Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hvtVFi9-B1QyRWHgAct9I_sIqaE.roa
File: hvtVFi9-B1QyRWHgAct9I_sIqaE.roa (raw, json)
Hash identifier: ws0DoaUBoJWPzC+Li5YqYD39jkegsik++90SgLa7hBY=
Subject key identifier: 86:FB:55:16:2F:7E:07:54:32:45:61:E0:01:CB:7D:23:FB:08:A9:A1
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01850FA0C723F0012F2CAAF5D4B4CE1185FE
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hvtVFi9-B1QyRWHgAct9I_sIqaE.roa
Signing time: Wed 14 Dec 2022 07:54:32 +0000
ROA not before: Wed 14 Dec 2022 07:54:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58192
IP address blocks: 185.239.0.0/24 maxlen: 24
5.159.49.0/24 maxlen: 24
5.159.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:a0:c7:23:f0:01:2f:2c:aa:f5:d4:b4:ce:11:85:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Dec 14 07:54:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86fb55162f7e0754324561e001cb7d23fb08a9a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e4:46:f1:af:e7:a3:3e:cd:c7:6b:21:6c:76:
0c:be:1b:e6:00:e7:da:fd:3e:75:2f:c9:7f:c6:b9:
3f:2c:0c:bf:51:8c:c1:6a:b9:d4:7e:50:e1:45:d9:
47:16:8e:d0:be:19:5e:95:65:87:fe:38:09:fd:b7:
58:b5:95:78:96:c0:ab:86:ec:ee:6e:ea:8e:27:3a:
45:fd:a1:39:9d:01:48:60:5a:39:45:e1:75:ec:51:
50:c5:9d:10:65:7e:6e:38:58:8f:d5:22:11:72:8e:
6b:62:8f:0f:03:72:93:f1:e6:25:12:2f:10:dc:6d:
bf:56:f2:a1:6a:a2:86:1e:21:e8:fc:1f:ac:9f:d4:
b4:55:82:40:6f:48:22:8c:6f:28:64:58:d7:67:91:
70:b5:e0:b2:26:7c:af:9d:17:9d:e7:51:dd:3e:f7:
45:e7:55:2d:ce:6c:56:e9:2c:61:17:e4:2b:f6:40:
e1:c2:21:47:6a:5e:cd:1d:53:60:94:69:a5:6a:2c:
09:7f:a3:86:17:07:87:ca:a6:eb:a4:f6:9e:f3:cc:
50:39:75:ec:b4:62:4b:6c:d5:1f:4f:71:05:a0:ab:
2f:25:5e:97:4e:fa:5a:99:55:cb:f7:fc:f9:15:51:
5d:da:b5:8c:20:92:f2:10:98:4c:88:23:ea:81:79:
19:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FB:55:16:2F:7E:07:54:32:45:61:E0:01:CB:7D:23:FB:08:A9:A1
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/hvtVFi9-B1QyRWHgAct9I_sIqaE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
5.159.54.0/24
185.239.0.0/24
Signature Algorithm: sha256WithRSAEncryption
27:92:cd:fc:7f:da:f4:ac:ec:d6:8f:99:ce:32:96:7c:be:a1:
30:3f:55:4b:54:5b:20:e6:e8:4d:27:a0:55:7d:43:b9:64:34:
bb:8a:0a:f3:b9:17:e4:38:2b:e1:54:18:73:44:31:5a:21:e2:
2b:27:48:76:f3:b6:65:1f:d1:79:dd:0c:5c:0f:29:20:62:bf:
bd:1e:33:52:01:e2:79:35:72:be:d3:f0:b1:23:3e:a0:11:7e:
de:ee:23:e2:65:5e:76:40:4e:67:38:33:96:29:9a:d8:23:4a:
3c:9b:74:06:18:f4:ff:ba:78:d7:55:4c:53:ec:c2:66:e3:0d:
b5:7d:cf:e1:77:ca:34:ab:6c:c9:45:a5:cc:fb:c7:6c:34:f7:
a7:ce:23:0b:b4:5a:80:9c:da:0a:07:f5:f4:55:46:77:97:ba:
98:79:2f:5a:ff:7f:df:d8:4a:6a:a6:14:50:a9:99:77:6d:73:
b0:f8:b5:b1:7a:59:61:63:5f:c8:46:3b:2b:6b:e9:e4:30:f7:
9f:11:8f:2f:19:9e:d5:23:60:88:a3:0e:c6:63:06:d7:a6:3b:
f1:1a:d7:0c:74:0c:6a:a1:48:73:0e:57:ce:01:95:f9:5b:92:
f8:c7:78:42:d9:4f:02:bd:b9:45:63:6d:48:03:36:df:f1:81:
f7:51:11:fb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYUPoMcj8AEvLKr11LTOEYX+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjIxMjE0MDc1NDMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmZiNTUxNjJmN2UwNzU0MzI0NTYxZTAwMWNiN2QyM2ZiMDhhOWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAreRG8a/noz7Nx2shbHYMvhvmAOfa
/T51L8l/xrk/LAy/UYzBarnUflDhRdlHFo7QvhlelWWH/jgJ/bdYtZV4lsCrhuzu
buqOJzpF/aE5nQFIYFo5ReF17FFQxZ0QZX5uOFiP1SIRco5rYo8PA3KT8eYlEi8Q
3G2/VvKhaqKGHiHo/B+sn9S0VYJAb0gijG8oZFjXZ5FwteCyJnyvnRed51HdPvdF
51UtzmxW6SxhF+Qr9kDhwiFHal7NHVNglGmlaiwJf6OGFweHyqbrpPae88xQOXXs
tGJLbNUfT3EFoKsvJV6XTvpamVXL9/z5FVFd2rWMIJLyEJhMiCPqgXkZPwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIb7VRYvfgdUMkVh4AHLfSP7CKmhMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvaHZ0VkZpOS1CMVF5UldIZ0FjdDlJX3NJcWFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABZ8xAwQA
BZ82AwQAue8AMA0GCSqGSIb3DQEBCwUAA4IBAQAnks38f9r0rOzWj5nOMpZ8vqEw
P1VLVFsg5uhNJ6BVfUO5ZDS7igrzuRfkOCvhVBhzRDFaIeIrJ0h287ZlH9F53Qxc
DykgYr+9HjNSAeJ5NXK+0/CxIz6gEX7e7iPiZV52QE5nODOWKZrYI0o8m3QGGPT/
unjXVUxT7MJm4w21fc/hd8o0q2zJRaXM+8dsNPenziMLtFqAnNoKB/X0VUZ3l7qY
eS9a/3/f2EpqphRQqZl3bXOw+LWxellhY1/IRjsra+nkMPefEY8vGZ7VI2CIow7G
YwbXpjvxGtcMdAxqoUhzDlfOAZX5W5L4x3hC2U8CvblFY21IAzbf8YH3URH7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:26 2023 by rpki-client on console-fra.rpki-client.org