Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/h-r_DUclN_ubLWLUJ9w2XgvAoQ4.roa
File: h-r_DUclN_ubLWLUJ9w2XgvAoQ4.roa (raw, json)
Hash identifier: jF28iPp46Qurk2yYMqRoRwbZcS6YyfMzBinZKkYxguY=
Subject key identifier: 87:EA:FF:0D:47:25:37:FB:9B:2D:62:D4:27:DC:36:5E:0B:C0:A1:0E
Certificate issuer: /CN=1e952e883736f79cbd9c564704bf3c36621b8eca
Certificate serial: 1A1444B7
Authority key identifier: 1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/h-r_DUclN_ubLWLUJ9w2XgvAoQ4.roa
Signing time: Sat 01 Jan 2022 12:55:37 +0000
ROA not before: Sat 01 Jan 2022 12:55:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3250
IP address blocks: 185.14.156.0/22 maxlen: 22
2a03:b240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 437535927 (0x1a1444b7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e952e883736f79cbd9c564704bf3c36621b8eca
Validity
Not Before: Jan 1 12:55:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87eaff0d472537fb9b2d62d427dc365e0bc0a10e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:de:d5:a0:a8:f5:ad:ae:be:c7:6f:ae:16:c9:
2c:7f:ae:55:29:b8:2a:19:10:ca:79:1c:ca:2e:04:
3b:8a:9a:35:e1:2b:61:5e:c6:ad:bb:70:db:9c:f3:
32:c3:40:37:66:2a:51:1f:d8:fc:aa:89:fa:c2:7e:
06:11:18:02:64:48:94:e3:3f:47:33:7e:ad:d7:13:
ef:64:f8:5e:fb:48:72:22:43:77:93:e2:b0:c5:28:
1c:08:a5:cf:62:b4:59:13:96:19:ee:a1:99:1a:02:
e3:15:42:73:2a:8a:84:52:32:f2:9f:0b:aa:e0:82:
be:ca:b2:a0:de:04:ca:cd:0c:1d:96:d9:d2:88:3b:
ea:9a:1f:64:b5:1e:f9:79:3e:2f:c1:cf:4b:80:c2:
df:b3:5a:e3:c3:d5:62:b6:80:de:48:3e:3d:d8:23:
ef:8d:aa:4b:f0:9c:7f:d1:0f:25:6a:2b:bd:78:31:
1a:b5:7a:be:6a:1f:68:c7:97:51:b8:15:7e:d5:0b:
ba:33:e6:9a:44:39:2b:99:49:36:a2:42:e5:1a:dc:
1d:f8:55:97:8f:2d:01:f7:7a:05:df:96:b2:9b:51:
e6:01:1f:4b:74:6e:ac:31:81:63:88:c6:6c:74:2a:
80:56:64:ec:c3:88:05:af:c0:3e:6a:6a:1d:12:31:
59:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:EA:FF:0D:47:25:37:FB:9B:2D:62:D4:27:DC:36:5E:0B:C0:A1:0E
X509v3 Authority Key Identifier:
keyid:1E:95:2E:88:37:36:F7:9C:BD:9C:56:47:04:BF:3C:36:62:1B:8E:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpUuiDc295y9nFZHBL88NmIbjso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/h-r_DUclN_ubLWLUJ9w2XgvAoQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/b140ae-c047-4ff6-864f-3560356571a7/1/HpUuiDc295y9nFZHBL88NmIbjso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.14.156.0/22
IPv6:
2a03:b240::/32
Signature Algorithm: sha256WithRSAEncryption
6d:15:c2:45:dc:3d:3c:3e:4a:08:7c:5b:ea:3e:dc:1c:01:19:
