Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/0HZUO8PH6N4T59ukhmsHsJmllJI.roa
File: 0HZUO8PH6N4T59ukhmsHsJmllJI.roa (raw, json)
Hash identifier: iDY86YwUGFXPEfvQHb5lGyL115d22Ln3P2yAu82Hr9Q=
Subject key identifier: D0:76:54:3B:C3:C7:E8:DE:13:E7:DB:A4:86:6B:07:B0:99:A5:94:92
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018949B08146A5B69BDFFF2CA233EB370BBA
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/0HZUO8PH6N4T59ukhmsHsJmllJI.roa
Signing time: Wed 12 Jul 2023 10:40:51 +0000
ROA not before: Wed 12 Jul 2023 10:40:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48944
IP address blocks: 185.243.50.0/23 maxlen: 24
185.215.228.0/23 maxlen: 23
178.239.144.0/22 maxlen: 22
185.212.50.0/23 maxlen: 24
178.239.148.0/23 maxlen: 24
178.239.153.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:b0:81:46:a5:b6:9b:df:ff:2c:a2:33:eb:37:0b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jul 12 10:40:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d076543bc3c7e8de13e7dba4866b07b099a59492
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:e8:3a:8e:3e:bd:55:28:52:f8:50:43:ef:ad:
53:95:24:52:11:20:a3:4c:ac:68:f4:8c:88:05:07:
17:25:12:12:f1:85:ec:df:03:26:c0:13:69:d1:9a:
ac:30:16:22:15:ad:8c:f4:96:34:5b:c4:54:3b:77:
6c:c5:b9:01:34:5b:9f:fa:94:09:de:40:d5:31:51:
0b:10:94:21:1a:11:f5:7a:09:ce:a4:23:01:f1:6f:
c6:53:e9:fe:ba:81:b0:88:3f:f2:a8:c0:c4:c3:68:
7a:63:20:c7:be:2b:53:82:2d:87:98:2f:f0:50:71:
4d:03:c6:16:6d:51:27:e9:f8:86:60:0a:1f:1c:6d:
c8:a8:1b:90:37:b5:fa:3b:d3:cc:27:a2:2c:bc:61:
0e:8d:c1:45:43:2a:d6:58:a3:84:84:92:51:af:41:
a4:dd:a5:fa:ca:c1:1f:60:93:63:89:56:99:8e:b8:
73:f1:9f:2c:2e:52:ae:14:9b:fe:89:83:54:ba:87:
9a:5a:81:ac:80:f6:1c:2c:55:c3:e2:c8:25:a2:9c:
8f:86:45:e1:9b:86:da:99:b4:33:c8:cf:73:0a:76:
bc:11:bb:9a:37:f2:66:85:02:9e:ce:0b:53:d9:27:
75:c6:ff:0a:56:9a:ab:dc:ef:20:27:5f:98:2f:9b:
1f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:76:54:3B:C3:C7:E8:DE:13:E7:DB:A4:86:6B:07:B0:99:A5:94:92
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/0HZUO8PH6N4T59ukhmsHsJmllJI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.239.144.0-178.239.149.255
178.239.153.0/24
185.212.50.0/23
185.215.228.0/23
185.243.50.0/23
Signature Algorithm: sha256WithRSAEncryption
d2:90:85:08:38:58:2b:80:6b:9a:7b:e6:39:da:76:b9:5f:9a:
78:4d:31:f5:f8:84:cd:2e:23:44:c5:23:f4:39:77:7d:fd:9d:
1e:e6:0d:13:41:c8:ba:6d:ad:82:4b:b8:cc:d6:b2:55:d8:0c:
98:32:5b:be:38:10:64:16:dd:66:a8:42:b6:5b:b5:4f:d1:12:
66:4f:29:d0:65:c3:d7:93:5a:29:68:61:63:24:31:05:c3:bc:
15:62:41:d0:a0:88:91:95:71:17:69:62:90:2d:b5:db:1b:e6:
83:51:ae:aa:1e:4f:2a:72:3f:5f:c0:18:35:1b:f1:3f:b7:cb:
1f:ce:3e:6a:6c:de:2c:cb:c2:a4:d1:b8:18:a9:ab:7f:5c:ae:
74:2c:fb:b0:54:b7:0d:a0:0d:09:a8:0d:60:a6:b6:3d:73:15:
b5:76:ac:7c:d1:93:07:fb:bb:42:65:a3:e5:64:28:70:07:d7:
7d:f9:f1:91:9e:c7:b6:07:56:61:85:e7:4b:01:4c:36:ff:30:
82:72:8e:a6:9a:24:28:df:96:54:64:84:f5:bd:14:97:bf:17:
28:13:57:8e:9e:99:3d:88:b1:be:a2:04:da:0f:78:5f:b7:7e:
68:c4:66:0a:7e:ce:ad:1c:35:42:c5:e9:54:df:85:84:21:49:
64:73:b6:df
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYlJsIFGpbab3/8sojPrNwu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjMwNzEyMTA0MDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDc2NTQzYmMzYzdlOGRlMTNlN2RiYTQ4NjZiMDdiMDk5YTU5NDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOg6jj69VShS+FBD761TlSRSESCj
TKxo9IyIBQcXJRIS8YXs3wMmwBNp0ZqsMBYiFa2M9JY0W8RUO3dsxbkBNFuf+pQJ
3kDVMVELEJQhGhH1egnOpCMB8W/GU+n+uoGwiD/yqMDEw2h6YyDHvitTgi2HmC/w
UHFNA8YWbVEn6fiGYAofHG3IqBuQN7X6O9PMJ6IsvGEOjcFFQyrWWKOEhJJRr0Gk
3aX6ysEfYJNjiVaZjrhz8Z8sLlKuFJv+iYNUuoeaWoGsgPYcLFXD4sglopyPhkXh
m4bambQzyM9zCna8EbuaN/JmhQKezgtT2Sd1xv8KVpqr3O8gJ1+YL5sfxwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNB2VDvDx+jeE+fbpIZrB7CZpZSSMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvMEhaVU84UEg2TjRUNTl1a2htc0hzSm1sbEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBASy75AD
BAGy75QDBACy75kDBAG51DIDBAG51+QDBAG58zIwDQYJKoZIhvcNAQELBQADggEB
ANKQhQg4WCuAa5p75jnadrlfmnhNMfX4hM0uI0TFI/Q5d339nR7mDRNByLptrYJL
uMzWslXYDJgyW744EGQW3WaoQrZbtU/REmZPKdBlw9eTWiloYWMkMQXDvBViQdCg
iJGVcRdpYpAttdsb5oNRrqoeTypyP1/AGDUb8T+3yx/OPmps3izLwqTRuBipq39c
rnQs+7BUtw2gDQmoDWCmtj1zFbV2rHzRkwf7u0Jlo+VkKHAH13358ZGex7YHVmGF
50sBTDb/MIJyjqaaJCjfllRkhPW9FJe/FygTV46emT2Isb6iBNoPeF+3fmjEZgp+
zq0cNULF6VTfhYQhSWRztt8=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:06 2025 by rpki-client