Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/h93r4xTh3Gr6dQyscIEWVqOiajk.roa
File: h93r4xTh3Gr6dQyscIEWVqOiajk.roa (raw, json)
Hash identifier: LzipVhJak2VXnwpRHoQwPACQ7I+tcR7HLV0jiQ5fQ7E=
Subject key identifier: 87:DD:EB:E3:14:E1:DC:6A:FA:75:0C:AC:70:81:16:56:A3:A2:6A:39
Certificate issuer: /CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Certificate serial: 13D9C368
Authority key identifier: 34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/h93r4xTh3Gr6dQyscIEWVqOiajk.roa
Signing time: Sat 01 Jan 2022 02:52:39 +0000
ROA not before: Sat 01 Jan 2022 02:52:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203887
IP address blocks: 185.120.172.0/24 maxlen: 24
185.120.172.0/22 maxlen: 24
185.120.175.0/24 maxlen: 24
185.120.174.0/23 maxlen: 24
185.120.174.0/24 maxlen: 24
185.120.173.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 333038440 (0x13d9c368)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=345ae646ea34ad2688aca2fdd1a6f3340356495e
Validity
Not Before: Jan 1 02:52:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87ddebe314e1dc6afa750cac70811656a3a26a39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e6:b9:46:da:e9:38:15:3f:b9:70:92:ae:b3:
d2:2c:1e:f1:a1:b2:3e:04:7f:c2:5c:89:3f:db:95:
f9:22:61:44:66:0f:b2:b3:37:ac:fb:9d:76:73:1c:
0f:c3:66:46:89:ab:ce:bf:df:46:81:e1:98:e3:6c:
d1:46:d1:54:04:20:0a:b7:3a:7b:05:24:89:93:a2:
50:48:4f:c4:89:19:7e:98:da:16:d4:75:4e:b2:ca:
16:af:70:5f:14:5c:2b:6c:6a:fb:61:64:19:51:62:
ea:2d:2a:82:0e:29:87:3d:67:80:c9:a2:0f:fe:b0:
68:2c:25:72:e2:8b:ab:c6:c0:69:29:c2:44:30:21:
d1:0e:ad:11:e2:23:d2:f5:35:47:67:75:69:5e:87:
b8:b9:5d:40:b3:ec:21:23:ac:76:5e:1a:24:ce:e1:
0a:73:a6:c4:e4:0a:2e:fa:64:6e:ee:ee:4e:dc:80:
eb:65:6b:d2:7d:b9:ff:c6:cc:79:a0:20:e9:f4:45:
70:38:34:9d:6f:d7:1f:b3:ba:ac:0c:5c:45:d9:1f:
d9:b5:60:10:20:07:ba:5f:aa:0c:33:61:ae:9a:58:
d7:96:6b:ac:81:f6:44:37:8c:fa:6e:c1:6d:6a:27:
ce:c5:69:6e:b4:5c:d4:bb:3d:0c:2b:85:a1:97:72:
29:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:DD:EB:E3:14:E1:DC:6A:FA:75:0C:AC:70:81:16:56:A3:A2:6A:39
X509v3 Authority Key Identifier:
keyid:34:5A:E6:46:EA:34:AD:26:88:AC:A2:FD:D1:A6:F3:34:03:56:49:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NFrmRuo0rSaIrKL90abzNANWSV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/h93r4xTh3Gr6dQyscIEWVqOiajk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/3cc135-f166-42eb-8203-f49120bed51c/1/NFrmRuo0rSaIrKL90abzNANWSV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.120.172.0/22
Signature Algorithm: sha256WithRSAEncryption
