Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/hPi9ohc5ully1DqMJjnPF0R3Qm8.roa
File: hPi9ohc5ully1DqMJjnPF0R3Qm8.roa (raw, json)
Hash identifier: AD/RhGracN+EKIdrluahSNdGOOYbS4xV+qrRuLLXte0=
Subject key identifier: 84:F8:BD:A2:17:39:BA:59:72:D4:3A:8C:26:39:CF:17:44:77:42:6F
Certificate issuer: /CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
Certificate serial: 0183F5F36845B76178BD25EA379BD29F9D0C
Authority key identifier: 65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/hPi9ohc5ully1DqMJjnPF0R3Qm8.roa
Signing time: Thu 20 Oct 2022 15:11:53 +0000
ROA not before: Thu 20 Oct 2022 15:11:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205147
IP address blocks: 185.8.97.0/24 maxlen: 24
185.8.98.0/24 maxlen: 24
185.8.96.0/22 maxlen: 22
185.8.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:f3:68:45:b7:61:78:bd:25:ea:37:9b:d2:9f:9d:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=658c0c499a8e69d9795f4bd0b5bf1682b1f00f9a
Validity
Not Before: Oct 20 15:11:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84f8bda21739ba5972d43a8c2639cf174477426f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d6:98:e1:35:3e:7d:74:04:7d:2c:9d:b5:0b:
52:26:0f:da:0f:b7:10:e2:d6:5b:9a:01:6a:46:67:
65:da:01:13:86:2d:6a:2c:70:1c:1f:37:1a:ed:9b:
51:a7:3a:11:43:d0:74:88:ff:ea:83:50:0d:72:9e:
ff:88:8f:a7:99:a1:67:e9:5e:80:42:81:20:64:b8:
7e:60:44:0b:0f:0d:db:af:b8:18:e1:f6:11:ec:fb:
2f:6c:33:33:0b:0a:e8:43:81:78:96:3f:0b:8d:c3:
d5:56:62:07:88:e2:4a:df:01:ac:01:f7:3a:de:eb:
65:87:2f:d1:ad:7d:54:65:96:ee:91:ab:de:8f:d7:
c3:1a:f1:2e:cf:5d:5d:47:66:77:23:3a:dd:d2:24:
fd:ab:24:57:3e:9e:4e:bb:05:a6:c5:6d:b8:f4:19:
cf:e2:8a:0a:a2:65:53:5f:63:5e:c1:bc:2c:a4:31:
22:cc:0c:2b:69:25:e9:c8:a5:c3:3e:1e:ba:8c:49:
ea:0e:14:56:93:8e:1b:3c:04:0f:f9:1b:2e:16:31:
19:f4:3a:37:30:08:47:36:88:39:40:69:48:71:25:
bc:64:14:eb:81:a3:2f:af:0e:f4:4e:b8:ec:1f:aa:
1a:04:e2:5c:b2:6f:0b:e5:e7:cb:d8:2f:e3:c8:04:
35:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F8:BD:A2:17:39:BA:59:72:D4:3A:8C:26:39:CF:17:44:77:42:6F
X509v3 Authority Key Identifier:
keyid:65:8C:0C:49:9A:8E:69:D9:79:5F:4B:D0:B5:BF:16:82:B1:F0:0F:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZYwMSZqOadl5X0vQtb8WgrHwD5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/hPi9ohc5ully1DqMJjnPF0R3Qm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/e66913-8f5f-47ef-a730-32c1b2cee593/1/ZYwMSZqOadl5X0vQtb8WgrHwD5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.96.0/22
