Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/HBjOx9FCwulovrHurDrBzyqyqJA.roa
File: HBjOx9FCwulovrHurDrBzyqyqJA.roa (raw, json)
Hash identifier: TlSN/2+aRPZRwJXBcAUdd1kpjHRSWE52XiDgRnZm0uE=
Subject key identifier: 1C:18:CE:C7:D1:42:C2:E9:68:BE:B1:EE:AC:3A:C1:CF:2A:B2:A8:90
Certificate issuer: /CN=c54eac151ffa9e997aa2ee60f3b38132deccd49c
Certificate serial: 756FFA
Authority key identifier: C5:4E:AC:15:1F:FA:9E:99:7A:A2:EE:60:F3:B3:81:32:DE:CC:D4:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xU6sFR_6npl6ou5g87OBMt7M1Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/HBjOx9FCwulovrHurDrBzyqyqJA.roa
Signing time: Thu 24 Feb 2022 19:35:23 +0000
ROA not before: Thu 24 Feb 2022 19:35:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35617
IP address blocks: 185.225.128.0/22 maxlen: 24
109.239.240.0/20 maxlen: 24
85.204.42.0/24 maxlen: 24
212.81.60.0/22 maxlen: 24
86.104.135.0/24 maxlen: 24
178.132.88.0/21 maxlen: 24
185.59.132.0/22 maxlen: 24
2a04:e240::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7696378 (0x756ffa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c54eac151ffa9e997aa2ee60f3b38132deccd49c
Validity
Not Before: Feb 24 19:35:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c18cec7d142c2e968beb1eeac3ac1cf2ab2a890
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e2:35:ba:97:7c:68:ae:09:c9:9b:61:c8:34:
50:1e:13:2c:43:9c:b6:4a:08:32:16:c4:a9:07:b2:
28:6e:a6:b4:7f:fb:e4:ee:32:bf:90:07:cd:e7:92:
04:92:a4:55:a2:62:21:25:71:76:47:bc:fd:d1:11:
33:c9:ad:8f:a5:e6:02:32:1f:20:10:2a:70:76:76:
99:f0:65:98:67:b6:89:e2:da:64:74:b3:9e:25:32:
d7:34:39:17:b8:31:10:61:44:9b:a1:29:29:b1:17:
81:b7:36:bd:f8:8e:2b:64:4b:4b:e4:7e:61:f7:53:
ee:71:0c:12:30:39:c7:27:12:ea:7e:6d:34:d3:15:
00:0b:bb:db:d0:b2:99:21:ad:1b:1c:d2:57:45:e3:
ab:a1:d7:36:8b:c8:68:76:74:08:31:79:06:95:ea:
4d:a9:a2:0d:55:7c:00:18:97:7c:cd:de:af:e3:3d:
27:bb:31:26:b2:7d:73:67:2e:cc:2b:fb:dc:b9:0f:
ae:82:35:98:e2:fc:eb:21:1e:50:b5:d6:52:b1:49:
ef:a2:31:ed:aa:24:6e:14:40:ad:40:89:7e:d7:42:
d5:29:48:c9:9e:23:2a:1b:c8:e2:15:bb:8f:ba:53:
f9:1a:d4:1b:45:71:98:d4:8e:a9:c2:cf:e1:50:a3:
35:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:18:CE:C7:D1:42:C2:E9:68:BE:B1:EE:AC:3A:C1:CF:2A:B2:A8:90
X509v3 Authority Key Identifier:
keyid:C5:4E:AC:15:1F:FA:9E:99:7A:A2:EE:60:F3:B3:81:32:DE:CC:D4:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xU6sFR_6npl6ou5g87OBMt7M1Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/HBjOx9FCwulovrHurDrBzyqyqJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/049d6d-bc4e-4cfb-ba1e-773c91a28100/1/xU6sFR_6npl6ou5g87OBMt7M1Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.42.0/24
86.104.135.0/24
109.239.240.0/20
178.132.88.0/21
185.59.132.0/22
