Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/H-sekzRdc_jISYJD7okck8jSKbw.roa
File: H-sekzRdc_jISYJD7okck8jSKbw.roa (raw, json)
Hash identifier: M2oXSBNEt7x1SKYMSGTuv8hp6T0LcVmkZSo6xBSHW5g=
Subject key identifier: 1F:EB:1E:93:34:5D:73:F8:C8:49:82:43:EE:89:1C:93:C8:D2:29:BC
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 09A64E14
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/H-sekzRdc_jISYJD7okck8jSKbw.roa
Signing time: Sat 01 Jan 2022 05:04:16 +0000
ROA not before: Sat 01 Jan 2022 05:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212949
IP address blocks: 176.227.157.0/24 maxlen: 24
88.148.18.0/24 maxlen: 24
84.232.88.0/23 maxlen: 23
84.236.140.0/23 maxlen: 23
88.148.42.0/23 maxlen: 23
94.176.142.0/24 maxlen: 24
84.232.40.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161893908 (0x9a64e14)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jan 1 05:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1feb1e93345d73f8c8498243ee891c93c8d229bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6e:9e:51:72:19:56:8a:2c:5e:1d:39:a0:52:
d3:0d:f5:8f:29:16:9e:58:64:01:6f:a9:8b:47:f5:
24:ac:90:a5:20:58:36:1d:a5:04:11:e0:e7:75:88:
90:ae:57:a6:5d:e3:5b:5e:7c:de:5b:1c:60:b8:e5:
a7:bd:62:66:1a:7c:14:93:44:e4:2d:0b:9c:c4:73:
c9:30:b2:e9:8e:26:65:39:08:41:ae:b7:ef:d3:b2:
90:80:5d:dc:6c:88:bf:d3:d8:18:85:ac:bb:0f:ef:
55:1a:1b:2e:af:60:20:b2:1b:8d:2c:f2:c9:a1:61:
94:35:17:5a:c2:5d:7d:af:a4:d9:5d:f1:99:df:42:
2f:69:be:71:dd:7b:87:fb:44:dd:4e:b0:04:e2:8e:
e9:2f:9b:e0:80:c6:f9:37:8a:33:ef:0d:fa:79:38:
b3:6c:1c:87:9e:9c:be:d1:f8:10:d4:fd:af:a5:e2:
87:b1:6d:18:89:ec:b6:50:16:4b:0b:b9:7c:a3:50:
08:2b:e6:6b:f5:54:91:d5:98:36:68:70:7d:cf:2f:
a9:0b:88:ca:7c:52:72:e5:b4:f9:52:bf:4d:75:27:
10:47:a6:b2:f3:f8:67:f1:8d:ef:fb:41:7f:2f:60:
d8:73:a0:e7:64:a8:3d:c4:d3:fd:79:61:2e:f5:3c:
cb:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:EB:1E:93:34:5D:73:F8:C8:49:82:43:EE:89:1C:93:C8:D2:29:BC
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/H-sekzRdc_jISYJD7okck8jSKbw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.40.0/21
84.232.88.0/23
84.236.140.0/23
88.148.18.0/24
88.148.42.0/23
94.176.142.0/24
176.227.157.0/24
Signature Algorithm: sha256WithRSAEncryption
20:7f:55:0a:25:a8:6f:0e:03:3f:7b:d2:0a:2d:31:3c:dc:24:
f3:56:46:80:84:f3:17:25:35:ba:d6:52:39:f1:f1:a0:83:8d:
14:44:fe:b7:93:5f:0b:c2:56:ce:d4:c0:56:f9:4e:0b:e2:1c:
64:19:ac:3a:6b:1f:e9:20:3e:8d:bb:95:3f:b2:a9:84:63:b5:
b3:99:22:df:d3:56:29:29:81:d2:2f:70:05:3d:ac:45:bc:da:
ce:3a:f3:75:56:02:cf:f9:ff:14:f4:b7:72:00:77:f1:f4:50:
62:39:94:9c:f4:f5:32:27:53:5d:36:78:d8:e2:d6:b8:34:98:
31:fb:01:e4:7d:68:b7:31:0c:3d:0c:9f:8f:7f:5e:54:34:b1:
e9:26:db:f9:24:e3:07:af:0b:72:df:b3:97:37:c9:48:03:49:
12:4f:91:a9:ac:a2:e8:d8:f8:36:f4:b7:c0:7d:92:57:a1:47:
66:43:45:a2:ce:11:1c:ca:c6:f0:a7:00:51:f1:a8:ba:47:46:
1f:44:5c:18:83:46:52:90:5d:41:26:ee:da:2d:1d:a5:30:a1:
b1:b4:e0:30:91:96:d4:9c:7b:18:c5:ad:5a:50:2d:27:0f:91:
fa:d6:73:a6:d9:41:34:a0:81:47:15:4a:a6:e4:2b:8d:e2:cc:
a1:24:4f:41
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIECaZOFDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YWFmMTdiMDAxNWRiYjdjZDk5MmYyNmNkZmYwMWM0ZTI2MjBiNzNlMB4XDTIyMDEw
MTA1MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWZlYjFlOTMzNDVk
NzNmOGM4NDk4MjQzZWU4OTFjOTNjOGQyMjliYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5unlFyGVaKLF4dOaBS0w31jykWnlhkAW+pi0f1JKyQpSBY
Nh2lBBHg53WIkK5Xpl3jW1583lscYLjlp71iZhp8FJNE5C0LnMRzyTCy6Y4mZTkI
Qa6379OykIBd3GyIv9PYGIWsuw/vVRobLq9gILIbjSzyyaFhlDUXWsJdfa+k2V3x
md9CL2m+cd17h/tE3U6wBOKO6S+b4IDG+TeKM+8N+nk4s2wch56cvtH4ENT9r6Xi
h7FtGInstlAWSwu5fKNQCCvma/VUkdWYNmhwfc8vqQuIynxScuW0+VK/TXUnEEem
svP4Z/GN7/tBfy9g2HOg52SoPcTT/XlhLvU8yzkCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBQf6x6TNF1z+MhJgkPuiRyTyNIpvDAfBgNVHSMEGDAWgBTarxewAV27fNmS
8mzf8BxOJiC3PjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJxOFhzQUZkdTN6Wmt2SnMzX0FjVGlZZ3R6NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvYzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8x
L0gtc2VrelJkY19qSVNZSkQ3b2tjazhqU0tidy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
Yzg5NzNjLTNjZmEtNDYwNC04MTEwLWNmMDZkMTk4M2JhMS8xLzJxOFhzQUZkdTN6
Wmt2SnMzX0FjVGlZZ3R6NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEA1ToKAMEAVToWAMEAVTsjAMEAFiU
EgMEAViUKgMEAF6wjgMEALDjnTANBgkqhkiG9w0BAQsFAAOCAQEAIH9VCiWobw4D
P3vSCi0xPNwk81ZGgITzFyU1utZSOfHxoIONFET+t5NfC8JWztTAVvlOC+IcZBms
Omsf6SA+jbuVP7KphGO1s5ki39NWKSmB0i9wBT2sRbzazjrzdVYCz/n/FPS3cgB3
8fRQYjmUnPT1MidTXTZ42OLWuDSYMfsB5H1otzEMPQyfj39eVDSx6Sbb+STjB68L
ct+zlzfJSANJEk+Rqayi6Nj4NvS3wH2SV6FHZkNFos4RHMrG8KcAUfGoukdGH0Rc
GINGUpBdQSbu2i0dpTChsbTgMJGW1Jx7GMWtWlAtJw+R+tZzptlBNKCBRxVKpuQr
jeLMoSRPQQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:20 2023 by rpki-client on console-fra.rpki-client.org