Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/hQfYrxjsoXDDNtUibB2b1p37bEw.roa
File: hQfYrxjsoXDDNtUibB2b1p37bEw.roa (raw, json)
Hash identifier: ScYf/YGijJgwViId+hMtDaX2s5nwxwx9e8ZJlQv+JH0=
Subject key identifier: 85:07:D8:AF:18:EC:A1:70:C3:36:D5:22:6C:1D:9B:D6:9D:FB:6C:4C
Certificate issuer: /CN=49e44eeea26569d0ddbd0e8637f12cf505a4ede9
Certificate serial: 01856F02392765D04160DA61D4A619BA5F04
Authority key identifier: 49:E4:4E:EE:A2:65:69:D0:DD:BD:0E:86:37:F1:2C:F5:05:A4:ED:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeRO7qJladDdvQ6GN_Es9QWk7ek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/hQfYrxjsoXDDNtUibB2b1p37bEw.roa
Signing time: Sun 01 Jan 2023 20:24:54 +0000
ROA not before: Sun 01 Jan 2023 20:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35676
IP address blocks: 178.213.66.0/23 maxlen: 23
178.213.68.0/22 maxlen: 22
194.5.88.0/23 maxlen: 23
195.234.36.0/24 maxlen: 24
185.16.252.0/23 maxlen: 23
185.16.252.0/22 maxlen: 22
185.16.254.0/23 maxlen: 23
178.213.64.0/23 maxlen: 23
178.213.64.0/22 maxlen: 22
193.105.186.0/24 maxlen: 24
2a03:6f82::/32 maxlen: 32
2a03:6f81::/32 maxlen: 33
2a03:6f81::/33 maxlen: 33
2a03:6f80::/33 maxlen: 33
2a03:6f80::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:39:27:65:d0:41:60:da:61:d4:a6:19:ba:5f:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e44eeea26569d0ddbd0e8637f12cf505a4ede9
Validity
Not Before: Jan 1 20:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8507d8af18eca170c336d5226c1d9bd69dfb6c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:b7:94:62:70:fc:e1:33:50:d8:3c:41:fc:2f:
80:b8:ff:90:af:98:05:db:dc:65:73:f5:cd:1a:f1:
88:fa:9f:d4:92:46:38:fc:37:c7:8d:40:7e:e2:b8:
7d:f5:09:6d:8a:88:dc:76:de:ef:a1:8b:79:ce:cd:
f0:53:5c:e1:f4:ef:40:28:52:d3:37:58:1f:b8:cc:
e1:cf:0e:eb:f3:5d:c5:d6:57:b0:a5:16:04:d1:e8:
39:f3:4e:e6:c0:a6:37:84:58:eb:9b:8d:67:4b:ec:
02:07:64:af:e5:cf:67:da:2c:23:1d:6e:cd:46:53:
9e:91:59:11:97:09:d2:08:0e:7b:a4:1e:b9:38:3d:
a0:7e:b3:4b:94:77:84:20:2d:82:97:8e:cc:fa:eb:
c1:11:20:e8:00:b4:b3:e5:dd:49:65:25:e9:0c:eb:
95:1a:ef:ac:37:e4:95:46:a2:d9:1c:89:11:25:7f:
92:d4:23:4d:f1:98:6e:91:60:1e:27:36:d3:65:4d:
68:7e:e5:7e:86:eb:0a:dc:0f:d8:2d:b1:5a:57:83:
a6:94:04:f8:92:52:3a:2e:81:e2:f4:d9:44:91:69:
75:ac:54:99:14:98:2c:5f:b3:fa:4c:23:38:b3:92:
fd:bd:f3:ea:b6:c8:c6:32:31:76:d2:b1:ec:98:a3:
1e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:07:D8:AF:18:EC:A1:70:C3:36:D5:22:6C:1D:9B:D6:9D:FB:6C:4C
X509v3 Authority Key Identifier:
keyid:49:E4:4E:EE:A2:65:69:D0:DD:BD:0E:86:37:F1:2C:F5:05:A4:ED:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeRO7qJladDdvQ6GN_Es9QWk7ek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/hQfYrxjsoXDDNtUibB2b1p37bEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/SeRO7qJladDdvQ6GN_Es9QWk7ek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.213.64.0/21
