Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hoY9OThTVGyGbIncuzxOiJ1utl0.roa
File: hoY9OThTVGyGbIncuzxOiJ1utl0.roa (raw, json)
Hash identifier: onxKy/y1RUam28GRERQCoyjjfgHzpCErSMldi+7VgvE=
Subject key identifier: 86:86:3D:39:38:53:54:6C:86:6C:89:DC:BB:3C:4E:88:9D:6E:B6:5D
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 04778FB5
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hoY9OThTVGyGbIncuzxOiJ1utl0.roa
Signing time: Wed 27 Apr 2022 23:26:14 +0000
ROA not before: Wed 27 Apr 2022 23:26:14 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41079
IP address blocks: 185.204.216.0/22 maxlen: 22
194.169.227.0/24 maxlen: 24
185.208.164.0/24 maxlen: 24
185.123.160.0/22 maxlen: 22
185.243.52.0/22 maxlen: 22
195.114.0.0/23 maxlen: 23
91.199.22.0/24 maxlen: 24
195.242.116.0/23 maxlen: 23
193.218.152.0/22 maxlen: 22
178.250.40.0/21 maxlen: 21
195.2.254.0/23 maxlen: 23
2a02:1778::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74944437 (0x4778fb5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Apr 27 23:26:14 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86863d393853546c866c89dcbb3c4e889d6eb65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a0:21:e9:4e:6c:58:cb:23:ac:7f:cc:34:fd:
31:eb:d6:b3:a2:64:af:05:9e:50:3d:5e:7a:1a:a7:
60:d9:3c:f2:af:dc:4e:58:4a:8b:8c:e5:c4:50:01:
52:b6:95:99:74:20:ea:f0:34:3d:24:a0:21:fe:07:
66:de:42:cc:55:a4:b3:52:93:e7:0a:28:a2:7a:56:
ec:b9:75:a5:6d:19:de:bf:d9:24:2b:19:9f:3f:6b:
bd:18:19:90:b6:9d:4d:a5:2b:fc:98:e7:90:2d:9a:
09:63:96:2a:7a:fa:f8:16:cb:95:c8:66:cb:47:3c:
82:bd:37:21:87:5c:40:46:e8:d6:86:40:e3:01:9f:
d0:22:8e:d5:9c:5d:7d:7c:3f:37:28:74:5a:db:d1:
88:5c:75:2c:e5:78:f2:0a:7c:6e:51:ac:4f:1f:87:
08:90:fe:4e:95:71:2e:f3:48:d1:38:06:b4:25:7e:
ab:4e:fd:c7:da:93:9f:62:7a:ba:8e:c9:12:3d:1f:
e5:3f:4e:2f:3e:fe:54:a8:b1:d5:ff:bb:97:11:7f:
bd:19:9b:b1:4b:21:ae:52:fa:e3:b0:4a:b1:8d:08:
69:a4:6c:61:94:81:30:84:a7:f9:ac:c8:2a:77:90:
d0:ac:fa:ed:49:7f:91:5d:f9:3a:93:ef:2d:32:77:
ab:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:86:3D:39:38:53:54:6C:86:6C:89:DC:BB:3C:4E:88:9D:6E:B6:5D
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/hoY9OThTVGyGbIncuzxOiJ1utl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.22.0/24
178.250.40.0/21
185.123.160.0/22
185.204.216.0/22
185.208.164.0/24
185.243.52.0/22
193.218.152.0/22
194.169.227.0/24
195.2.254.0/23
195.114.0.0/23
195.242.116.0/23
IPv6:
2a02:1778::/32
Signature Algorithm: sha256WithRSAEncryption
9f:71:49:a1:63:33:ea:29:d9:4e:32:33:20:0a:c8:cd:f9:a2:
05:1a:8f:37:66:89:42:92:38:46:da:cd:0d:26:0d:56:05:8c:
ba:82:e8:b0:dc:1d:ba:f5:e2:39:09:ab:69:f4:05:3a:04:83:
f9:4d:9d:6a:ab:e4:3c:da:92:eb:2b:49:99:91:c7:ea:60:01:
ec:5d:6c:5c:fa:74:ad:29:16:1c:c9:fe:23:f6:7c:e6:ee:fa:
99:0c:2a:0b:55:76:ce:e7:8b:85:ed:9c:a7:03:ef:6d:2f:4a:
35:fb:83:a7:92:0a:47:d0:d7:35:eb:55:f3:f0:77:d2:96:30:
7a:d8:9b:91:ae:80:52:62:a3:96:67:59:00:29:77:8c:b6:a0:
3d:33:7d:4e:98:b3:3b:3d:52:d2:14:4c:b9:25:0c:16:ff:2c:
38:0d:9c:85:f0:03:4c:30:66:cd:c7:87:68:2f:91:1c:4e:29:
3c:8b:f0:b9:72:99:39:f2:5a:78:ae:16:92:99:3f:9e:bf:23:
f3:b8:73:c1:43:cb:01:be:22:26:4c:be:75:1f:00:aa:fa:2f:
b2:70:d9:9f:cc:1e:81:98:86:67:5d:22:f8:ae:be:6f:97:2e:
b7:b2:26:52:91:f8:2a:44:48:51:94:f5:04:64:b5:d7:73:70:
ae:87:e8:42
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEBHePtTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NmE1YWE5MThjYmZlYjNlMTI5OTdmMzM4OTBmZWIyNTg5MDdiMzQzMB4XDTIyMDQy
NzIzMjYxNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY4NjNkMzkzODUz
NTQ2Yzg2NmM4OWRjYmIzYzRlODg5ZDZlYjY1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOCgIelObFjLI6x/zDT9MevWs6JkrwWeUD1eehqnYNk88q/c
TlhKi4zlxFABUraVmXQg6vA0PSSgIf4HZt5CzFWks1KT5wooonpW7Ll1pW0Z3r/Z
JCsZnz9rvRgZkLadTaUr/JjnkC2aCWOWKnr6+BbLlchmy0c8gr03IYdcQEbo1oZA
4wGf0CKO1ZxdfXw/Nyh0WtvRiFx1LOV48gp8blGsTx+HCJD+TpVxLvNI0TgGtCV+
q079x9qTn2J6uo7JEj0f5T9OLz7+VKix1f+7lxF/vRmbsUshrlL647BKsY0IaaRs
YZSBMISn+azIKneQ0Kz67Ul/kV35OpPvLTJ3qzkCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBSGhj05OFNUbIZsidy7PE6InW62XTAfBgNVHSMEGDAWgBQmpaqRjL/rPhKZ
fzOJD+sliQezQzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pxV3FrWXlfNno0U21YOHppUV9ySllrSHMwTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvMTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8x
L2hvWTlPVGhUVkd5R2JJbmN1enhPaUoxdXRsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
MTQzM2VhLTEwODAtNDZlNS1iNjEyLTI5N2UyODJkNjZhOC8xL0pxV3FrWXlfNno0
U21YOHppUV9ySllrSHMwTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEAFvHFgMEA7L6KAMEArl7oAMEArnM
2AMEALnQpAMEArnzNAMEAsHamAMEAMKp4wMEAcMC/gMEAcNyAAMEAcPydDANBAIA
AjAHAwUAKgIXeDANBgkqhkiG9w0BAQsFAAOCAQEAn3FJoWMz6inZTjIzIArIzfmi
BRqPN2aJQpI4RtrNDSYNVgWMuoLosNwduvXiOQmrafQFOgSD+U2daqvkPNqS6ytJ
mZHH6mAB7F1sXPp0rSkWHMn+I/Z85u76mQwqC1V2zueLhe2cpwPvbS9KNfuDp5IK
R9DXNetV8/B30pYwetibka6AUmKjlmdZACl3jLagPTN9TpizOz1S0hRMuSUMFv8s
OA2chfADTDBmzceHaC+RHE4pPIvwuXKZOfJaeK4Wkpk/nr8j87hzwUPLAb4iJky+
dR8AqvovsnDZn8wegZiGZ10i+K6+b5cut7ImUpH4KkRIUZT1BGS113NwrofoQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:21 2024 by rpki-client on console-fra.rpki-client.org