Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/hXgYnf2-lzXIniOIQUjn3Fyc5X8.roa
File: hXgYnf2-lzXIniOIQUjn3Fyc5X8.roa (raw, json)
Hash identifier: Sx+aCDRQ2LCYXL2SsVwkwwgmjk5tpd9xONAjGrzI/Rc=
Subject key identifier: 85:78:18:9D:FD:BE:97:35:C8:9E:23:88:41:48:E7:DC:5C:9C:E5:7F
Certificate issuer: /CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9
Certificate serial: 0D6910C4
Authority key identifier: BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/hXgYnf2-lzXIniOIQUjn3Fyc5X8.roa
Signing time: Sat 01 Jan 2022 07:58:47 +0000
ROA not before: Sat 01 Jan 2022 07:58:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48944
IP address blocks: 91.232.72.0/23 maxlen: 23
185.222.120.0/22 maxlen: 22
185.222.120.0/24 maxlen: 24
185.222.123.0/24 maxlen: 24
185.222.122.0/24 maxlen: 24
185.222.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 224989380 (0xd6910c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb9b56d8d96ebcb5fcf87de2ec2b52c194ccf9f9
Validity
Not Before: Jan 1 07:58:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8578189dfdbe9735c89e23884148e7dc5c9ce57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8c:c8:2f:e9:c1:7a:ee:97:98:98:18:18:28:
14:70:c7:ff:12:ba:8c:29:d1:e4:d1:51:24:63:89:
c3:92:ca:20:47:f3:a9:61:70:6a:2a:d3:b2:27:3a:
19:c3:12:84:20:a6:fe:b8:c2:d4:0b:f0:62:12:82:
8c:55:f3:c5:9a:66:fc:13:36:8b:cb:84:87:21:4e:
33:3f:67:51:34:62:d1:0d:be:97:57:63:5d:df:5f:
a0:4f:e7:b8:db:3f:e9:50:df:d2:44:76:63:3a:ce:
cc:c9:db:93:83:4b:9e:a3:41:2d:0b:15:f7:95:9c:
5e:07:42:9f:bb:3b:b9:1e:5c:02:5f:0e:83:d3:04:
8a:be:56:7b:d7:18:44:73:41:11:0a:81:c1:13:52:
29:0d:dd:94:02:46:92:da:83:d5:2e:ca:da:07:bb:
03:5a:f1:66:20:c7:f3:b7:50:3b:99:49:dd:25:85:
6d:70:bd:82:c7:15:2e:5e:f1:a8:16:a9:7f:db:1e:
c5:14:51:df:87:ea:1e:46:3e:62:50:05:7d:50:e6:
03:bd:56:3c:20:83:50:ba:4f:57:5d:77:50:a1:f8:
ea:41:0c:47:c5:1f:13:61:f8:43:63:1a:17:03:7b:
fe:3f:4c:e2:26:7e:ed:8a:56:25:16:ca:0f:82:b3:
14:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:78:18:9D:FD:BE:97:35:C8:9E:23:88:41:48:E7:DC:5C:9C:E5:7F
X509v3 Authority Key Identifier:
keyid:BB:9B:56:D8:D9:6E:BC:B5:FC:F8:7D:E2:EC:2B:52:C1:94:CC:F9:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u5tW2NluvLX8-H3i7CtSwZTM-fk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/hXgYnf2-lzXIniOIQUjn3Fyc5X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/8f3942-17f7-493c-bc6b-4f4fe803b015/1/u5tW2NluvLX8-H3i7CtSwZTM-fk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.72.0/23
