Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/Hb4FCSJ-JS738c-bwoNanqGg1qQ.roa
File: Hb4FCSJ-JS738c-bwoNanqGg1qQ.roa (raw, json)
Hash identifier: hdNiYFka6D4x7TGkV2B8cJYBs9/4kC+JSpJMdEKV2vs=
Subject key identifier: 1D:BE:05:09:22:7E:25:2E:F7:F1:CF:9B:C2:83:5A:9E:A1:A0:D6:A4
Certificate issuer: /CN=e842a46658c1d01bac8d43961c6b49e788e3ccc3
Certificate serial: 09D15854
Authority key identifier: E8:42:A4:66:58:C1:D0:1B:AC:8D:43:96:1C:6B:49:E7:88:E3:CC:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/Hb4FCSJ-JS738c-bwoNanqGg1qQ.roa
Signing time: Sat 01 Jan 2022 07:58:54 +0000
ROA not before: Sat 01 Jan 2022 07:58:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8265
IP address blocks: 185.52.112.0/22 maxlen: 24
185.53.192.0/22 maxlen: 24
185.36.128.0/22 maxlen: 24
185.138.216.0/22 maxlen: 24
185.127.36.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164714580 (0x9d15854)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e842a46658c1d01bac8d43961c6b49e788e3ccc3
Validity
Not Before: Jan 1 07:58:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dbe0509227e252ef7f1cf9bc2835a9ea1a0d6a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4c:00:35:b3:b0:89:fd:f1:fa:92:04:f2:7b:
5e:18:41:f8:97:8e:6f:41:54:9c:64:58:09:5d:29:
6c:19:55:55:6b:fc:25:13:6c:8f:e8:4c:6e:2e:de:
e6:e9:ac:91:3f:de:2e:5f:f1:29:35:a0:2b:f1:f5:
47:8b:1b:5f:58:7c:9f:ec:61:31:ad:62:20:be:55:
e8:88:f1:cc:fe:01:6d:eb:00:d5:1d:85:b4:82:6c:
e6:f4:fe:a0:75:a5:fe:59:a8:fc:5c:e4:7b:f7:47:
1a:e9:57:28:bb:a5:7b:6d:22:77:8a:f8:d6:4c:ff:
7d:a1:d6:5e:21:21:bf:c6:29:ca:cb:1f:08:36:55:
b6:c9:5e:cb:19:6c:66:23:c1:17:e5:1c:64:54:79:
4d:d7:da:d9:d6:b0:9b:b2:1e:40:f5:a1:44:d0:a4:
f7:1d:28:05:d0:26:8c:57:58:60:57:d6:6d:b0:1c:
b8:94:da:4a:7a:90:76:43:d3:d4:f8:88:b6:b2:47:
6c:b8:06:85:c5:8b:df:7d:06:34:f1:ca:21:b7:f9:
b8:1f:1b:53:d0:cc:f2:7c:94:41:bb:6c:78:82:02:
e1:e4:ed:e6:85:7b:db:ee:24:8c:41:31:a2:2e:07:
8e:65:1d:0a:4a:03:7a:18:db:15:fb:ce:ce:f9:2d:
d2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BE:05:09:22:7E:25:2E:F7:F1:CF:9B:C2:83:5A:9E:A1:A0:D6:A4
X509v3 Authority Key Identifier:
keyid:E8:42:A4:66:58:C1:D0:1B:AC:8D:43:96:1C:6B:49:E7:88:E3:CC:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EKkZljB0BusjUOWHGtJ54jjzMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/Hb4FCSJ-JS738c-bwoNanqGg1qQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/cd092e-6beb-4037-8a5a-fae8d42ae5e5/1/6EKkZljB0BusjUOWHGtJ54jjzMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.36.128.0/22
185.52.112.0/22
185.53.192.0/22
185.127.36.0/22
