Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/hXMLlhcuzZWM7FvdA2T_FgbJehA.roa
File: hXMLlhcuzZWM7FvdA2T_FgbJehA.roa (raw, json)
Hash identifier: +Np8JM8/lT372TOa0Ftv8c0aa7fypPuBuQdrcdJW8cY=
Subject key identifier: 85:73:0B:96:17:2E:CD:95:8C:EC:5B:DD:03:64:FF:16:06:C9:7A:10
Certificate issuer: /CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Certificate serial: 0181E8014218CE76F1A68527733F3F6A0054
Authority key identifier: 47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/hXMLlhcuzZWM7FvdA2T_FgbJehA.roa
Signing time: Sun 10 Jul 2022 12:06:45 +0000
ROA not before: Sun 10 Jul 2022 12:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206892
IP address blocks: 185.199.28.0/22 maxlen: 24
45.95.44.0/22 maxlen: 24
194.39.44.0/22 maxlen: 24
185.161.72.0/22 maxlen: 24
94.199.179.0/24 maxlen: 24
2a07:c280::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:e8:01:42:18:ce:76:f1:a6:85:27:73:3f:3f:6a:00:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4722aea0ef4c0667db819f5d5a3daea6399f038c
Validity
Not Before: Jul 10 12:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85730b96172ecd958cec5bdd0364ff1606c97a10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:bd:ba:69:d5:7e:d1:37:82:64:1c:4b:2e:3b:
d8:39:aa:1a:92:2f:d1:cb:24:a8:d4:97:96:7c:0b:
14:5d:28:75:3f:03:0f:dd:ee:2d:ca:9d:fe:47:f3:
b0:76:a3:68:df:76:56:df:91:b1:d8:59:70:67:4b:
ff:6f:fd:5c:0b:da:62:3d:e4:7c:b7:50:be:a0:e0:
66:d0:6f:3b:c9:4a:73:bb:a7:3c:b2:5b:69:3b:28:
a4:d0:92:83:ad:f9:88:8a:4b:cb:28:3d:40:1f:b6:
92:d2:4f:05:ac:45:da:16:34:a2:40:07:a1:d4:04:
28:b4:fb:fc:40:5c:65:a5:db:15:a3:f0:9a:af:4f:
6c:20:2e:f8:bc:e4:8a:a0:3f:91:82:03:1d:7c:25:
ae:6c:a5:d7:00:df:83:de:58:72:ce:5a:99:32:9a:
a7:66:ca:42:3c:01:31:d3:a6:22:de:8c:47:13:26:
36:7b:1b:67:94:10:55:71:69:9e:94:b5:8b:bc:20:
5f:37:b7:16:4e:e1:a6:92:66:cf:4a:b1:f4:05:d2:
78:3a:0a:d4:bf:08:70:0f:d4:60:ba:5e:72:5c:53:
66:81:fd:c7:6e:eb:55:7e:95:f9:2e:79:36:50:85:
88:8b:46:14:29:9e:34:e5:de:a4:cf:6c:1b:30:67:
c6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:73:0B:96:17:2E:CD:95:8C:EC:5B:DD:03:64:FF:16:06:C9:7A:10
X509v3 Authority Key Identifier:
keyid:47:22:AE:A0:EF:4C:06:67:DB:81:9F:5D:5A:3D:AE:A6:39:9F:03:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RyKuoO9MBmfbgZ9dWj2upjmfA4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/hXMLlhcuzZWM7FvdA2T_FgbJehA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/80c387-b20b-430a-a5e6-6e3074c6c663/1/RyKuoO9MBmfbgZ9dWj2upjmfA4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.44.0/22
94.199.179.0/24
185.161.72.0/22