Signature Algorithm: sha256WithRSAEncryption
12:8b:3e:2f:e2:d5:3d:be:97:70:0c:f4:e5:56:c5:4f:89:4b:
22:d8:5b:40:cb:a0:aa:10:73:c5:e9:62:0a:dc:37:42:01:e4:
bc:a3:4a:75:a9:8f:89:bd:31:5c:84:9b:18:e2:4f:e1:ca:fe:
68:1c:60:49:3f:59:89:a4:90:b1:33:59:7d:ee:75:fe:39:81:
8c:a7:fe:63:3f:da:d6:f3:57:93:d5:83:4c:5d:07:f1:f0:0b:
66:ad:e7:4f:dc:7a:39:f8:9b:b8:4f:a7:cf:12:8c:76:6f:95:
98:00:c1:95:50:55:60:c7:43:bc:bf:0e:01:69:d7:b5:f8:e6:
8e:b6:3e:12:3d:8c:87:0f:c9:26:47:1e:cc:45:a8:7c:10:14:
00:c2:89:69:25:38:62:d4:8e:d4:47:11:d5:f5:d7:ab:df:73:
53:fc:90:6b:7d:c7:73:64:85:0b:7b:02:90:d9:9d:59:fb:03:
62:fb:bf:41:81:ab:c9:4f:b6:0e:1a:70:21:ac:ca:aa:84:73:
94:02:7a:5a:6b:ab:fd:16:15:d0:83:97:38:69:5e:bc:56:b8:
30:e7:07:3a:bf:13:80:ae:34:1a:18:05:1b:1f:a8:48:81:ee:
13:a9:e1:f0:88:f4:d3:7d:8b:b2:6d:6a:8d:ad:13:2d:58:fc:
43:01:a9:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYP182hFt2F4vSXqN5vSn50MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OGMwYzQ5OWE4ZTY5ZDk3OTVmNGJkMGI1YmYxNjgyYjFm
MDBmOWEwHhcNMjIxMDIwMTUxMTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY4YmRhMjE3MzliYTU5NzJkNDNhOGMyNjM5Y2YxNzQ0Nzc0MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9aY4TU+fXQEfSydtQtSJg/aD7cQ
4tZbmgFqRmdl2gEThi1qLHAcHzca7ZtRpzoRQ9B0iP/qg1ANcp7/iI+nmaFn6V6A
QoEgZLh+YEQLDw3br7gY4fYR7PsvbDMzCwroQ4F4lj8LjcPVVmIHiOJK3wGsAfc6
3utlhy/RrX1UZZbukavej9fDGvEuz11dR2Z3Izrd0iT9qyRXPp5OuwWmxW249BnP
4ooKomVTX2NewbwspDEizAwraSXpyKXDPh66jEnqDhRWk44bPAQP+RsuFjEZ9Do3
MAhHNog5QGlIcSW8ZBTrgaMvrw70TrjsH6oaBOJcsm8L5efL2C/jyAQ19wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIT4vaIXObpZctQ6jCY5zxdEd0JvMB8GA1UdIwQY
MBaAFGWMDEmajmnZeV9L0LW/FoKx8A+aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAt
MzJjMWIyY2VlNTkzLzEvaFBpOW9oYzV1bGx5MURxTUpqblBGMFIzUW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lNjY5MTMtOGY1Zi00N2VmLWE3MzAtMzJjMWIyY2VlNTkz
LzEvWll3TVNacU9hZGw1WDB2UXRiOFdnckh3RDVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuQhgMA0G
CSqGSIb3DQEBCwUAA4IBAQASiz4v4tU9vpdwDPTlVsVPiUsi2FtAy6CqEHPF6WIK
3DdCAeS8o0p1qY+JvTFchJsY4k/hyv5oHGBJP1mJpJCxM1l97nX+OYGMp/5jP9rW
81eT1YNMXQfx8AtmredP3Ho5+Ju4T6fPEox2b5WYAMGVUFVgx0O8vw4Bade1+OaO
tj4SPYyHD8kmRx7MRah8EBQAwolpJThi1I7URxHV9der33NT/JBrfcdzZIULewKQ
2Z1Z+wNi+79BgavJT7YOGnAhrMqqhHOUAnpaa6v9FhXQg5c4aV68Vrgw5wc6vxOA
rjQaGAUbH6hIge4TqeHwiPTTfYuybWqNrRMtWPxDAak1
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:26 2023 by rpki-client on console-fra.rpki-client.org