Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/hCbSlSByefBjFrooXc2kiiR0hGs.roa
File: hCbSlSByefBjFrooXc2kiiR0hGs.roa (raw, json)
Hash identifier: HQoNVrrwQ4a2vVCxh7OnY/RJUqwygq9aLiExRuxwfiE=
Subject key identifier: 84:26:D2:95:20:72:79:F0:63:16:BA:28:5D:CD:A4:8A:24:74:84:6B
Certificate issuer: /CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Certificate serial: 018388825D81F96DBBA3AF68A74C5792AA5C
Authority key identifier: 29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/hCbSlSByefBjFrooXc2kiiR0hGs.roa
Signing time: Thu 29 Sep 2022 09:09:48 +0000
ROA not before: Thu 29 Sep 2022 09:09:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200837
IP address blocks: 185.95.28.0/23 maxlen: 23
2a05:1500::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:88:82:5d:81:f9:6d:bb:a3:af:68:a7:4c:57:92:aa:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2909fffcd81a66bc98b629d4c0579247645f0fe4
Validity
Not Before: Sep 29 09:09:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8426d295207279f06316ba285dcda48a2474846b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fd:a6:fd:65:4d:57:df:1a:05:1f:65:8c:c4:b1:
bc:65:7f:e2:81:05:c6:06:8c:d0:d0:31:60:37:53:
03:c7:35:34:1e:b6:6a:f3:7e:19:7a:c3:93:1b:79:
3f:41:de:aa:ba:c0:b0:4a:60:1d:33:69:6f:a0:f8:
0a:1d:3f:f3:9d:b5:da:b7:14:b0:31:7e:00:ea:27:
3f:52:c7:8a:c0:6d:09:d1:02:7d:c5:9c:6a:c7:e6:
fd:da:8f:cc:7e:b8:48:01:ef:72:e6:0a:20:be:76:
c3:5f:50:7c:7e:67:b2:5d:7d:02:a3:2b:92:64:d7:
41:ac:bc:e4:04:8e:8d:21:73:4b:28:58:de:4d:1f:
ff:09:2c:50:14:b4:f6:db:70:b6:34:7b:84:a3:4f:
0f:1d:72:b7:49:9a:24:73:53:92:6f:f6:d6:bb:9a:
5e:7a:e2:cd:9e:fe:67:75:cf:af:82:6a:bc:a7:65:
b1:71:1b:fb:f3:b3:7c:7f:c2:80:c4:fe:c0:04:f4:
98:94:71:71:a5:53:96:e0:41:68:16:66:30:86:e7:
96:1d:56:27:31:67:21:a5:6a:7c:dd:71:50:46:d0:
65:25:ba:22:bf:2f:38:27:96:f7:bd:04:54:98:f9:
06:d0:1b:7f:c7:71:3d:a7:ed:27:95:4c:31:9c:05:
5a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:26:D2:95:20:72:79:F0:63:16:BA:28:5D:CD:A4:8A:24:74:84:6B
X509v3 Authority Key Identifier:
keyid:29:09:FF:FC:D8:1A:66:BC:98:B6:29:D4:C0:57:92:47:64:5F:0F:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KQn__NgaZryYtinUwFeSR2RfD-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/hCbSlSByefBjFrooXc2kiiR0hGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/de3041-9536-492e-a9cd-f2ae7bc7ecc5/1/KQn__NgaZryYtinUwFeSR2RfD-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.28.0/23
IPv6:
2a05:1500::/40
