Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/HdlT7tz1eI8GC133itBwsStESG4.roa
File: HdlT7tz1eI8GC133itBwsStESG4.roa (raw, json)
Hash identifier: dSTsGIjSeJ8kdoDMBACdY4YmECP7aOitVDJqce5TZPQ=
Subject key identifier: 1D:D9:53:EE:DC:F5:78:8F:06:0B:5D:F7:8A:D0:70:B1:2B:44:48:6E
Certificate issuer: /CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Certificate serial: 03A3A48C
Authority key identifier: 28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/HdlT7tz1eI8GC133itBwsStESG4.roa
Signing time: Sat 01 Jan 2022 04:56:28 +0000
ROA not before: Sat 01 Jan 2022 04:56:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.119.221.0/24 maxlen: 24
185.119.223.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 61056140 (0x3a3a48c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28b0ff7998ca8854ce7c475a972ed1d52a5c60cd
Validity
Not Before: Jan 1 04:56:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dd953eedcf5788f060b5df78ad070b12b44486e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:51:6c:a2:2b:2e:3e:2a:ba:9a:37:ff:3d:47:
af:e6:7d:2b:8d:0c:a6:76:4e:6b:92:95:ec:b7:c4:
c8:f0:7a:dc:42:33:52:5c:98:99:ea:26:76:fc:66:
a1:63:7a:95:be:1f:2e:f8:e5:d0:a0:ab:ee:e1:92:
15:35:36:08:38:6f:f1:d7:30:e0:e2:ca:ac:40:f1:
f5:c2:38:e1:91:6a:54:8a:19:6f:d5:58:66:fb:51:
55:32:23:f8:04:19:99:52:dc:81:2c:87:2b:02:21:
d9:61:ac:01:af:13:ce:ff:0d:92:51:8e:f7:df:a1:
e8:ba:a8:90:30:24:69:89:10:e5:e5:5b:4b:30:4b:
19:49:9c:64:62:a9:9c:20:eb:2f:70:a0:a1:37:4d:
dd:14:43:71:49:5b:9d:ab:c8:29:b4:e4:07:60:8d:
ad:eb:43:13:9b:4d:9b:b9:85:f0:36:a0:32:34:e6:
68:34:43:3f:f8:b1:a7:59:c1:d1:08:37:fd:04:e6:
6a:95:b2:bd:62:a8:7e:85:1b:d2:c7:92:9c:6d:70:
63:53:47:aa:70:ea:20:1d:6e:02:95:db:1d:d1:c0:
c6:e3:5d:1a:d9:a3:0e:47:c8:88:50:c6:3c:81:3e:
1e:cf:a6:bb:59:14:0d:4b:38:4b:ab:57:b6:ce:91:
94:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D9:53:EE:DC:F5:78:8F:06:0B:5D:F7:8A:D0:70:B1:2B:44:48:6E
X509v3 Authority Key Identifier:
keyid:28:B0:FF:79:98:CA:88:54:CE:7C:47:5A:97:2E:D1:D5:2A:5C:60:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KLD_eZjKiFTOfEdaly7R1SpcYM0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/HdlT7tz1eI8GC133itBwsStESG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/a0d674-87b6-4318-bed2-267547ea1e35/1/KLD_eZjKiFTOfEdaly7R1SpcYM0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.119.221.0/24
185.119.223.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:65:ca:a4:49:a2:6d:c6:ec:ae:37:86:ef:cc:58:01:8c:83:
92:e5:b9:49:a3:97:de:11:32:7f:88:87:60:1f:fb:36:fb:33:
4c:ac:37:3c:46:ff:39:63:f5:2f:72:01:b1:ea:a4:c4:fc:a5:
4d:72:eb:f5:cf:e0:28:d0:76:e0:7f:dc:6a:b7:9d:80:27:a3:
9c:93:eb:4f:6f:e1:db:1b:bb:b2:cf:ea:0a:fd:0f:0a:55:55:
18:63:7a:7c:fc:50:e5:c2:26:ea:05:03:cc:ec:f9:24:1c:c6:
0a:65:e0:cb:f3:9c:16:f5:84:99:e9:81:56:26:f5:f9:4a:5d:
64:32:a0:c1:41:bc:78:09:bb:f0:b2:22:da:8f:23:b3:20:e5:
10:98:32:40:aa:a2:31:91:10:b6:aa:98:47:b1:04:40:ef:3c:
0a:12:ff:be:e8:7c:7e:2e:38:f8:71:cc:6c:b2:9d:2d:fe:86:
01:39:3a:4a:95:6a:93:76:38:cf:72:28:ab:fb:3e:80:6c:6d:
3e:0a:13:e9:80:89:c2:cb:56:e8:0e:d5:aa:03:a9:6f:fa:9e:
75:00:b1:29:6e:73:cd:45:62:0c:46:96:f7:18:28:6c:a8:ee:
ae:ce:12:43:bb:04:be:b0:05:c2:69:99:be:64:c5:4e:cd:2a:
cc:a5:b6:d7
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA6OkjDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OGIwZmY3OTk4Y2E4ODU0Y2U3YzQ3NWE5NzJlZDFkNTJhNWM2MGNkMB4XDTIyMDEw
MTA0NTYyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRkOTUzZWVkY2Y1
Nzg4ZjA2MGI1ZGY3OGFkMDcwYjEyYjQ0NDg2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtRbKIrLj4qupo3/z1Hr+Z9K40MpnZOa5KV7LfEyPB63EIz
UlyYmeomdvxmoWN6lb4fLvjl0KCr7uGSFTU2CDhv8dcw4OLKrEDx9cI44ZFqVIoZ
b9VYZvtRVTIj+AQZmVLcgSyHKwIh2WGsAa8Tzv8NklGO99+h6LqokDAkaYkQ5eVb
SzBLGUmcZGKpnCDrL3CgoTdN3RRDcUlbnavIKbTkB2CNretDE5tNm7mF8DagMjTm
aDRDP/ixp1nB0Qg3/QTmapWyvWKofoUb0seSnG1wY1NHqnDqIB1uApXbHdHAxuNd
GtmjDkfIiFDGPIE+Hs+mu1kUDUs4S6tXts6RlC0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQd2VPu3PV4jwYLXfeK0HCxK0RIbjAfBgNVHSMEGDAWgBQosP95mMqIVM58
R1qXLtHVKlxgzTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tMRF9lWmpLaUZUT2ZFZGFseTdSMVNwY1lNMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYTBkNjc0LTg3YjYtNDMxOC1iZWQyLTI2NzU0N2VhMWUzNS8x
L0hkbFQ3dHoxZUk4R0MxMzNpdEJ3c1N0RVNHNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
YTBkNjc0LTg3YjYtNDMxOC1iZWQyLTI2NzU0N2VhMWUzNS8xL0tMRF9lWmpLaUZU
T2ZFZGFseTdSMVNwY1lNMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEALl33QMEALl33zANBgkqhkiG9w0B
AQsFAAOCAQEAL2XKpEmibcbsrjeG78xYAYyDkuW5SaOX3hEyf4iHYB/7NvszTKw3
PEb/OWP1L3IBseqkxPylTXLr9c/gKNB24H/caredgCejnJPrT2/h2xu7ss/qCv0P
ClVVGGN6fPxQ5cIm6gUDzOz5JBzGCmXgy/OcFvWEmemBVib1+UpdZDKgwUG8eAm7
8LIi2o8jsyDlEJgyQKqiMZEQtqqYR7EEQO88ChL/vuh8fi44+HHMbLKdLf6GATk6
SpVqk3Y4z3Ioq/s+gGxtPgoT6YCJwstW6A7VqgOpb/qedQCxKW5zzUViDEaW9xgo
bKjurs4SQ7sEvrAFwmmZvmTFTs0qzKW21w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:38:56 2024 by rpki-client on console-fra.rpki-client.org