Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/hOOOYv0eMA_qRn03cCw00FKmWWU.roa
File: hOOOYv0eMA_qRn03cCw00FKmWWU.roa (raw, json)
Hash identifier: c+xeTXkk3OH11JIQIHwOtYMsRPp+AEEASCUWJdYA56o=
Subject key identifier: 84:E3:8E:62:FD:1E:30:0F:EA:46:7D:37:70:2C:34:D0:52:A6:59:65
Certificate issuer: /CN=2b976275547b75df2b04c4f9b291c0710c507740
Certificate serial: 01894FDD9E973AAB28E67C6584838F0F2FC8
Authority key identifier: 2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/hOOOYv0eMA_qRn03cCw00FKmWWU.roa
Signing time: Thu 13 Jul 2023 15:27:51 +0000
ROA not before: Thu 13 Jul 2023 15:27:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202975
IP address blocks: 185.135.100.0/23 maxlen: 23
185.135.102.0/24 maxlen: 24
85.116.132.0/22 maxlen: 22
89.105.88.0/24 maxlen: 24
185.89.222.0/23 maxlen: 23
2a06:f2c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:4f:dd:9e:97:3a:ab:28:e6:7c:65:84:83:8f:0f:2f:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b976275547b75df2b04c4f9b291c0710c507740
Validity
Not Before: Jul 13 15:27:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=84e38e62fd1e300fea467d37702c34d052a65965
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:24:cc:e4:96:30:bc:08:67:d2:68:0b:63:22:
91:15:fc:f3:c8:02:66:a4:ef:0c:02:7b:65:ff:23:
3a:91:47:6e:af:04:75:21:2b:4d:f2:f2:70:1c:07:
c0:3f:0d:4f:e6:23:ff:d8:5e:6b:ee:a4:d3:59:08:
c8:36:c0:3a:91:be:34:ca:ce:68:f7:99:b5:2e:80:
a4:4a:6f:55:fa:aa:82:ee:fd:95:d8:2d:50:ac:02:
4f:57:a5:0c:ee:8a:75:a4:aa:b6:d5:78:db:d5:b0:
18:a2:42:2f:3a:8d:8e:77:5d:4c:90:63:bc:83:88:
53:53:f1:c0:2f:18:56:6f:0f:c2:2c:6c:ec:ae:3f:
14:5c:eb:16:a5:62:6d:13:01:18:02:60:f0:e3:ce:
78:ee:b5:19:33:89:c4:91:6e:6d:61:a0:78:59:af:
14:ee:f0:7c:70:d4:76:d8:43:f9:2c:2a:e8:20:3f:
ad:7a:c9:22:c8:22:94:28:b4:8c:95:fa:61:1e:e6:
dc:2b:7c:4a:14:e3:57:36:0e:f2:f0:15:47:95:91:
0e:cb:1d:4b:7c:2a:6b:30:c6:2c:d1:f0:3a:b9:f6:
3f:57:88:46:74:c9:9b:5b:cf:0b:26:07:d3:86:07:
a6:2f:ce:18:da:05:63:26:58:af:4c:e5:7f:1f:d1:
b8:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E3:8E:62:FD:1E:30:0F:EA:46:7D:37:70:2C:34:D0:52:A6:59:65
X509v3 Authority Key Identifier:
keyid:2B:97:62:75:54:7B:75:DF:2B:04:C4:F9:B2:91:C0:71:0C:50:77:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K5didVR7dd8rBMT5spHAcQxQd0A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/hOOOYv0eMA_qRn03cCw00FKmWWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/58f45f-8b07-4e6a-9548-d5b0f91d97c2/1/K5didVR7dd8rBMT5spHAcQxQd0A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.116.132.0/22
89.105.88.0/24
