Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/hfuslO0D9ul7Vp5ZLwj1XisgOYQ.roa
File: hfuslO0D9ul7Vp5ZLwj1XisgOYQ.roa (raw, json)
Hash identifier: w8LS57wJpClzTIYaClFlkPBzG4tPHHQcE7w/BlUccg0=
Subject key identifier: 85:FB:AC:94:ED:03:F6:E9:7B:56:9E:59:2F:08:F5:5E:2B:20:39:84
Certificate issuer: /CN=5949698bbcd24fc9e1a9f5f41486c31af19a4bc8
Certificate serial: 152E659C
Authority key identifier: 59:49:69:8B:BC:D2:4F:C9:E1:A9:F5:F4:14:86:C3:1A:F1:9A:4B:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WUlpi7zST8nhqfX0FIbDGvGaS8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/hfuslO0D9ul7Vp5ZLwj1XisgOYQ.roa
Signing time: Sat 01 Jan 2022 15:04:13 +0000
ROA not before: Sat 01 Jan 2022 15:04:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49985
IP address blocks: 188.120.192.0/19 maxlen: 19
185.172.252.0/22 maxlen: 22
176.62.224.0/20 maxlen: 20
2a02:c60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 355362204 (0x152e659c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5949698bbcd24fc9e1a9f5f41486c31af19a4bc8
Validity
Not Before: Jan 1 15:04:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85fbac94ed03f6e97b569e592f08f55e2b203984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:4f:ec:10:d1:13:e3:30:d7:63:e3:58:14:26:
6e:c6:38:50:f8:0b:66:59:27:35:c7:00:4c:37:80:
0d:48:ea:7a:38:65:8a:79:f7:a1:b5:ce:ca:99:95:
1d:03:5a:57:9c:d4:68:ef:24:5c:42:42:fb:e6:4a:
67:85:bd:27:2a:bb:c9:02:d0:55:d7:51:97:17:9c:
24:4f:25:c8:69:16:0c:f4:92:44:f6:6a:ca:cc:21:
79:79:d6:9e:a8:e0:5b:3e:1c:f5:4f:d6:06:4f:cd:
a6:5c:86:42:8c:5b:cc:ee:37:89:76:e2:2b:c1:27:
a6:04:ea:5a:eb:51:37:f0:19:29:13:64:a0:4e:97:
71:a9:07:7d:5c:4b:43:5e:2d:b8:51:ed:88:cb:c4:
ef:a3:da:6b:7e:66:ea:f7:82:6d:13:88:c1:fb:06:
21:8c:3b:37:a4:0a:37:b1:a5:f7:25:7b:a5:5f:27:
0a:22:7e:31:2a:03:83:6c:70:96:a2:ee:fd:a1:4e:
ea:1b:96:8e:0c:06:62:c0:c2:7d:a8:09:ea:63:72:
a5:a6:9b:e2:93:32:58:7b:74:d1:cb:f3:e9:3d:34:
44:d0:92:7a:ab:92:5b:c7:c4:1d:72:9f:f5:58:35:
1b:77:99:da:45:7f:81:e0:66:ef:ad:60:d9:47:0f:
a5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:FB:AC:94:ED:03:F6:E9:7B:56:9E:59:2F:08:F5:5E:2B:20:39:84
X509v3 Authority Key Identifier:
keyid:59:49:69:8B:BC:D2:4F:C9:E1:A9:F5:F4:14:86:C3:1A:F1:9A:4B:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WUlpi7zST8nhqfX0FIbDGvGaS8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/hfuslO0D9ul7Vp5ZLwj1XisgOYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/31c056-6a8a-4226-803c-583fbe64a955/1/WUlpi7zST8nhqfX0FIbDGvGaS8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.224.0/20
185.172.252.0/22
188.120.192.0/19
IPv6:
2a02:c60::/32
Signature Algorithm: sha256WithRSAEncryption
49:12:41:79:d4:36:2f:47:74:a9:b7:b0:8d:61:09:e3:25:57:
f9:83:c3:c8:1c:96:c3:5f:75:1c:d0:f4:7a:c7:a2:c4:46:be:
a7:22:ab:47:3d:1f:37:b6:74:10:c1:11:f1:20:c1:b6:e6:ea:
6d:51:b8:38:2a:61:b9:17:5a:e8:e9:55:2f:c6:ac:32:a9:78:
fe:51:8f:fd:48:8d:44:25:e0:f0:9d:04:71:ff:10:32:88:f7:
6e:51:a8:52:df:53:ed:3f:40:c4:c6:f1:54:50:48:e7:44:06:
be:41:f5:b2:8c:c9:54:89:61:12:cb:e2:9b:14:eb:94:7d:b6:
2b:51:32:a6:64:93:f9:54:31:f3:e5:68:92:d9:a2:a6:52:5e:
e2:45:2a:82:70:46:46:ae:45:25:e7:60:06:f7:73:c3:cf:b4:
df:9c:87:fa:67:43:39:ef:4e:95:71:da:ff:f8:19:93:d0:c8:
e3:ac:c1:fc:b0:06:82:9a:64:8c:38:d6:75:4c:b9:13:88:10:
6a:75:f1:0f:80:db:91:c4:16:7e:4c:c0:86:cd:8d:bb:95:72:
ab:8e:99:49:b6:31:1f:d5:06:e1:98:bd:be:d2:60:25:fd:82:
2c:84:b7:3b:f3:5d:44:ba:82:e2:15:18:b3:19:7c:8e:0d:87:
bf:7b:33:6d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEFS5lnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OTQ5Njk4YmJjZDI0ZmM5ZTFhOWY1ZjQxNDg2YzMxYWYxOWE0YmM4MB4XDTIyMDEw
MTE1MDQxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVmYmFjOTRlZDAz
ZjZlOTdiNTY5ZTU5MmYwOGY1NWUyYjIwMzk4NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKhP7BDRE+Mw12PjWBQmbsY4UPgLZlknNccATDeADUjqejhl
inn3obXOypmVHQNaV5zUaO8kXEJC++ZKZ4W9Jyq7yQLQVddRlxecJE8lyGkWDPSS
RPZqyswheXnWnqjgWz4c9U/WBk/NplyGQoxbzO43iXbiK8EnpgTqWutRN/AZKRNk
oE6XcakHfVxLQ14tuFHtiMvE76Paa35m6veCbROIwfsGIYw7N6QKN7Gl9yV7pV8n
CiJ+MSoDg2xwlqLu/aFO6huWjgwGYsDCfagJ6mNypaab4pMyWHt00cvz6T00RNCS
equSW8fEHXKf9Vg1G3eZ2kV/geBm761g2UcPpdECAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSF+6yU7QP26XtWnlkvCPVeKyA5hDAfBgNVHSMEGDAWgBRZSWmLvNJPyeGp
9fQUhsMa8ZpLyDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dVbHBpN3pTVDhuaHFmWDBGSWJER3ZHYVM4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvMzFjMDU2LTZhOGEtNDIyNi04MDNjLTU4M2ZiZTY0YTk1NS8x
L2hmdXNsTzBEOXVsN1ZwNVpMd2oxWGlzZ09ZUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
MzFjMDU2LTZhOGEtNDIyNi04MDNjLTU4M2ZiZTY0YTk1NS8xL1dVbHBpN3pTVDhu
aHFmWDBGSWJER3ZHYVM4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEBLA+4AMEArms/AMEBbx4wDANBAIA
AjAHAwUAKgIMYDANBgkqhkiG9w0BAQsFAAOCAQEASRJBedQ2L0d0qbewjWEJ4yVX
+YPDyByWw191HND0eseixEa+pyKrRz0fN7Z0EMER8SDBtubqbVG4OCphuRda6OlV
L8asMql4/lGP/UiNRCXg8J0Ecf8QMoj3blGoUt9T7T9AxMbxVFBI50QGvkH1sozJ
VIlhEsvimxTrlH22K1EypmST+VQx8+VoktmiplJe4kUqgnBGRq5FJedgBvdzw8+0
35yH+mdDOe9OlXHa//gZk9DI46zB/LAGgppkjDjWdUy5E4gQanXxD4DbkcQWfkzA
hs2Nu5Vyq46ZSbYxH9UG4Zi9vtJgJf2CLIS3O/NdRLqC4hUYsxl8jg2Hv3szbQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:22 2024 by rpki-client on console-ams.rpki-client.org