Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/hU7IL0u7E_jl6lYj0y8zkY69MU0.roa
File: hU7IL0u7E_jl6lYj0y8zkY69MU0.roa (raw, json)
Hash identifier: 1ETxSRqH4EifZZGAgMhq2nL+qin0jvFiLeOiuC/EPZg=
Subject key identifier: 85:4E:C8:2F:4B:BB:13:F8:E5:EA:56:23:D3:2F:33:91:8E:BD:31:4D
Certificate issuer: /CN=1c9c0b1d2144214ea4913c7d63b26fe26a472efe
Certificate serial: E0E6A2
Authority key identifier: 1C:9C:0B:1D:21:44:21:4E:A4:91:3C:7D:63:B2:6F:E2:6A:47:2E:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/hU7IL0u7E_jl6lYj0y8zkY69MU0.roa
Signing time: Sat 01 Jan 2022 07:59:13 +0000
ROA not before: Sat 01 Jan 2022 07:59:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58310
IP address blocks: 91.109.224.0/23 maxlen: 23
91.109.226.0/23 maxlen: 23
185.173.72.0/24 maxlen: 24
185.173.73.0/24 maxlen: 24
185.173.72.0/22 maxlen: 22
185.173.72.0/23 maxlen: 23
185.173.74.0/23 maxlen: 23
91.109.230.0/23 maxlen: 23
91.109.228.0/23 maxlen: 23
2a0b:3901::/48 maxlen: 48
2a0b:3901::/47 maxlen: 47
2a0b:3901:1::/48 maxlen: 48
2a0b:3900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 14739106 (0xe0e6a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c9c0b1d2144214ea4913c7d63b26fe26a472efe
Validity
Not Before: Jan 1 07:59:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=854ec82f4bbb13f8e5ea5623d32f33918ebd314d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:27:f7:b2:ac:fd:0c:b3:af:ba:6a:d9:a3:1b:
3a:ec:91:21:2c:09:e9:8f:c7:63:30:1c:1a:eb:98:
1b:9e:bf:4b:f6:c6:ed:00:18:35:a4:7e:64:ba:3c:
9d:1d:47:21:5e:74:e3:e9:50:e3:84:e3:21:9d:a8:
d0:b8:89:e1:91:25:51:fa:cf:d7:4c:31:e4:49:a0:
7e:48:ec:52:b6:b4:23:4b:d9:27:c8:35:b1:49:70:
89:30:d7:78:f9:ff:8c:bd:e5:ac:fc:f9:95:4a:38:
c5:c9:05:0e:4a:36:9b:81:e6:b1:e7:49:00:5b:98:
97:98:84:d8:ab:90:2e:48:f2:7e:89:fe:f8:d2:bc:
0a:2f:88:94:f9:a2:1d:04:45:0c:ba:45:6a:c5:93:
20:19:54:ec:82:a7:3a:96:4f:cc:c3:8e:45:22:6f:
9c:4e:af:dd:5d:32:19:fa:06:a7:d5:73:1c:4d:da:
b4:fb:37:e5:1a:35:4e:ca:51:fc:13:a7:53:42:8c:
b3:bb:7e:98:e1:cf:f6:eb:62:7c:e0:00:dc:e5:d9:
0a:1e:ef:a8:91:ae:e8:3d:e0:65:ac:b0:34:f9:51:
2a:c8:43:0d:b9:5c:52:8e:03:74:bb:05:29:42:5e:
88:b5:5f:11:3c:79:e2:d2:dc:97:b9:ed:6b:f3:02:
2b:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:4E:C8:2F:4B:BB:13:F8:E5:EA:56:23:D3:2F:33:91:8E:BD:31:4D
X509v3 Authority Key Identifier:
keyid:1C:9C:0B:1D:21:44:21:4E:A4:91:3C:7D:63:B2:6F:E2:6A:47:2E:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/hU7IL0u7E_jl6lYj0y8zkY69MU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d8514-0ee5-4cdb-b078-f65a93f480a8/1/HJwLHSFEIU6kkTx9Y7Jv4mpHLv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.224.0/21