185.222.120.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:2c:76:88:22:37:7c:51:e9:68:4e:6d:63:67:d6:38:b7:4f:
e4:a1:31:2e:bc:cc:a4:80:25:0f:16:27:aa:2c:76:f6:99:79:
a6:bc:75:3d:e4:d7:d0:d4:7b:06:f6:41:40:6e:a8:eb:bd:c3:
2d:d5:0b:32:a4:c1:7b:44:e4:12:13:e4:08:14:9b:b1:ce:a3:
52:1f:ea:db:3f:dc:ec:cf:a7:19:56:20:d5:34:86:c8:72:bf:
9a:c1:20:5d:eb:7f:73:d4:ef:68:4a:79:29:a0:2e:2c:03:37:
15:9b:da:92:39:5f:52:d2:56:4a:03:69:7a:73:fa:94:d5:d3:
6e:8e:fc:86:93:08:6e:82:76:d8:d8:be:b3:d3:45:d2:84:31:
52:d4:3b:16:a4:24:1c:ac:06:1d:15:ef:48:86:52:d5:b4:d7:
95:47:9f:77:7d:07:7d:03:d4:cb:c9:9c:c2:4f:3a:f1:03:b9:
d5:68:ba:67:20:cd:be:1e:51:13:bb:2f:69:91:cc:49:45:f7:
3c:82:f3:5e:0c:8e:e1:a1:37:16:43:79:3b:e1:5a:33:76:a8:
26:06:22:77:b0:4e:06:69:76:da:65:15:6f:66:0b:a9:8d:81:
75:0e:1b:a1:1f:26:24:3c:2f:7e:13:c4:79:99:a5:ed:be:e1:
3d:34:35:bb
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEDWkQxDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjliNTZkOGQ5NmViY2I1ZmNmODdkZTJlYzJiNTJjMTk0Y2NmOWY5MB4XDTIyMDEw
MTA3NTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU3ODE4OWRmZGJl
OTczNWM4OWUyMzg4NDE0OGU3ZGM1YzljZTU3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKyMyC/pwXrul5iYGBgoFHDH/xK6jCnR5NFRJGOJw5LKIEfz
qWFwairTsic6GcMShCCm/rjC1AvwYhKCjFXzxZpm/BM2i8uEhyFOMz9nUTRi0Q2+
l1djXd9foE/nuNs/6VDf0kR2YzrOzMnbk4NLnqNBLQsV95WcXgdCn7s7uR5cAl8O
g9MEir5We9cYRHNBEQqBwRNSKQ3dlAJGktqD1S7K2ge7A1rxZiDH87dQO5lJ3SWF
bXC9gscVLl7xqBapf9sexRRR34fqHkY+YlAFfVDmA71WPCCDULpPV113UKH46kEM
R8UfE2H4Q2MaFwN7/j9M4iZ+7YpWJRbKD4KzFFUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBSFeBid/b6XNcieI4hBSOfcXJzlfzAfBgNVHSMEGDAWgBS7m1bY2W68tfz4
feLsK1LBlMz5+TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3U1dFcyTmx1dkxYOC1IM2k3Q3RTd1pUTS1may5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvOGYzOTQyLTE3ZjctNDkzYy1iYzZiLTRmNGZlODAzYjAxNS8x
L2hYZ1luZjItbHpYSW5pT0lRVWpuM0Z5YzVYOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
OGYzOTQyLTE3ZjctNDkzYy1iYzZiLTRmNGZlODAzYjAxNS8xL3U1dFcyTmx1dkxY
OC1IM2k3Q3RTd1pUTS1may5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVvoSAMEArneeDANBgkqhkiG9w0B
AQsFAAOCAQEArCx2iCI3fFHpaE5tY2fWOLdP5KExLrzMpIAlDxYnqix29pl5prx1
PeTX0NR7BvZBQG6o673DLdULMqTBe0TkEhPkCBSbsc6jUh/q2z/c7M+nGVYg1TSG
yHK/msEgXet/c9TvaEp5KaAuLAM3FZvakjlfUtJWSgNpenP6lNXTbo78hpMIboJ2
2Ni+s9NF0oQxUtQ7FqQkHKwGHRXvSIZS1bTXlUefd30HfQPUy8mcwk868QO51Wi6
ZyDNvh5RE7svaZHMSUX3PILzXgyO4aE3FkN5O+FaM3aoJgYid7BOBml22mUVb2YL
qY2BdQ4boR8mJDwvfhPEeZml7b7hPTQ1uw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:34 2024 by rpki-client on console-fra.rpki-client.org