Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/4gH8L6oPOqOM7rY68OPLWMjjA4c.roa
File: 4gH8L6oPOqOM7rY68OPLWMjjA4c.roa (raw, json)
Hash identifier: jJvkew4ugkxQEsgqbQjjrUkZxQPIgU2PuIaT2vpV3po=
Subject key identifier: E2:01:FC:2F:AA:0F:3A:A3:8C:EE:B6:3A:F0:E3:CB:58:C8:E3:03:87
Certificate issuer: /CN=8405c07192a8106fedb0760b8945032ca1d3054b
Certificate serial: 02B4A1CB
Authority key identifier: 84:05:C0:71:92:A8:10:6F:ED:B0:76:0B:89:45:03:2C:A1:D3:05:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hAXAcZKoEG_tsHYLiUUDLKHTBUs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/4gH8L6oPOqOM7rY68OPLWMjjA4c.roa
Signing time: Sat 01 Jan 2022 11:00:38 +0000
ROA not before: Sat 01 Jan 2022 11:00:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35325
IP address blocks: 194.187.152.0/22 maxlen: 22
193.239.234.0/23 maxlen: 23
185.208.228.0/22 maxlen: 22
2a0c:3a80::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45392331 (0x2b4a1cb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8405c07192a8106fedb0760b8945032ca1d3054b
Validity
Not Before: Jan 1 11:00:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e201fc2faa0f3aa38ceeb63af0e3cb58c8e30387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:fe:42:09:d3:52:62:99:24:67:26:46:22:5a:
75:52:17:91:19:f6:e7:76:a6:89:30:24:34:45:6d:
15:18:89:e1:4d:2e:2c:0b:d8:b1:81:bd:b4:5e:9f:
9b:fd:3c:a0:db:a5:cd:c6:f7:d6:dd:33:df:73:4e:
8c:61:82:30:8d:26:3e:44:95:cc:69:54:7f:10:4b:
7f:13:36:6c:7c:61:a1:59:7d:94:c9:33:5a:c2:cf:
f1:10:b7:cf:f7:a6:7e:d2:19:05:c1:b6:a4:b1:3d:
06:35:30:62:67:48:59:42:63:6e:58:d7:e4:e2:ec:
95:a5:b1:8a:bf:14:b7:9e:0b:df:c9:40:f0:9b:85:
dd:7b:7b:a6:31:7f:70:c9:bb:e5:c4:4e:36:89:ed:
89:1b:71:eb:20:9e:44:96:7f:1f:ec:8a:ef:a7:9d:
f4:0f:30:b1:88:d6:ef:d2:6e:a0:1d:a2:1f:02:a1:
0c:50:1a:bb:89:96:c0:1d:fe:23:70:c1:7f:77:ed:
ad:49:9e:ac:f3:bc:7a:5a:76:d9:18:21:41:d0:1d:
49:d1:34:1a:22:33:97:0d:80:35:e2:62:47:d2:1f:
af:66:db:93:7e:7a:87:bc:05:fc:46:a3:65:ec:88:
d4:6c:d9:f3:b7:36:f5:36:d5:87:e4:26:9c:32:56:
9a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:01:FC:2F:AA:0F:3A:A3:8C:EE:B6:3A:F0:E3:CB:58:C8:E3:03:87
X509v3 Authority Key Identifier:
keyid:84:05:C0:71:92:A8:10:6F:ED:B0:76:0B:89:45:03:2C:A1:D3:05:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hAXAcZKoEG_tsHYLiUUDLKHTBUs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/4gH8L6oPOqOM7rY68OPLWMjjA4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f615b0-4d98-4a3d-8bd2-4c93bee27d54/1/hAXAcZKoEG_tsHYLiUUDLKHTBUs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.228.0/22
193.239.234.0/23
194.187.152.0/22
IPv6:
2a0c:3a80::/40