185.16.252.0/22
193.105.186.0/24
194.5.88.0/23
195.234.36.0/24
IPv6:
2a03:6f80::-2a03:6f82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2b:e4:87:c8:b0:72:80:35:25:f7:fc:d7:43:f1:34:b9:62:d6:
44:60:31:e0:fc:b3:84:fd:4c:2e:0a:10:12:8a:af:50:b9:cd:
cd:d1:b3:85:d6:f6:28:d8:7d:e2:85:c5:10:49:16:43:2e:11:
18:00:3c:73:f2:78:9f:2b:c6:54:ea:84:d9:5e:ef:e3:5b:07:
94:0c:00:65:25:7b:01:d9:da:2a:f4:1e:ba:7a:2e:ba:28:64:
5a:1e:b0:bb:5a:a4:49:ee:e6:23:0f:24:c7:db:8b:7a:84:95:
aa:47:79:78:37:0a:60:31:64:f8:e2:b7:1b:70:78:c2:af:33:
ce:cb:fe:10:c7:3b:86:20:89:dd:12:bf:9c:db:54:93:09:27:
01:48:c0:08:62:54:45:23:91:11:9a:96:21:7d:47:5a:52:fc:
28:15:18:99:7c:88:68:37:bb:d4:f3:ae:bc:2d:13:3b:c2:67:
1a:a9:17:e3:46:d9:82:cb:c0:db:08:1c:5d:4b:43:6e:5d:2c:
30:ce:8f:e8:31:01:2f:50:30:51:31:1a:76:e8:e8:cc:04:59:
39:ba:f3:de:1d:b8:51:93:59:f7:8e:f3:13:8e:7c:ee:43:df:
5d:27:d6:61:2f:ce:3b:86:a1:ed:00:f0:a4:7d:13:54:85:70:
2b:42:77:a6
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYVvAjknZdBBYNph1KYZul8EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTQ0ZWVlYTI2NTY5ZDBkZGJkMGU4NjM3ZjEyY2Y1MDVh
NGVkZTkwHhcNMjMwMTAxMjAyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTA3ZDhhZjE4ZWNhMTcwYzMzNmQ1MjI2YzFkOWJkNjlkZmI2YzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgbeUYnD84TNQ2DxB/C+AuP+Qr5gF
29xlc/XNGvGI+p/UkkY4/DfHjUB+4rh99Qltiojcdt7voYt5zs3wU1zh9O9AKFLT
N1gfuMzhzw7r813F1lewpRYE0eg5807mwKY3hFjrm41nS+wCB2Sv5c9n2iwjHW7N
RlOekVkRlwnSCA57pB65OD2gfrNLlHeEIC2Cl47M+uvBESDoALSz5d1JZSXpDOuV
Gu+sN+SVRqLZHIkRJX+S1CNN8ZhukWAeJzbTZU1ofuV+husK3A/YLbFaV4OmlAT4
klI6LoHi9NlEkWl1rFSZFJgsX7P6TCM4s5L9vfPqtsjGMjF20rHsmKMetwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFIUH2K8Y7KFwwzbVImwdm9ad+2xMMB8GA1UdIwQY
MBaAFEnkTu6iZWnQ3b0OhjfxLPUFpO3pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VSTzdxSmxhZERkdlE2R05fRXM5UVdrN2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jM2RjMWItZDFlZS00ZmYyLWE1YWEt
ZjBjNGJlOGUyNDBhLzEvaFFmWXJ4anNvWERETnRVaWJCMmIxcDM3YkV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jM2RjMWItZDFlZS00ZmYyLWE1YWEtZjBjNGJlOGUyNDBh
LzEvU2VSTzdxSmxhZERkdlE2R05fRXM5UVdrN2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAkBAIAATAeAwQDstVAAwQC
uRD8AwQAwWm6AwQBwgVYAwQAw+okMBYEAgACMBAwDgMFByoDb4ADBQAqA2+CMA0G
CSqGSIb3DQEBCwUAA4IBAQAr5IfIsHKANSX3/NdD8TS5YtZEYDHg/LOE/UwuChAS
iq9Quc3N0bOF1vYo2H3ihcUQSRZDLhEYADxz8nifK8ZU6oTZXu/jWweUDABlJXsB
2doq9B66ei66KGRaHrC7WqRJ7uYjDyTH24t6hJWqR3l4NwpgMWT44rcbcHjCrzPO
y/4QxzuGIIndEr+c21STCScBSMAIYlRFI5ERmpYhfUdaUvwoFRiZfIhoN7vU8668
LRM7wmcaqRfjRtmCy8DbCBxdS0NuXSwwzo/oMQEvUDBRMRp26OjMBFk5uvPeHbhR
k1n3jvMTjnzuQ99dJ9ZhL847hqHtAPCkfRNUhXArQnem
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:17:46 2025 by rpki-client