185.199.28.0/22
194.39.44.0/22
IPv6:
2a07:c280::/32
Signature Algorithm: sha256WithRSAEncryption
6f:36:9b:6a:1c:ec:0f:f3:97:a4:b7:f4:9b:e0:73:04:3f:25:
a8:00:39:59:95:ae:c9:73:da:8c:fb:a7:c9:d1:04:2a:20:a0:
da:d2:bb:99:11:58:ef:bf:a7:18:61:80:bb:a1:11:d9:da:ca:
f1:23:11:f5:fc:66:62:c5:93:aa:6e:96:b6:a7:69:07:17:12:
ec:ff:ad:04:da:ee:54:b5:70:f9:37:8a:d8:7d:4d:8e:7f:07:
a5:08:a8:f8:a3:d5:5e:76:cb:72:65:a6:96:12:63:e8:ab:86:
13:91:65:83:d0:93:1e:15:07:4d:47:31:94:2f:e8:90:99:02:
9f:3b:d5:12:42:bd:d4:60:0f:08:cb:67:66:d0:92:44:88:08:
89:60:2b:40:0f:22:3b:33:08:f6:c4:25:e1:ef:10:57:3b:5b:
c0:f8:9b:fa:9c:bf:ad:1a:ae:f0:e5:46:bb:c1:61:13:e7:d4:
8d:83:80:e8:97:6c:d8:55:60:6b:42:38:a2:2b:d9:6a:cc:47:
bd:f2:6c:ac:b0:a1:c1:9e:48:b1:f8:fa:62:c6:b5:c5:0e:ba:
29:fa:04:5b:29:8a:fc:77:3c:c7:3b:99:86:9d:c8:1f:27:50:
f2:02:a7:eb:c1:39:28:13:8a:34:c4:8d:5f:f0:48:d1:bb:df:
ec:e2:d5:6d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYHoAUIYznbxpoUncz8/agBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3MjJhZWEwZWY0YzA2NjdkYjgxOWY1ZDVhM2RhZWE2Mzk5
ZjAzOGMwHhcNMjIwNzEwMTIwNjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTczMGI5NjE3MmVjZDk1OGNlYzViZGQwMzY0ZmYxNjA2Yzk3YTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgL26adV+0TeCZBxLLjvYOaoaki/R
yySo1JeWfAsUXSh1PwMP3e4typ3+R/OwdqNo33ZW35Gx2FlwZ0v/b/1cC9piPeR8
t1C+oOBm0G87yUpzu6c8sltpOyik0JKDrfmIikvLKD1AH7aS0k8FrEXaFjSiQAeh
1AQotPv8QFxlpdsVo/Car09sIC74vOSKoD+RggMdfCWubKXXAN+D3lhyzlqZMpqn
ZspCPAEx06Yi3oxHEyY2extnlBBVcWmelLWLvCBfN7cWTuGmkmbPSrH0BdJ4OgrU
vwhwD9Rgul5yXFNmgf3HbutVfpX5Lnk2UIWIi0YUKZ405d6kz2wbMGfGWQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFIVzC5YXLs2VjOxb3QNk/xYGyXoQMB8GA1UdIwQY
MBaAFEcirqDvTAZn24GfXVo9rqY5nwOMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYt
NmUzMDc0YzZjNjYzLzEvaFhNTGxoY3V6WldNN0Z2ZEEyVF9GZ2JKZWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi84MGMzODctYjIwYi00MzBhLWE1ZTYtNmUzMDc0YzZjNjYz
LzEvUnlLdW9POU1CbWZiZ1o5ZFdqMnVwam1mQTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLV8sAwQA
XsezAwQCuaFIAwQCucccAwQCwicsMA0EAgACMAcDBQAqB8KAMA0GCSqGSIb3DQEB
CwUAA4IBAQBvNptqHOwP85ekt/Sb4HMEPyWoADlZla7Jc9qM+6fJ0QQqIKDa0ruZ
EVjvv6cYYYC7oRHZ2srxIxH1/GZixZOqbpa2p2kHFxLs/60E2u5UtXD5N4rYfU2O
fwelCKj4o9VedstyZaaWEmPoq4YTkWWD0JMeFQdNRzGUL+iQmQKfO9USQr3UYA8I
y2dm0JJEiAiJYCtADyI7Mwj2xCXh7xBXO1vA+Jv6nL+tGq7w5Ua7wWET59SNg4Do
l2zYVWBrQjiiK9lqzEe98myssKHBnkix+PpixrXFDrop+gRbKYr8dzzHO5mGncgf
J1DyAqfrwTkoE4o0xI1f8EjRu9/s4tVt
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:32 2024 by rpki-client on console-fra.rpki-client.org