Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/hn7mdaFGyHWCYBgkW4VSSPurzPc.roa
File: hn7mdaFGyHWCYBgkW4VSSPurzPc.roa (raw, json)
Hash identifier: sjU6YwxDFzAjTanxuAj9nxSn7CAmsoQK26YpB4lEY1M=
Subject key identifier: 86:7E:E6:75:A1:46:C8:75:82:60:18:24:5B:85:52:48:FB:AB:CC:F7
Certificate issuer: /CN=583ee3c2ec4a19025c0392ad1ee6a4641bcdd0c8
Certificate serial: 018450BD24AD584163398B1DFBF5EAE6943C
Authority key identifier: 58:3E:E3:C2:EC:4A:19:02:5C:03:92:AD:1E:E6:A4:64:1B:CD:D0:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WD7jwuxKGQJcA5KtHuakZBvN0Mg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/hn7mdaFGyHWCYBgkW4VSSPurzPc.roa
Signing time: Mon 07 Nov 2022 06:18:03 +0000
ROA not before: Mon 07 Nov 2022 06:18:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59874
IP address blocks: 185.68.38.0/24 maxlen: 24
185.68.36.0/24 maxlen: 24
185.68.37.0/24 maxlen: 24
185.68.39.0/24 maxlen: 24
2a05:1580:13::/48 maxlen: 48
2a05:1580:11::/48 maxlen: 48
2a05:1580:12::/48 maxlen: 48
2a05:1580:10::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:50:bd:24:ad:58:41:63:39:8b:1d:fb:f5:ea:e6:94:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=583ee3c2ec4a19025c0392ad1ee6a4641bcdd0c8
Validity
Not Before: Nov 7 06:18:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=867ee675a146c875826018245b855248fbabccf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:3b:ed:fc:a3:15:ac:34:50:4d:2a:39:2e:0c:
b2:08:bf:6d:56:c7:16:28:52:ba:67:59:2e:26:ee:
e1:ca:51:73:74:42:44:fe:0f:df:45:e8:48:5e:a4:
e5:4f:28:31:dc:5c:a7:b5:af:0e:aa:68:27:ee:07:
7d:43:cd:54:75:11:48:6e:03:dd:a2:20:d2:fe:02:
21:4a:ee:67:72:32:17:5d:0e:2e:64:4c:d2:35:e8:
b8:87:a9:b5:36:8a:18:36:d8:fd:d5:87:f6:28:27:
e1:9a:d1:d8:c2:37:52:2c:26:f7:44:55:01:4a:87:
52:60:34:af:9b:f3:96:31:77:45:a2:6a:3a:14:54:
7b:dd:74:ce:ef:09:fa:52:95:a6:e9:b7:51:66:d2:
05:8d:8f:fa:6b:6d:1a:3f:6e:3b:46:98:6a:ed:a4:
0c:7d:80:66:6f:18:71:7e:bc:bf:c2:9e:69:78:a6:
ca:c5:d0:25:87:7e:71:bc:a2:11:f2:86:59:c8:68:
3e:ef:33:0f:17:59:be:30:da:f3:5c:27:22:6a:36:
26:fb:34:77:66:a3:02:fc:ce:0e:94:86:ee:e7:41:
14:06:9b:01:52:cf:f6:19:2e:2e:38:18:ec:b3:8a:
83:0f:e0:a2:d1:bd:3d:28:ac:c1:01:25:b2:45:56:
81:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7E:E6:75:A1:46:C8:75:82:60:18:24:5B:85:52:48:FB:AB:CC:F7
X509v3 Authority Key Identifier:
keyid:58:3E:E3:C2:EC:4A:19:02:5C:03:92:AD:1E:E6:A4:64:1B:CD:D0:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WD7jwuxKGQJcA5KtHuakZBvN0Mg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/hn7mdaFGyHWCYBgkW4VSSPurzPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/b73b0b-7c0c-448a-8bcc-35cc214dea81/1/WD7jwuxKGQJcA5KtHuakZBvN0Mg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.36.0/22
