Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/hTz12Pi5LBM6avVBCc-uRTH7VAY.roa
File: hTz12Pi5LBM6avVBCc-uRTH7VAY.roa (raw, json)
Hash identifier: VrWtf0S9OMx6Af4wWbKIGNU54JGMpEVZNoeK9dQHzPI=
Subject key identifier: 85:3C:F5:D8:F8:B9:2C:13:3A:6A:F5:41:09:CF:AE:45:31:FB:54:06
Certificate issuer: /CN=5eafc60f4d3409fb46c8a5bf95d3981f14a143b0
Certificate serial: 10B3623A
Authority key identifier: 5E:AF:C6:0F:4D:34:09:FB:46:C8:A5:BF:95:D3:98:1F:14:A1:43:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xq_GD000CftGyKW_ldOYHxShQ7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/hTz12Pi5LBM6avVBCc-uRTH7VAY.roa
Signing time: Tue 19 Apr 2022 14:23:40 +0000
ROA not before: Tue 19 Apr 2022 14:23:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206460
IP address blocks: 185.186.71.0/24 maxlen: 24
185.186.69.0/24 maxlen: 24
185.186.70.0/24 maxlen: 24
185.186.68.0/24 maxlen: 24
185.186.68.0/22 maxlen: 22
109.205.16.0/24 maxlen: 24
109.205.16.0/21 maxlen: 21
109.205.17.0/24 maxlen: 24
109.205.18.0/24 maxlen: 24
109.205.19.0/24 maxlen: 24
109.205.20.0/24 maxlen: 24
185.201.186.0/24 maxlen: 24
185.201.184.0/22 maxlen: 22
109.205.23.0/24 maxlen: 24
185.201.185.0/24 maxlen: 24
109.205.21.0/24 maxlen: 24
185.201.184.0/24 maxlen: 24
109.205.22.0/24 maxlen: 24
185.201.187.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 280191546 (0x10b3623a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eafc60f4d3409fb46c8a5bf95d3981f14a143b0
Validity
Not Before: Apr 19 14:23:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=853cf5d8f8b92c133a6af54109cfae4531fb5406
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d2:8f:b8:06:3f:4b:85:ad:a7:68:af:ed:73:
3e:35:86:2f:79:da:96:51:3c:18:1f:67:07:1b:c5:
e7:59:60:bb:c4:95:70:60:4c:ac:e8:8a:fc:0b:23:
e3:0b:2c:b5:60:ab:66:b0:26:2e:92:d0:e9:5f:04:
3e:17:0d:16:61:05:c1:d6:c0:05:04:4c:59:8b:ce:
28:72:69:7a:6d:21:52:4f:b8:de:49:df:fe:92:27:
1d:23:8b:65:fa:11:b5:82:5f:06:32:f0:91:83:e4:
98:9e:c0:33:9a:b9:ff:a5:d6:26:87:c2:ce:37:31:
ed:43:82:f0:62:98:7f:94:a8:49:68:87:fd:a7:98:
14:b5:09:a4:22:4c:c6:6d:9d:cd:1d:8e:18:22:08:
60:de:31:76:19:40:aa:24:0c:be:b8:a3:46:ff:15:
82:3e:d1:60:73:3b:fa:8e:a6:c6:cf:f8:1f:0f:ec:
27:fc:8b:a3:a0:62:76:70:9c:c7:55:75:e5:ba:38:
71:df:be:4d:de:e4:68:c7:54:33:28:1c:07:ac:06:
a8:68:f0:70:d0:af:ef:46:05:93:5f:b3:35:50:bd:
1e:76:5e:f3:5e:4d:83:f8:23:42:60:17:39:eb:1a:
55:1e:7d:f7:f4:5c:91:c7:f7:c5:16:5b:34:43:f8:
21:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:3C:F5:D8:F8:B9:2C:13:3A:6A:F5:41:09:CF:AE:45:31:FB:54:06
X509v3 Authority Key Identifier:
keyid:5E:AF:C6:0F:4D:34:09:FB:46:C8:A5:BF:95:D3:98:1F:14:A1:43:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xq_GD000CftGyKW_ldOYHxShQ7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/hTz12Pi5LBM6avVBCc-uRTH7VAY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/6285f1-8c1d-4844-be0e-be8e651c51f6/1/Xq_GD000CftGyKW_ldOYHxShQ7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.16.0/21
