Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/hD5R9HFmsWhbwQESvOUKGa1K9Ik.roa
File: hD5R9HFmsWhbwQESvOUKGa1K9Ik.roa (raw, json)
Hash identifier: iOaqiumfX45eIexuJ9V+2jzcwuxkxwVQEFko1zdYnZk=
Subject key identifier: 84:3E:51:F4:71:66:B1:68:5B:C1:01:12:BC:E5:0A:19:AD:4A:F4:89
Certificate issuer: /CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Certificate serial: 300F5C6F
Authority key identifier: FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/hD5R9HFmsWhbwQESvOUKGa1K9Ik.roa
Signing time: Sat 01 Jan 2022 02:01:01 +0000
ROA not before: Sat 01 Jan 2022 02:01:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199346
IP address blocks: 185.12.158.0/23 maxlen: 24
81.24.248.0/21 maxlen: 24
2a03:2240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 806313071 (0x300f5c6f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff4705a363dc1d8d0ea51c9b9a1ecbd3807bd054
Validity
Not Before: Jan 1 02:01:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=843e51f47166b1685bc10112bce50a19ad4af489
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ab:8e:6d:08:96:89:46:1f:e5:f3:ac:7b:56:
8e:de:d8:96:82:8d:0e:61:2c:10:13:1b:57:23:ad:
15:6a:5b:5a:64:cf:f2:56:34:57:57:76:d7:7c:87:
b8:90:be:85:e9:de:6a:f6:87:84:66:8b:79:c9:e1:
c8:e4:91:46:1e:6d:e6:61:73:4b:53:4f:1e:e1:c1:
bb:8f:14:59:92:6c:b4:09:ab:82:ca:4e:ed:9a:62:
18:13:cd:b7:32:5d:66:30:b4:09:1e:af:a4:20:0f:
89:67:a7:a8:f2:ad:53:77:1c:69:f2:e0:5a:64:81:
37:cb:9c:26:17:44:d8:6a:b5:0e:6a:83:49:9b:eb:
0f:1a:c8:56:31:47:2a:f3:47:d1:81:7e:a6:72:e8:
67:68:f4:94:9e:24:5b:2a:5b:ae:34:cd:d3:3f:62:
bd:ba:2a:e8:a3:ee:a8:08:bf:21:15:aa:2d:b5:f8:
7f:a5:bc:ea:4e:a9:a5:05:13:02:f5:8f:70:24:84:
6b:2d:89:63:08:0b:ca:20:bb:f2:9d:19:fb:b2:11:
dc:aa:9b:9a:2d:26:41:98:37:da:d1:53:04:d1:e0:
e9:7b:6c:fb:16:30:ca:f1:d1:b3:6f:a0:89:bf:e6:
4c:0c:44:6f:8d:50:b8:f8:94:9f:5b:9c:b5:be:cf:
ac:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:3E:51:F4:71:66:B1:68:5B:C1:01:12:BC:E5:0A:19:AD:4A:F4:89
X509v3 Authority Key Identifier:
keyid:FF:47:05:A3:63:DC:1D:8D:0E:A5:1C:9B:9A:1E:CB:D3:80:7B:D0:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_0cFo2PcHY0OpRybmh7L04B70FQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/hD5R9HFmsWhbwQESvOUKGa1K9Ik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/05b3d1-116f-4d60-a176-56bbe38f7407/1/_0cFo2PcHY0OpRybmh7L04B70FQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.248.0/21
185.12.158.0/23
IPv6:
2a03:2240::/32
Signature Algorithm: sha256WithRSAEncryption
