Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/hskXjynhJ_GpmINyx1o5ilIG9NY.roa
File: hskXjynhJ_GpmINyx1o5ilIG9NY.roa (raw, json)
Hash identifier: mJVGEFl1XjeIQ5NLsBz8aAtWBQn/1whUHsQeBnNiVHc=
Subject key identifier: 86:C9:17:8F:29:E1:27:F1:A9:98:83:72:C7:5A:39:8A:52:06:F4:D6
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 0181D9C435B50072B487271D8B0D807AC3F5
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/hskXjynhJ_GpmINyx1o5ilIG9NY.roa
Signing time: Thu 07 Jul 2022 17:45:23 +0000
ROA not before: Thu 07 Jul 2022 17:45:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209372
IP address blocks: 194.113.239.0/24 maxlen: 24
185.221.196.0/23 maxlen: 24
185.238.88.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d9:c4:35:b5:00:72:b4:87:27:1d:8b:0d:80:7a:c3:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jul 7 17:45:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86c9178f29e127f1a9988372c75a398a5206f4d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:75:dc:38:8c:73:17:4f:4d:d5:58:67:87:98:
69:2c:ff:59:66:46:44:b6:9f:2d:33:fa:30:8e:89:
40:69:ae:64:89:c9:79:01:71:ae:1f:a0:78:b1:cb:
01:da:51:51:7e:af:9f:ae:5d:07:49:03:ad:41:38:
a2:8d:c7:7f:e1:22:1c:59:a0:3c:af:f7:96:1e:34:
2d:12:47:5a:31:c7:45:a6:2f:4e:f9:72:87:39:eb:
56:3f:fe:dd:92:20:23:44:f1:17:f8:9b:93:f8:33:
be:91:4e:ac:5c:96:c3:fb:5b:8d:20:69:2c:5b:9f:
7e:85:4d:78:01:73:73:c8:f6:bf:0e:93:32:94:65:
5b:8b:cc:58:97:b1:d0:0b:99:a0:c1:77:70:70:f4:
c2:2c:de:f4:cb:52:d9:c1:c5:6b:90:7b:2a:fd:a2:
5c:b7:b7:78:47:00:fc:63:3e:1b:cd:90:ac:8c:34:
3a:c6:b3:6a:73:bb:11:ba:af:06:e3:96:ff:f1:cc:
e8:61:fb:79:45:13:f3:b1:07:e9:f1:3e:7f:f6:c0:
65:08:c0:06:4e:9a:66:fc:9f:25:2f:69:ec:a8:12:
4c:3d:a8:02:ff:b4:6a:72:22:90:57:49:a8:3f:a1:
a4:b3:ba:89:85:03:30:93:cd:b1:e5:64:ca:1f:14:
c1:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C9:17:8F:29:E1:27:F1:A9:98:83:72:C7:5A:39:8A:52:06:F4:D6
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/hskXjynhJ_GpmINyx1o5ilIG9NY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.196.0/23
185.238.88.0/22
194.113.239.0/24
Signature Algorithm: sha256WithRSAEncryption
99:e6:f6:53:c0:e1:40:e8:05:de:c6:41:40:aa:54:be:66:ea:
8e:2c:03:97:9a:a6:eb:9a:5e:5f:fb:d7:56:65:54:b5:98:0e:
ae:b3:22:88:24:8d:5b:f2:22:32:60:b2:88:66:09:db:d3:f6:
73:ce:fa:59:99:ef:44:2e:62:bf:c4:7a:a3:8e:57:43:f3:66:
ff:1c:aa:98:05:60:7f:07:50:ba:52:1c:fb:7f:a5:42:00:54:
12:b2:12:f2:e7:33:08:e2:85:1c:c4:c0:c7:96:29:df:65:e8:
5b:23:bb:2f:d3:74:71:05:4e:61:7e:b2:b8:53:f0:f7:6b:05:
cb:fd:c7:f3:d7:55:5f:3c:81:1d:79:51:0b:f1:60:98:a7:2b:
95:32:3d:73:24:1b:18:38:5c:95:8f:8f:c5:fa:a1:ed:f9:65:
57:42:2d:2f:61:01:cb:a8:85:60:ff:74:a2:ba:7e:e4:c1:39:
50:d2:e9:2c:bc:b0:27:c3:70:c8:3a:09:55:f8:00:57:bf:45:
56:cb:01:6c:1b:a7:a0:be:8d:d7:74:75:07:93:b5:6c:ab:ce:
f5:ad:27:f3:77:a1:71:8d:d3:65:05:c5:4a:16:db:8b:58:49:
d4:f5:82:4b:23:ff:de:5d:f3:6d:a4:ef:3c:00:74:a4:8f:8b:
df:71:64:02
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYHZxDW1AHK0hycdiw2AesP1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjIwNzA3MTc0NTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmM5MTc4ZjI5ZTEyN2YxYTk5ODgzNzJjNzVhMzk4YTUyMDZmNGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3XcOIxzF09N1Vhnh5hpLP9ZZkZE
tp8tM/owjolAaa5kicl5AXGuH6B4scsB2lFRfq+frl0HSQOtQTiijcd/4SIcWaA8
r/eWHjQtEkdaMcdFpi9O+XKHOetWP/7dkiAjRPEX+JuT+DO+kU6sXJbD+1uNIGks
W59+hU14AXNzyPa/DpMylGVbi8xYl7HQC5mgwXdwcPTCLN70y1LZwcVrkHsq/aJc
t7d4RwD8Yz4bzZCsjDQ6xrNqc7sRuq8G45b/8czoYft5RRPzsQfp8T5/9sBlCMAG
Tppm/J8lL2nsqBJMPagC/7RqciKQV0moP6Gks7qJhQMwk82x5WTKHxTBEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIbJF48p4SfxqZiDcsdaOYpSBvTWMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvaHNrWGp5bmhKX0dwbUlOeXgxbzVpbElHOU5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBud3EAwQC
ue5YAwQAwnHvMA0GCSqGSIb3DQEBCwUAA4IBAQCZ5vZTwOFA6AXexkFAqlS+ZuqO
LAOXmqbrml5f+9dWZVS1mA6usyKIJI1b8iIyYLKIZgnb0/ZzzvpZme9ELmK/xHqj
jldD82b/HKqYBWB/B1C6Uhz7f6VCAFQSshLy5zMI4oUcxMDHlinfZehbI7sv03Rx
BU5hfrK4U/D3awXL/cfz11VfPIEdeVEL8WCYpyuVMj1zJBsYOFyVj4/F+qHt+WVX
Qi0vYQHLqIVg/3Siun7kwTlQ0uksvLAnw3DIOglV+ABXv0VWywFsG6egvo3XdHUH
k7Vsq871rSfzd6FxjdNlBcVKFtuLWEnU9YJLI//eXfNtpO88AHSkj4vfcWQC
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:45 2024 by rpki-client on console-fra.rpki-client.org