Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kHHAJyeAa8aIfQTwijlsimEOMyc.roa
File: kHHAJyeAa8aIfQTwijlsimEOMyc.roa (raw, json)
Hash identifier: Prtbq5z6ulJvDoTPjtp902ztlJsQ36zv1M//36PBwlc=
Subject key identifier: 90:71:C0:27:27:80:6B:C6:88:7D:04:F0:8A:39:6C:8A:61:0E:33:27
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0183E4CFF3E7868C3ADA5A614655516B7ECB
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kHHAJyeAa8aIfQTwijlsimEOMyc.roa
Signing time: Mon 17 Oct 2022 07:19:36 +0000
ROA not before: Mon 17 Oct 2022 07:19:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 195.133.82.0/24 maxlen: 24
185.72.9.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.181.0/24 maxlen: 24
194.87.90.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e4:cf:f3:e7:86:8c:3a:da:5a:61:46:55:51:6b:7e:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 17 07:19:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9071c02727806bc6887d04f08a396c8a610e3327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:a6:59:8c:31:9c:e1:90:58:18:d9:2d:1e:dd:
0b:01:3b:e5:22:fe:40:32:2c:66:df:29:34:71:45:
38:23:43:10:89:bb:70:31:d0:32:9a:28:f7:81:0e:
24:a8:a2:28:12:8b:3c:d7:56:67:66:da:14:51:1d:
a8:68:86:32:04:8f:17:63:14:3d:f6:72:5d:36:e8:
8c:e8:01:ae:71:29:5d:1e:4b:9f:30:5e:99:4d:c1:
7c:f7:25:a3:d1:f5:8b:59:e9:cd:b1:7f:69:7c:f4:
2c:b0:34:33:87:6f:14:0a:15:17:09:58:19:e1:80:
84:af:e3:22:67:85:19:e2:d7:ff:9d:39:c4:eb:8d:
60:2e:37:f6:6b:2f:9c:e3:10:44:aa:84:69:33:0d:
1f:ab:15:6e:1c:9a:35:ad:34:1e:25:35:04:21:f1:
80:47:81:d4:b4:33:80:14:e1:44:b5:1a:43:5a:b6:
66:16:25:5f:95:75:a6:54:e6:01:7f:b1:02:43:20:
f0:c4:70:08:34:b0:c2:30:1b:a6:24:32:7c:05:3b:
04:15:31:bd:76:51:35:e0:e4:64:46:7d:55:f1:ff:
e3:1e:2d:1c:70:fe:03:00:1c:c0:00:56:a7:3e:1f:
ae:e9:e9:57:20:b3:55:28:41:8b:db:bf:40:f0:c4:
c6:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:71:C0:27:27:80:6B:C6:88:7D:04:F0:8A:39:6C:8A:61:0E:33:27
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/kHHAJyeAa8aIfQTwijlsimEOMyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.9.0/24
194.87.73.0/24
194.87.90.0/24
194.87.181.0/24
194.87.198.0/24
195.133.82.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:76:62:f5:95:2c:e8:55:fe:a1:67:31:71:55:13:cb:98:7e:
4e:29:2d:2f:d7:d1:4f:1b:3e:13:a4:c9:6f:e2:f8:90:8e:23:
cf:92:25:e6:61:d1:86:e5:51:d4:b4:90:8f:f3:94:3b:fb:a1:
a5:5f:07:2e:10:4c:54:05:76:5b:70:88:4b:eb:0a:16:99:1c:
e2:3e:2c:fe:43:98:2c:b6:2c:b6:67:39:8e:1b:81:f4:0f:b4:
1b:56:a7:15:c1:33:0b:47:f0:f6:e6:22:7b:c7:73:a7:b4:cc:
b9:e7:7a:00:a0:3d:25:27:20:ce:96:4a:fc:8e:9f:9b:cd:76:
dc:a2:bf:69:a1:e1:f4:7f:76:31:df:bf:c5:04:e6:5a:b4:a3:
06:34:58:e8:5f:76:ee:11:6f:44:07:15:bb:b9:cd:5a:1c:fb:
51:40:72:48:45:64:9c:d7:d5:69:80:56:2b:d5:9f:f8:82:71:
62:3d:bd:62:b1:d6:4e:c9:35:9d:e6:3b:0c:ca:be:83:53:82:
bd:57:a9:ff:bd:fe:d5:8f:56:cb:38:f8:60:db:72:f8:47:dc:
1d:1a:07:1a:f8:9f:23:2d:6a:9b:65:36:fb:7e:99:d8:1c:ab:
cb:50:a5:13:88:93:90:18:b6:a1:b7:b9:93:46:67:be:55:40:
d0:39:10:36
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYPkz/Pnhow62lphRlVRa37LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjIxMDE3MDcxOTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDcxYzAyNzI3ODA2YmM2ODg3ZDA0ZjA4YTM5NmM4YTYxMGUzMzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg6ZZjDGc4ZBYGNktHt0LATvlIv5A
Mixm3yk0cUU4I0MQibtwMdAymij3gQ4kqKIoEos811ZnZtoUUR2oaIYyBI8XYxQ9
9nJdNuiM6AGucSldHkufMF6ZTcF89yWj0fWLWenNsX9pfPQssDQzh28UChUXCVgZ
4YCEr+MiZ4UZ4tf/nTnE641gLjf2ay+c4xBEqoRpMw0fqxVuHJo1rTQeJTUEIfGA
R4HUtDOAFOFEtRpDWrZmFiVflXWmVOYBf7ECQyDwxHAINLDCMBumJDJ8BTsEFTG9
dlE14ORkRn1V8f/jHi0ccP4DABzAAFanPh+u6elXILNVKEGL279A8MTGyQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFJBxwCcngGvGiH0E8Io5bIphDjMnMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEva0hIQUp5ZUFhOGFJZlFUd2lqbHNpbUVPTXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAuUgJAwQA
wldJAwQAwldaAwQAwle1AwQAwlfGAwQAw4VSMA0GCSqGSIb3DQEBCwUAA4IBAQAu
dmL1lSzoVf6hZzFxVRPLmH5OKS0v19FPGz4TpMlv4viQjiPPkiXmYdGG5VHUtJCP
85Q7+6GlXwcuEExUBXZbcIhL6woWmRziPiz+Q5gstiy2ZzmOG4H0D7QbVqcVwTML
R/D25iJ7x3OntMy553oAoD0lJyDOlkr8jp+bzXbcor9poeH0f3Yx37/FBOZatKMG
NFjoX3buEW9EBxW7uc1aHPtRQHJIRWSc19VpgFYr1Z/4gnFiPb1isdZOyTWd5jsM
yr6DU4K9V6n/vf7Vj1bLOPhg23L4R9wdGgca+J8jLWqbZTb7fpnYHKvLUKUTiJOQ
GLaht7mTRme+VUDQORA2
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:04 2023 by rpki-client on console-ams.rpki-client.org