Signature Algorithm: sha256WithRSAEncryption
86:50:0f:d5:6b:b2:4e:2f:a8:91:5e:a6:3d:ce:ae:aa:73:9e:
e3:12:0d:61:22:8b:34:a8:73:30:53:64:a1:87:5c:73:9b:68:
d6:90:99:29:e8:af:30:06:06:25:e4:b7:70:bd:e5:05:5e:39:
86:ec:31:2d:6f:a7:ad:b0:d7:f1:d9:20:21:c7:e5:3e:b9:27:
0f:2b:06:86:3a:4a:5f:c4:f6:30:11:4c:90:99:81:26:37:ee:
0e:0d:ef:96:f0:dc:da:3f:07:98:c0:e8:c3:b9:3c:84:1f:7c:
f0:cc:80:d8:ed:c4:12:55:8d:9c:a7:b9:0e:05:39:e9:2d:4b:
e4:df:e8:eb:29:d9:31:f7:51:f8:22:ae:b3:e6:8f:49:8d:ad:
ad:c5:64:49:dd:73:2a:d4:53:02:b3:80:61:88:3a:5e:4e:2f:
ce:51:cb:87:48:4d:15:9f:5a:1b:ce:d5:d2:94:50:74:c5:47:
01:b1:ff:08:de:a4:c1:4e:20:5f:e1:54:0b:60:0e:b7:aa:c1:
b0:71:54:1e:65:fe:77:7f:85:8e:21:3d:a5:3d:3d:40:5a:e2:
b4:fa:34:99:6f:68:ed:b9:8d:8c:42:db:88:77:38:67:0a:da:
17:c1:c7:c0:67:0a:54:17:be:54:05:32:fa:22:79:49:0b:74:
87:db:a6:69
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYOIgl2B+W27o69op0xXkqpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5MDlmZmZjZDgxYTY2YmM5OGI2MjlkNGMwNTc5MjQ3NjQ1
ZjBmZTQwHhcNMjIwOTI5MDkwOTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDI2ZDI5NTIwNzI3OWYwNjMxNmJhMjg1ZGNkYTQ4YTI0NzQ4NDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/ab9ZU1X3xoFH2WMxLG8ZX/igQXG
BozQ0DFgN1MDxzU0HrZq834ZesOTG3k/Qd6qusCwSmAdM2lvoPgKHT/znbXatxSw
MX4A6ic/UseKwG0J0QJ9xZxqx+b92o/MfrhIAe9y5gogvnbDX1B8fmeyXX0CoyuS
ZNdBrLzkBI6NIXNLKFjeTR//CSxQFLT223C2NHuEo08PHXK3SZokc1OSb/bWu5pe
euLNnv5ndc+vgmq8p2WxcRv787N8f8KAxP7ABPSYlHFxpVOW4EFoFmYwhueWHVYn
MWchpWp83XFQRtBlJboivy84J5b3vQRUmPkG0Bt/x3E9p+0nlUwxnAVahwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIQm0pUgcnnwYxa6KF3NpIokdIRrMB8GA1UdIwQY
MBaAFCkJ//zYGma8mLYp1MBXkkdkXw/kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2Qt
ZjJhZTdiYzdlY2M1LzEvaENiU2xTQnllZkJqRnJvb1hjMmtpaVIwaEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi9kZTMwNDEtOTUzNi00OTJlLWE5Y2QtZjJhZTdiYzdlY2M1
LzEvS1FuX19OZ2FacnlZdGluVXdGZVNSMlJmRC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuV8cMA4E
AgACMAgDBgAqBRUAADANBgkqhkiG9w0BAQsFAAOCAQEAhlAP1WuyTi+okV6mPc6u
qnOe4xINYSKLNKhzMFNkoYdcc5to1pCZKeivMAYGJeS3cL3lBV45huwxLW+nrbDX
8dkgIcflPrknDysGhjpKX8T2MBFMkJmBJjfuDg3vlvDc2j8HmMDow7k8hB988MyA
2O3EElWNnKe5DgU56S1L5N/o6ynZMfdR+CKus+aPSY2trcVkSd1zKtRTArOAYYg6
Xk4vzlHLh0hNFZ9aG87V0pRQdMVHAbH/CN6kwU4gX+FUC2AOt6rBsHFUHmX+d3+F
jiE9pT09QFritPo0mW9o7bmNjELbiHc4ZwraF8HHwGcKVBe+VAUy+iJ5SQt0h9um
aQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:15 2024 by rpki-client on console-fra.rpki-client.org