IPv6:
2a05:1580:10::/46
Signature Algorithm: sha256WithRSAEncryption
89:f1:51:9c:c3:90:55:cd:5c:d0:c6:0f:85:0e:eb:b7:8f:5a:
4a:a0:d2:52:3a:d4:78:17:1e:5b:76:ea:d5:1b:cf:df:a0:4d:
57:46:6b:2d:eb:dd:45:d4:c9:89:1e:d1:97:36:9b:2d:6b:09:
4a:55:fa:79:be:23:0e:e2:8a:38:92:ec:d8:b1:f2:dc:6b:16:
4c:ae:ed:6f:e6:e0:c7:6a:76:eb:92:9d:68:fb:2c:22:ad:82:
6e:da:04:09:55:1c:a6:29:c0:72:3a:5e:a4:57:b0:0a:24:73:
6e:f5:3d:eb:5f:7e:d4:d1:30:94:30:cd:0b:d1:14:de:dc:5a:
0e:69:81:14:3f:04:35:33:a6:01:03:c8:4d:f7:45:84:d9:eb:
79:8f:d2:62:16:30:63:40:52:9e:18:32:80:f3:9b:cf:66:81:
12:c7:0a:87:b4:fa:48:3b:da:5e:a2:db:f7:94:e5:53:44:01:
3a:54:e3:70:47:54:cb:97:a3:81:55:c8:23:06:ec:2a:8b:e2:
e1:c0:06:8f:38:46:6f:51:3a:9c:06:ac:79:2f:de:d7:91:5e:
db:8f:d5:54:e9:ac:e9:b2:57:4c:88:6d:3c:ea:cf:a6:96:46:
42:36:1e:28:02:12:6d:db:8a:8b:0f:9c:44:4a:01:e9:9f:db:
63:94:83:12
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYRQvSStWEFjOYsd+/Xq5pQ8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4M2VlM2MyZWM0YTE5MDI1YzAzOTJhZDFlZTZhNDY0MWJj
ZGQwYzgwHhcNMjIxMTA3MDYxODAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdlZTY3NWExNDZjODc1ODI2MDE4MjQ1Yjg1NTI0OGZiYWJjY2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiDvt/KMVrDRQTSo5LgyyCL9tVscW
KFK6Z1kuJu7hylFzdEJE/g/fRehIXqTlTygx3Fynta8Oqmgn7gd9Q81UdRFIbgPd
oiDS/gIhSu5ncjIXXQ4uZEzSNei4h6m1NooYNtj91Yf2KCfhmtHYwjdSLCb3RFUB
SodSYDSvm/OWMXdFomo6FFR73XTO7wn6UpWm6bdRZtIFjY/6a20aP247Rphq7aQM
fYBmbxhxfry/wp5peKbKxdAlh35xvKIR8oZZyGg+7zMPF1m+MNrzXCciajYm+zR3
ZqMC/M4OlIbu50EUBpsBUs/2GS4uOBjss4qDD+Ci0b09KKzBASWyRVaBowIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIZ+5nWhRsh1gmAYJFuFUkj7q8z3MB8GA1UdIwQY
MBaAFFg+48LsShkCXAOSrR7mpGQbzdDIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0Q3and1eEtHUUpjQTVLdEh1YWtaQnZOME1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9iNzNiMGItN2MwYy00NDhhLThiY2Mt
MzVjYzIxNGRlYTgxLzEvaG43bWRhRkd5SFdDWUJna1c0VlNTUHVyelBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9iNzNiMGItN2MwYy00NDhhLThiY2MtMzVjYzIxNGRlYTgx
LzEvV0Q3and1eEtHUUpjQTVLdEh1YWtaQnZOME1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuUQkMA8E
AgACMAkDBwIqBRWAABAwDQYJKoZIhvcNAQELBQADggEBAInxUZzDkFXNXNDGD4UO
67ePWkqg0lI61HgXHlt26tUbz9+gTVdGay3r3UXUyYke0Zc2my1rCUpV+nm+Iw7i
ijiS7Nix8txrFkyu7W/m4MdqduuSnWj7LCKtgm7aBAlVHKYpwHI6XqRXsAokc271
PetfftTRMJQwzQvRFN7cWg5pgRQ/BDUzpgEDyE33RYTZ63mP0mIWMGNAUp4YMoDz
m89mgRLHCoe0+kg72l6i2/eU5VNEATpU43BHVMuXo4FVyCMG7CqL4uHABo84Rm9R
OpwGrHkv3teRXtuP1VTprOmyV0yIbTzqz6aWRkI2HigCEm3biosPnERKAemf22OU
gxI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:44 2024 by rpki-client on console-fra.rpki-client.org