Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/hbcS7vr7Y-8YAZ3V47lWn9P50dI.roa
File: hbcS7vr7Y-8YAZ3V47lWn9P50dI.roa (raw, json)
Hash identifier: BZqgPy7y76VnbMpCzADbFFFDsyNNBUhIBHiV7h9A0Og=
Subject key identifier: 85:B7:12:EE:FA:FB:63:EF:18:01:9D:D5:E3:B9:56:9F:D3:F9:D1:D2
Certificate issuer: /CN=8cf0b0b46a08d1e70fcbdd877ad939a0132e1269
Certificate serial: 029CBCBF
Authority key identifier: 8C:F0:B0:B4:6A:08:D1:E7:0F:CB:DD:87:7A:D9:39:A0:13:2E:12:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/hbcS7vr7Y-8YAZ3V47lWn9P50dI.roa
Signing time: Sat 01 Jan 2022 01:01:47 +0000
ROA not before: Sat 01 Jan 2022 01:01:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206255
IP address blocks: 185.174.196.0/24 maxlen: 24
185.174.199.0/24 maxlen: 24
185.174.198.0/24 maxlen: 24
185.174.197.0/24 maxlen: 24
2a11:b880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 43826367 (0x29cbcbf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cf0b0b46a08d1e70fcbdd877ad939a0132e1269
Validity
Not Before: Jan 1 01:01:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85b712eefafb63ef18019dd5e3b9569fd3f9d1d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:aa:94:e4:ab:d1:82:21:d9:92:c2:8a:e9:74:
d3:50:7e:68:3b:00:6b:5b:97:20:31:b0:74:44:9e:
f5:c8:a0:09:e6:fc:83:a5:44:e2:2d:23:ad:1c:e1:
18:c5:13:c6:70:ee:74:49:8a:5c:58:b4:ef:6b:93:
55:0b:52:1b:10:b1:82:60:d4:6a:59:24:a0:ee:72:
9a:60:55:5f:d9:9a:2a:56:51:c1:4b:87:cb:8b:a6:
56:53:b1:58:c1:40:ec:83:33:db:93:af:1d:76:62:
b5:2f:6f:67:dd:50:b8:23:de:99:a6:8d:5c:41:64:
c5:9e:a5:0f:b8:46:cf:61:2a:7d:06:9e:b7:ef:13:
f4:f4:17:84:c5:2c:23:08:7e:4d:f7:57:1d:9d:c0:
90:f7:37:65:f7:cf:58:15:27:de:ef:a9:c2:99:3a:
ec:ff:ee:87:4e:8d:9a:fe:2e:02:ac:98:9d:84:86:
fe:8f:e4:34:7a:0f:6e:78:93:09:6a:af:a5:be:65:
f9:7a:50:bd:99:79:6e:46:7b:98:05:73:4e:71:17:
cb:0a:86:f9:95:ad:49:67:21:e3:36:2e:7f:32:d2:
30:08:f3:cd:1d:fb:56:f4:b6:10:a0:a5:45:36:8d:
49:1f:c4:ce:bf:2c:ba:d6:81:b0:40:55:c7:ef:e9:
26:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B7:12:EE:FA:FB:63:EF:18:01:9D:D5:E3:B9:56:9F:D3:F9:D1:D2
X509v3 Authority Key Identifier:
keyid:8C:F0:B0:B4:6A:08:D1:E7:0F:CB:DD:87:7A:D9:39:A0:13:2E:12:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jPCwtGoI0ecPy92Hetk5oBMuEmk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/hbcS7vr7Y-8YAZ3V47lWn9P50dI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/488f90-224e-4634-967f-8f181d3a3e8f/1/jPCwtGoI0ecPy92Hetk5oBMuEmk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.174.196.0/22
IPv6:
2a11:b880::/29
