:
f2:ab:11:88:f9:57:e5:f2:7f:de:c9:f0:75:cd:97:
62:67:01:49:9b:2e:de:b9:7b:cd:fc:2e:c3:dc:9f:
12:54:4f:0a:df:6d:21:c0:fe:13:4a:0a:78:a0:4b:
d2:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:A8:07:C2:4D:E1:D8:78:61:6E:32:DA:A3:20:EC:5C:4A:13:8D:5C
X509v3 Authority Key Identifier:
keyid:FF:5A:29:CC:DA:1D:C8:A8:A1:63:AC:27:78:1E:8E:C5:97:E7:6D:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_1opzNodyKihY6wneB6OxZfnbbk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/bf17a6-d61b-493d-9a84-9bc55f62daba/1/hagHwk3h2HhhbjLaoyDsXEoTjVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d6/bf17a6-d61b-493d-9a84-9bc55f62daba/1/_1opzNodyKihY6wneB6OxZfnbbk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.152.0/22
Signature Algorithm: sha256WithRSAEncryption
60:3a:42:ca:ab:70:02:72:95:8b:f0:66:ea:0e:8f:08:03:6b:
61:78:56:d4:80:0c:c5:86:1d:8c:64:53:52:71:5c:39:17:a9:
4d:68:9f:b1:24:ee:3b:12:1d:42:d9:56:a1:2d:90:96:3f:02:
34:36:74:91:45:e8:94:e3:3b:1c:3a:2c:94:63:41:fe:0d:ac:
d2:bf:b8:63:7b:08:f3:77:16:be:5c:1c:6c:78:0e:1a:7a:4e:
06:a4:7e:97:a5:55:b0:72:2f:06:30:a1:38:26:81:b4:8b:16:
15:cc:d4:d2:b9:a0:46:f9:3a:33:4a:6b:89:6e:18:b7:1b:ed:
19:3a:56:9d:8d:9f:c2:f1:bf:5b:1c:c0:a0:53:77:a4:86:e6:
4b:be:36:ca:04:6b:e4:65:34:5c:7a:49:1c:ec:f3:98:59:8f:
c5:06:5c:01:a4:6e:a0:4f:64:fc:27:4e:63:05:e4:01:b2:e9:
55:8d:bf:b5:c6:3b:8d:ed:be:fe:74:c6:b8:64:00:c1:82:43:
03:dd:9e:e3:a6:31:cc:ee:5e:a9:73:0a:27:f4:16:e0:4e:1a:
c7:9f:58:90:89:96:2e:fa:af:28:62:f7:80:66:ae:81:84:04:
d8:fc:e7:df:ff:54:c8:e3:42:43:95:cc:64:dd:a3:db:90:61:
ac:1b:ae:83
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC8G0oDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjVhMjljY2RhMWRjOGE4YTE2M2FjMjc3ODFlOGVjNTk3ZTc2ZGI5MB4XDTIyMDEw
MTE2MDI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVhODA3YzI0ZGUx
ZDg3ODYxNmUzMmRhYTMyMGVjNWM0YTEzOGQ1YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMXsbqiNObw7XCPkVrvwZCGFYknhl4yiumOCjAHxx0MN/0G8
I0R/Pk1uZyIC9uTlDJuVCk0yt9j07M9JDQ5hDGZJ+BQMCHZu4o4PNzi7uaT9oTGc
U1hVvLTR6jJdkGrTLFEj8/2uUeJAlkOWBnkPFFCHbJoSvDVul/LLryMZc4nYhIox
BGvlp22SDDOlly7WWu4MhZmPkKgje/BSMzNovtMBwIC3oO6dhtWxI/pvq60EeE0S
/SaFRzxBG9cn7H9Pkw0CXzG850wMx83YnYAL9y6J8qsRiPlX5fJ/3snwdc2XYmcB
SZsu3rl7zfwuw9yfElRPCt9tIcD+E0oKeKBL0usCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSFqAfCTeHYeGFuMtqjIOxcShONXDAfBgNVHSMEGDAWgBT/WinM2h3IqKFj
rCd4Ho7Fl+dtuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18xb3B6Tm9keUtpaFk2d25lQjZPeFpmbmJiay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDYvYmYxN2E2LWQ2MWItNDkzZC05YTg0LTliYzU1ZjYyZGFiYS8x
L2hhZ0h3azNoMkhoaGJqTGFveURzWEVvVGpWdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDYv
YmYxN2E2LWQ2MWItNDkzZC05YTg0LTliYzU1ZjYyZGFiYS8xL18xb3B6Tm9keUtp
aFk2d25lQjZPeFpmbmJiay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArnXmDANBgkqhkiG9w0BAQsFAAOC
AQEAYDpCyqtwAnKVi/Bm6g6PCANrYXhW1IAMxYYdjGRTUnFcORepTWifsSTuOxId
QtlWoS2Qlj8CNDZ0kUXolOM7HDoslGNB/g2s0r+4Y3sI83cWvlwcbHgOGnpOBqR+
l6VVsHIvBjChOCaBtIsWFczU0rmgRvk6M0priW4YtxvtGTpWnY2fwvG/WxzAoFN3
pIbmS742ygRr5GU0XHpJHOzzmFmPxQZcAaRuoE9k/CdOYwXkAbLpVY2/tcY7je2+
/nTGuGQAwYJDA92e46YxzO5eqXMKJ/QW4E4ax59YkImWLvqvKGL3gGaugYQE2Pzn
3/9UyONCQ5XMZN2j25BhrBuugw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:46:44 2024 by rpki-client on console-ams.rpki-client.org