Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/HQcto6-Sozz_lvQHxxOuOrif-7A.roa
File: HQcto6-Sozz_lvQHxxOuOrif-7A.roa (raw, json)
Hash identifier: UbGpaqpqjsMJ4QfaJo/IolpCEMcvCBYauc0HLhD4MgQ=
Subject key identifier: 1D:07:2D:A3:AF:92:A3:3C:FF:96:F4:07:C7:13:AE:3A:B8:9F:FB:B0
Certificate issuer: /CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Certificate serial: 0184A9C724E88403FDC484B29298A8D13FFA
Authority key identifier: AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/HQcto6-Sozz_lvQHxxOuOrif-7A.roa
Signing time: Thu 24 Nov 2022 13:15:11 +0000
ROA not before: Thu 24 Nov 2022 13:15:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49040
IP address blocks: 85.217.239.0/24 maxlen: 24
85.217.238.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:c7:24:e8:84:03:fd:c4:84:b2:92:98:a8:d1:3f:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac1f721b7b7e6d049fbfe520e1ca89c1ca256813
Validity
Not Before: Nov 24 13:15:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d072da3af92a33cff96f407c713ae3ab89ffbb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:69:b4:b4:b3:ae:8d:6a:76:bc:d6:88:d9:26:
ea:93:46:ca:b8:49:00:b1:c4:ac:db:f3:c5:41:d8:
35:95:5c:4f:4b:f9:5f:9c:f6:28:45:53:16:59:79:
ab:d1:09:30:7b:4c:f3:d4:a3:7b:4e:f5:86:41:69:
ea:92:8d:5c:14:97:f9:a1:f6:24:40:7f:09:7f:7f:
9b:12:15:14:2e:46:35:ff:45:b5:3d:3d:d1:d8:37:
01:45:a5:68:42:bf:c1:e2:94:98:9b:47:eb:e0:83:
77:f0:e6:35:64:9b:40:9c:c6:8c:6f:0d:7a:b8:12:
04:ae:20:9d:ba:f6:07:c6:b4:36:2d:31:c6:e5:ca:
e7:4c:0c:ad:30:fb:dc:9e:29:09:6c:d3:54:2f:29:
e1:c6:61:9e:79:36:47:77:1c:c8:cd:26:53:2f:81:
26:c1:f9:e7:44:2b:2d:7c:c2:87:67:b8:6b:da:1f:
55:57:f7:0c:f3:f1:b5:fe:de:e9:96:81:3d:51:75:
64:09:60:65:bb:a5:b6:3d:9e:ce:ac:bf:66:5b:ec:
c4:1e:b9:29:b1:53:f5:06:86:5e:d7:93:29:cb:c3:
58:b7:b5:3a:2b:95:11:72:8b:c0:44:ab:7f:8d:80:
4a:86:af:b4:71:0f:4e:48:ff:9f:a6:89:48:3a:32:
62:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:07:2D:A3:AF:92:A3:3C:FF:96:F4:07:C7:13:AE:3A:B8:9F:FB:B0
X509v3 Authority Key Identifier:
keyid:AC:1F:72:1B:7B:7E:6D:04:9F:BF:E5:20:E1:CA:89:C1:CA:25:68:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rB9yG3t-bQSfv-Ug4cqJwcolaBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/HQcto6-Sozz_lvQHxxOuOrif-7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/56d267-1c43-47c8-afb2-64d29c86bf3e/1/rB9yG3t-bQSfv-Ug4cqJwcolaBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.238.0/23
