Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Ho8DpJEh-rMwrlqN3T6gdOm0YHE.roa
File: Ho8DpJEh-rMwrlqN3T6gdOm0YHE.roa (raw, json)
Hash identifier: gHjl19mcYPj8cBwQy8MZUcQFnW9AUNf+dkfx+QC+8lY=
Subject key identifier: 1E:8F:03:A4:91:21:FA:B3:30:AE:5A:8D:DD:3E:A0:74:E9:B4:60:71
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018441FD4F2854A5E13F4FD4913A61D496FA
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Ho8DpJEh-rMwrlqN3T6gdOm0YHE.roa
Signing time: Fri 04 Nov 2022 09:33:50 +0000
ROA not before: Fri 04 Nov 2022 09:33:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 85.209.120.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:41:fd:4f:28:54:a5:e1:3f:4f:d4:91:3a:61:d4:96:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 4 09:33:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e8f03a49121fab330ae5a8ddd3ea074e9b46071
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:37:a4:e9:cb:44:92:5d:bb:03:b5:72:2b:9a:
80:e3:83:62:a8:ee:31:c2:4e:0a:b6:b0:6e:90:bf:
17:7c:28:0b:26:37:de:53:ff:eb:75:c5:86:d4:15:
17:c3:69:83:da:7e:af:66:47:6d:5d:95:dc:f2:9e:
5b:81:8f:d7:cb:ae:aa:10:04:22:51:d8:87:87:e8:
87:79:5b:58:88:16:c0:eb:62:96:2f:f6:02:20:84:
32:81:46:c9:d2:35:ba:69:45:eb:cd:d3:52:b7:bd:
c1:89:a3:26:58:aa:96:71:9a:b5:7e:05:e1:cc:79:
09:1e:50:be:c8:68:28:97:5e:79:e9:76:c8:91:c3:
e6:d2:e7:01:d7:2c:0d:a4:c9:61:ca:7d:b1:32:7b:
e1:c2:5f:22:de:49:46:4d:d6:e6:eb:5a:b3:24:c0:
98:f3:d1:f8:78:72:57:48:1c:c4:a5:e7:f7:8f:98:
56:e0:f4:e5:71:84:29:b6:67:77:e2:07:31:69:15:
43:a3:e6:55:f8:7e:5f:4d:7e:86:b8:94:6c:06:d5:
83:25:69:34:e0:97:99:69:a9:1e:e3:72:6d:2c:62:
03:a5:b3:fd:e4:be:b6:23:b3:2b:9d:42:2a:17:80:
8a:ef:ac:f7:a3:6f:85:58:a1:24:91:5b:6b:34:75:
83:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8F:03:A4:91:21:FA:B3:30:AE:5A:8D:DD:3E:A0:74:E9:B4:60:71
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/Ho8DpJEh-rMwrlqN3T6gdOm0YHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
a0:92:8a:40:06:17:70:5c:38:14:d5:06:86:bf:15:6b:ec:a9:
88:99:e9:2c:ef:88:6c:0a:f6:7d:3a:6d:02:14:41:a6:62:12:
b8:c9:23:44:10:16:cd:e1:82:65:69:8b:81:ee:95:ba:7e:6e:
07:9b:2e:bc:4e:db:13:8a:16:95:40:f8:26:43:c4:ef:d7:4d:
cb:ab:20:cd:cd:ed:d0:2f:4a:61:90:7f:3d:ff:96:1e:c5:17:
82:db:e6:4d:ad:ea:e8:79:cb:75:b8:8f:24:f2:07:5d:fd:46:
03:07:ce:d0:9c:45:34:27:ba:51:53:aa:0c:0b:72:4d:32:18:
9d:70:3b:6f:00:bd:85:bb:7e:af:6d:4e:b0:46:f4:df:b6:46:
c7:f8:7a:05:3a:5e:b1:97:62:10:37:9a:9c:1f:ad:37:f1:f6:
fc:5e:d4:36:2b:30:f0:ff:73:4d:db:e5:2d:c9:7f:dc:7e:35:
27:2f:63:42:6b:ae:f5:5b:26:91:18:59:92:5b:ea:4a:67:b4:
a3:d7:e6:a8:07:3d:fd:2e:82:31:59:03:43:12:41:9a:b8:27:
f9:7c:6c:ca:97:b7:b5:59:66:0a:13:e4:b5:c0:e3:ff:e2:23:
51:b6:c5:56:d6:38:fc:ac:09:56:9f:5c:cf:19:43:4a:63:f4:
bc:b8:78:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRB/U8oVKXhP0/UkTph1Jb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMTA0MDkzMzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZThmMDNhNDkxMjFmYWIzMzBhZTVhOGRkZDNlYTA3NGU5YjQ2MDcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizek6ctEkl27A7VyK5qA44NiqO4x
wk4KtrBukL8XfCgLJjfeU//rdcWG1BUXw2mD2n6vZkdtXZXc8p5bgY/Xy66qEAQi
UdiHh+iHeVtYiBbA62KWL/YCIIQygUbJ0jW6aUXrzdNSt73BiaMmWKqWcZq1fgXh
zHkJHlC+yGgol1556XbIkcPm0ucB1ywNpMlhyn2xMnvhwl8i3klGTdbm61qzJMCY
89H4eHJXSBzEpef3j5hW4PTlcYQptmd34gcxaRVDo+ZV+H5fTX6GuJRsBtWDJWk0
4JeZaake43JtLGIDpbP95L62I7MrnUIqF4CK76z3o2+FWKEkkVtrNHWDMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6PA6SRIfqzMK5ajd0+oHTptGBxMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSG84RHBKRWgtck13cmxxTjNUNmdkT20wWUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdF4MA0G
CSqGSIb3DQEBCwUAA4IBAQCgkopABhdwXDgU1QaGvxVr7KmImeks74hsCvZ9Om0C
FEGmYhK4ySNEEBbN4YJlaYuB7pW6fm4Hmy68TtsTihaVQPgmQ8Tv103LqyDNze3Q
L0phkH89/5YexReC2+ZNreroect1uI8k8gdd/UYDB87QnEU0J7pRU6oMC3JNMhid
cDtvAL2Fu36vbU6wRvTftkbH+HoFOl6xl2IQN5qcH6038fb8XtQ2KzDw/3NN2+Ut
yX/cfjUnL2NCa671WyaRGFmSW+pKZ7Sj1+aoBz39LoIxWQNDEkGauCf5fGzKl7e1
WWYKE+S1wOP/4iNRtsVW1jj8rAlWn1zPGUNKY/S8uHjb
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:20 2023 by rpki-client on console-ams.rpki-client.org