Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/HbHQhmW3g9hIY_qHKIPSNUXUow4.roa
File: HbHQhmW3g9hIY_qHKIPSNUXUow4.roa (raw, json)
Hash identifier: Yc8rehzINvLdJpx6LyaiogZV9aj4qEb01hQZUFmhpbE=
Subject key identifier: 1D:B1:D0:86:65:B7:83:D8:48:63:FA:87:28:83:D2:35:45:D4:A3:0E
Certificate issuer: /CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Certificate serial: 01827DB09B1C73C8AA3B93FA38E3E42E74CB
Authority key identifier: 7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/HbHQhmW3g9hIY_qHKIPSNUXUow4.roa
Signing time: Mon 08 Aug 2022 13:41:42 +0000
ROA not before: Mon 08 Aug 2022 13:41:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30762
IP address blocks: 185.236.124.0/24 maxlen: 24
185.236.125.0/24 maxlen: 24
185.236.126.0/24 maxlen: 24
185.236.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7d:b0:9b:1c:73:c8:aa:3b:93:fa:38:e3:e4:2e:74:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a478c5aa226a278e8b1906f371c60cfc7d87e8e
Validity
Not Before: Aug 8 13:41:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1db1d08665b783d84863fa872883d23545d4a30e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:a3:a5:db:5f:30:75:77:58:f8:95:1c:ab:24:
2a:56:28:69:be:51:b2:29:77:d2:2d:a2:23:01:ea:
e3:fd:f1:3a:f1:6b:07:65:95:34:27:12:0d:b4:1a:
7f:7d:42:67:cf:53:6f:50:5f:de:a2:e0:d6:dc:82:
2e:bc:93:dc:c3:94:d1:e2:66:cd:e6:8e:66:8c:46:
bf:0d:c4:5a:77:48:5e:b1:15:29:7e:6e:32:db:26:
44:63:ba:2a:a0:f1:27:7d:75:b8:0f:4e:f6:08:f4:
ed:83:07:d7:55:5f:bd:01:37:f0:e8:a1:38:12:47:
7b:9d:64:8c:16:8a:6d:73:19:06:38:57:cb:ec:12:
bb:db:24:f3:48:cc:13:cc:f6:0e:4d:e6:e8:29:05:
49:07:a9:31:9b:22:8b:87:c7:c6:d3:cc:05:c7:07:
09:2a:8c:10:2e:34:d7:51:3d:a3:1c:b5:c5:22:6f:
41:6e:31:cd:1c:51:79:a1:db:b7:87:33:c7:f7:dd:
99:1c:2c:31:cb:8b:7a:05:16:52:63:b7:8a:72:83:
66:cd:6c:4e:60:ed:72:09:41:2b:29:0d:96:e1:79:
9e:ae:02:f5:5b:f6:57:39:ed:b4:27:67:5a:ce:3e:
65:5c:c7:97:66:63:8c:36:eb:98:28:28:11:d3:e8:
38:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B1:D0:86:65:B7:83:D8:48:63:FA:87:28:83:D2:35:45:D4:A3:0E
X509v3 Authority Key Identifier:
keyid:7A:47:8C:5A:A2:26:A2:78:E8:B1:90:6F:37:1C:60:CF:C7:D8:7E:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ekeMWqImonjosZBvNxxgz8fYfo4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/HbHQhmW3g9hIY_qHKIPSNUXUow4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/51a520-e08d-43b3-a6b0-d76ec9cc0d28/1/ekeMWqImonjosZBvNxxgz8fYfo4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.124.0/22
Signature Algorithm: sha256WithRSAEncryption
