Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/9HweqvHySsUvFarzdlmquAHIyeM.roa
File: 9HweqvHySsUvFarzdlmquAHIyeM.roa (raw, json)
Hash identifier: LlbEfXfOXM2WAXJacj4wdjldSjPmUiRys/DKn8LHjow=
Subject key identifier: F4:7C:1E:AA:F1:F2:4A:C5:2F:15:AA:F3:76:59:AA:B8:01:C8:C9:E3
Certificate issuer: /CN=3501772457e0f827b9e920b00cd114824a5fa621
Certificate serial: 0E771F9C
Authority key identifier: 35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/9HweqvHySsUvFarzdlmquAHIyeM.roa
Signing time: Sat 01 Jan 2022 09:59:14 +0000
ROA not before: Sat 01 Jan 2022 09:59:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200911
IP address blocks: 185.88.122.0/23 maxlen: 23
185.88.120.0/23 maxlen: 23
185.88.120.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 242687900 (0xe771f9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3501772457e0f827b9e920b00cd114824a5fa621
Validity
Not Before: Jan 1 09:59:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f47c1eaaf1f24ac52f15aaf37659aab801c8c9e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:bb:24:91:c4:1c:1b:7b:88:a4:10:44:0e:e1:
f0:5c:91:bf:83:9f:4a:ce:8f:41:5c:df:d3:e7:ef:
7a:19:c0:c6:51:39:2b:fe:b9:62:3f:8d:a3:08:ee:
3f:be:7b:d0:13:68:df:87:1c:c2:76:59:69:92:d9:
39:34:78:8d:ff:18:5f:76:d3:d6:12:8d:2f:de:28:
f3:b9:09:f8:fd:34:6d:f0:88:3e:87:42:e5:81:bc:
ca:7c:db:b7:62:a3:27:f9:70:ad:ad:e4:a1:fa:bf:
3a:6a:2c:ab:98:fb:60:9b:e3:3c:2f:c5:79:f9:9a:
22:0b:d2:65:a3:99:81:f7:7d:c9:e2:6b:f5:6a:92:
98:a7:da:e3:dd:0a:65:a2:63:a0:6c:e6:09:f1:5b:
c8:55:54:19:77:7b:a2:c6:aa:fc:09:ba:f3:06:ce:
de:d9:a6:d4:78:49:e0:d6:4f:f0:62:8a:7a:45:f4:
6e:fa:71:72:51:e3:d8:95:03:d3:1f:d8:e1:10:79:
0f:40:ca:46:a1:f5:29:38:d9:7a:ab:3e:c1:c1:25:
31:c9:cc:83:71:db:c8:23:b8:74:c0:85:af:be:ac:
6a:41:d2:2f:58:5c:1c:0f:30:7d:c3:e0:8b:37:0a:
e6:69:c6:34:4b:45:f7:06:0e:46:46:8c:6c:72:73:
f4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:7C:1E:AA:F1:F2:4A:C5:2F:15:AA:F3:76:59:AA:B8:01:C8:C9:E3
X509v3 Authority Key Identifier:
keyid:35:01:77:24:57:E0:F8:27:B9:E9:20:B0:0C:D1:14:82:4A:5F:A6:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NQF3JFfg-Ce56SCwDNEUgkpfpiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/9HweqvHySsUvFarzdlmquAHIyeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/903931-1698-41b7-af34-9dd82735da3d/1/NQF3JFfg-Ce56SCwDNEUgkpfpiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.120.0/22
Signature Algorithm: sha256WithRSAEncryption
18:b5:a3:a7:0a:6d:f1:5a:11:c8:c3:35:4f:48:8e:9d:3d:4e:
0c:c7:db:7e:4b:0a:5d:62:29:8b:f5:1f:67:28:49:0f:59:f1:
35:55:31:6c:a3:c3:6b:54:45:7f:77:74:f9:2b:64:25:e0:9d:
45:6b:3d:24:50:16:7b:70:32:aa:d1:e4:b2:8c:05:10:f9:2f:
37:b6:e9:8c:65:69:29:15:44:ba:24:ce:4d:cb:14:00:66:df:
0a:dc:a5:be:2e:70:d5:94:d9:54:44:00:93:d3:bc:b9:69:61:
e7:a2:04:77:f6:2a:05:83:48:09:ea:0d:08:48:5d:c5:13:1b:
b4:52:9c:d5:98:2f:34:7a:22:1a:0d:df:43:72:ac:a9:a3:cf:
b8:82:e1:14:44:1a:3c:1e:0a:2a:b3:04:45:b2:95:0c:99:c3:
f2:b2:c1:18:2f:19:9e:32:06:6f:e1:76:0f:8f:27:84:3a:ee:
a3:8c:57:01:73:a6:95:0f:fc:4b:c6:78:c9:4f:72:74:12:f5:
dc:cb:48:86:a1:fa:4a:f1:21:0c:e8:ba:47:0c:e2:fe:c2:6f:
69:e1:af:05:4c:3b:78:c8:32:78:c0:2a:72:e5:df:ba:de:92:
a3:41:27:fc:a0:ec:8c:73:df:80:31:0e:b3:b8:be:94:6b:57:
9d:a5:85:97
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDncfnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NTAxNzcyNDU3ZTBmODI3YjllOTIwYjAwY2QxMTQ4MjRhNWZhNjIxMB4XDTIyMDEw
MTA5NTkxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjQ3YzFlYWFmMWYy
NGFjNTJmMTVhYWYzNzY1OWFhYjgwMWM4YzllMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMS7JJHEHBt7iKQQRA7h8FyRv4OfSs6PQVzf0+fvehnAxlE5
K/65Yj+NowjuP7570BNo34ccwnZZaZLZOTR4jf8YX3bT1hKNL94o87kJ+P00bfCI
PodC5YG8ynzbt2KjJ/lwra3kofq/Omosq5j7YJvjPC/FefmaIgvSZaOZgfd9yeJr
9WqSmKfa490KZaJjoGzmCfFbyFVUGXd7osaq/Am68wbO3tmm1HhJ4NZP8GKKekX0
bvpxclHj2JUD0x/Y4RB5D0DKRqH1KTjZeqs+wcElMcnMg3HbyCO4dMCFr76sakHS
L1hcHA8wfcPgizcK5mnGNEtF9wYORkaMbHJz9MkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBT0fB6q8fJKxS8VqvN2Waq4AcjJ4zAfBgNVHSMEGDAWgBQ1AXckV+D4J7np
ILAM0RSCSl+mITAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05RRjNKRmZnLUNlNTZTQ3dETkVVZ2twZnBpRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvOTAzOTMxLTE2OTgtNDFiNy1hZjM0LTlkZDgyNzM1ZGEzZC8x
LzlId2Vxdkh5U3NVdkZhcnpkbG1xdUFISXllTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
OTAzOTMxLTE2OTgtNDFiNy1hZjM0LTlkZDgyNzM1ZGEzZC8xL05RRjNKRmZnLUNl
NTZTQ3dETkVVZ2twZnBpRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlYeDANBgkqhkiG9w0BAQsFAAOC
AQEAGLWjpwpt8VoRyMM1T0iOnT1ODMfbfksKXWIpi/UfZyhJD1nxNVUxbKPDa1RF
f3d0+StkJeCdRWs9JFAWe3AyqtHksowFEPkvN7bpjGVpKRVEuiTOTcsUAGbfCtyl
vi5w1ZTZVEQAk9O8uWlh56IEd/YqBYNICeoNCEhdxRMbtFKc1ZgvNHoiGg3fQ3Ks
qaPPuILhFEQaPB4KKrMERbKVDJnD8rLBGC8ZnjIGb+F2D48nhDruo4xXAXOmlQ/8
S8Z4yU9ydBL13MtIhqH6SvEhDOi6Rwzi/sJvaeGvBUw7eMgyeMAqcuXfut6So0En
/KDsjHPfgDEOs7i+lGtXnaWFlw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:15 2023 by rpki-client on console-fra.rpki-client.org