185.225.128.0/22
212.81.60.0/22
IPv6:
2a04:e240::/29
Signature Algorithm: sha256WithRSAEncryption
ce:5c:90:f1:25:46:03:ea:f4:7d:6e:d4:d6:ec:79:2d:0e:5b:
7a:f7:b5:be:bc:18:71:6b:96:44:b7:f9:13:01:77:e2:94:a9:
19:82:99:fd:7f:50:d5:9a:ec:99:5e:82:79:5d:23:72:0d:7c:
51:45:c2:5c:a6:72:3d:e4:b8:fd:17:39:61:1a:ea:72:ea:9c:
bf:c4:71:55:1f:8b:94:62:7a:f7:18:fa:ea:7d:63:2e:bf:a5:
cb:32:e3:0e:e5:2f:15:cb:ad:75:65:1e:04:09:04:9a:6c:32:
61:95:a2:40:bf:99:51:f1:81:dd:18:ed:9d:21:e2:8d:39:f7:
91:b5:02:4f:50:f1:eb:5b:2a:31:43:47:7b:7f:d1:5a:2e:1c:
72:ee:e9:3c:6a:25:d4:91:44:e9:ea:10:10:3d:e0:52:c2:1c:
97:a3:23:e2:e8:2e:f1:51:ca:42:05:ef:9c:c0:a0:88:54:2a:
41:7c:22:b3:f2:d5:c6:c7:88:69:61:12:ea:af:c3:c5:25:e9:
17:19:21:eb:06:34:6c:27:83:35:79:72:10:8e:18:9c:b7:98:
1a:e9:bc:b5:29:69:d3:8a:b5:e2:2f:98:8f:2a:cb:6d:5d:71:
f3:84:5c:d4:37:7a:4f:d4:66:83:52:68:00:48:99:fb:79:fc:
35:a1:db:f6
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIDdW/6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGM1
NGVhYzE1MWZmYTllOTk3YWEyZWU2MGYzYjM4MTMyZGVjY2Q0OWMwHhcNMjIwMjI0
MTkzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxYzE4Y2VjN2QxNDJj
MmU5NjhiZWIxZWVhYzNhYzFjZjJhYjJhODkwMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyOI1upd8aK4JyZthyDRQHhMsQ5y2SggyFsSpB7Iobqa0f/vk
7jK/kAfN55IEkqRVomIhJXF2R7z90REzya2PpeYCMh8gECpwdnaZ8GWYZ7aJ4tpk
dLOeJTLXNDkXuDEQYUSboSkpsReBtza9+I4rZEtL5H5h91PucQwSMDnHJxLqfm00
0xUAC7vb0LKZIa0bHNJXReOrodc2i8hodnQIMXkGlepNqaINVXwAGJd8zd6v4z0n
uzEmsn1zZy7MK/vcuQ+ugjWY4vzrIR5QtdZSsUnvojHtqiRuFECtQIl+10LVKUjJ
niMqG8jiFbuPulP5GtQbRXGY1I6pws/hUKM1bQIDAQABo4ICPDCCAjgwHQYDVR0O
BBYEFBwYzsfRQsLpaL6x7qw6wc8qsqiQMB8GA1UdIwQYMBaAFMVOrBUf+p6ZeqLu
YPOzgTLezNScMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
eFU2c0ZSXzZucGw2b3U1Zzg3T0JNdDdNMUp3LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wZS8wNDlkNmQtYmM0ZS00Y2ZiLWJhMWUtNzczYzkxYTI4MTAwLzEv
SEJqT3g5RkN3dWxvdnJIdXJEckJ6eXF5cUpBLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8w
NDlkNmQtYmM0ZS00Y2ZiLWJhMWUtNzczYzkxYTI4MTAwLzEveFU2c0ZSXzZucGw2
b3U1Zzg3T0JNdDdNMUp3LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIG
CCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQAVcwqAwQAVmiHAwQEbe/wAwQDsoRY
AwQCuTuEAwQCueGAAwQC1FE8MA0EAgACMAcDBQMqBOJAMA0GCSqGSIb3DQEBCwUA
A4IBAQDOXJDxJUYD6vR9btTW7HktDlt697W+vBhxa5ZEt/kTAXfilKkZgpn9f1DV
muyZXoJ5XSNyDXxRRcJcpnI95Lj9FzlhGupy6py/xHFVH4uUYnr3GPrqfWMuv6XL
MuMO5S8Vy611ZR4ECQSabDJhlaJAv5lR8YHdGO2dIeKNOfeRtQJPUPHrWyoxQ0d7
f9FaLhxy7uk8aiXUkUTp6hAQPeBSwhyXoyPi6C7xUcpCBe+cwKCIVCpBfCKz8tXG
x4hpYRLqr8PFJekXGSHrBjRsJ4M1eXIQjhict5ga6by1KWnTirXiL5iPKsttXXHz
hFzUN3pP1GaDUmgASJn7efw1odv2
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:52:46 2024 by rpki-client on console-ams.rpki-client.org