Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/khF3zmB2C9hKDjjYwiiEVU30s88.roa
File: khF3zmB2C9hKDjjYwiiEVU30s88.roa (raw, json)
Hash identifier: 0Cxpf7ZOp7zt8e2ZfSfQZliiljSxg1gld+sqajTHnbo=
Subject key identifier: 92:11:77:CE:60:76:0B:D8:4A:0E:38:D8:C2:28:84:55:4D:F4:B3:CF
Certificate issuer: /CN=8f5ea8379bca44f4f6a7f4b69864cd9b02a27b12
Certificate serial: 0BB7AE89
Authority key identifier: 8F:5E:A8:37:9B:CA:44:F4:F6:A7:F4:B6:98:64:CD:9B:02:A2:7B:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j16oN5vKRPT2p_S2mGTNmwKiexI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/khF3zmB2C9hKDjjYwiiEVU30s88.roa
Signing time: Sat 01 Jan 2022 04:55:28 +0000
ROA not before: Sat 01 Jan 2022 04:55:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62132
IP address blocks: 185.46.110.0/24 maxlen: 24
185.46.108.0/24 maxlen: 24
185.46.111.0/24 maxlen: 24
185.46.108.0/22 maxlen: 22
185.46.109.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 196587145 (0xbb7ae89)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f5ea8379bca44f4f6a7f4b69864cd9b02a27b12
Validity
Not Before: Jan 1 04:55:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=921177ce60760bd84a0e38d8c22884554df4b3cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3d:24:f0:54:70:44:4a:f3:bd:83:c3:91:05:
28:fa:e6:e9:48:bf:c8:dc:0e:53:5a:fc:72:d4:05:
85:c6:e2:12:06:6d:82:93:b3:92:e7:13:a3:fc:3e:
2b:d2:86:dc:c2:80:fd:3d:ff:8b:ee:ce:55:e5:a8:
58:73:50:ba:6c:cc:79:5c:99:8f:17:e1:1c:13:a0:
7e:31:e5:04:61:bf:33:e9:ae:5f:e8:e1:db:6f:6b:
a8:9a:6e:a6:97:d6:b2:3b:19:73:be:a2:7b:2d:0c:
f4:98:bb:8a:ab:63:59:b4:c0:bf:17:bb:b9:a2:de:
27:01:fe:7b:b3:1e:ad:c3:ab:3a:2e:78:43:8b:69:
75:5e:26:77:bb:04:a1:d6:d6:c1:fa:13:46:00:e7:
74:74:dd:d5:42:37:7e:12:88:69:cb:7e:2e:ad:7f:
a7:5e:0a:0e:42:47:7b:93:a0:42:a6:49:c7:1e:fb:
47:ed:fb:fe:ad:e8:49:2e:c3:0c:9d:c8:73:d8:66:
64:5c:91:55:51:d5:85:c0:8a:ae:ce:45:3e:2d:48:
75:b5:50:f4:79:88:cb:42:dd:e0:35:d2:ea:bd:38:
b0:4b:8b:4a:0d:69:76:3b:d9:43:c5:07:56:05:26:
91:cd:3d:81:a2:35:bf:d2:bf:93:58:09:54:c3:e9:
ed:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:11:77:CE:60:76:0B:D8:4A:0E:38:D8:C2:28:84:55:4D:F4:B3:CF
X509v3 Authority Key Identifier:
keyid:8F:5E:A8:37:9B:CA:44:F4:F6:A7:F4:B6:98:64:CD:9B:02:A2:7B:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j16oN5vKRPT2p_S2mGTNmwKiexI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/khF3zmB2C9hKDjjYwiiEVU30s88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/402d43-e99c-4112-a038-ecbb9442f589/1/j16oN5vKRPT2p_S2mGTNmwKiexI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.108.0/22