Signature Algorithm: sha256WithRSAEncryption
d1:79:f1:3a:d8:1f:17:b1:6b:21:62:4b:90:37:ba:dd:1c:7e:
d1:80:e6:26:b7:dc:a0:35:54:c9:15:eb:67:7e:21:de:7b:bd:
96:df:35:cc:69:30:5a:11:b0:24:08:83:b8:ad:1c:f8:90:29:
64:38:5e:23:d3:67:d4:85:35:b2:22:f2:29:86:a9:ac:9f:c9:
c1:20:cf:e3:7d:60:fd:3b:e3:b3:68:a5:ff:01:f6:2c:0a:9f:
01:41:aa:83:eb:bf:55:67:0f:ce:41:a8:cd:40:18:88:ad:c2:
32:10:0d:58:4f:ba:b4:5e:f4:1e:df:4f:d7:67:26:b7:df:9f:
ad:78:2a:ce:34:7f:c8:7c:31:b1:a3:d9:4f:3c:c2:08:68:bd:
0a:d1:d1:d4:50:5b:82:8f:e9:1a:16:48:6c:bf:f1:d0:dc:22:
56:a9:9b:78:7b:3b:9e:37:6e:b0:54:84:72:c2:52:f0:17:6c:
ff:f2:2a:12:c7:78:3b:83:32:eb:b0:63:90:45:62:67:2f:fa:
f7:37:81:29:17:bc:d1:d6:f7:da:d5:d9:8e:6a:22:01:1b:3b:
bd:7a:ef:98:8b:d3:a6:4b:73:3e:c9:9c:30:4e:83:d2:76:12:
1c:af:59:86:6f:47:4a:0b:2e:4c:d9:75:61:b7:93:9c:fd:ee:
9a:04:e9:ac
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEApy8vzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Y2YwYjBiNDZhMDhkMWU3MGZjYmRkODc3YWQ5MzlhMDEzMmUxMjY5MB4XDTIyMDEw
MTAxMDE0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODViNzEyZWVmYWZi
NjNlZjE4MDE5ZGQ1ZTNiOTU2OWZkM2Y5ZDFkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN2qlOSr0YIh2ZLCiul001B+aDsAa1uXIDGwdESe9cigCeb8
g6VE4i0jrRzhGMUTxnDudEmKXFi072uTVQtSGxCxgmDUalkkoO5ymmBVX9maKlZR
wUuHy4umVlOxWMFA7IMz25OvHXZitS9vZ91QuCPemaaNXEFkxZ6lD7hGz2EqfQae
t+8T9PQXhMUsIwh+TfdXHZ3AkPc3ZffPWBUn3u+pwpk67P/uh06Nmv4uAqyYnYSG
/o/kNHoPbniTCWqvpb5l+XpQvZl5bkZ7mAVzTnEXywqG+ZWtSWch4zYufzLSMAjz
zR37VvS2EKClRTaNSR/Ezr8sutaBsEBVx+/pJvsCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSFtxLu+vtj7xgBndXjuVaf0/nR0jAfBgNVHSMEGDAWgBSM8LC0agjR5w/L
3Yd62TmgEy4SaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pQQ3d0R29JMGVjUHk5MkhldGs1b0JNdUVtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvNDg4ZjkwLTIyNGUtNDYzNC05NjdmLThmMTgxZDNhM2U4Zi8x
L2hiY1M3dnI3WS04WUFaM1Y0N2xXbjlQNTBkSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
NDg4ZjkwLTIyNGUtNDYzNC05NjdmLThmMTgxZDNhM2U4Zi8xL2pQQ3d0R29JMGVj
UHk5MkhldGs1b0JNdUVtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmuxDANBAIAAjAHAwUDKhG4gDAN
BgkqhkiG9w0BAQsFAAOCAQEA0XnxOtgfF7FrIWJLkDe63Rx+0YDmJrfcoDVUyRXr
Z34h3nu9lt81zGkwWhGwJAiDuK0c+JApZDheI9Nn1IU1siLyKYaprJ/JwSDP431g
/Tvjs2il/wH2LAqfAUGqg+u/VWcPzkGozUAYiK3CMhANWE+6tF70Ht9P12cmt9+f
rXgqzjR/yHwxsaPZTzzCCGi9CtHR1FBbgo/pGhZIbL/x0NwiVqmbeHs7njdusFSE
csJS8Bds//IqEsd4O4My67BjkEViZy/69zeBKRe80db32tXZjmoiARs7vXrvmIvT
pktzPsmcME6D0nYSHK9Zhm9HSgsuTNl1YbeTnP3umgTprA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:57 2024 by rpki-client on console-fra.rpki-client.org