Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/H0jdyixQ1ye2I2T7ED_LQIgeYaQ.roa
File: H0jdyixQ1ye2I2T7ED_LQIgeYaQ.roa (raw, json)
Hash identifier: w8CWkxBGkajVsGqKecFAN1ixR4M7K7kkUnAgkMM5fAI=
Subject key identifier: 1F:48:DD:CA:2C:50:D7:27:B6:23:64:FB:10:3F:CB:40:88:1E:61:A4
Certificate issuer: /CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Certificate serial: 0B867C09
Authority key identifier: E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/H0jdyixQ1ye2I2T7ED_LQIgeYaQ.roa
Signing time: Tue 14 Jun 2022 13:32:44 +0000
ROA not before: Tue 14 Jun 2022 13:32:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206087
IP address blocks: 195.234.43.0/24 maxlen: 24
185.221.40.0/24 maxlen: 24
185.221.42.0/24 maxlen: 24
2a09:f00:b::/48 maxlen: 48
2a09:f00:a::/48 maxlen: 48
2001:67c:690::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193362953 (0xb867c09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b56f9ee18fdbfaf30a0da57982e27273dbcb42
Validity
Not Before: Jun 14 13:32:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f48ddca2c50d727b62364fb103fcb40881e61a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:1e:b3:a0:8b:44:54:23:68:88:8d:30:f0:18:
02:e0:cd:c2:b3:db:03:da:dd:46:6d:3c:d3:61:af:
38:7d:4f:64:de:47:ce:a7:de:13:d1:1a:a7:12:ed:
75:2c:b1:89:cd:7a:57:79:7b:5d:97:d7:3d:af:88:
39:e6:36:01:22:de:f0:2c:dc:99:19:52:58:31:e7:
db:7c:57:15:32:97:80:05:20:92:a6:81:64:bd:22:
fd:b0:0f:4c:be:ce:2e:5d:1f:cf:95:70:9e:ca:dd:
19:05:05:9e:d1:bd:cd:68:05:63:70:6f:e2:df:81:
1a:3f:28:11:fd:ad:0f:ba:6e:35:00:47:f9:01:30:
bf:fb:2a:f8:2b:21:48:5b:99:3d:d4:02:44:2a:e4:
46:21:01:0e:7d:51:66:ea:0f:9d:8a:43:0d:11:75:
79:4c:05:5b:96:4a:55:9d:b7:cd:11:70:81:d9:7e:
bc:ce:7e:e1:40:20:49:3c:06:d3:e5:de:28:d9:39:
c8:65:2d:db:bc:67:23:b0:19:16:6e:ed:4f:79:eb:
ee:e2:eb:54:38:32:08:3a:a6:a2:52:21:d1:4d:4b:
78:f2:3f:45:89:82:c3:e9:78:73:ec:ce:d4:83:5f:
12:89:12:21:08:53:7f:f1:97:2d:1e:72:06:95:a5:
eb:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:48:DD:CA:2C:50:D7:27:B6:23:64:FB:10:3F:CB:40:88:1E:61:A4
X509v3 Authority Key Identifier:
keyid:E8:B5:6F:9E:E1:8F:DB:FA:F3:0A:0D:A5:79:82:E2:72:73:DB:CB:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LVvnuGP2_rzCg2leYLicnPby0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/H0jdyixQ1ye2I2T7ED_LQIgeYaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/63957b-3fc1-45c1-a9c6-7355b2043e54/1/6LVvnuGP2_rzCg2leYLicnPby0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.40.0/24
185.221.42.0/24
195.234.43.0/24
IPv6:
2001:67c:690::/48
2a09:f00:a::/47