Signature Algorithm: sha256WithRSAEncryption
27:c5:e0:4d:56:e4:a3:bc:e5:11:ba:06:04:80:8f:dc:6d:c2:
36:ed:b9:f0:91:52:4f:f1:fb:f5:4a:4e:28:05:4a:4d:95:d7:
24:69:d3:f5:94:a5:e7:f7:d0:a1:64:a4:28:fc:db:e4:aa:fe:
d2:f3:03:4e:af:a3:33:b5:5b:aa:34:f4:db:45:a0:5b:47:fe:
8e:24:7f:2b:a1:0e:e2:17:1f:c7:28:f1:04:e9:f1:27:29:36:
9f:61:dd:80:d3:89:b6:48:ab:7d:e7:e3:aa:98:42:db:0c:9d:
51:3a:96:5d:f4:4e:e8:ae:07:9e:92:c4:f0:11:08:8f:01:1e:
97:8f:cc:e2:77:6e:35:f4:ed:25:b0:47:f4:4e:19:29:92:c8:
74:7b:a1:1a:c2:84:ff:be:c1:65:e9:10:1a:43:5b:58:f6:0a:
ec:21:2f:78:83:b4:70:42:7b:03:e0:d4:b6:79:f1:17:52:ca:
19:79:cb:e4:d2:eb:9d:a8:9e:27:64:46:a7:3d:bb:58:e7:d1:
52:49:8b:68:f6:71:0a:ab:cc:3f:af:7e:cc:0b:eb:eb:f0:31:
2a:bb:92:d0:af:a6:1f:ee:ae:b3:37:00:b0:03:41:cd:de:0c:
91:48:16:3f:6a:4b:bf:55:84:a0:e8:2f:fe:d1:d9:0d:87:5d:
3b:50:f8:ee
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEArShyzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NDA1YzA3MTkyYTgxMDZmZWRiMDc2MGI4OTQ1MDMyY2ExZDMwNTRiMB4XDTIyMDEw
MTExMDAzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZTIwMWZjMmZhYTBm
M2FhMzhjZWViNjNhZjBlM2NiNThjOGUzMDM4NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN7+QgnTUmKZJGcmRiJadVIXkRn253amiTAkNEVtFRiJ4U0u
LAvYsYG9tF6fm/08oNulzcb31t0z33NOjGGCMI0mPkSVzGlUfxBLfxM2bHxhoVl9
lMkzWsLP8RC3z/emftIZBcG2pLE9BjUwYmdIWUJjbljX5OLslaWxir8Ut54L38lA
8JuF3Xt7pjF/cMm75cRONontiRtx6yCeRJZ/H+yK76ed9A8wsYjW79JuoB2iHwKh
DFAau4mWwB3+I3DBf3ftrUmerPO8elp22RghQdAdSdE0GiIzlw2ANeJiR9Ifr2bb
k356h7wF/EajZeyI1GzZ87c29TbVh+QmnDJWms8CAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBTiAfwvqg86o4zutjrw48tYyOMDhzAfBgNVHSMEGDAWgBSEBcBxkqgQb+2w
dguJRQMsodMFSzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hBWEFjWktvRUdfdHNIWUxpVVVETEtIVEJVcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTYvZjYxNWIwLTRkOTgtNGEzZC04YmQyLTRjOTNiZWUyN2Q1NC8x
LzRnSDhMNm9QT3FPTTdyWTY4T1BMV01qakE0Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTYv
ZjYxNWIwLTRkOTgtNGEzZC04YmQyLTRjOTNiZWUyN2Q1NC8xL2hBWEFjWktvRUdf
dHNIWUxpVVVETEtIVEJVcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowGAQCAAEwEgMEArnQ5AMEAcHv6gMEAsK7mDAOBAIA
AjAIAwYAKgw6gAAwDQYJKoZIhvcNAQELBQADggEBACfF4E1W5KO85RG6BgSAj9xt
wjbtufCRUk/x+/VKTigFSk2V1yRp0/WUpef30KFkpCj82+Sq/tLzA06vozO1W6o0
9NtFoFtH/o4kfyuhDuIXH8co8QTp8ScpNp9h3YDTibZIq33n46qYQtsMnVE6ll30
TuiuB56SxPARCI8BHpePzOJ3bjX07SWwR/ROGSmSyHR7oRrChP++wWXpEBpDW1j2
CuwhL3iDtHBCewPg1LZ58RdSyhl5y+TS652onidkRqc9u1jn0VJJi2j2cQqrzD+v
fswL6+vwMSq7ktCvph/urrM3ALADQc3eDJFIFj9qS79VhKDoL/7R2Q2HXTtQ+O4=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:38 2023 by rpki-client on console-fra.rpki-client.org