185.138.216.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:09:90:8e:83:62:4e:a5:ab:4e:13:a2:12:5e:47:61:70:37:
66:69:2e:28:76:bb:24:a4:52:96:64:88:a0:c9:0d:7b:01:fa:
eb:11:76:2d:90:7d:9d:39:8f:2f:56:13:e5:07:44:d1:ef:cc:
da:24:b6:83:06:5c:c6:27:40:e5:35:08:2e:e4:ca:9e:0c:75:
3d:3a:7f:61:b7:fa:08:f2:77:1b:0e:93:7e:52:f7:47:06:52:
c7:d4:37:48:7e:73:99:6c:96:0e:a0:07:e8:ad:f0:e1:26:68:
75:79:3a:4e:12:d9:08:b8:78:02:ff:d5:33:05:49:cb:d3:00:
c2:42:5c:3f:01:a8:fe:c9:ae:35:8c:e1:d1:d8:de:ee:1b:f0:
97:d3:d3:21:54:88:2e:f6:be:bd:dc:1b:3f:5c:6b:4c:c6:30:
84:8b:78:61:ef:3d:7a:ff:8d:10:23:de:90:bc:64:15:b9:8a:
f6:f7:6b:f0:67:94:16:a7:c1:a5:92:a6:2d:4c:7a:ac:5c:c3:
c2:cd:fb:a2:9d:7e:82:c1:61:bd:6c:37:e3:d8:51:d7:cc:79:
2d:e4:73:c8:94:71:a9:33:c2:6d:21:17:f1:c7:ee:57:1e:aa:
84:1b:a4:b0:b5:d9:12:c7:d5:b1:01:50:8d:1f:b9:e5:b5:e1:
56:d9:82:21
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECdFYVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ODQyYTQ2NjU4YzFkMDFiYWM4ZDQzOTYxYzZiNDllNzg4ZTNjY2MzMB4XDTIyMDEw
MTA3NTg1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRiZTA1MDkyMjdl
MjUyZWY3ZjFjZjliYzI4MzVhOWVhMWEwZDZhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIhMADWzsIn98fqSBPJ7XhhB+JeOb0FUnGRYCV0pbBlVVWv8
JRNsj+hMbi7e5umskT/eLl/xKTWgK/H1R4sbX1h8n+xhMa1iIL5V6IjxzP4BbesA
1R2FtIJs5vT+oHWl/lmo/Fzke/dHGulXKLule20id4r41kz/faHWXiEhv8Ypyssf
CDZVtsleyxlsZiPBF+UcZFR5Tdfa2dawm7IeQPWhRNCk9x0oBdAmjFdYYFfWbbAc
uJTaSnqQdkPT1PiItrJHbLgGhcWL330GNPHKIbf5uB8bU9DM8nyUQbtseIIC4eTt
5oV72+4kjEExoi4HjmUdCkoDehjbFfvOzvkt0r8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQdvgUJIn4lLvfxz5vCg1qeoaDWpDAfBgNVHSMEGDAWgBToQqRmWMHQG6yN
Q5Yca0nniOPMwzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZFS2tabGpCMEJ1c2pVT1dIR3RKNTRqanpNTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjAvY2QwOTJlLTZiZWItNDAzNy04YTVhLWZhZThkNDJhZTVlNS8x
L0hiNEZDU0otSlM3MzhjLWJ3b05hbnFHZzFxUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjAv
Y2QwOTJlLTZiZWItNDAzNy04YTVhLWZhZThkNDJhZTVlNS8xLzZFS2tabGpCMEJ1
c2pVT1dIR3RKNTRqanpNTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEArkkgAMEArk0cAMEArk1wAMEArl/
JAMEArmK2DANBgkqhkiG9w0BAQsFAAOCAQEADAmQjoNiTqWrThOiEl5HYXA3Zmku
KHa7JKRSlmSIoMkNewH66xF2LZB9nTmPL1YT5QdE0e/M2iS2gwZcxidA5TUILuTK
ngx1PTp/Ybf6CPJ3Gw6TflL3RwZSx9Q3SH5zmWyWDqAH6K3w4SZodXk6ThLZCLh4
Av/VMwVJy9MAwkJcPwGo/smuNYzh0dje7hvwl9PTIVSILva+vdwbP1xrTMYwhIt4
Ye89ev+NECPekLxkFbmK9vdr8GeUFqfBpZKmLUx6rFzDws37op1+gsFhvWw349hR
18x5LeRzyJRxqTPCbSEX8cfuVx6qhBuksLXZEsfVsQFQjR+55bXhVtmCIQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:56:56 2023 by rpki-client on console-fra.rpki-client.org