Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/hMU4yjt7k6PexkTAZTV1wblYDig.roa
File: hMU4yjt7k6PexkTAZTV1wblYDig.roa (raw, json)
Hash identifier: DI70G+nueXqjAbucd7jAl3xNuGTAFCGS7ONz5XLdUOs=
Subject key identifier: 84:C5:38:CA:3B:7B:93:A3:DE:C6:44:C0:65:35:75:C1:B9:58:0E:28
Certificate issuer: /CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Certificate serial: 0E45B0F4
Authority key identifier: B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/hMU4yjt7k6PexkTAZTV1wblYDig.roa
Signing time: Tue 29 Mar 2022 06:23:11 +0000
ROA not before: Tue 29 Mar 2022 06:23:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42184
IP address blocks: 185.64.168.0/22 maxlen: 22
178.251.8.0/21 maxlen: 24
185.143.168.0/22 maxlen: 22
188.64.248.0/21 maxlen: 21
91.190.224.0/21 maxlen: 21
2a02:f08::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239448308 (0xe45b0f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3b6f54ea9b15a8bd4f33825386cb277b03439dd
Validity
Not Before: Mar 29 06:23:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84c538ca3b7b93a3dec644c0653575c1b9580e28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9f:85:57:f4:cc:60:7d:24:c4:5d:e6:36:35:
04:55:cf:a2:85:62:0b:07:c3:69:1e:a5:b4:a5:6d:
6e:3b:bd:56:f2:07:00:43:55:a5:ab:72:fd:11:01:
4d:86:a0:d2:bb:eb:ef:a1:a9:27:c2:2e:42:ed:1a:
e3:f7:13:d1:b0:b8:08:cc:09:11:76:f4:43:88:67:
b0:b2:0e:9c:38:b5:43:44:2a:99:7b:f7:57:1d:f1:
f5:66:ea:9b:8c:34:a6:b1:ac:3c:7a:97:f1:20:c2:
e9:5e:47:2c:97:64:ef:66:55:8e:e8:d7:85:41:a8:
54:bb:6b:1e:e2:7d:5f:06:f4:5b:fd:c3:50:05:12:
83:8d:d7:1b:6b:63:df:b7:a9:a8:88:3e:df:d1:e2:
6b:a6:9f:c8:75:e6:3b:45:d9:b2:b7:09:79:45:e2:
1e:b9:dd:93:0c:1d:b0:8c:a6:71:c4:40:df:2f:8e:
c6:11:34:74:9b:2a:37:84:8c:0b:68:08:e9:b2:35:
ac:87:15:2c:87:fb:24:2f:b0:f2:6f:86:f7:0e:3b:
0a:41:90:a1:b7:d3:9a:30:2e:75:34:ff:04:c2:6b:
47:39:53:ac:e8:a6:bf:cb:0b:0d:ae:a6:f9:03:2d:
07:be:50:9e:30:82:3c:3b:76:e2:23:dd:1d:7b:fa:
94:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C5:38:CA:3B:7B:93:A3:DE:C6:44:C0:65:35:75:C1:B9:58:0E:28
X509v3 Authority Key Identifier:
keyid:B3:B6:F5:4E:A9:B1:5A:8B:D4:F3:38:25:38:6C:B2:77:B0:34:39:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s7b1TqmxWovU8zglOGyyd7A0Od0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/hMU4yjt7k6PexkTAZTV1wblYDig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/8de4a3-8d5a-46b1-a735-2f46e9317cc6/1/s7b1TqmxWovU8zglOGyyd7A0Od0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.224.0/21
178.251.8.0/21
185.64.168.0/22
185.143.168.0/22
188.64.248.0/21
IPv6:
2a02:f08::/32
