Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/hmN3jLAAUItDsiBbUbZ3ZKO5pAc.roa
File: hmN3jLAAUItDsiBbUbZ3ZKO5pAc.roa (raw, json)
Hash identifier: yparqYiiSTRKG1uhNuqqQsq75nL44vvaSoLGszj1JtA=
Subject key identifier: 86:63:77:8C:B0:00:50:8B:43:B2:20:5B:51:B6:77:64:A3:B9:A4:07
Certificate issuer: /CN=2cf6136315a52d5247124b7cf369aafb8312227e
Certificate serial: 0184860102B92A32DC21374403EB86FBC358
Authority key identifier: 2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/hmN3jLAAUItDsiBbUbZ3ZKO5pAc.roa
Signing time: Thu 17 Nov 2022 14:32:03 +0000
ROA not before: Thu 17 Nov 2022 14:32:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200735
IP address blocks: 85.208.237.0/24 maxlen: 24
85.208.236.0/24 maxlen: 24
2a09:8e40::/36 maxlen: 36
2a09:8e40:1000::/36 maxlen: 36
2a09:8e40:2000::/36 maxlen: 36
2a09:8e40:3000::/36 maxlen: 36
2a09:8e40:4000::/36 maxlen: 36
2a09:8e40:5000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:01:02:b9:2a:32:dc:21:37:44:03:eb:86:fb:c3:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cf6136315a52d5247124b7cf369aafb8312227e
Validity
Not Before: Nov 17 14:32:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8663778cb000508b43b2205b51b67764a3b9a407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a7:f3:71:69:e2:74:a1:b2:69:9b:3c:c7:e0:
74:a6:fc:26:c2:63:31:e7:b8:41:f8:48:81:eb:50:
79:c9:77:1e:20:ef:1f:bd:44:94:bc:3b:7d:37:9a:
a2:39:0f:91:21:a9:ec:02:fe:bd:5a:77:c4:00:0a:
85:51:74:77:c5:98:df:cd:f8:a4:6a:1c:6f:82:7a:
ce:d8:2f:fc:61:11:f8:83:5f:af:2b:08:fa:ce:a1:
20:b4:31:4c:82:6f:4c:70:54:12:11:6f:fc:aa:a1:
f7:c6:05:20:71:6c:69:0b:ce:f1:24:36:b7:b0:7b:
db:3a:58:f7:e9:84:82:25:29:40:a0:e9:ce:af:17:
b5:14:bc:96:b7:59:59:aa:cd:a4:e0:bc:da:0e:f2:
df:47:68:c7:6a:ba:5e:6c:bd:a2:ec:6e:9e:bf:ff:
a9:7b:7a:5e:12:d8:d1:0d:91:7f:a4:eb:50:31:c6:
65:bd:84:2c:33:fe:da:4d:75:96:86:c1:4c:5d:9b:
f0:cf:e9:09:25:cb:96:ce:b4:10:76:0f:aa:62:1f:
f8:6b:ea:fe:53:a1:07:7b:d8:e1:6e:84:db:23:86:
99:54:09:5c:73:12:05:b5:66:6a:a1:9e:56:a5:d5:
b3:28:42:b3:c5:9f:47:ae:5e:a7:f5:64:96:60:eb:
4c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:63:77:8C:B0:00:50:8B:43:B2:20:5B:51:B6:77:64:A3:B9:A4:07
X509v3 Authority Key Identifier:
keyid:2C:F6:13:63:15:A5:2D:52:47:12:4B:7C:F3:69:AA:FB:83:12:22:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LPYTYxWlLVJHEkt882mq-4MSIn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/hmN3jLAAUItDsiBbUbZ3ZKO5pAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/ca2213-e5a1-4ad2-8a22-768d3fb08e70/1/LPYTYxWlLVJHEkt882mq-4MSIn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.208.236.0/23
