Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/hiTCFGcyXKP-gZbl5VXFCjSl0jE.roa
File: hiTCFGcyXKP-gZbl5VXFCjSl0jE.roa (raw, json)
Hash identifier: fIvXzMnVg+dnhhdu2yrwqjWxWVcacV/XBfYcAeC6Fmk=
Subject key identifier: 86:24:C2:14:67:32:5C:A3:FE:81:96:E5:E5:55:C5:0A:34:A5:D2:31
Certificate issuer: /CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Certificate serial: 018AB210A13C3C7533E3F821DED522678235
Authority key identifier: 62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/hiTCFGcyXKP-gZbl5VXFCjSl0jE.roa
Signing time: Wed 20 Sep 2023 10:09:08 +0000
ROA not before: Wed 20 Sep 2023 10:09:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206686
IP address blocks: 185.127.143.0/24 maxlen: 24
185.127.142.0/24 maxlen: 24
185.127.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:b2:10:a1:3c:3c:75:33:e3:f8:21:de:d5:22:67:82:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622ecc6cc5903aea0db61200f4ccd4f824cdd54f
Validity
Not Before: Sep 20 10:09:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8624c21467325ca3fe8196e5e555c50a34a5d231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:84:4a:6b:aa:da:18:fd:66:ee:3e:61:f4:80:
0a:cd:42:d6:47:89:a3:7f:ec:e5:0c:05:f1:9f:8a:
96:37:30:6a:01:8b:e0:15:c8:68:f1:a2:75:ae:1f:
32:c4:85:6a:9e:27:63:05:a3:40:85:73:f7:39:25:
5d:3f:01:7f:c9:aa:74:c0:d8:a6:9d:88:f4:11:c6:
4a:bf:3c:2d:15:4b:ff:b1:56:fc:c1:64:37:7a:27:
71:b1:1e:25:7c:fa:31:61:7b:98:d0:ba:22:76:90:
83:1e:f3:ab:6b:e5:f2:39:91:23:ef:ce:57:0e:8f:
7d:26:f2:1b:2d:1a:b8:d1:88:57:6b:05:15:c6:b6:
5a:f5:3d:77:cd:fb:d4:a5:94:18:29:90:8a:fd:c2:
cc:0d:14:dd:1c:9e:14:d4:1b:f1:97:2c:a5:9c:ae:
5c:1b:0a:4a:25:15:9b:26:20:19:cb:68:ef:9f:30:
73:90:2f:6c:05:78:e5:4b:e1:ee:f5:7b:9a:4f:1e:
fd:3e:76:0b:c4:54:57:4b:21:fb:90:72:54:34:7c:
84:31:ca:e9:6c:69:4f:c9:65:19:d9:7d:09:5c:22:
43:c5:5d:b3:6e:a6:63:07:e2:7c:e2:ce:53:e6:f2:
39:31:01:d5:4d:b8:d9:89:10:ba:ed:cd:f2:c1:75:
43:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:24:C2:14:67:32:5C:A3:FE:81:96:E5:E5:55:C5:0A:34:A5:D2:31
X509v3 Authority Key Identifier:
keyid:62:2E:CC:6C:C5:90:3A:EA:0D:B6:12:00:F4:CC:D4:F8:24:CD:D5:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yi7MbMWQOuoNthIA9MzU-CTN1U8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/hiTCFGcyXKP-gZbl5VXFCjSl0jE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/262a4b-c701-48dc-9ae5-346368827e68/1/Yi7MbMWQOuoNthIA9MzU-CTN1U8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.127.141.0-185.127.143.255