Signature Algorithm: sha256WithRSAEncryption
96:9d:d8:67:14:82:8c:d8:97:76:2c:fe:cc:8e:0f:0f:80:f5:
2f:65:ea:9d:ef:49:8e:81:48:5d:8a:6c:d6:29:df:45:fa:ad:
b4:c2:1f:36:ce:b0:52:ad:77:c8:54:14:5d:72:03:a8:46:60:
a4:38:fb:b2:4d:e1:f2:4d:43:09:99:28:13:c8:9f:be:48:16:
15:2b:66:17:89:1e:39:75:43:f7:23:5d:a2:57:6a:97:f8:d6:
60:34:af:35:06:67:c0:1e:bf:bb:08:a2:5c:29:02:26:45:5e:
52:d4:72:53:04:84:3f:1a:70:f1:3d:5b:66:25:5a:88:b8:c1:
8d:78:69:eb:11:d6:1a:35:f8:f7:6d:bf:48:38:9d:cd:7c:c1:
75:b5:19:ab:e7:77:46:a6:8b:59:83:84:f0:0f:64:e2:3b:07:
f6:81:1c:e7:ef:ba:5f:f0:f6:f4:82:8d:3d:be:ae:f8:89:d2:
19:73:2f:2f:7e:55:36:15:27:cf:0e:7d:4c:34:f7:8d:85:58:
66:22:90:30:24:07:e9:ee:c4:73:e5:97:fc:ab:41:37:20:a4:
23:67:f8:6a:e4:70:8b:22:01:6f:57:5e:ea:59:d0:a5:b9:4b:
6b:a8:1a:7c:03:15:3c:ae:ff:20:a9:d4:74:11:77:c6:78:22:
6b:85:89:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSpxyTohAP9xISykpio0T/6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjMWY3MjFiN2I3ZTZkMDQ5ZmJmZTUyMGUxY2E4OWMxY2Ey
NTY4MTMwHhcNMjIxMTI0MTMxNTExWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDA3MmRhM2FmOTJhMzNjZmY5NmY0MDdjNzEzYWUzYWI4OWZmYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWm0tLOujWp2vNaI2Sbqk0bKuEkA
scSs2/PFQdg1lVxPS/lfnPYoRVMWWXmr0Qkwe0zz1KN7TvWGQWnqko1cFJf5ofYk
QH8Jf3+bEhUULkY1/0W1PT3R2DcBRaVoQr/B4pSYm0fr4IN38OY1ZJtAnMaMbw16
uBIEriCduvYHxrQ2LTHG5crnTAytMPvcnikJbNNULynhxmGeeTZHdxzIzSZTL4Em
wfnnRCstfMKHZ7hr2h9VV/cM8/G1/t7ploE9UXVkCWBlu6W2PZ7OrL9mW+zEHrkp
sVP1BoZe15Mpy8NYt7U6K5URcovARKt/jYBKhq+0cQ9OSP+fpolIOjJidQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB0HLaOvkqM8/5b0B8cTrjq4n/uwMB8GA1UdIwQY
MBaAFKwfcht7fm0En7/lIOHKicHKJWgTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjIt
NjRkMjljODZiZjNlLzEvSFFjdG82LVNvenpfbHZRSHh4T3VPcmlmLTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NmQyNjctMWM0My00N2M4LWFmYjItNjRkMjljODZiZjNl
LzEvckI5eUczdC1iUVNmdi1VZzRjcUp3Y29sYUJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBVdnuMA0G
CSqGSIb3DQEBCwUAA4IBAQCWndhnFIKM2Jd2LP7Mjg8PgPUvZeqd70mOgUhdimzW
Kd9F+q20wh82zrBSrXfIVBRdcgOoRmCkOPuyTeHyTUMJmSgTyJ++SBYVK2YXiR45
dUP3I12iV2qX+NZgNK81BmfAHr+7CKJcKQImRV5S1HJTBIQ/GnDxPVtmJVqIuMGN
eGnrEdYaNfj3bb9IOJ3NfMF1tRmr53dGpotZg4TwD2TiOwf2gRzn77pf8Pb0go09
vq74idIZcy8vflU2FSfPDn1MNPeNhVhmIpAwJAfp7sRz5Zf8q0E3IKQjZ/hq5HCL
IgFvV17qWdCluUtrqBp8AxU8rv8gqdR0EXfGeCJrhYnS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:25:17 2025 by rpki-client