Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/h1WOZXk7a5Oc_iYJVFtyw2yhIYI.roa
File: h1WOZXk7a5Oc_iYJVFtyw2yhIYI.roa (raw, json)
Hash identifier: 8oEFsGrHiO1Uf+0N6h80LQku4SkLoSJrmLu0cGANrig=
Subject key identifier: 87:55:8E:65:79:3B:6B:93:9C:FE:26:09:54:5B:72:C3:6C:A1:21:82
Certificate issuer: /CN=3eb1788fe220e46434692d1cc437072d792d7888
Certificate serial: 01853F508CB6B5C80A5A518BDC4236FD710F
Authority key identifier: 3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/h1WOZXk7a5Oc_iYJVFtyw2yhIYI.roa
Signing time: Fri 23 Dec 2022 14:08:41 +0000
ROA not before: Fri 23 Dec 2022 14:08:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58069
IP address blocks: 157.180.228.0/22 maxlen: 22
157.180.232.0/22 maxlen: 22
192.108.45.0/24 maxlen: 24
192.108.46.0/23 maxlen: 23
192.108.68.0/24 maxlen: 24
2a00:139c::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3f:50:8c:b6:b5:c8:0a:5a:51:8b:dc:42:36:fd:71:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3eb1788fe220e46434692d1cc437072d792d7888
Validity
Not Before: Dec 23 14:08:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=87558e65793b6b939cfe2609545b72c36ca12182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:c6:52:90:0b:ec:99:b1:26:a4:62:dc:83:2f:
6b:10:cd:cc:4e:23:ae:ff:e9:04:77:92:c7:e9:d4:
ab:cc:85:db:c1:a2:08:65:cb:23:a0:f0:30:fd:f5:
19:44:cf:1b:d4:cc:54:43:10:7f:56:70:1a:6b:77:
63:7f:28:1a:09:60:41:1e:0a:f3:55:2d:9e:9c:2c:
3b:1d:e8:5e:52:10:08:01:52:0d:56:b0:b9:37:0b:
05:49:9e:ad:9c:4a:23:76:ac:bf:40:ec:fe:29:61:
bc:70:9f:60:00:09:b2:ee:7c:df:77:c9:ba:c9:11:
3e:b5:1b:70:e3:53:27:70:ef:ee:c7:e5:a1:1c:2e:
93:db:db:ff:f1:5e:cf:77:33:04:fb:7e:94:c0:63:
40:3b:45:50:5b:6d:11:63:61:e2:50:a9:a9:e7:32:
a6:d3:d4:e8:78:c1:8d:9f:ea:f6:2e:70:22:99:31:
dd:a9:b8:74:9d:4e:cb:33:26:cc:5f:f8:95:03:4a:
05:e7:a0:1d:bf:f1:f8:42:8b:fb:e7:39:8e:a5:60:
33:82:0d:b2:fd:fe:fa:7a:16:28:a1:62:f7:54:86:
a1:52:41:54:20:85:04:43:81:5e:cd:1b:28:b5:a2:
26:fa:49:ba:f1:75:fe:57:a9:54:73:1a:f5:2f:8c:
95:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:55:8E:65:79:3B:6B:93:9C:FE:26:09:54:5B:72:C3:6C:A1:21:82
X509v3 Authority Key Identifier:
keyid:3E:B1:78:8F:E2:20:E4:64:34:69:2D:1C:C4:37:07:2D:79:2D:78:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/h1WOZXk7a5Oc_iYJVFtyw2yhIYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/22f570-0b26-4004-8ed0-d9509473072c/1/PrF4j-Ig5GQ0aS0cxDcHLXkteIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.180.228.0-157.180.235.255
192.108.45.0-192.108.47.255
192.108.68.0/24
IPv6:
2a00:139c::/32
Signature Algorithm: sha256WithRSAEncryption
56:d5:bb:55:ba:f8:61:fc:a9:97:33:b6:da:5c:48:61:3a:ff:
ce:91:6f:9a:de:c7:c3:de:4b:c5:04:fb:5b:dc:fa:e4:0f:96:
ef:34:3f:05:ba:21:bb:21:4e:0f:c7:76:de:86:8d:56:0a:9b:
16:a2:ab:e8:8d:46:56:e2:c9:17:37:21:b3:bd:93:07:d6:0e:
54:fc:6f:da:09:29:91:65:a7:a9:4d:b4:bf:57:53:ad:ba:0f:
b2:2c:15:35:88:aa:f7:10:49:3e:e5:8f:bd:0a:d4:83:59:b7:
fa:99:48:08:63:9d:6d:a2:f6:28:f7:3c:66:0e:e8:ae:05:21:
c9:42:0d:b8:bc:c8:92:dc:84:45:a0:fc:7e:7f:68:7c:20:ef:
e1:f7:d8:09:65:d0:37:e9:8f:5f:81:d6:ce:33:a8:13:5d:66:
99:4e:8d:d9:bf:c2:2e:25:2f:3e:76:a5:83:ea:2a:93:96:d9:
1c:fa:65:61:50:ec:76:64:a1:09:2a:87:74:ee:3b:54:45:8e:
2e:26:b8:fd:5d:45:ad:fa:89:78:a9:fa:06:d9:32:52:67:fb:
ac:80:2d:4b:bf:5c:d1:eb:d4:b4:22:93:0f:69:39:38:d5:a5:
5c:76:40:69:1d:ff:79:db:ef:df:e8:68:74:db:0f:17:8e:4f:
2a:85:fc:9b
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYU/UIy2tcgKWlGL3EI2/XEPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYjE3ODhmZTIyMGU0NjQzNDY5MmQxY2M0MzcwNzJkNzky
ZDc4ODgwHhcNMjIxMjIzMTQwODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzU1OGU2NTc5M2I2YjkzOWNmZTI2MDk1NDViNzJjMzZjYTEyMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA28ZSkAvsmbEmpGLcgy9rEM3MTiOu
/+kEd5LH6dSrzIXbwaIIZcsjoPAw/fUZRM8b1MxUQxB/VnAaa3djfygaCWBBHgrz
VS2enCw7HeheUhAIAVINVrC5NwsFSZ6tnEojdqy/QOz+KWG8cJ9gAAmy7nzfd8m6
yRE+tRtw41MncO/ux+WhHC6T29v/8V7PdzME+36UwGNAO0VQW20RY2HiUKmp5zKm
09ToeMGNn+r2LnAimTHdqbh0nU7LMybMX/iVA0oF56Adv/H4Qov75zmOpWAzgg2y
/f76ehYooWL3VIahUkFUIIUEQ4FezRsotaIm+km68XX+V6lUcxr1L4yVmwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFIdVjmV5O2uTnP4mCVRbcsNsoSGCMB8GA1UdIwQY
MBaAFD6xeI/iIORkNGktHMQ3By15LXiIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAt
ZDk1MDk0NzMwNzJjLzEvaDFXT1pYazdhNU9jX2lZSlZGdHl3MnloSVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8yMmY1NzAtMGIyNi00MDA0LThlZDAtZDk1MDk0NzMwNzJj
LzEvUHJGNGotSWc1R1EwYVMwY3hEY0hMWGt0ZUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAKdtOQD
BAKdtOgwDAMEAMBsLQMEBMBsIAMEAMBsRDANBAIAAjAHAwUAKgATnDANBgkqhkiG
9w0BAQsFAAOCAQEAVtW7Vbr4YfyplzO22lxIYTr/zpFvmt7Hw95LxQT7W9z65A+W
7zQ/BbohuyFOD8d23oaNVgqbFqKr6I1GVuLJFzchs72TB9YOVPxv2gkpkWWnqU20
v1dTrboPsiwVNYiq9xBJPuWPvQrUg1m3+plICGOdbaL2KPc8Zg7orgUhyUINuLzI
ktyERaD8fn9ofCDv4ffYCWXQN+mPX4HWzjOoE11mmU6N2b/CLiUvPnalg+oqk5bZ
HPplYVDsdmShCSqHdO47VEWOLia4/V1FrfqJeKn6BtkyUmf7rIAtS79c0evUtCKT
D2k5ONWlXHZAaR3/edvv3+hodNsPF45PKoX8mw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:17 2024 by rpki-client on console-ams.rpki-client.org