185.186.68.0/22
185.201.184.0/22
Signature Algorithm: sha256WithRSAEncryption
81:dd:5e:11:f7:97:7e:77:30:fd:06:9e:fe:d1:c4:ba:6a:7b:
b9:33:3b:77:be:3e:0c:95:08:61:86:4e:c9:39:fc:78:df:f6:
73:fb:87:9f:a7:78:a5:77:31:e4:0f:3d:2b:34:eb:56:b1:75:
7d:de:aa:f0:a8:54:13:5f:6d:cf:60:1c:35:01:92:b6:e1:93:
57:a8:61:4c:4d:fa:9a:57:ac:f9:b0:50:ba:f1:5f:81:eb:14:
0f:2a:d8:3e:a6:ca:f5:8c:f6:6e:fd:45:62:54:3d:8b:7b:1a:
48:a4:29:b9:87:f4:61:04:ea:93:ce:7a:bd:d1:66:68:0d:10:
d1:bc:c5:75:90:cc:48:05:5e:dd:cd:37:04:5e:5b:8a:8c:55:
cb:39:43:86:59:c4:40:7e:d1:07:d9:01:95:37:87:5a:95:fb:
3c:2d:1e:42:0c:e8:8e:b2:12:7a:4c:4b:c3:c7:5d:53:ed:68:
d0:45:a5:91:72:8a:83:bf:dc:cb:0f:51:d4:38:34:a2:30:d4:
cc:eb:0a:8d:e4:8c:21:a0:62:2b:23:99:b2:26:98:b5:f9:ee:
e4:51:be:27:5d:53:4e:57:65:bc:34:55:a2:3e:f7:cc:e4:44:
02:a0:c1:8d:c9:04:9c:5d:a8:14:70:4e:82:9b:4a:c3:f4:ce:
40:ed:c4:f8
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEELNiOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZWFmYzYwZjRkMzQwOWZiNDZjOGE1YmY5NWQzOTgxZjE0YTE0M2IwMB4XDTIyMDQx
OTE0MjM0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUzY2Y1ZDhmOGI5
MmMxMzNhNmFmNTQxMDljZmFlNDUzMWZiNTQwNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMvSj7gGP0uFrador+1zPjWGL3nallE8GB9nBxvF51lgu8SV
cGBMrOiK/Asj4wsstWCrZrAmLpLQ6V8EPhcNFmEFwdbABQRMWYvOKHJpem0hUk+4
3knf/pInHSOLZfoRtYJfBjLwkYPkmJ7AM5q5/6XWJofCzjcx7UOC8GKYf5SoSWiH
/aeYFLUJpCJMxm2dzR2OGCIIYN4xdhlAqiQMvrijRv8Vgj7RYHM7+o6mxs/4Hw/s
J/yLo6BidnCcx1V15bo4cd++Td7kaMdUMygcB6wGqGjwcNCv70YFk1+zNVC9HnZe
815Ng/gjQmAXOesaVR599/Rckcf3xRZbNEP4IZUCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSFPPXY+LksEzpq9UEJz65FMftUBjAfBgNVHSMEGDAWgBRer8YPTTQJ+0bI
pb+V05gfFKFDsDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hxX0dEMDAwQ2Z0R3lLV19sZE9ZSHhTaFE3QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvNjI4NWYxLThjMWQtNDg0NC1iZTBlLWJlOGU2NTFjNTFmNi8x
L2hUejEyUGk1TEJNNmF2VkJDYy11UlRIN1ZBWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
NjI4NWYxLThjMWQtNDg0NC1iZTBlLWJlOGU2NTFjNTFmNi8xL1hxX0dEMDAwQ2Z0
R3lLV19sZE9ZSHhTaFE3QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA23NEAMEArm6RAMEArnJuDANBgkq
hkiG9w0BAQsFAAOCAQEAgd1eEfeXfncw/Qae/tHEump7uTM7d74+DJUIYYZOyTn8
eN/2c/uHn6d4pXcx5A89KzTrVrF1fd6q8KhUE19tz2AcNQGStuGTV6hhTE36mles
+bBQuvFfgesUDyrYPqbK9Yz2bv1FYlQ9i3saSKQpuYf0YQTqk856vdFmaA0Q0bzF
dZDMSAVe3c03BF5bioxVyzlDhlnEQH7RB9kBlTeHWpX7PC0eQgzojrISekxLw8dd
U+1o0EWlkXKKg7/cyw9R1Dg0ojDUzOsKjeSMIaBiKyOZsiaYtfnu5FG+J11TTldl
vDRVoj73zOREAqDBjckEnF2oFHBOgptKw/TOQO3E+A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:34 2023 by rpki-client on console-ams.rpki-client.org