Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/hSFoOvsMFwaa05oNloISZzDwGZk.roa
File: hSFoOvsMFwaa05oNloISZzDwGZk.roa (raw, json)
Hash identifier: zNS3rPBDSRds12E5Fmb4dRDZ6v1xcSWSqo5tAcwgfn8=
Subject key identifier: 85:21:68:3A:FB:0C:17:06:9A:D3:9A:0D:96:82:12:67:30:F0:19:99
Certificate issuer: /CN=9fb6d4d987d004a00fa297e69c268eb75f3d9a40
Certificate serial: 2864
Authority key identifier: 9F:B6:D4:D9:87:D0:04:A0:0F:A2:97:E6:9C:26:8E:B7:5F:3D:9A:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7bU2YfQBKAPopfmnCaOt189mkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/hSFoOvsMFwaa05oNloISZzDwGZk.roa
Signing time: Tue 01 Feb 2022 03:39:28 +0000
ROA not before: Tue 01 Feb 2022 03:39:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210418
IP address blocks: 94.143.227.0/24 maxlen: 24
2a12:a780::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 10340 (0x2864)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb6d4d987d004a00fa297e69c268eb75f3d9a40
Validity
Not Before: Feb 1 03:39:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8521683afb0c17069ad39a0d9682126730f01999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1a:f1:21:0f:d6:20:bb:82:a0:67:3c:f8:43:
95:07:e5:6c:5c:36:b3:21:c6:a0:f7:ea:88:76:1f:
82:de:02:50:b8:ed:38:9d:41:00:65:78:99:ca:65:
9e:7b:ba:a6:c1:82:9d:fb:7e:a7:a7:d5:fa:92:de:
73:6a:d8:5f:07:24:01:4e:6f:95:44:39:44:81:93:
e3:52:b3:8f:38:d2:6c:d3:f9:ed:a3:5c:a9:18:b6:
08:63:e8:90:dd:c7:be:43:47:e0:75:d8:87:eb:90:
b5:45:f9:b8:2f:a5:17:c0:9a:b7:a1:ff:7b:4b:35:
82:7c:1e:c0:b8:66:5b:50:96:72:c7:74:db:4b:90:
2c:5d:c7:b1:76:65:82:64:64:c5:db:a8:34:15:96:
8b:6a:7f:be:83:cb:71:0b:23:22:87:65:cc:39:eb:
28:b0:90:48:ca:c3:9c:15:7a:81:3d:79:cc:5d:2c:
c0:0f:4e:e4:98:ed:25:dc:70:4e:ab:19:87:7c:fc:
94:05:c6:57:df:51:74:bd:a6:35:db:04:ba:e6:99:
84:cc:24:58:55:ae:64:59:c1:03:18:72:a9:97:6f:
3c:bf:30:60:ba:1b:81:2e:ef:b5:c4:4a:98:a5:23:
cc:4f:d7:c8:c0:3a:2a:65:7c:64:4d:c6:d4:7b:4d:
00:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:21:68:3A:FB:0C:17:06:9A:D3:9A:0D:96:82:12:67:30:F0:19:99
X509v3 Authority Key Identifier:
keyid:9F:B6:D4:D9:87:D0:04:A0:0F:A2:97:E6:9C:26:8E:B7:5F:3D:9A:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7bU2YfQBKAPopfmnCaOt189mkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/hSFoOvsMFwaa05oNloISZzDwGZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/02400f-7802-44e7-8527-8b291e26d1d9/1/n7bU2YfQBKAPopfmnCaOt189mkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.227.0/24
IPv6:
2a12:a780::/32
Signature Algorithm: sha256WithRSAEncryption
af:19:18:2b:4b:fc:d7:a6:a4:9d:c9:26:7e:3a:32:fa:6d:e0:
5c:4d:14:10:f6:a6:e3:61:dd:eb:59:8f:1f:c0:6b:4f:cc:80:
9a:09:a4:ca:57:e7:5d:cb:3d:6d:a9:7d:33:c4:fe:1b:33:f6:
8a:80:45:b3:a8:f0:8a:bd:3f:0e:37:a1:fd:16:85:0e:df:63:
8d:8f:d9:37:f1:b6:60:25:c7:69:a4:49:21:f2:a5:d0:e7:96:
96:b1:35:f1:7b:36:3b:76:ea:74:e6:01:2f:f8:e0:14:4c:08:
b1:7a:36:ef:b1:3e:bd:53:79:bc:17:84:e6:67:f8:af:20:e8:
a0:88:22:31:c8:b3:06:ea:cd:4e:39:01:88:e1:49:f7:a4:2b:
fb:b9:25:26:99:86:94:77:30:0b:51:0a:4d:78:a1:41:57:3b:
c6:b0:f9:57:94:33:d9:2b:c0:30:13:92:d1:40:3d:cb:0d:e2:
ec:7a:fa:d9:02:5a:74:2d:9a:bb:51:4e:60:4e:6f:49:09:af:
bb:5f:83:a0:eb:15:e7:fc:73:c0:44:81:89:2d:43:68:ac:52:
5d:47:46:c1:93:11:71:9d:87:dd:87:f0:08:37:71:fd:be:12:
89:25:62:c9:6a:bd:2e:c7:e9:58:99:08:73:a4:f7:e0:54:d0:
18:0e:48:6f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgICKGQwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoOWZi
NmQ0ZDk4N2QwMDRhMDBmYTI5N2U2OWMyNjhlYjc1ZjNkOWE0MDAeFw0yMjAyMDEw
MzM5MjhaFw0yMzA3MDEwMDAwMDBaMDMxMTAvBgNVBAMTKDg1MjE2ODNhZmIwYzE3
MDY5YWQzOWEwZDk2ODIxMjY3MzBmMDE5OTkwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDeGvEhD9Ygu4KgZzz4Q5UH5WxcNrMhxqD36oh2H4LeAlC47Tid
QQBleJnKZZ57uqbBgp37fqen1fqS3nNq2F8HJAFOb5VEOUSBk+NSs4840mzT+e2j
XKkYtghj6JDdx75DR+B12IfrkLVF+bgvpRfAmreh/3tLNYJ8HsC4ZltQlnLHdNtL
kCxdx7F2ZYJkZMXbqDQVlotqf76Dy3ELIyKHZcw56yiwkEjKw5wVeoE9ecxdLMAP
TuSY7SXccE6rGYd8/JQFxlffUXS9pjXbBLrmmYTMJFhVrmRZwQMYcqmXbzy/MGC6
G4Eu77XESpilI8xP18jAOiplfGRNxtR7TQCrAgMBAAGjggIYMIICFDAdBgNVHQ4E
FgQUhSFoOvsMFwaa05oNloISZzDwGZkwHwYDVR0jBBgwFoAUn7bU2YfQBKAPopfm
nCaOt189mkAwDgYDVR0PAQH/BAQDAgeAMGQGCCsGAQUFBwEBBFgwVjBUBggrBgEF
BQcwAoZIcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9u
N2JVMllmUUJLQVBvcGZtbkNhT3QxODlta0EuY2VyMIGNBggrBgEFBQcBCwSBgDB+
MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9E
RUZBVUxULzE4LzAyNDAwZi03ODAyLTQ0ZTctODUyNy04YjI5MWUyNmQxZDkvMS9o
U0ZvT3ZzTUZ3YWEwNW9ObG9JU1p6RHdHWmsucm9hMIGBBgNVHR8EejB4MHagdKBy
hnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzE4LzAy
NDAwZi03ODAyLTQ0ZTctODUyNy04YjI5MWUyNmQxZDkvMS9uN2JVMllmUUJLQVBv
cGZtbkNhT3QxODlta0EuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwLgYI
KwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABej+MwDQQCAAIwBwMFACoSp4AwDQYJ
KoZIhvcNAQELBQADggEBAK8ZGCtL/NempJ3JJn46Mvpt4FxNFBD2puNh3etZjx/A
a0/MgJoJpMpX513LPW2pfTPE/hsz9oqARbOo8Iq9Pw43of0WhQ7fY42P2TfxtmAl
x2mkSSHypdDnlpaxNfF7Njt26nTmAS/44BRMCLF6Nu+xPr1TebwXhOZn+K8g6KCI
IjHIswbqzU45AYjhSfekK/u5JSaZhpR3MAtRCk14oUFXO8aw+VeUM9krwDATktFA
PcsN4ux6+tkCWnQtmrtRTmBOb0kJr7tfg6DrFef8c8BEgYktQ2isUl1HRsGTEXGd
h92H8Ag3cf2+EoklYslqvS7H6ViZCHOk9+BU0BgOSG8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:50 2024 by rpki-client on console-fra.rpki-client.org