Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/tPH1KY-MCZaL7YlXZ5lJVTxjW-s.roa
File: tPH1KY-MCZaL7YlXZ5lJVTxjW-s.roa (raw, json)
Hash identifier: G9keiKcc5Pi38YOfZLrMsVtAOoktNHINcpeLW88Ofq4=
Subject key identifier: B4:F1:F5:29:8F:8C:09:96:8B:ED:89:57:67:99:49:55:3C:63:5B:EB
Certificate issuer: /CN=84ffa542f3d8c9b07bf76eae8a86985a3d7b4dc7
Certificate serial: 0137298B
Authority key identifier: 84:FF:A5:42:F3:D8:C9:B0:7B:F7:6E:AE:8A:86:98:5A:3D:7B:4D:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hP-lQvPYybB7926uioaYWj17Tcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/tPH1KY-MCZaL7YlXZ5lJVTxjW-s.roa
Signing time: Sat 01 Jan 2022 00:56:29 +0000
ROA not before: Sat 01 Jan 2022 00:56:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207058
IP address blocks: 185.167.88.0/24 maxlen: 24
185.167.89.0/24 maxlen: 24
185.167.90.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 20392331 (0x137298b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84ffa542f3d8c9b07bf76eae8a86985a3d7b4dc7
Validity
Not Before: Jan 1 00:56:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b4f1f5298f8c09968bed8957679949553c635beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0f:3a:a6:de:88:ad:09:aa:f9:82:50:f6:d5:
79:9d:01:06:02:07:16:2b:a1:2f:88:2f:e3:87:83:
a2:20:7c:b2:54:e7:27:e7:53:39:39:8a:24:05:3a:
e4:78:b5:1a:7c:03:1d:fb:97:6a:92:13:9d:87:7e:
95:e5:21:cf:6f:93:4a:57:6f:94:34:bd:19:40:95:
77:b0:dd:a7:00:46:00:a9:d1:91:53:12:20:29:e5:
f0:cf:11:68:0b:e4:d7:ee:02:38:01:60:5d:43:5b:
f6:bf:f0:6c:6e:87:5f:99:0f:67:f0:df:b7:a6:1b:
e1:71:f2:b7:3a:3a:90:00:bb:63:15:12:44:4e:7f:
3b:7a:4e:e8:f6:16:40:7b:2f:8b:11:9d:f0:5a:4b:
15:e6:39:a4:ca:e8:ad:1b:f3:f7:9f:59:84:07:68:
27:dc:8b:d4:04:8f:0c:56:51:6d:c8:26:bf:c5:88:
e8:ec:55:d6:6b:cd:d6:fa:47:aa:f1:59:49:c5:88:
f1:fd:0b:4c:8f:38:92:48:6f:9b:b2:f9:4c:21:a5:
56:29:96:31:c5:ba:8f:08:ad:ce:69:13:d7:c4:5e:
2a:49:b9:18:e6:6b:ba:ab:f8:0e:a1:61:43:0a:75:
f1:2c:d2:12:f9:2b:9a:0e:74:d6:b1:bd:9f:c4:d4:
c4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F1:F5:29:8F:8C:09:96:8B:ED:89:57:67:99:49:55:3C:63:5B:EB
X509v3 Authority Key Identifier:
keyid:84:FF:A5:42:F3:D8:C9:B0:7B:F7:6E:AE:8A:86:98:5A:3D:7B:4D:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hP-lQvPYybB7926uioaYWj17Tcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/tPH1KY-MCZaL7YlXZ5lJVTxjW-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/71fff9-343d-4f07-a491-7c0fd29cf3e9/1/hP-lQvPYybB7926uioaYWj17Tcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.167.88.0-185.167.90.255