Signature Algorithm: sha256WithRSAEncryption
8d:86:67:b3:3a:42:8e:7a:e8:e3:98:ba:a8:c9:ee:b1:49:7d:
ba:80:ef:de:60:89:c4:b0:5c:a9:6f:7b:10:fd:d1:b9:83:b1:
2c:a7:6e:fa:1f:50:90:98:b7:21:85:5d:fa:5a:81:d6:0b:55:
56:fc:9e:dd:4d:f3:19:09:ce:a7:bd:45:35:ff:20:38:c1:4f:
26:bc:fd:97:b8:d9:67:6b:24:44:1d:25:ae:d9:60:e6:c8:20:
1a:cb:1e:96:2b:d4:cf:93:89:29:bc:5e:a5:bc:f0:ed:64:b2:
9e:98:96:bd:6e:6f:f7:a9:02:b1:18:5e:1f:18:79:63:bf:12:
b4:03:a9:9b:c8:5c:e6:31:21:60:4a:47:6b:1b:cf:4e:bc:33:
49:9d:e6:8d:15:f9:a8:5d:e8:03:84:29:7f:96:55:e8:d1:02:
20:fb:a9:1b:c2:92:fb:7f:ed:e3:59:8f:84:84:26:ab:35:c4:
31:a9:88:e5:4d:0e:68:24:de:e3:84:39:2d:8b:13:d7:22:c8:
d9:61:66:16:da:65:06:97:f0:7f:90:08:ab:65:d3:9b:04:c2:
54:da:8d:20:bf:79:1b:3e:21:b2:d5:f8:fa:ba:bc:50:11:23:
73:71:15:44:61:f3:5a:1e:be:52:fc:3b:39:ee:37:68:e2:8b:
47:b3:50:2f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgIEC4Z8CTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGI1NmY5ZWUxOGZkYmZhZjMwYTBkYTU3OTgyZTI3MjczZGJjYjQyMB4XDTIyMDYx
NDEzMzI0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY0OGRkY2EyYzUw
ZDcyN2I2MjM2NGZiMTAzZmNiNDA4ODFlNjFhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALoes6CLRFQjaIiNMPAYAuDNwrPbA9rdRm0802GvOH1PZN5H
zqfeE9EapxLtdSyxic16V3l7XZfXPa+IOeY2ASLe8CzcmRlSWDHn23xXFTKXgAUg
kqaBZL0i/bAPTL7OLl0fz5VwnsrdGQUFntG9zWgFY3Bv4t+BGj8oEf2tD7puNQBH
+QEwv/sq+CshSFuZPdQCRCrkRiEBDn1RZuoPnYpDDRF1eUwFW5ZKVZ23zRFwgdl+
vM5+4UAgSTwG0+XeKNk5yGUt27xnI7AZFm7tT3nr7uLrVDgyCDqmolIh0U1LePI/
RYmCw+l4c+zO1INfEokSIQhTf/GXLR5yBpWl62MCAwEAAaOCAi8wggIrMB0GA1Ud
DgQWBBQfSN3KLFDXJ7YjZPsQP8tAiB5hpDAfBgNVHSMEGDAWgBTotW+e4Y/b+vMK
DaV5guJyc9vLQjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZMVnZudUdQMl9yekNnMmxlWUxpY25QYnkwSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNjM5NTdiLTNmYzEtNDVjMS1hOWM2LTczNTViMjA0M2U1NC8x
L0gwamR5aXhRMXllMkkyVDdFRF9MUUlnZVlhUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NjM5NTdiLTNmYzEtNDVjMS1hOWM2LTczNTViMjA0M2U1NC8xLzZMVnZudUdQMl9y
ekNnMmxlWUxpY25QYnkwSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBF
BggrBgEFBQcBBwEB/wQ2MDQwGAQCAAEwEgMEALndKAMEALndKgMEAMPqKzAYBAIA
AjASAwcAIAEGfAaQAwcBKgkPAAAKMA0GCSqGSIb3DQEBCwUAA4IBAQCNhmezOkKO
eujjmLqoye6xSX26gO/eYInEsFypb3sQ/dG5g7Esp276H1CQmLchhV36WoHWC1VW
/J7dTfMZCc6nvUU1/yA4wU8mvP2XuNlnayREHSWu2WDmyCAayx6WK9TPk4kpvF6l
vPDtZLKemJa9bm/3qQKxGF4fGHljvxK0A6mbyFzmMSFgSkdrG89OvDNJneaNFfmo
XegDhCl/llXo0QIg+6kbwpL7f+3jWY+EhCarNcQxqYjlTQ5oJN7jhDktixPXIsjZ
YWYW2mUGl/B/kAirZdObBMJU2o0gv3kbPiGy1fj6urxQESNzcRVEYfNaHr5S/Ds5
7jdo4otHs1Av
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org