Signature Algorithm: sha256WithRSAEncryption
26:d5:29:1c:78:45:67:c2:bc:4b:2a:6a:ca:12:1e:79:8f:f1:
26:85:cf:5c:87:af:79:2c:57:32:8f:e9:30:39:49:89:33:ec:
b6:cd:ad:5c:49:f5:99:6b:34:0e:7c:7e:88:6f:39:10:c8:44:
4c:bc:57:ed:eb:5d:eb:60:b5:ab:37:dd:18:ce:e9:40:77:d3:
ed:1e:9f:b5:d9:23:d5:22:77:ff:40:39:03:65:9b:2a:92:2e:
d7:05:dd:ab:c4:a9:7b:e0:27:40:c1:cd:30:5c:a3:0e:92:a0:
4b:56:bb:5f:02:b2:12:7c:59:38:72:15:25:76:37:83:ad:a4:
fb:39:9d:2b:1c:db:8d:f5:57:83:9e:8b:25:65:ec:18:0e:98:
41:fe:0c:ba:76:fc:4a:b3:22:9f:a1:03:c7:65:8f:cb:a8:d3:
f8:96:b2:69:b1:30:30:1c:98:14:af:05:dc:e7:5a:50:39:b4:
d6:f9:9e:c2:78:47:82:49:56:cb:85:a3:f0:ee:6a:40:04:b0:
50:0e:52:ca:81:85:ce:31:f9:ca:fe:7a:8b:1b:ca:35:98:aa:
90:af:bd:74:d5:c2:5d:93:19:77:a6:99:f8:cd:d2:f3:fb:32:
45:2d:ad:f2:26:ad:f5:91:92:c4:b9:a6:17:04:d0:64:48:ea:
9a:57:c2:c8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEC7euiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjVlYTgzNzliY2E0NGY0ZjZhN2Y0YjY5ODY0Y2Q5YjAyYTI3YjEyMB4XDTIyMDEw
MTA0NTUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTIxMTc3Y2U2MDc2
MGJkODRhMGUzOGQ4YzIyODg0NTU0ZGY0YjNjZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOQ9JPBUcERK872Dw5EFKPrm6Ui/yNwOU1r8ctQFhcbiEgZt
gpOzkucTo/w+K9KG3MKA/T3/i+7OVeWoWHNQumzMeVyZjxfhHBOgfjHlBGG/M+mu
X+jh229rqJpuppfWsjsZc76iey0M9Ji7iqtjWbTAvxe7uaLeJwH+e7MercOrOi54
Q4tpdV4md7sEodbWwfoTRgDndHTd1UI3fhKIact+Lq1/p14KDkJHe5OgQqZJxx77
R+37/q3oSS7DDJ3Ic9hmZFyRVVHVhcCKrs5FPi1IdbVQ9HmIy0Ld4DXS6r04sEuL
Sg1pdjvZQ8UHVgUmkc09gaI1v9K/k1gJVMPp7akCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSSEXfOYHYL2EoOONjCKIRVTfSzzzAfBgNVHSMEGDAWgBSPXqg3m8pE9Pan
9LaYZM2bAqJ7EjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2oxNm9ONXZLUlBUMnBfUzJtR1RObXdLaWV4SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOTcvNDAyZDQzLWU5OWMtNDExMi1hMDM4LWVjYmI5NDQyZjU4OS8x
L2toRjN6bUIyQzloS0Rqall3aWlFVlUzMHM4OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTcv
NDAyZDQzLWU5OWMtNDExMi1hMDM4LWVjYmI5NDQyZjU4OS8xL2oxNm9ONXZLUlBU
MnBfUzJtR1RObXdLaWV4SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArkubDANBgkqhkiG9w0BAQsFAAOC
AQEAJtUpHHhFZ8K8SypqyhIeeY/xJoXPXIeveSxXMo/pMDlJiTPsts2tXEn1mWs0
Dnx+iG85EMhETLxX7etd62C1qzfdGM7pQHfT7R6ftdkj1SJ3/0A5A2WbKpIu1wXd
q8Spe+AnQMHNMFyjDpKgS1a7XwKyEnxZOHIVJXY3g62k+zmdKxzbjfVXg56LJWXs
GA6YQf4Munb8SrMin6EDx2WPy6jT+JayabEwMByYFK8F3OdaUDm01vmewnhHgklW
y4Wj8O5qQASwUA5SyoGFzjH5yv56ixvKNZiqkK+9dNXCXZMZd6aZ+M3S8/syRS2t
8iat9ZGSxLmmFwTQZEjqmlfCyA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:29:27 2025 by rpki-client