Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/hH9cONwCC0on34aDkGjUbyLjss8.roa
File: hH9cONwCC0on34aDkGjUbyLjss8.roa (raw, json)
Hash identifier: h70qfuuXg23MXDpdtb207BKH/nc9rRFyDra0K7iBWnM=
Subject key identifier: 84:7F:5C:38:DC:02:0B:4A:27:DF:86:83:90:68:D4:6F:22:E3:B2:CF
Certificate issuer: /CN=94166b704843d3d9754095c83a91b493828200a2
Certificate serial: 0184687A68A6BC134C0EBB5910CEC81DDD4F
Authority key identifier: 94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/hH9cONwCC0on34aDkGjUbyLjss8.roa
Signing time: Fri 11 Nov 2022 20:56:03 +0000
ROA not before: Fri 11 Nov 2022 20:56:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209439
IP address blocks: 149.232.189.0/24 maxlen: 24
2a00:8b80::/32 maxlen: 48
2a09:3dc0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:68:7a:68:a6:bc:13:4c:0e:bb:59:10:ce:c8:1d:dd:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94166b704843d3d9754095c83a91b493828200a2
Validity
Not Before: Nov 11 20:56:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=847f5c38dc020b4a27df86839068d46f22e3b2cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ac:6d:bf:14:09:5e:68:92:69:ac:9c:eb:71:
fe:59:00:f3:65:45:8e:1b:4b:36:10:11:3a:70:9f:
9a:78:74:2a:27:48:d1:53:a4:e8:a2:d8:b1:70:42:
88:4c:5b:1b:db:41:74:b6:46:73:18:0f:13:93:86:
b0:f9:2d:3d:00:71:57:d3:47:3b:27:a0:33:e7:10:
9f:55:80:15:92:00:45:ee:c6:11:92:6b:e9:a7:a5:
55:31:25:96:41:08:5f:61:ef:4f:e2:15:01:7f:d1:
e5:c6:b7:59:09:ee:00:9f:f9:25:3e:bf:24:13:2b:
28:1b:0b:ee:7c:c3:5c:b7:f8:52:55:96:d0:cf:08:
fb:f9:f9:cb:b9:ca:8f:09:39:c7:92:e4:67:93:ac:
34:0c:e4:27:76:10:87:3a:a0:3b:db:e1:02:d5:03:
28:10:b2:7a:6e:25:96:a9:48:2e:98:db:8f:5c:2f:
63:2b:51:e1:6e:26:ea:83:5a:40:94:f2:0d:bf:68:
03:bf:07:16:e1:af:a6:59:48:d8:b9:1f:65:b1:ef:
28:0b:18:05:e1:90:17:e9:9a:78:17:db:83:fa:38:
17:9d:6f:cf:71:05:3f:9c:b5:a0:41:e9:9c:aa:86:
c4:1a:a7:d6:dc:9a:9a:e6:e6:5d:ed:48:f6:87:e0:
7c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:7F:5C:38:DC:02:0B:4A:27:DF:86:83:90:68:D4:6F:22:E3:B2:CF
X509v3 Authority Key Identifier:
keyid:94:16:6B:70:48:43:D3:D9:75:40:95:C8:3A:91:B4:93:82:82:00:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBZrcEhD09l1QJXIOpG0k4KCAKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/hH9cONwCC0on34aDkGjUbyLjss8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/43ff8f-cd54-4cf1-8aaf-4be18ef128b4/1/lBZrcEhD09l1QJXIOpG0k4KCAKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.189.0/24
IPv6:
2a00:8b80::/32
2a09:3dc0::/48