82:3c:a3:0c:6b:04:a0:af:28:85:4c:4e:f3:11:67:ee:69:f0:
ac:85:7c:f3:74:78:67:68:f6:45:fe:06:a9:a5:02:fd:a1:6e:
a4:2c:8e:24:e4:7c:e0:f9:c9:bd:0a:7b:f6:52:b2:45:0a:11:
ba:d3:6b:99:4d:13:99:5e:aa:d6:1c:5b:92:ed:89:e8:bb:46:
5a:a9:69:ad:b1:ec:15:94:9f:a1:ee:ca:60:9a:fd:c2:cb:fc:
87:8f:53:e4:6e:e8:e7:3d:53:3e:6e:4b:e6:d8:2c:dc:03:44:
44:b0:d7:da:1d:35:05:f0:19:c8:58:53:87:2d:9f:24:88:69:
76:41:6d:bc:ff:85:13:a1:2a:d9:5a:4b:0f:9a:a5:07:b1:b3:
e0:c4:3a:20:c1:27:dc:8b:e2:b4:bf:48:1a:d2:8b:2e:18:d8:
f0:d8:06:8f:d5:2d:b0:e1:00:26:b0:91:f4:5c:df:8d:60:21:
1b:14:8b:af:90:39:f8:c2:7a:b4:17:2b:b0:90:59:f6:d0:23:
6b:07:8d:40:b4:79:2a:88:12:ec:94:1b:a9:20:ef:6f:bc:f3:
41:df:40:70:87:39:d4:94:38:ed:46:99:6c:c3:c9:6d:24:04:
a7:10:59:10:ab:78:72:a2:8b:75:fd:a4:b9:ff:e5:fb:a5:2e:
7e:f7:3c:66
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEMA9cbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZjQ3MDVhMzYzZGMxZDhkMGVhNTFjOWI5YTFlY2JkMzgwN2JkMDU0MB4XDTIyMDEw
MTAyMDEwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQzZTUxZjQ3MTY2
YjE2ODViYzEwMTEyYmNlNTBhMTlhZDRhZjQ4OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2rjm0IlolGH+XzrHtWjt7YloKNDmEsEBMbVyOtFWpbWmTP
8lY0V1d213yHuJC+heneavaHhGaLecnhyOSRRh5t5mFzS1NPHuHBu48UWZJstAmr
gspO7ZpiGBPNtzJdZjC0CR6vpCAPiWenqPKtU3ccafLgWmSBN8ucJhdE2Gq1DmqD
SZvrDxrIVjFHKvNH0YF+pnLoZ2j0lJ4kWypbrjTN0z9ivboq6KPuqAi/IRWqLbX4
f6W86k6ppQUTAvWPcCSEay2JYwgLyiC78p0Z+7IR3Kqbmi0mQZg32tFTBNHg6Xts
+xYwyvHRs2+gib/mTAxEb41QuPiUn1uctb7PrGkCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSEPlH0cWaxaFvBARK85QoZrUr0iTAfBgNVHSMEGDAWgBT/RwWjY9wdjQ6l
HJuaHsvTgHvQVDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L18wY0ZvMlBjSFkwT3BSeWJtaDdMMDRCNzBGUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMDViM2QxLTExNmYtNGQ2MC1hMTc2LTU2YmJlMzhmNzQwNy8x
L2hENVI5SEZtc1doYndRRVN2T1VLR2ExSzlJay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MDViM2QxLTExNmYtNGQ2MC1hMTc2LTU2YmJlMzhmNzQwNy8xL18wY0ZvMlBjSFkw
T3BSeWJtaDdMMDRCNzBGUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA1EY+AMEAbkMnjANBAIAAjAHAwUA
KgMiQDANBgkqhkiG9w0BAQsFAAOCAQEAgjyjDGsEoK8ohUxO8xFn7mnwrIV883R4
Z2j2Rf4GqaUC/aFupCyOJOR84PnJvQp79lKyRQoRutNrmU0TmV6q1hxbku2J6LtG
WqlprbHsFZSfoe7KYJr9wsv8h49T5G7o5z1TPm5L5tgs3ANERLDX2h01BfAZyFhT
hy2fJIhpdkFtvP+FE6Eq2VpLD5qlB7Gz4MQ6IMEn3IvitL9IGtKLLhjY8NgGj9Ut
sOEAJrCR9FzfjWAhGxSLr5A5+MJ6tBcrsJBZ9tAjaweNQLR5KogS7JQbqSDvb7zz
Qd9AcIc51JQ47UaZbMPJbSQEpxBZEKt4cqKLdf2kuf/l+6Uufvc8Zg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:21 2024 by rpki-client on console-ams.rpki-client.org