Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/0HMNdXT_FsBOE49s2JQ9U9aggP8.roa
File: 0HMNdXT_FsBOE49s2JQ9U9aggP8.roa (raw, json)
Hash identifier: Fm/bzJFhgSCsvyXLwtVl6uRmC15HFNjfH1oxvtv4wL8=
Subject key identifier: D0:73:0D:75:74:FF:16:C0:4E:13:8F:6C:D8:94:3D:53:D6:A0:80:FF
Certificate issuer: /CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Certificate serial: 09A1B47D
Authority key identifier: 31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/0HMNdXT_FsBOE49s2JQ9U9aggP8.roa
Signing time: Sat 01 Jan 2022 01:51:58 +0000
ROA not before: Sat 01 Jan 2022 01:51:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42926
IP address blocks: 85.153.64.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 161592445 (0x9a1b47d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31a185d0eb0ca7811c586425de0e960e1cfeb61b
Validity
Not Before: Jan 1 01:51:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d0730d7574ff16c04e138f6cd8943d53d6a080ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7f:5f:11:e3:f2:5d:5d:51:89:68:cc:b1:92:
77:79:4e:26:4d:f1:77:97:0c:5e:68:4f:86:c0:48:
17:92:64:da:71:3e:9c:08:f9:ee:40:2a:b9:f2:73:
4a:4e:ac:e1:80:94:cf:02:9c:9e:d1:90:1a:a9:64:
1c:df:0f:12:98:e5:ca:59:bf:b8:47:dc:93:b4:b1:
2f:ae:92:3b:62:a9:7a:f7:df:d1:4b:b8:cd:d8:93:
d4:64:f6:5f:45:7d:d0:4d:77:ca:6c:57:dd:4c:71:
33:6d:ea:7f:0a:f7:ae:04:3b:10:0b:78:d3:13:61:
78:75:3b:38:4c:8d:68:5b:f6:48:30:ef:5a:b3:d9:
0b:1f:67:41:e4:4c:62:9a:1c:7d:0e:af:a4:bf:d9:
4a:df:55:8f:89:c6:e8:ee:5a:d9:5f:0d:2e:57:c3:
76:78:4a:d6:7d:66:99:52:6b:e4:c9:96:39:fd:7e:
09:18:93:ac:a0:01:2c:40:a6:0d:18:8f:05:9f:29:
98:65:1f:cb:26:29:01:59:88:94:21:5e:52:fb:57:
48:df:39:31:4a:5e:72:c8:e2:23:2b:72:4f:ec:42:
40:61:01:fe:91:e2:78:a5:70:f2:3d:df:fe:6b:4a:
1b:0b:10:f3:15:cc:cb:cd:cb:c7:09:26:b1:42:d7:
3d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:73:0D:75:74:FF:16:C0:4E:13:8F:6C:D8:94:3D:53:D6:A0:80:FF
X509v3 Authority Key Identifier:
keyid:31:A1:85:D0:EB:0C:A7:81:1C:58:64:25:DE:0E:96:0E:1C:FE:B6:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MaGF0OsMp4EcWGQl3g6WDhz-ths.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/0HMNdXT_FsBOE49s2JQ9U9aggP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/081c6e-1d65-4ccd-96f5-1dcc86c11e74/1/MaGF0OsMp4EcWGQl3g6WDhz-ths.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.64.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:56:fd:d2:3c:1f:d0:9c:44:ae:4a:a2:71:35:07:b8:61:8d:
9a:ff:60:1c:75:f6:b4:77:54:48:75:f6:41:3b:82:d2:38:0b:
f5:3a:c7:4d:f7:a4:2b:15:c2:b4:0c:44:81:b9:b0:12:c9:71:
57:ae:2b:26:b4:ac:63:8a:c2:7b:5d:ba:dd:d9:7b:88:d0:e9:
08:7c:7b:21:d5:d6:87:34:84:a3:2b:15:87:18:24:5e:a1:1a:
74:89:93:2f:fb:b7:d5:25:19:61:99:9e:fc:1e:d4:8a:fb:f4:
e8:08:d9:9f:e8:9d:ea:89:6c:cc:39:7e:55:3c:8e:34:6f:96:
ef:6d:8f:fb:cd:9a:14:1d:bb:68:8e:05:aa:82:37:b7:b2:71:
9b:a4:df:16:ea:58:86:a0:af:3f:2b:18:42:62:0d:b1:45:c1:
d8:ba:14:22:d3:10:43:2a:a6:00:ac:c8:6e:2c:bb:1d:92:2e:
17:fa:78:17:9f:bf:ec:cf:22:43:36:37:67:be:a9:2b:0f:81:
e8:88:c1:ed:8b:bb:ea:c0:b0:af:dd:6c:42:50:aa:c0:a2:1b:
a1:13:af:8b:e2:77:e8:24:eb:d8:28:b3:f8:d8:7d:a0:66:61:
84:2f:cf:05:2a:5f:3e:5d:d5:c9:ac:8d:b8:3c:82:45:ae:c1:
f0:64:29:cf
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECaG0fTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MWExODVkMGViMGNhNzgxMWM1ODY0MjVkZTBlOTYwZTFjZmViNjFiMB4XDTIyMDEw
MTAxNTE1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDA3MzBkNzU3NGZm
MTZjMDRlMTM4ZjZjZDg5NDNkNTNkNmEwODBmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMB/XxHj8l1dUYlozLGSd3lOJk3xd5cMXmhPhsBIF5Jk2nE+
nAj57kAqufJzSk6s4YCUzwKcntGQGqlkHN8PEpjlylm/uEfck7SxL66SO2Kpevff
0Uu4zdiT1GT2X0V90E13ymxX3UxxM23qfwr3rgQ7EAt40xNheHU7OEyNaFv2SDDv
WrPZCx9nQeRMYpocfQ6vpL/ZSt9Vj4nG6O5a2V8NLlfDdnhK1n1mmVJr5MmWOf1+
CRiTrKABLECmDRiPBZ8pmGUfyyYpAVmIlCFeUvtXSN85MUpecsjiIytyT+xCQGEB
/pHieKVw8j3f/mtKGwsQ8xXMy83LxwkmsULXPcsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTQcw11dP8WwE4Tj2zYlD1T1qCA/zAfBgNVHSMEGDAWgBQxoYXQ6wyngRxY
ZCXeDpYOHP62GzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01hR0YwT3NNcDRFY1dHUWwzZzZXRGh6LXRocy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvMDgxYzZlLTFkNjUtNGNjZC05NmY1LTFkY2M4NmMxMWU3NC8x
LzBITU5kWFRfRnNCT0U0OXMySlE5VTlhZ2dQOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
MDgxYzZlLTFkNjUtNGNjZC05NmY1LTFkY2M4NmMxMWU3NC8xL01hR0YwT3NNcDRF
Y1dHUWwzZzZXRGh6LXRocy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFWZQDANBgkqhkiG9w0BAQsFAAOC
AQEALVb90jwf0JxErkqicTUHuGGNmv9gHHX2tHdUSHX2QTuC0jgL9TrHTfekKxXC
tAxEgbmwEslxV64rJrSsY4rCe1263dl7iNDpCHx7IdXWhzSEoysVhxgkXqEadImT
L/u31SUZYZme/B7Uivv06AjZn+id6olszDl+VTyONG+W722P+82aFB27aI4FqoI3
t7Jxm6TfFupYhqCvPysYQmINsUXB2LoUItMQQyqmAKzIbiy7HZIuF/p4F5+/7M8i
QzY3Z76pKw+B6IjB7Yu76sCwr91sQlCqwKIboROvi+J36CTr2Ciz+Nh9oGZhhC/P
BSpfPl3VyayNuDyCRa7B8GQpzw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:57 2023 by rpki-client on console-fra.rpki-client.org