Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hMiWGjambSrTScP38LaMLUvqG7g.roa
File: hMiWGjambSrTScP38LaMLUvqG7g.roa (raw, json)
Hash identifier: mRK28pjMilQ2bI2QhaZcgx0olrKi5KyFe/PMKiJMjXE=
Subject key identifier: 84:C8:96:1A:36:A6:6D:2A:D3:49:C3:F7:F0:B6:8C:2D:4B:EA:1B:B8
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 018268CBCE2C8AD7E509F1B835BCD2E330EA
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hMiWGjambSrTScP38LaMLUvqG7g.roa
Signing time: Thu 04 Aug 2022 12:19:23 +0000
ROA not before: Thu 04 Aug 2022 12:19:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210993
IP address blocks: 84.54.37.0/24 maxlen: 24
95.215.108.0/24 maxlen: 24
80.76.43.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:cb:ce:2c:8a:d7:e5:09:f1:b8:35:bc:d2:e3:30:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Aug 4 12:19:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84c8961a36a66d2ad349c3f7f0b68c2d4bea1bb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d7:b5:3e:c2:f6:c4:22:fe:dd:77:db:bf:99:
55:7f:67:23:c5:f1:e6:14:4b:96:56:16:3e:f7:ee:
af:f7:58:32:e7:5a:7c:f5:4f:1d:85:ea:70:bb:4a:
71:d7:7e:0c:56:f7:dd:2c:2d:59:1e:37:23:bb:83:
b3:12:42:64:c8:dd:d8:4a:3c:ab:94:c4:a8:be:ea:
90:0c:52:7f:42:7c:06:58:2f:b8:bb:a5:48:7a:ad:
9a:00:f5:78:07:49:dd:3a:b1:46:2e:c0:78:71:15:
99:16:c1:62:f2:51:0e:7f:26:f8:89:a5:1d:d9:2a:
33:06:c0:a9:6d:97:ba:bf:5c:9c:18:82:53:58:ba:
15:8b:d4:97:d8:5b:a7:03:8d:01:80:c7:20:9b:6c:
13:3e:95:ba:c5:be:e5:aa:fc:42:b1:3c:d3:93:45:
3d:68:36:80:17:f2:92:87:49:81:fc:d5:de:da:f9:
7b:c7:37:05:cb:78:be:f4:2c:57:0f:69:7d:e5:a0:
37:39:d8:3e:13:35:65:ab:7b:27:dc:ea:37:34:45:
15:41:e5:02:5a:3e:0e:62:5f:db:9f:43:5d:06:b5:
77:1d:4a:a5:af:c2:38:d2:83:cf:dc:7b:b5:d7:7a:
31:56:e8:a0:39:a8:24:29:63:5e:ce:65:29:2d:74:
58:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:C8:96:1A:36:A6:6D:2A:D3:49:C3:F7:F0:B6:8C:2D:4B:EA:1B:B8
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hMiWGjambSrTScP38LaMLUvqG7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.43.0/24
84.54.37.0/24
95.215.108.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:91:19:7e:06:66:13:5c:e6:98:88:94:4d:6f:ca:3a:e2:9b:
b2:79:48:c2:c0:36:e0:35:3e:16:84:42:20:99:2c:75:bc:d4:
1d:eb:3a:5d:03:a0:a8:82:14:33:f9:e1:c5:d0:cd:4c:c4:6e:
bb:3d:58:c2:3a:9b:4a:e1:f4:8f:a6:81:07:be:dc:b9:b9:ec:
1b:1d:bf:85:d2:78:db:ee:e6:05:29:9d:5b:8d:1a:0d:8c:79:
fd:a4:bf:48:8c:34:e0:8c:d3:de:28:fa:57:0d:20:6e:71:19:
61:1c:e3:40:c0:2a:dd:66:f4:b8:78:d0:8d:19:dc:14:85:38:
b2:01:11:f0:51:60:22:b6:2f:ed:d0:7c:78:15:c1:20:b8:d6:
39:ab:1c:49:50:84:b1:20:93:0d:02:82:38:d4:fd:81:eb:4c:
00:9a:6e:2a:d2:94:11:64:c9:b4:f5:53:29:4a:1e:f1:6e:ab:
1c:6d:92:ce:d6:d1:6c:03:0f:71:51:01:6b:80:8f:5e:d5:74:
4e:9e:f1:51:63:bc:c6:f2:9d:2f:69:b4:71:2e:51:63:81:3d:
d2:72:90:f4:d7:89:23:5c:91:43:dd:35:02:d5:54:53:5b:f7:
73:11:04:37:50:0b:8c:de:a5:2f:b2:31:89:eb:cc:16:24:76:
bb:4c:e6:69
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYJoy84sitflCfG4NbzS4zDqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjIwODA0MTIxOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGM4OTYxYTM2YTY2ZDJhZDM0OWMzZjdmMGI2OGMyZDRiZWExYmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhde1PsL2xCL+3Xfbv5lVf2cjxfHm
FEuWVhY+9+6v91gy51p89U8dhepwu0px134MVvfdLC1ZHjcju4OzEkJkyN3YSjyr
lMSovuqQDFJ/QnwGWC+4u6VIeq2aAPV4B0ndOrFGLsB4cRWZFsFi8lEOfyb4iaUd
2SozBsCpbZe6v1ycGIJTWLoVi9SX2FunA40BgMcgm2wTPpW6xb7lqvxCsTzTk0U9
aDaAF/KSh0mB/NXe2vl7xzcFy3i+9CxXD2l95aA3Odg+EzVlq3sn3Oo3NEUVQeUC
Wj4OYl/bn0NdBrV3HUqlr8I40oPP3Hu113oxVuigOagkKWNezmUpLXRYEQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFITIlho2pm0q00nD9/C2jC1L6hu4MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvaE1pV0dqYW1iU3JUU2NQMzhMYU1MVXZxRzdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUEwrAwQA
VDYlAwQAX9dsMA0GCSqGSIb3DQEBCwUAA4IBAQA8kRl+BmYTXOaYiJRNb8o64puy
eUjCwDbgNT4WhEIgmSx1vNQd6zpdA6CoghQz+eHF0M1MxG67PVjCOptK4fSPpoEH
vty5uewbHb+F0njb7uYFKZ1bjRoNjHn9pL9IjDTgjNPeKPpXDSBucRlhHONAwCrd
ZvS4eNCNGdwUhTiyARHwUWAiti/t0Hx4FcEguNY5qxxJUISxIJMNAoI41P2B60wA
mm4q0pQRZMm09VMpSh7xbqscbZLO1tFsAw9xUQFrgI9e1XROnvFRY7zG8p0vabRx
LlFjgT3ScpD014kjXJFD3TUC1VRTW/dzEQQ3UAuM3qUvsjGJ68wWJHa7TOZp
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:24:58 2024 by rpki-client on console-ams.rpki-client.org