Signature Algorithm: sha256WithRSAEncryption
24:38:17:47:56:cc:32:84:d2:8c:09:5d:37:0c:3d:69:82:de:
08:05:b3:5d:be:fc:8c:ca:4a:a3:33:7d:92:a4:a6:a9:d3:70:
11:a3:26:76:46:02:ac:54:86:e0:b8:b1:8b:ed:fc:39:f2:b4:
bb:b0:4d:94:32:9b:75:d4:06:3b:38:3c:d4:63:88:0c:d0:ec:
4a:a0:c4:7a:89:d5:7d:6a:79:39:ba:27:6f:ba:08:83:a2:ba:
1e:c7:2e:be:03:ff:ac:4a:10:4f:34:cc:0b:44:05:f2:92:b8:
07:5d:73:8f:7c:dd:5f:3d:57:84:fd:13:9c:03:53:36:a2:6f:
0a:7b:9e:62:d0:12:0c:62:d5:28:61:c7:f7:68:e8:a9:fb:20:
02:73:8d:f2:9d:66:25:19:38:75:c8:4c:30:2f:34:8e:2d:eb:
d2:1a:ee:b6:ea:9b:22:45:4b:f7:5d:9d:f3:3d:0c:96:72:00:
1b:06:bd:3a:f3:02:a2:68:c0:64:d5:55:32:78:5c:20:19:4b:
f7:8d:54:f2:3a:50:4b:f1:bb:9a:be:52:0e:aa:2e:68:50:3b:
b9:4e:03:10:a7:50:37:97:d1:25:0c:1f:c3:96:9c:6e:ef:d4:
e4:74:4c:f0:d3:f5:85:54:aa:29:dd:d9:f0:61:43:9e:b9:b9:
c2:5f:65:35
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEDkWw9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2I2ZjU0ZWE5YjE1YThiZDRmMzM4MjUzODZjYjI3N2IwMzQzOWRkMB4XDTIyMDMy
OTA2MjMxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRjNTM4Y2EzYjdi
OTNhM2RlYzY0NGMwNjUzNTc1YzFiOTU4MGUyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMCfhVf0zGB9JMRd5jY1BFXPooViCwfDaR6ltKVtbju9VvIH
AENVpaty/REBTYag0rvr76GpJ8IuQu0a4/cT0bC4CMwJEXb0Q4hnsLIOnDi1Q0Qq
mXv3Vx3x9Wbqm4w0prGsPHqX8SDC6V5HLJdk72ZVjujXhUGoVLtrHuJ9Xwb0W/3D
UAUSg43XG2tj37epqIg+39Hia6afyHXmO0XZsrcJeUXiHrndkwwdsIymccRA3y+O
xhE0dJsqN4SMC2gI6bI1rIcVLIf7JC+w8m+G9w47CkGQobfTmjAudTT/BMJrRzlT
rOimv8sLDa6m+QMtB75QnjCCPDt24iPdHXv6lN8CAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSExTjKO3uTo97GRMBlNXXBuVgOKDAfBgNVHSMEGDAWgBSztvVOqbFai9Tz
OCU4bLJ3sDQ53TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M3YjFUcW14V292VTh6Z2xPR3l5ZDdBME9kMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvOGRlNGEzLThkNWEtNDZiMS1hNzM1LTJmNDZlOTMxN2NjNi8x
L2hNVTR5anQ3azZQZXhrVEFaVFYxd2JsWURpZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
OGRlNGEzLThkNWEtNDZiMS1hNzM1LTJmNDZlOTMxN2NjNi8xL3M3YjFUcW14V292
VTh6Z2xPR3l5ZDdBME9kMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEA1u+4AMEA7L7CAMEArlAqAMEArmP
qAMEA7xA+DANBAIAAjAHAwUAKgIPCDANBgkqhkiG9w0BAQsFAAOCAQEAJDgXR1bM
MoTSjAldNww9aYLeCAWzXb78jMpKozN9kqSmqdNwEaMmdkYCrFSG4Lixi+38OfK0
u7BNlDKbddQGOzg81GOIDNDsSqDEeonVfWp5Obonb7oIg6K6HscuvgP/rEoQTzTM
C0QF8pK4B11zj3zdXz1XhP0TnANTNqJvCnueYtASDGLVKGHH92joqfsgAnON8p1m
JRk4dchMMC80ji3r0hrutuqbIkVL912d8z0MlnIAGwa9OvMComjAZNVVMnhcIBlL
941U8jpQS/G7mr5SDqouaFA7uU4DEKdQN5fRJQwfw5acbu/U5HRM8NP1hVSqKd3Z
8GFDnrm5wl9lNQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:57 2024 by rpki-client on console-ams.rpki-client.org