e7:c5:6e:af:4a:3c:d8:87:d2:7e:6c:a2:7a:29:fe:48:a3:37:
9b:6d:cc:7c:2a:3f:2c:af:2f:2a:c3:e3:e5:d7:90:7b:26:f0:
c5:41:3f:8f:55:20:cf:44:2f:c4:68:e7:6b:d7:af:df:5c:0b:
92:78:22:13:5a:04:b6:01:b5:4b:ea:de:96:af:75:4f:09:05:
5e:e1:7f:8e:64:4e:72:8a:7f:0c:de:9a:ee:9c:9d:b2:f4:10:
8a:24:d0:fa:3d:00:bc:8b:c6:39:5d:0a:1c:d9:6c:30:20:d9:
2e:6b:5b:c3:32:8d:f1:2d:4f:55:e4:e1:dc:44:a1:6a:aa:cd:
a6:38:df:7d:3c:37:00:93:49:15:7b:6d:1f:04:2d:b9:62:e3:
be:db:e2:42:63:41:3c:28:9f:75:47:b9:2e:5b:68:1f:bb:97:
9b:85:66:54:e8:e7:48:57:4f:ac:3c:a1:9b:dd:de:1a:ec:ba:
a5:34:4a:b8:55:aa:c9:33:0f:ff:85:dd:dc:8f:6e:53:86:c9:
db:29:b9:a1:43:9b:e7:22:86:a4:ef:43:a0:b0:b6:8e:54:f7:
6f:63:07:9d:d9:3b:b2:56:13:93:71:a2:df:c9:b7:d0:0d:c9:
01:b5:79:45
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEGhREtzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
ZTk1MmU4ODM3MzZmNzljYmQ5YzU2NDcwNGJmM2MzNjYyMWI4ZWNhMB4XDTIyMDEw
MTEyNTUzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdlYWZmMGQ0NzI1
MzdmYjliMmQ2MmQ0MjdkYzM2NWUwYmMwYTEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMje1aCo9a2uvsdvrhbJLH+uVSm4KhkQynkcyi4EO4qaNeEr
YV7Grbtw25zzMsNAN2YqUR/Y/KqJ+sJ+BhEYAmRIlOM/RzN+rdcT72T4XvtIciJD
d5PisMUoHAilz2K0WROWGe6hmRoC4xVCcyqKhFIy8p8LquCCvsqyoN4Eys0MHZbZ
0og76pofZLUe+Xk+L8HPS4DC37Na48PVYraA3kg+Pdgj742qS/Ccf9EPJWorvXgx
GrV6vmofaMeXUbgVftULujPmmkQ5K5lJNqJC5RrcHfhVl48tAfd6Bd+WsptR5gEf
S3RurDGBY4jGbHQqgFZk7MOIBa/APmpqHRIxWc8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSH6v8NRyU3+5stYtQn3DZeC8ChDjAfBgNVHSMEGDAWgBQelS6INzb3nL2c
VkcEvzw2YhuOyjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hwVXVpRGMyOTV5OW5GWkhCTDg4Tm1JYmpzby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvYjE0MGFlLWMwNDctNGZmNi04NjRmLTM1NjAzNTY1NzFhNy8x
L2gtcl9EVWNsTl91YkxXTFVKOXcyWGd2QW9RNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
YjE0MGFlLWMwNDctNGZmNi04NjRmLTM1NjAzNTY1NzFhNy8xL0hwVXVpRGMyOTV5
OW5GWkhCTDg4Tm1JYmpzby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkOnDANBAIAAjAHAwUAKgOyQDAN
BgkqhkiG9w0BAQsFAAOCAQEAbRXCRdw9PD5KCHxb6j7cHAEZ58Vur0o82IfSfmyi
ein+SKM3m23MfCo/LK8vKsPj5deQeybwxUE/j1Ugz0QvxGjna9ev31wLkngiE1oE
tgG1S+relq91TwkFXuF/jmROcop/DN6a7pydsvQQiiTQ+j0AvIvGOV0KHNlsMCDZ
LmtbwzKN8S1PVeTh3EShaqrNpjjffTw3AJNJFXttHwQtuWLjvtviQmNBPCifdUe5
LltoH7uXm4VmVOjnSFdPrDyhm93eGuy6pTRKuFWqyTMP/4Xd3I9uU4bJ2ym5oUOb
5yKGpO9DoLC2jlT3b2MHndk7slYTk3Gi38m30A3JAbV5RQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:55 2023 by rpki-client on console-fra.rpki-client.org