Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/HJkFQDdcAeOJleq2o6oyhRCIAH8.roa
File: HJkFQDdcAeOJleq2o6oyhRCIAH8.roa (raw, json)
Hash identifier: dnXJ6OydAEGKExNeTdBoQyjCVHoMg2+zwjW17hPr6ms=
Subject key identifier: 1C:99:05:40:37:5C:01:E3:89:95:EA:B6:A3:AA:32:85:10:88:00:7F
Certificate issuer: /CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Certificate serial: 11D7D307
Authority key identifier: 0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/HJkFQDdcAeOJleq2o6oyhRCIAH8.roa
Signing time: Mon 21 Feb 2022 02:30:14 +0000
ROA not before: Mon 21 Feb 2022 02:30:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39605
IP address blocks: 185.159.104.0/22 maxlen: 24
185.159.104.0/23 maxlen: 23
2a07:b880::/41 maxlen: 41
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 299356935 (0x11d7d307)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e43a0df059a5251a400b5a1f1321ba00d3120d2
Validity
Not Before: Feb 21 02:30:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c990540375c01e38995eab6a3aa32851088007f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1d:7f:f4:d6:79:88:eb:55:bf:c0:34:c8:8c:
a2:75:31:26:49:25:11:d5:cc:22:5f:eb:c9:06:bf:
6c:6d:cf:21:16:f0:45:b0:0a:df:a1:fa:6e:db:c8:
fe:1e:7c:28:6d:e8:f0:99:a1:41:8e:36:66:98:4b:
08:63:72:13:10:35:87:9c:5d:c1:8c:05:f6:12:00:
b9:81:2a:ba:03:b0:57:f9:55:ac:f2:05:c5:05:26:
30:3f:52:66:31:e8:6b:f8:c4:fa:82:e6:c0:b1:0b:
06:fb:e4:9e:bb:69:f2:e0:89:82:19:06:14:9f:ea:
75:ac:30:5b:5c:2c:0f:ff:bd:54:4a:41:1c:ee:05:
bc:38:f0:c9:19:3b:fe:20:84:2a:dd:8e:b4:8c:4c:
88:7d:a9:af:84:4f:28:ee:91:09:4e:7b:76:02:4c:
41:3a:cc:94:11:7d:d3:94:9e:ee:77:a3:56:bb:b0:
ca:ac:72:16:ee:30:fc:12:f6:75:fa:82:59:7e:9b:
74:eb:46:b9:42:74:74:1a:3e:1a:c6:1c:25:99:e1:
25:64:27:de:c8:96:94:a9:77:3c:68:0d:fa:0c:10:
61:33:7e:b3:e0:56:b8:b4:62:0b:3c:e3:0c:31:5c:
78:53:37:01:72:bb:be:41:03:2d:f2:0d:1f:1b:3d:
d5:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:99:05:40:37:5C:01:E3:89:95:EA:B6:A3:AA:32:85:10:88:00:7F
X509v3 Authority Key Identifier:
keyid:0E:43:A0:DF:05:9A:52:51:A4:00:B5:A1:F1:32:1B:A0:0D:31:20:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DkOg3wWaUlGkALWh8TIboA0xINI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/HJkFQDdcAeOJleq2o6oyhRCIAH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0bb33b-68f7-4748-84ac-004fe433c7c8/1/DkOg3wWaUlGkALWh8TIboA0xINI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.104.0/22
IPv6:
2a07:b880::/41
Signature Algorithm: sha256WithRSAEncryption