IPv6:
2a09:8e40::-2a09:8e40:5fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
16:7f:16:0d:b3:6c:dc:9a:30:b6:34:c6:f8:56:aa:92:9d:09:
a5:4a:7f:59:b5:39:4f:36:20:3d:ef:b2:7b:c3:b3:03:44:77:
be:bf:58:bc:62:83:e6:df:91:1f:90:28:73:c3:32:9f:43:b8:
da:f4:6b:bb:24:fc:04:89:b9:49:32:f3:68:99:5b:23:24:52:
25:3c:85:9c:2a:e1:68:3f:35:1f:be:ab:a8:ee:be:e0:68:90:
93:e2:5b:d4:18:22:f9:b0:aa:bb:a7:cb:87:3a:4a:2d:35:3d:
7c:49:e6:1e:8d:b3:30:b6:d6:ca:24:99:aa:36:4a:3a:b0:0b:
b9:36:22:ec:6d:ca:67:9d:88:e2:d1:23:25:d1:07:a1:0c:75:
71:f3:d3:04:1b:e4:c9:ee:24:71:e1:51:db:47:58:80:a2:c9:
85:eb:44:17:49:0d:81:7d:85:55:46:56:70:f3:87:3f:bb:86:
c0:b3:cd:0f:c0:d3:35:66:79:8c:e7:35:01:1a:7b:f9:3e:f3:
81:b2:d4:eb:50:96:bf:97:6f:31:cb:00:17:3e:3e:ad:8a:3e:
84:b5:f6:d8:a8:45:ff:07:72:7a:0e:4a:4f:e5:23:91:23:fb:
1a:56:be:d6:67:4e:57:6e:42:7e:ee:17:bf:7c:52:20:cc:e2:
94:76:3b:29
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYSGAQK5KjLcITdEA+uG+8NYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZjYxMzYzMTVhNTJkNTI0NzEyNGI3Y2YzNjlhYWZiODMx
MjIyN2UwHhcNMjIxMTE3MTQzMjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYzNzc4Y2IwMDA1MDhiNDNiMjIwNWI1MWI2Nzc2NGEzYjlhNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqfzcWnidKGyaZs8x+B0pvwmwmMx
57hB+EiB61B5yXceIO8fvUSUvDt9N5qiOQ+RIansAv69WnfEAAqFUXR3xZjfzfik
ahxvgnrO2C/8YRH4g1+vKwj6zqEgtDFMgm9McFQSEW/8qqH3xgUgcWxpC87xJDa3
sHvbOlj36YSCJSlAoOnOrxe1FLyWt1lZqs2k4LzaDvLfR2jHarpebL2i7G6ev/+p
e3peEtjRDZF/pOtQMcZlvYQsM/7aTXWWhsFMXZvwz+kJJcuWzrQQdg+qYh/4a+r+
U6EHe9jhboTbI4aZVAlccxIFtWZqoZ5WpdWzKEKzxZ9Hrl6n9WSWYOtMQwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIZjd4ywAFCLQ7IgW1G2d2SjuaQHMB8GA1UdIwQY
MBaAFCz2E2MVpS1SRxJLfPNpqvuDEiJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjIt
NzY4ZDNmYjA4ZTcwLzEvaG1OM2pMQUFVSXREc2lCYlViWjNaS081cEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9jYTIyMTMtZTVhMS00YWQyLThhMjItNzY4ZDNmYjA4ZTcw
LzEvTFBZVFl4V2xMVkpIRWt0ODgybXEtNE1TSW40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQBVdDsMBcE
AgACMBEwDwMFBioJjkADBgUqCY5AQDANBgkqhkiG9w0BAQsFAAOCAQEAFn8WDbNs
3JowtjTG+Faqkp0JpUp/WbU5TzYgPe+ye8OzA0R3vr9YvGKD5t+RH5Aoc8Myn0O4
2vRruyT8BIm5STLzaJlbIyRSJTyFnCrhaD81H76rqO6+4GiQk+Jb1Bgi+bCqu6fL
hzpKLTU9fEnmHo2zMLbWyiSZqjZKOrALuTYi7G3KZ52I4tEjJdEHoQx1cfPTBBvk
ye4kceFR20dYgKLJhetEF0kNgX2FVUZWcPOHP7uGwLPND8DTNWZ5jOc1ARp7+T7z
gbLU61CWv5dvMcsAFz4+rYo+hLX22KhF/wdyeg5KT+UjkSP7Gla+1mdOV25Cfu4X
v3xSIMzilHY7KQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:53:21 2024 by rpki-client on console-ams.rpki-client.org