185.173.72.0/22
IPv6:
2a0b:3900::/29
Signature Algorithm: sha256WithRSAEncryption
a4:11:da:2a:a9:71:40:12:29:c6:5e:79:e4:bc:6e:f9:d9:97:
17:53:96:bb:b8:a1:c6:42:ee:fe:c9:d4:dc:c2:d6:ec:f4:69:
25:85:3b:ce:ac:44:89:ab:c7:6a:a1:9a:8c:f6:aa:cb:53:e7:
f5:55:32:89:13:f8:46:d1:1f:36:30:06:1a:ca:b9:0a:2c:87:
c4:9d:93:78:bb:ae:d3:a0:c7:3a:9e:f1:6e:46:21:53:d4:43:
27:b5:20:dc:9e:0e:40:7d:50:72:27:80:b5:d6:fa:d2:93:e6:
14:2c:eb:48:05:2e:ed:cd:ac:95:10:a2:e7:fc:a2:51:71:9d:
85:2c:3c:d1:3d:a9:83:cc:3d:03:a9:87:aa:63:1e:f9:1a:de:
f6:b9:4a:c1:97:7e:ef:67:2b:54:11:09:9d:a1:5a:d5:69:5c:
e9:de:b7:fe:cc:5a:95:8b:01:e2:af:16:4d:af:f1:b8:ae:4e:
3b:69:31:b2:ed:3a:6f:fe:95:e9:f9:0e:d7:6c:45:6e:70:87:
73:65:96:1c:c9:09:8c:4b:0a:ad:c4:75:92:25:85:40:da:0f:
aa:62:c9:2f:9b:5b:2c:2b:17:19:10:38:00:ba:9f:19:bf:1b:
14:57:94:e4:08:70:cb:be:9a:74:f9:9b:dd:bb:1a:90:15:2f:
4a:2a:4e:d4
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAODmojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YzljMGIxZDIxNDQyMTRlYTQ5MTNjN2Q2M2IyNmZlMjZhNDcyZWZlMB4XDTIyMDEw
MTA3NTkxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU0ZWM4MmY0YmJi
MTNmOGU1ZWE1NjIzZDMyZjMzOTE4ZWJkMzE0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJwn97Ks/Qyzr7pq2aMbOuyRISwJ6Y/HYzAcGuuYG56/S/bG
7QAYNaR+ZLo8nR1HIV504+lQ44TjIZ2o0LiJ4ZElUfrP10wx5EmgfkjsUra0I0vZ
J8g1sUlwiTDXePn/jL3lrPz5lUo4xckFDko2m4HmsedJAFuYl5iE2KuQLkjyfon+
+NK8Ci+IlPmiHQRFDLpFasWTIBlU7IKnOpZPzMOORSJvnE6v3V0yGfoGp9VzHE3a
tPs35Ro1TspR/BOnU0KMs7t+mOHP9utifOAA3OXZCh7vqJGu6D3gZaywNPlRKshD
DblcUo4DdLsFKUJeiLVfETx54tLcl7nta/MCK08CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBSFTsgvS7sT+OXqViPTLzORjr0xTTAfBgNVHSMEGDAWgBQcnAsdIUQhTqSR
PH1jsm/iakcu/jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hKd0xIU0ZFSVU2a2tUeDlZN0p2NG1wSEx2NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNGQ4NTE0LTBlZTUtNGNkYi1iMDc4LWY2NWE5M2Y0ODBhOC8x
L2hVN0lMMHU3RV9qbDZsWWoweTh6a1k2OU1VMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
NGQ4NTE0LTBlZTUtNGNkYi1iMDc4LWY2NWE5M2Y0ODBhOC8xL0hKd0xIU0ZFSVU2
a2tUeDlZN0p2NG1wSEx2NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA1tt4AMEArmtSDANBAIAAjAHAwUD
Kgs5ADANBgkqhkiG9w0BAQsFAAOCAQEApBHaKqlxQBIpxl555Lxu+dmXF1OWu7ih
xkLu/snU3MLW7PRpJYU7zqxEiavHaqGajPaqy1Pn9VUyiRP4RtEfNjAGGsq5CiyH
xJ2TeLuu06DHOp7xbkYhU9RDJ7Ug3J4OQH1QcieAtdb60pPmFCzrSAUu7c2slRCi
5/yiUXGdhSw80T2pg8w9A6mHqmMe+Rre9rlKwZd+72crVBEJnaFa1Wlc6d63/sxa
lYsB4q8WTa/xuK5OO2kxsu06b/6V6fkO12xFbnCHc2WWHMkJjEsKrcR1kiWFQNoP
qmLJL5tbLCsXGRA4ALqfGb8bFFeU5Ahwy76adPmb3bsakBUvSipO1A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:08 2023 by rpki-client on console-ams.rpki-client.org