44:8f:43:b2:55:04:e6:0a:51:43:54:74:67:9f:b0:9f:ba:c7:
22:23:b7:e3:12:7f:a1:ec:8a:be:b6:a0:b2:4c:1e:15:76:ea:
5e:d3:0b:c7:ba:28:18:fd:94:ca:3c:30:8d:68:9b:12:ee:20:
5c:3c:37:df:20:24:7e:6e:5c:ea:3d:d2:90:a2:49:e6:77:da:
b2:30:9b:dc:c7:1b:9b:6c:07:af:84:3e:25:4f:fc:8e:da:9d:
db:cc:b5:3a:01:80:37:ff:ca:ef:f9:c4:b1:18:00:e5:c8:7f:
db:ff:88:0a:c4:95:6a:15:18:d4:cb:c8:aa:68:62:36:0f:75:
d6:c7:a5:7c:d1:07:8e:1e:87:2e:ad:0f:a5:e6:83:d2:2c:d7:
44:a6:de:e9:1f:30:f3:0a:a9:6e:bd:ee:b1:83:f3:c0:9c:07:
d4:88:fc:a1:41:b6:51:8e:09:8c:2d:34:10:dd:b8:bc:de:07:
c2:79:a9:ce:64:49:f7:b2:98:28:c2:81:97:05:a3:6e:e0:e6:
e3:ac:cd:34:40:94:dd:dd:67:ec:c8:4c:15:e2:00:82:db:f9:
5e:eb:f4:43:ab:4e:a7:32:5c:66:b6:db:a3:e7:82:93:1b:26:
03:de:ba:19:48:ce:e0:ec:d1:85:76:91:3f:86:1e:69:47:eb:
ff:59:36:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYJ9sJscc8iqO5P6OOPkLnTLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhNDc4YzVhYTIyNmEyNzhlOGIxOTA2ZjM3MWM2MGNmYzdk
ODdlOGUwHhcNMjIwODA4MTM0MTQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIxZDA4NjY1Yjc4M2Q4NDg2M2ZhODcyODgzZDIzNTQ1ZDRhMzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0qOl218wdXdY+JUcqyQqVihpvlGy
KXfSLaIjAerj/fE68WsHZZU0JxINtBp/fUJnz1NvUF/eouDW3IIuvJPcw5TR4mbN
5o5mjEa/DcRad0hesRUpfm4y2yZEY7oqoPEnfXW4D072CPTtgwfXVV+9ATfw6KE4
Ekd7nWSMFoptcxkGOFfL7BK72yTzSMwTzPYOTeboKQVJB6kxmyKLh8fG08wFxwcJ
KowQLjTXUT2jHLXFIm9BbjHNHFF5odu3hzPH992ZHCwxy4t6BRZSY7eKcoNmzWxO
YO1yCUErKQ2W4XmergL1W/ZXOe20J2dazj5lXMeXZmOMNuuYKCgR0+g4ZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2x0IZlt4PYSGP6hyiD0jVF1KMOMB8GA1UdIwQY
MBaAFHpHjFqiJqJ46LGQbzccYM/H2H6OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWtlTVdxSW1vbmpvc1pCdk54eGd6OGZZZm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC81MWE1MjAtZTA4ZC00M2IzLWE2YjAt
ZDc2ZWM5Y2MwZDI4LzEvSGJIUWhtVzNnOWhJWV9xSEtJUFNOVVhVb3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC81MWE1MjAtZTA4ZC00M2IzLWE2YjAtZDc2ZWM5Y2MwZDI4
LzEvZWtlTVdxSW1vbmpvc1pCdk54eGd6OGZZZm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuex8MA0G
CSqGSIb3DQEBCwUAA4IBAQBEj0OyVQTmClFDVHRnn7CfusciI7fjEn+h7Iq+tqCy
TB4Vdupe0wvHuigY/ZTKPDCNaJsS7iBcPDffICR+blzqPdKQoknmd9qyMJvcxxub
bAevhD4lT/yO2p3bzLU6AYA3/8rv+cSxGADlyH/b/4gKxJVqFRjUy8iqaGI2D3XW
x6V80QeOHocurQ+l5oPSLNdEpt7pHzDzCqluve6xg/PAnAfUiPyhQbZRjgmMLTQQ
3bi83gfCeanOZEn3spgowoGXBaNu4ObjrM00QJTd3WfsyEwV4gCC2/le6/RDq06n
Mlxmttuj54KTGyYD3roZSM7g7NGFdpE/hh5pR+v/WTZv
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:04 2023 by rpki-client on console-ams.rpki-client.org