Signature Algorithm: sha256WithRSAEncryption
25:26:77:7e:2b:dd:52:91:39:12:93:8c:ea:38:cf:92:0e:64:
3e:5a:ca:3b:25:7e:c1:f9:6c:9e:3c:ec:89:8b:a1:c4:1b:d0:
56:bc:75:bf:1f:af:c4:74:76:dd:09:ff:57:a4:2e:2e:02:1b:
d0:f7:26:aa:1d:de:1f:49:7b:21:f8:81:05:8b:1f:80:d4:88:
52:41:50:7a:85:51:87:69:8f:34:d2:ab:57:3f:78:98:65:2c:
63:de:b4:3c:b4:49:63:a3:75:55:f8:72:4e:79:88:3c:74:65:
3e:af:22:15:6c:58:fe:1f:0a:38:55:5e:0f:fe:ae:51:74:45:
06:73:3e:77:5d:58:23:f2:c8:58:16:09:74:77:60:9e:8b:4a:
ad:d7:dc:e7:70:d7:5b:99:ba:2c:97:be:49:db:09:60:67:14:
ad:be:cd:cd:95:3c:cc:e3:f0:78:13:82:c0:7c:28:f0:b1:b7:
2d:73:e2:4f:dd:8f:fa:ad:ce:04:76:4d:4b:24:9e:16:9f:a5:
df:13:40:50:da:e2:58:d1:7c:95:13:05:e6:f0:3a:25:8e:d0:
93:17:c5:46:8a:3e:82:5b:5b:98:8b:91:f8:99:f2:3f:bb:8d:
34:36:2f:56:96:95:0c:82:05:df:e5:c0:23:aa:4a:a8:3e:14:
31:97:94:cc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYRoemimvBNMDrtZEM7IHd1PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTY2YjcwNDg0M2QzZDk3NTQwOTVjODNhOTFiNDkzODI4
MjAwYTIwHhcNMjIxMTExMjA1NjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDdmNWMzOGRjMDIwYjRhMjdkZjg2ODM5MDY4ZDQ2ZjIyZTNiMmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6xtvxQJXmiSaayc63H+WQDzZUWO
G0s2EBE6cJ+aeHQqJ0jRU6TootixcEKITFsb20F0tkZzGA8Tk4aw+S09AHFX00c7
J6Az5xCfVYAVkgBF7sYRkmvpp6VVMSWWQQhfYe9P4hUBf9HlxrdZCe4An/klPr8k
EysoGwvufMNct/hSVZbQzwj7+fnLucqPCTnHkuRnk6w0DOQndhCHOqA72+EC1QMo
ELJ6biWWqUgumNuPXC9jK1Hhbibqg1pAlPINv2gDvwcW4a+mWUjYuR9lse8oCxgF
4ZAX6Zp4F9uD+jgXnW/PcQU/nLWgQemcqobEGqfW3Jqa5uZd7Uj2h+B8gQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIR/XDjcAgtKJ9+Gg5Bo1G8i47LPMB8GA1UdIwQY
MBaAFJQWa3BIQ9PZdUCVyDqRtJOCggCiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYt
NGJlMThlZjEyOGI0LzEvaEg5Y09Od0NDMG9uMzRhRGtHalVieUxqc3M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80M2ZmOGYtY2Q1NC00Y2YxLThhYWYtNGJlMThlZjEyOGI0
LzEvbEJacmNFaEQwOWwxUUpYSU9wRzBrNEtDQUtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAlei9MBYE
AgACMBADBQAqAIuAAwcAKgk9wAAAMA0GCSqGSIb3DQEBCwUAA4IBAQAlJnd+K91S
kTkSk4zqOM+SDmQ+Wso7JX7B+WyePOyJi6HEG9BWvHW/H6/EdHbdCf9XpC4uAhvQ
9yaqHd4fSXsh+IEFix+A1IhSQVB6hVGHaY800qtXP3iYZSxj3rQ8tEljo3VV+HJO
eYg8dGU+ryIVbFj+Hwo4VV4P/q5RdEUGcz53XVgj8shYFgl0d2Cei0qt19zncNdb
mbosl75J2wlgZxStvs3NlTzM4/B4E4LAfCjwsbctc+JP3Y/6rc4Edk1LJJ4Wn6Xf
E0BQ2uJY0XyVEwXm8DoljtCTF8VGij6CW1uYi5H4mfI/u400Ni9WlpUMggXf5cAj
qkqoPhQxl5TM
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:25 2024 by rpki-client on console-ams.rpki-client.org