17:85:6e:fe:82:d1:d4:00:3f:3e:2e:a4:73:37:a4:b7:c6:4a:
f9:3d:3d:a5:2b:c9:69:29:82:e7:8a:65:df:91:0f:7f:3d:49:
22:f3:f2:09:8c:6b:a6:9b:c1:53:5b:ae:9b:1d:e5:6d:b9:7c:
b3:b3:cc:5e:ec:fa:d2:f2:fe:31:49:44:33:07:a7:7e:0c:58:
a4:82:ab:de:d3:0b:cc:81:a9:03:f4:0e:fc:1a:93:5d:01:ff:
e6:72:95:cc:b6:68:8a:16:84:b0:e9:0c:9e:5f:98:eb:a7:51:
ea:93:a6:09:57:b9:cd:e1:c2:e8:d2:0c:57:4c:7c:86:0b:4c:
66:5a:9e:a5:08:45:ec:dc:78:e9:9f:fb:cb:73:b6:b6:70:cb:
1b:d2:28:26:77:23:ce:25:e5:f3:23:d9:4b:38:8f:99:56:6f:
d4:49:ee:f3:fa:95:6e:dc:c5:8d:50:2f:07:eb:ab:cd:ab:41:
76:3f:68:e0:13:bc:24:94:79:4a:c9:99:ab:76:a2:46:29:98:
c7:81:76:77:c8:43:da:62:bb:1f:b4:0d:d3:c7:47:c3:77:c7:
42:1d:63:2b:be:f6:3b:20:d3:ea:ca:8d:c3:eb:2f:4d:c8:06:
41:23:3f:48:36:23:20:8a:f8:2c:96:ee:13:13:97:86:22:83:
6b:60:1c:f9
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEdfTBzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ZTQzYTBkZjA1OWE1MjUxYTQwMGI1YTFmMTMyMWJhMDBkMzEyMGQyMB4XDTIyMDIy
MTAyMzAxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM5OTA1NDAzNzVj
MDFlMzg5OTVlYWI2YTNhYTMyODUxMDg4MDA3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQdf/TWeYjrVb/ANMiMonUxJkklEdXMIl/ryQa/bG3PIRbw
RbAK36H6btvI/h58KG3o8JmhQY42ZphLCGNyExA1h5xdwYwF9hIAuYEqugOwV/lV
rPIFxQUmMD9SZjHoa/jE+oLmwLELBvvknrtp8uCJghkGFJ/qdawwW1wsD/+9VEpB
HO4FvDjwyRk7/iCEKt2OtIxMiH2pr4RPKO6RCU57dgJMQTrMlBF905Se7nejVruw
yqxyFu4w/BL2dfqCWX6bdOtGuUJ0dBo+GsYcJZnhJWQn3siWlKl3PGgN+gwQYTN+
s+BWuLRiCzzjDDFceFM3AXK7vkEDLfINHxs91ZkCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQcmQVAN1wB44mV6rajqjKFEIgAfzAfBgNVHSMEGDAWgBQOQ6DfBZpSUaQA
taHxMhugDTEg0jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RrT2czd1dhVWxHa0FMV2g4VElib0EweElOSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMGJiMzNiLTY4ZjctNDc0OC04NGFjLTAwNGZlNDMzYzdjOC8x
L0hKa0ZRRGRjQWVPSmxlcTJvNm95aFJDSUFIOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MGJiMzNiLTY4ZjctNDc0OC04NGFjLTAwNGZlNDMzYzdjOC8xL0RrT2czd1dhVWxH
a0FMV2g4VElib0EweElOSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArmfaDAPBAIAAjAJAwcHKge4gAAA
MA0GCSqGSIb3DQEBCwUAA4IBAQAXhW7+gtHUAD8+LqRzN6S3xkr5PT2lK8lpKYLn
imXfkQ9/PUki8/IJjGumm8FTW66bHeVtuXyzs8xe7PrS8v4xSUQzB6d+DFikgqve
0wvMgakD9A78GpNdAf/mcpXMtmiKFoSw6QyeX5jrp1Hqk6YJV7nN4cLo0gxXTHyG
C0xmWp6lCEXs3Hjpn/vLc7a2cMsb0igmdyPOJeXzI9lLOI+ZVm/USe7z+pVu3MWN
UC8H66vNq0F2P2jgE7wklHlKyZmrdqJGKZjHgXZ3yEPaYrsftA3Tx0fDd8dCHWMr
vvY7INPqyo3D6y9NyAZBIz9INiMgivgslu4TE5eGIoNrYBz5
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:11 2023 by rpki-client on console-fra.rpki-client.org