Signature Algorithm: sha256WithRSAEncryption
91:ce:f4:54:de:4a:b6:03:44:ec:b7:61:f7:14:d7:8c:3e:ea:
5e:ca:38:ae:8d:8c:31:3f:74:a9:34:0a:8e:5a:95:86:19:90:
1e:67:e0:59:dd:da:6a:a1:06:56:b2:39:22:91:1f:0d:c6:80:
8a:86:7b:2e:2f:bc:72:93:7f:05:4a:03:16:ed:10:cc:09:6f:
29:da:48:b0:e5:cd:6c:74:3d:e0:99:7f:b3:a9:ce:25:ad:2a:
dd:13:44:91:07:79:9a:dc:20:4f:09:40:34:f6:46:da:70:97:
99:d8:51:2f:4c:e4:48:4a:0f:8d:45:96:04:45:ca:ac:a6:a2:
8e:f5:8e:3d:e8:ea:8b:cf:54:a0:55:ce:32:69:99:c3:84:9c:
c4:ba:b3:51:84:bd:86:e8:d4:7d:3e:ea:b3:61:5f:e5:fd:53:
50:c6:a5:42:40:76:91:7e:1b:bc:aa:55:99:83:93:1a:2f:f8:
48:1c:70:2b:da:5b:a3:d3:ff:dd:7b:4e:fc:72:e2:48:a0:70:
16:f0:28:c2:ba:86:c1:91:b9:2a:f6:e9:a1:43:00:9a:e2:4e:
a7:0f:fa:b6:d1:32:6a:d6:1f:e9:75:59:19:05:48:0c:9e:e2:
f4:3c:0e:91:9b:f0:7b:23:0c:f2:25:7e:8a:a2:fb:53:e2:11:
03:83:d8:6f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYqyEKE8PHUz4/gh3tUiZ4I1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMmVjYzZjYzU5MDNhZWEwZGI2MTIwMGY0Y2NkNGY4MjRj
ZGQ1NGYwHhcNMjMwOTIwMTAwOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjI0YzIxNDY3MzI1Y2EzZmU4MTk2ZTVlNTU1YzUwYTM0YTVkMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIRKa6raGP1m7j5h9IAKzULWR4mj
f+zlDAXxn4qWNzBqAYvgFcho8aJ1rh8yxIVqnidjBaNAhXP3OSVdPwF/yap0wNim
nYj0EcZKvzwtFUv/sVb8wWQ3eidxsR4lfPoxYXuY0LoidpCDHvOra+XyOZEj785X
Do99JvIbLRq40YhXawUVxrZa9T13zfvUpZQYKZCK/cLMDRTdHJ4U1BvxlyylnK5c
GwpKJRWbJiAZy2jvnzBzkC9sBXjlS+Hu9XuaTx79PnYLxFRXSyH7kHJUNHyEMcrp
bGlPyWUZ2X0JXCJDxV2zbqZjB+J84s5T5vI5MQHVTbjZiRC67c3ywXVDvQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIYkwhRnMlyj/oGW5eVVxQo0pdIxMB8GA1UdIwQY
MBaAFGIuzGzFkDrqDbYSAPTM1PgkzdVPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUt
MzQ2MzY4ODI3ZTY4LzEvaGlUQ0ZHY3lYS1AtZ1pibDVWWEZDalNsMGpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8yNjJhNGItYzcwMS00OGRjLTlhZTUtMzQ2MzY4ODI3ZTY4
LzEvWWk3TWJNV1FPdW9OdGhJQTlNelUtQ1ROMVU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5f40D
BAS5f4AwDQYJKoZIhvcNAQELBQADggEBAJHO9FTeSrYDROy3YfcU14w+6l7KOK6N
jDE/dKk0Co5alYYZkB5n4Fnd2mqhBlayOSKRHw3GgIqGey4vvHKTfwVKAxbtEMwJ
bynaSLDlzWx0PeCZf7OpziWtKt0TRJEHeZrcIE8JQDT2Rtpwl5nYUS9M5EhKD41F
lgRFyqymoo71jj3o6ovPVKBVzjJpmcOEnMS6s1GEvYbo1H0+6rNhX+X9U1DGpUJA
dpF+G7yqVZmDkxov+EgccCvaW6PT/917Tvxy4kigcBbwKMK6hsGRuSr26aFDAJri
TqcP+rbRMmrWH+l1WRkFSAye4vQ8DpGb8HsjDPIlfoqi+1PiEQOD2G8=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:30:54 2025 by rpki-client