Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/HaDOP1QGNgxCXl_A_b7T9OkRvT0.roa
File: HaDOP1QGNgxCXl_A_b7T9OkRvT0.roa (raw, json)
Hash identifier: pTk8q1X7PmfouSNKeXhi/F7Te5tGuc5dWbVojLzk8JQ=
Subject key identifier: 1D:A0:CE:3F:54:06:36:0C:42:5E:5F:C0:FD:BE:D3:F4:E9:11:BD:3D
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 018571C308ED230D7A26085F6AD94B778842
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/HaDOP1QGNgxCXl_A_b7T9OkRvT0.roa
Signing time: Mon 02 Jan 2023 09:14:45 +0000
ROA not before: Mon 02 Jan 2023 09:14:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42615
IP address blocks: 185.186.11.0/24 maxlen: 24
2a0b:6b81:3::/48 maxlen: 48
2a0b:6b81:1::/48 maxlen: 48
2a0b:6b81:4::/48 maxlen: 48
2a0b:6b82::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:c3:08:ed:23:0d:7a:26:08:5f:6a:d9:4b:77:88:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 2 09:14:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1da0ce3f5406360c425e5fc0fdbed3f4e911bd3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:cf:03:f4:cb:3a:8c:8d:89:23:08:01:04:20:
7d:dc:e8:f4:90:ec:e2:ec:f4:55:3d:00:c8:72:98:
a1:39:80:bb:03:dc:81:9a:94:d0:eb:94:c8:5d:1e:
b2:78:4f:d3:b9:15:96:7e:7c:b6:a2:0c:df:8c:ec:
db:b9:54:5a:11:79:79:74:85:e1:e7:f8:e2:04:96:
80:16:5a:47:12:d8:14:9b:52:f1:43:88:04:22:d0:
ea:bc:bd:43:de:49:e3:12:78:1a:7d:76:8d:ae:69:
3d:49:c4:f5:41:57:73:6f:1f:26:96:cc:7f:96:74:
46:12:87:dc:4f:c9:20:1f:75:b6:06:36:36:b1:07:
90:4a:27:6f:26:07:22:1d:8a:c7:6b:8e:1e:ce:59:
44:49:70:91:fc:72:8c:d0:54:1d:7e:8f:22:e5:cf:
5f:44:1a:71:be:83:3d:32:dd:d3:79:13:e9:9b:a4:
41:f9:81:02:a0:82:6f:b5:d8:70:89:b4:c6:9b:08:
ce:2b:db:5d:ac:63:5c:52:56:2c:e4:1c:a2:31:ba:
dc:a6:e6:59:66:c2:8d:99:c4:30:40:fb:a6:7e:41:
05:3a:e5:77:ba:c7:c4:d7:10:71:3b:92:f5:ec:01:
68:5d:90:04:f5:6e:53:62:c8:2a:bd:ac:f7:88:28:
57:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A0:CE:3F:54:06:36:0C:42:5E:5F:C0:FD:BE:D3:F4:E9:11:BD:3D
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/HaDOP1QGNgxCXl_A_b7T9OkRvT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.11.0/24
IPv6:
2a0b:6b81:1::/48
2a0b:6b81:3::-2a0b:6b81:4:ffff:ffff:ffff:ffff:ffff
2a0b:6b82::/32
Signature Algorithm: sha256WithRSAEncryption
b4:18:e2:18:93:8c:66:c5:9e:c8:b8:b2:9d:55:6d:d9:67:3d:
2b:62:71:9e:4b:8e:43:75:31:0b:a2:19:46:e9:3b:81:ff:b7:
aa:88:de:c3:e7:db:e7:6d:0e:b9:77:99:fc:b9:b9:39:f9:9a:
70:36:d0:6c:64:2e:af:52:7f:d7:82:46:7f:bc:c2:a6:92:5c:
c4:8e:6b:de:a5:a7:fd:0f:00:3a:97:c7:3b:f1:fc:18:29:3a:
6c:d9:6a:0f:14:4c:f4:46:47:60:3b:a8:55:62:5b:29:11:64:
2c:75:97:db:a3:db:37:a3:20:f0:b2:9d:50:b1:23:43:b7:6b:
3a:3c:76:8c:03:74:df:78:1c:cc:38:1f:b9:9b:85:db:2f:ba:
ec:bc:cf:07:fa:c2:34:71:8a:ed:63:b7:d1:35:db:6d:17:db:
e0:40:bf:33:6e:52:9b:44:27:31:3a:99:f9:08:ba:9f:e0:fb:
b0:15:27:e2:a9:ed:de:c6:b2:5d:d3:62:06:bc:a1:40:eb:94:
8d:f5:6d:11:75:43:05:97:26:3f:32:43:bd:fb:fc:09:58:5a:
8b:ae:bc:9c:df:14:95:7a:96:9a:d1:67:42:ad:a2:63:c3:16:
6a:16:f4:2d:d2:c2:dc:6f:ee:69:9f:05:35:49:1a:a3:00:fb:
8f:b7:97:0e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYVxwwjtIw16JghfatlLd4hCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNWJjOWJiNTQ3ZTI3Nzg4ZDIyMWJjOGJiZDVmYjAyZTAy
NDQ4MGYwHhcNMjMwMTAyMDkxNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGEwY2UzZjU0MDYzNjBjNDI1ZTVmYzBmZGJlZDNmNGU5MTFiZDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy88D9Ms6jI2JIwgBBCB93Oj0kOzi
7PRVPQDIcpihOYC7A9yBmpTQ65TIXR6yeE/TuRWWfny2ogzfjOzbuVRaEXl5dIXh
5/jiBJaAFlpHEtgUm1LxQ4gEItDqvL1D3knjEngafXaNrmk9ScT1QVdzbx8mlsx/
lnRGEofcT8kgH3W2BjY2sQeQSidvJgciHYrHa44ezllESXCR/HKM0FQdfo8i5c9f
RBpxvoM9Mt3TeRPpm6RB+YECoIJvtdhwibTGmwjOK9tdrGNcUlYs5ByiMbrcpuZZ
ZsKNmcQwQPumfkEFOuV3usfE1xBxO5L17AFoXZAE9W5TYsgqvaz3iChXrQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFB2gzj9UBjYMQl5fwP2+0/TpEb09MB8GA1UdIwQY
MBaAFINbybtUfid4jSIbyLvV+wLgJEgPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEt
YjM2YTI0ZDM5NDI3LzEvSGFET1AxUUdOZ3hDWGxfQV9iN1Q5T2tSdlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC85NjJmYjEtM2RmMC00ZWMyLWI1MGEtYjM2YTI0ZDM5NDI3
LzEvZzF2SnUxUi1KM2lOSWh2SXU5WDdBdUFrU0E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAMBAIAATAGAwQAuboLMCoE
AgACMCQDBwAqC2uBAAEwEgMHACoLa4EAAwMHACoLa4EABAMFACoLa4IwDQYJKoZI
hvcNAQELBQADggEBALQY4hiTjGbFnsi4sp1VbdlnPSticZ5LjkN1MQuiGUbpO4H/
t6qI3sPn2+dtDrl3mfy5uTn5mnA20GxkLq9Sf9eCRn+8wqaSXMSOa96lp/0PADqX
xzvx/BgpOmzZag8UTPRGR2A7qFViWykRZCx1l9uj2zejIPCynVCxI0O3azo8dowD
dN94HMw4H7mbhdsvuuy8zwf6wjRxiu1jt9E1220X2+BAvzNuUptEJzE6mfkIup/g
+7AVJ+Kp7d7Gsl3TYga8oUDrlI31bRF1QwWXJj8yQ737/AlYWouuvJzfFJV6lprR
Z0KtomPDFmoW9C3Swtxv7mmfBTVJGqMA+4+3lw4=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:07:08 2025 by rpki-client