38:d4:5c:11:1a:7c:45:33:98:bb:de:8e:e2:66:73:e0:d1:12:
31:bc:e1:2b:bb:0f:34:98:86:bb:26:c6:9e:34:29:67:0a:e0:
bf:87:ee:97:36:02:1b:d1:fa:4f:38:03:f5:38:11:2c:e0:02:
fd:57:9d:64:87:8e:14:16:81:5e:e9:49:7c:31:4a:22:2c:b9:
c0:b4:f1:65:bc:41:86:42:41:09:f4:37:da:79:24:5c:79:72:
69:5f:9b:6f:3e:98:c7:d4:df:cf:9a:91:30:f6:ee:72:c6:f6:
fe:31:35:4a:4b:4c:99:01:88:2e:7f:4f:33:6e:e0:3a:84:45:
63:f2:91:d7:e0:2b:fc:0c:9f:a5:66:7a:1d:48:cc:b0:2c:d5:
0d:8e:d2:5d:04:18:22:b8:64:ee:ee:93:bb:60:44:46:24:4a:
59:c5:e2:82:69:9a:8c:36:ac:11:1b:6b:19:4a:f4:a4:33:fb:
fa:ca:f9:8a:c4:c1:b9:82:9c:df:95:08:27:4e:94:ea:eb:b3:
e1:a1:e0:b0:30:7b:fa:f1:2e:9a:b9:c7:ed:b0:5b:95:3a:02:
90:d4:a8:16:0a:68:87:84:42:dd:62:d7:14:2a:f0:a5:0b:8b:
15:91:7e:d0:6c:86:e5:55:ea:7d:df:f7:6b:70:03:41:b0:da:
93:a5:1d:43
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEE9nDaDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDVhZTY0NmVhMzRhZDI2ODhhY2EyZmRkMWE2ZjMzNDAzNTY0OTVlMB4XDTIyMDEw
MTAyNTIzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODdkZGViZTMxNGUx
ZGM2YWZhNzUwY2FjNzA4MTE2NTZhM2EyNmEzOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL3muUba6TgVP7lwkq6z0iwe8aGyPgR/wlyJP9uV+SJhRGYP
srM3rPuddnMcD8NmRomrzr/fRoHhmONs0UbRVAQgCrc6ewUkiZOiUEhPxIkZfpja
FtR1TrLKFq9wXxRcK2xq+2FkGVFi6i0qgg4phz1ngMmiD/6waCwlcuKLq8bAaSnC
RDAh0Q6tEeIj0vU1R2d1aV6HuLldQLPsISOsdl4aJM7hCnOmxOQKLvpkbu7uTtyA
62Vr0n25/8bMeaAg6fRFcDg0nW/XH7O6rAxcRdkf2bVgECAHul+qDDNhrppY15Zr
rIH2RDeM+m7BbWonzsVpbrRc1Ls9DCuFoZdyKSsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSH3evjFOHcavp1DKxwgRZWo6JqOTAfBgNVHSMEGDAWgBQ0WuZG6jStJois
ov3RpvM0A1ZJXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05Gcm1SdW8wclNhSXJLTDkwYWJ6TkFOV1NWNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDMvM2NjMTM1LWYxNjYtNDJlYi04MjAzLWY0OTEyMGJlZDUxYy8x
L2g5M3I0eFRoM0dyNmRReXNjSUVXVnFPaWFqay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDMv
M2NjMTM1LWYxNjYtNDJlYi04MjAzLWY0OTEyMGJlZDUxYy8xL05Gcm1SdW8wclNh
SXJLTDkwYWJ6TkFOV1NWNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArl4rDANBgkqhkiG9w0BAQsFAAOC
AQEAONRcERp8RTOYu96O4mZz4NESMbzhK7sPNJiGuybGnjQpZwrgv4fulzYCG9H6
TzgD9TgRLOAC/VedZIeOFBaBXulJfDFKIiy5wLTxZbxBhkJBCfQ32nkkXHlyaV+b
bz6Yx9Tfz5qRMPbucsb2/jE1SktMmQGILn9PM27gOoRFY/KR1+Ar/AyfpWZ6HUjM
sCzVDY7SXQQYIrhk7u6Tu2BERiRKWcXigmmajDasERtrGUr0pDP7+sr5isTBuYKc
35UIJ06U6uuz4aHgsDB7+vEumrnH7bBblToCkNSoFgpoh4RC3WLXFCrwpQuLFZF+
0GyG5VXqfd/3a3ADQbDak6UdQw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:11 2024 by rpki-client on console-fra.rpki-client.org