Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/HDHR8S933Wt9GxpbTekxJBSVpIY.roa
File: HDHR8S933Wt9GxpbTekxJBSVpIY.roa (raw, json)
Hash identifier: VBZtHso3AGdQXwjEwc3efGSWZMKBXGHsCU1f7GMOX0s=
Subject key identifier: 1C:31:D1:F1:2F:77:DD:6B:7D:1B:1A:5B:4D:E9:31:24:14:95:A4:86
Certificate issuer: /CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Certificate serial: 0182807E5F3819DEBD98FEDDF5015F2CC7F6
Authority key identifier: 4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/HDHR8S933Wt9GxpbTekxJBSVpIY.roa
Signing time: Tue 09 Aug 2022 02:45:41 +0000
ROA not before: Tue 09 Aug 2022 02:45:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202806
IP address blocks: 85.234.102.0/23 maxlen: 24
85.234.114.0/23 maxlen: 24
2a0a:6f40:2::/47 maxlen: 48
2a0a:6f40:4::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:80:7e:5f:38:19:de:bd:98:fe:dd:f5:01:5f:2c:c7:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c2b89c3c57a3e296aa4061e962840be7ae8f018
Validity
Not Before: Aug 9 02:45:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c31d1f12f77dd6b7d1b1a5b4de931241495a486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:25:8b:90:1d:d3:d3:bf:26:82:a7:84:99:3b:
1f:6d:9d:69:a2:dc:72:2c:2c:2b:28:62:81:4d:d7:
0e:8d:11:d9:15:b5:d8:70:db:a8:b7:9a:da:d3:df:
4c:cb:6e:1c:25:77:a9:e2:ae:f9:89:ab:b5:92:c8:
ae:c1:8f:c5:0b:0d:f5:e0:f8:08:48:29:b3:be:81:
85:80:33:3c:c6:3c:d4:9d:e9:cc:df:5a:61:e2:6e:
cd:8b:8e:fd:41:d9:d2:8f:b2:38:ed:34:27:27:47:
94:66:39:12:11:b2:86:96:aa:99:4c:5c:43:b4:3b:
07:7f:60:d8:3f:4b:15:97:e9:be:c5:f1:03:d5:ca:
fd:42:f0:c7:84:29:11:40:6b:e5:17:d9:53:ed:71:
51:77:cb:b9:62:3f:3b:9c:be:2f:1d:df:fd:5f:5b:
38:ae:07:c2:78:4c:4d:40:99:f9:48:ee:a1:da:c0:
5e:09:94:67:77:f7:c6:a4:39:6d:31:0d:f8:93:b8:
e5:55:50:0a:66:8f:68:68:df:e6:44:61:5c:9d:12:
3f:50:17:16:09:71:84:70:42:6d:bc:fa:ed:77:54:
c5:a8:2a:3c:eb:86:a7:7f:5a:4b:0a:fc:24:f9:ba:
9a:91:06:3f:52:a2:e0:95:f8:57:ce:6e:fd:f1:0d:
83:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:31:D1:F1:2F:77:DD:6B:7D:1B:1A:5B:4D:E9:31:24:14:95:A4:86
X509v3 Authority Key Identifier:
keyid:4C:2B:89:C3:C5:7A:3E:29:6A:A4:06:1E:96:28:40:BE:7A:E8:F0:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TCuJw8V6PilqpAYelihAvnro8Bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/HDHR8S933Wt9GxpbTekxJBSVpIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/72155a-d109-4c2d-b974-1128e5ce6a5b/1/TCuJw8V6PilqpAYelihAvnro8Bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.102.0/23
85.234.114.0/23
IPv6:
2a0a:6f40:2::-2a0a:6f40:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
46:f4:8f:7c:4f:79:d5:a2:81:ed:95:25:c1:07:0b:14:56:70:
d4:2a:e9:6c:a6:e0:4b:4b:6d:72:46:d8:13:c1:1d:08:e4:ca:
30:51:f8:01:39:1b:b3:dc:76:1c:53:26:fb:a4:f8:32:03:5e:
68:72:bf:f5:23:83:d1:44:60:aa:fe:62:76:3c:24:42:fd:e8:
0a:b8:1e:6b:58:52:07:e7:54:a4:82:f8:4d:65:35:5b:c2:db:
d9:92:cd:36:88:78:5c:09:5f:35:aa:dd:f0:5b:c0:a9:6d:48:
64:e4:c8:5c:2b:6b:e1:bf:90:30:c3:3e:e4:70:87:c0:a1:9a:
14:1e:36:29:d5:5d:00:f0:b4:30:9a:8e:ed:f3:d8:26:1f:0c:
95:20:3d:30:19:52:c8:f4:2a:d0:48:c9:84:a2:df:8f:de:a0:
89:78:1b:01:0f:90:4d:ee:f2:af:d3:3f:19:fc:d5:64:bc:f6:
9b:23:b7:c8:c1:90:2c:32:2a:c1:c1:df:01:af:ee:5c:f1:f4:
56:cc:c8:de:4e:20:1a:5d:36:93:80:12:82:46:54:cb:65:62:
40:94:d6:35:d0:60:32:19:77:66:79:93:fa:b6:a8:40:d8:80:
46:b5:b9:16:01:d6:2e:8c:b0:49:54:bf:0e:fd:47:26:a8:96:
6f:ca:4b:ab
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYKAfl84Gd69mP7d9QFfLMf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMmI4OWMzYzU3YTNlMjk2YWE0MDYxZTk2Mjg0MGJlN2Fl
OGYwMTgwHhcNMjIwODA5MDI0NTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzMxZDFmMTJmNzdkZDZiN2QxYjFhNWI0ZGU5MzEyNDE0OTVhNDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgCWLkB3T078mgqeEmTsfbZ1potxy
LCwrKGKBTdcOjRHZFbXYcNuot5ra099My24cJXep4q75iau1ksiuwY/FCw314PgI
SCmzvoGFgDM8xjzUnenM31ph4m7Ni479QdnSj7I47TQnJ0eUZjkSEbKGlqqZTFxD
tDsHf2DYP0sVl+m+xfED1cr9QvDHhCkRQGvlF9lT7XFRd8u5Yj87nL4vHd/9X1s4
rgfCeExNQJn5SO6h2sBeCZRnd/fGpDltMQ34k7jlVVAKZo9oaN/mRGFcnRI/UBcW
CXGEcEJtvPrtd1TFqCo864anf1pLCvwk+bqakQY/UqLglfhXzm798Q2DNwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFBwx0fEvd91rfRsaW03pMSQUlaSGMB8GA1UdIwQY
MBaAFEwricPFej4paqQGHpYoQL566PAYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQt
MTEyOGU1Y2U2YTViLzEvSERIUjhTOTMzV3Q5R3hwYlRla3hKQlNWcElZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni83MjE1NWEtZDEwOS00YzJkLWI5NzQtMTEyOGU1Y2U2YTVi
LzEvVEN1Snc4VjZQaWxxcEFZZWxpaEF2bnJvOEJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQBVepmAwQB
VepyMBoEAgACMBQwEgMHASoKb0AAAgMHASoKb0AABDANBgkqhkiG9w0BAQsFAAOC
AQEARvSPfE951aKB7ZUlwQcLFFZw1CrpbKbgS0ttckbYE8EdCOTKMFH4ATkbs9x2
HFMm+6T4MgNeaHK/9SOD0URgqv5idjwkQv3oCrgea1hSB+dUpIL4TWU1W8Lb2ZLN
Noh4XAlfNard8FvAqW1IZOTIXCtr4b+QMMM+5HCHwKGaFB42KdVdAPC0MJqO7fPY
Jh8MlSA9MBlSyPQq0EjJhKLfj96giXgbAQ+QTe7yr9M/GfzVZLz2myO3yMGQLDIq
wcHfAa/uXPH0VszI3k4gGl02k4ASgkZUy2ViQJTWNdBgMhl3ZnmT+raoQNiARrW5
FgHWLoywSVS/Dv1HJqiWb8pLqw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:38 2024 by rpki-client on console-fra.rpki-client.org