Signature Algorithm: sha256WithRSAEncryption
29:08:76:40:0b:c0:f8:6b:79:fb:7b:d6:6d:4d:2a:5e:b9:29:
03:9c:5f:7e:4e:18:51:66:dd:dd:3c:95:96:2b:af:2f:7a:c8:
f1:51:25:ca:f6:31:7d:cd:55:56:b2:d4:fb:88:23:40:d1:7b:
25:0d:65:8b:e0:e3:07:4c:45:3d:1a:ae:1d:1e:59:98:02:7a:
dd:c7:c0:ef:e1:f3:80:1c:c6:c6:22:bd:ca:09:14:db:41:a5:
08:d7:50:c0:7b:5c:38:0a:7c:af:3c:13:50:13:87:9c:24:2c:
0e:68:8d:da:c3:b8:6b:ab:1f:1e:de:33:11:8d:4b:af:0a:2b:
93:89:35:a5:9a:3b:93:f9:ed:d0:9b:17:69:21:da:1a:d3:8c:
1c:59:36:b7:c7:bf:5a:a2:40:f0:64:07:be:38:da:0e:8a:32:
1b:ea:ed:6c:68:9f:f5:1c:68:c6:cc:65:fa:16:8e:0b:de:17:
4a:4b:90:92:a8:32:16:53:db:10:32:f5:39:49:da:49:29:8e:
33:9b:4f:36:0a:2f:23:9e:9c:2f:80:3b:97:fc:c3:b0:f3:28:
4a:2f:02:84:cf:ad:46:58:60:e3:59:14:f5:4a:c4:c5:01:6c:
21:db:88:88:9a:d7:51:7f:05:3a:22:bd:58:06:b1:83:4e:29:
96:cf:78:a9
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEATcpizANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGZmYTU0MmYzZDhjOWIwN2JmNzZlYWU4YTg2OTg1YTNkN2I0ZGM3MB4XDTIyMDEw
MTAwNTYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjRmMWY1Mjk4Zjhj
MDk5NjhiZWQ4OTU3Njc5OTQ5NTUzYzYzNWJlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQPOqbeiK0JqvmCUPbVeZ0BBgIHFiuhL4gv44eDoiB8slTn
J+dTOTmKJAU65Hi1GnwDHfuXapITnYd+leUhz2+TSldvlDS9GUCVd7DdpwBGAKnR
kVMSICnl8M8RaAvk1+4COAFgXUNb9r/wbG6HX5kPZ/Dft6Yb4XHytzo6kAC7YxUS
RE5/O3pO6PYWQHsvixGd8FpLFeY5pMrorRvz959ZhAdoJ9yL1ASPDFZRbcgmv8WI
6OxV1mvN1vpHqvFZScWI8f0LTI84kkhvm7L5TCGlVimWMcW6jwitzmkT18ReKkm5
GOZruqv4DqFhQwp18SzSEvkrmg501rG9n8TUxKsCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBS08fUpj4wJlovtiVdnmUlVPGNb6zAfBgNVHSMEGDAWgBSE/6VC89jJsHv3
bq6KhphaPXtNxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQLWxRdlBZeWJCNzkyNnVpb2FZV2oxN1RjYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvNzFmZmY5LTM0M2QtNGYwNy1hNDkxLTdjMGZkMjljZjNlOS8x
L3RQSDFLWS1NQ1phTDdZbFhaNWxKVlR4alctcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
NzFmZmY5LTM0M2QtNGYwNy1hNDkxLTdjMGZkMjljZjNlOS8xL2hQLWxRdlBZeWJC
NzkyNnVpb2FZV2oxN1RjYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQDuadYAwQAuadaMA0GCSqGSIb3
DQEBCwUAA4IBAQApCHZAC8D4a3n7e9ZtTSpeuSkDnF9+ThhRZt3dPJWWK68vesjx
USXK9jF9zVVWstT7iCNA0XslDWWL4OMHTEU9Gq4dHlmYAnrdx8Dv4fOAHMbGIr3K
CRTbQaUI11DAe1w4CnyvPBNQE4ecJCwOaI3aw7hrqx8e3jMRjUuvCiuTiTWlmjuT
+e3QmxdpIdoa04wcWTa3x79aokDwZAe+ONoOijIb6u1saJ/1HGjGzGX6Fo4L3hdK
S5CSqDIWU9sQMvU5SdpJKY4zm082Ci8jnpwvgDuX/MOw8yhKLwKEz61GWGDjWRT1
SsTFAWwh24iImtdRfwU6Ir1YBrGDTimWz3ip
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:48 2024 by rpki-client on console-ams.rpki-client.org