185.89.222.0/23
185.135.100.0-185.135.102.255
IPv6:
2a06:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:3b:bb:5e:97:82:78:23:12:f1:ca:02:c0:46:3c:c2:d7:05:
89:32:3e:94:b9:0b:a8:d2:e4:e6:c7:35:c3:96:7a:f2:f4:3a:
4f:5a:01:5e:88:04:ed:97:ba:d0:19:65:4f:a2:0e:d2:c3:68:
9b:cc:27:97:8e:ee:d3:b6:ef:55:48:3a:47:4d:0d:02:ea:0d:
32:bb:f4:ba:ee:21:b3:22:37:6f:11:ff:eb:2a:80:3a:51:cf:
5c:29:d8:31:90:e0:7e:52:f6:38:4d:ff:7c:bd:86:16:2f:e8:
09:ad:02:61:7d:a7:6f:11:0c:b9:d9:ef:4f:2d:4d:cb:8d:37:
03:6e:62:24:19:7e:37:46:5e:18:35:80:a8:2c:e8:f3:0e:6a:
03:40:ed:ce:eb:50:58:f7:b7:60:d4:f4:68:4f:3a:09:b9:f7:
23:a6:65:b4:21:28:54:28:58:8c:eb:53:9d:87:d9:32:f3:c2:
f8:f7:36:5d:40:3c:c1:43:46:35:4f:ad:09:c1:80:37:17:ac:
06:ac:8a:3a:aa:b8:34:cf:99:f7:12:d1:0b:68:80:79:a3:52:
c8:e8:39:f8:23:a0:be:e4:f7:a9:b5:fc:b8:b9:3f:01:0b:86:
5d:73:43:27:1b:a9:51:01:08:d7:2a:48:cc:0e:65:66:7c:f5:
15:91:b3:a3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYlP3Z6XOqso5nxlhIOPDy/IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOTc2Mjc1NTQ3Yjc1ZGYyYjA0YzRmOWIyOTFjMDcxMGM1
MDc3NDAwHhcNMjMwNzEzMTUyNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGUzOGU2MmZkMWUzMDBmZWE0NjdkMzc3MDJjMzRkMDUyYTY1OTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSTM5JYwvAhn0mgLYyKRFfzzyAJm
pO8MAntl/yM6kUdurwR1IStN8vJwHAfAPw1P5iP/2F5r7qTTWQjINsA6kb40ys5o
95m1LoCkSm9V+qqC7v2V2C1QrAJPV6UM7op1pKq21Xjb1bAYokIvOo2Od11MkGO8
g4hTU/HALxhWbw/CLGzsrj8UXOsWpWJtEwEYAmDw48547rUZM4nEkW5tYaB4Wa8U
7vB8cNR22EP5LCroID+teskiyCKUKLSMlfphHubcK3xKFONXNg7y8BVHlZEOyx1L
fCprMMYs0fA6ufY/V4hGdMmbW88LJgfThgemL84Y2gVjJlivTOV/H9G4swIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFITjjmL9HjAP6kZ9N3AsNNBSplllMB8GA1UdIwQY
MBaAFCuXYnVUe3XfKwTE+bKRwHEMUHdAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgt
ZDViMGY5MWQ5N2MyLzEvaE9PT1l2MGVNQV9xUm4wM2NDdzAwRkttV1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81OGY0NWYtOGIwNy00ZTZhLTk1NDgtZDViMGY5MWQ5N2My
LzEvSzVkaWRWUjdkZDhyQk1UNXNwSEFjUXhRZDBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQCVXSEAwQA
WWlYAwQBuVneMAwDBAK5h2QDBAC5h2YwDQQCAAIwBwMFAyoG8sAwDQYJKoZIhvcN
AQELBQADggEBAB87u16XgngjEvHKAsBGPMLXBYkyPpS5C6jS5ObHNcOWevL0Ok9a
AV6IBO2XutAZZU+iDtLDaJvMJ5eO7tO271VIOkdNDQLqDTK79LruIbMiN28R/+sq
gDpRz1wp2DGQ4H5S9jhN/3y9hhYv6AmtAmF9p28RDLnZ708tTcuNNwNuYiQZfjdG
Xhg1gKgs6PMOagNA7c7rUFj3t2DU9GhPOgm59yOmZbQhKFQoWIzrU52H2TLzwvj3
Nl1APMFDRjVPrQnBgDcXrAasijqquDTPmfcS0QtogHmjUsjoOfgjoL7k96m1/Li5
PwELhl1zQycbqVEBCNcqSMwOZWZ89RWRs6M=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:58 2025 by rpki-client