Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/COMjYoaHlc8rQNKgQ-ll72cCiF8.roa
File: COMjYoaHlc8rQNKgQ-ll72cCiF8.roa (raw, json)
Hash identifier: uiMh5TTT2V0DN/3ambWL5vb1nGhHlTRe9kTUaeK3bRM=
Subject key identifier: 08:E3:23:62:86:87:95:CF:2B:40:D2:A0:43:E9:65:EF:67:02:88:5F
Certificate issuer: /CN=1e9b8562615f5110d3551f8ec5dd056fb0a48aba
Certificate serial: 01856CCAE09ADFD2F0124E8E075F8E4979B6
Authority key identifier: 1E:9B:85:62:61:5F:51:10:D3:55:1F:8E:C5:DD:05:6F:B0:A4:8A:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/COMjYoaHlc8rQNKgQ-ll72cCiF8.roa
Signing time: Sun 01 Jan 2023 10:05:13 +0000
ROA not before: Sun 01 Jan 2023 10:05:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59865
IP address blocks: 185.111.28.0/22 maxlen: 22
185.56.142.0/23 maxlen: 23
185.56.140.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:e0:9a:df:d2:f0:12:4e:8e:07:5f:8e:49:79:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9b8562615f5110d3551f8ec5dd056fb0a48aba
Validity
Not Before: Jan 1 10:05:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=08e32362868795cf2b40d2a043e965ef6702885f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1c:bf:c9:03:3e:54:fe:d9:86:c3:c7:05:22:
f6:4d:dc:71:3a:94:f7:7c:8e:9f:d6:27:b0:1c:99:
6a:32:35:18:0e:9e:2d:26:58:17:c5:13:8e:b0:69:
ec:b7:99:dc:55:9b:89:83:37:b4:ea:74:37:48:9c:
79:ad:c3:cb:4a:9b:a5:60:6d:b1:86:86:35:d2:f9:
7c:c4:79:f8:30:94:6f:75:8f:92:4d:e0:75:59:36:
2f:14:c2:f9:ee:3f:f1:01:a5:1a:25:15:f1:90:7f:
8f:f9:f7:e9:11:e5:5c:9d:5b:e3:fc:c2:f5:a0:55:
4c:bd:1d:89:46:35:90:80:97:d8:15:0e:30:86:38:
78:c1:05:8c:24:19:d7:dd:c2:38:79:99:47:59:66:
d0:fc:8a:c8:f2:50:3c:36:8e:18:34:c2:9a:9b:1a:
0c:55:c6:eb:f7:ff:ce:94:f9:79:58:4e:97:46:29:
43:d8:f1:7d:d9:f7:20:ed:83:d5:e9:f3:f3:cb:61:
f7:fa:86:67:68:05:47:de:13:00:81:25:c4:ad:9b:
4b:99:ea:9c:2e:6a:56:97:48:16:10:d0:ab:40:1a:
d4:5f:8f:78:ad:b2:3c:3c:a2:d8:7f:f9:e1:cb:b0:
95:85:e0:32:47:4e:6c:33:66:90:79:b3:96:08:eb:
47:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:E3:23:62:86:87:95:CF:2B:40:D2:A0:43:E9:65:EF:67:02:88:5F
X509v3 Authority Key Identifier:
keyid:1E:9B:85:62:61:5F:51:10:D3:55:1F:8E:C5:DD:05:6F:B0:A4:8A:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/COMjYoaHlc8rQNKgQ-ll72cCiF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4544e4-35db-4098-9040-539a0f26684d/1/HpuFYmFfURDTVR-Oxd0Fb7Ckiro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.56.140.0/22
185.111.28.0/22
Signature Algorithm: sha256WithRSAEncryption
97:cf:9a:a1:26:13:05:7f:42:67:77:f6:52:39:c7:cb:3b:8a:
b5:21:b4:e1:6a:92:0f:ee:d1:12:77:f4:b7:1d:ea:92:71:cb:
00:a7:8a:aa:b1:b6:44:a5:f9:92:01:3b:dd:79:45:1d:9c:b6:
c3:64:6d:f5:b6:50:e4:37:1a:6e:2d:5d:bb:7a:1f:ac:34:ee:
1c:c0:b5:13:00:56:63:34:70:a6:93:df:c7:92:65:20:8f:d1:
48:55:09:40:e2:19:2d:87:4f:c0:b0:bf:4a:07:54:1b:7d:57:
f2:1c:5a:cc:f1:65:e2:fa:d7:a0:e9:e8:f1:31:11:d3:9b:de:
0f:db:82:b6:44:a5:bd:e2:27:e6:82:db:b0:09:c7:eb:ce:0f:
27:23:1d:9e:d4:86:bc:ff:c8:a4:a7:67:3e:f9:81:fd:a5:98:
1e:45:d1:f5:15:01:63:f5:6a:58:4b:c3:48:d4:88:6f:a3:42:
4f:d6:2e:d2:fa:92:3e:b8:9f:89:83:ac:33:00:cb:b4:c6:d4:
e1:ce:52:a3:5c:25:37:7a:3c:72:52:f4:58:2e:d5:55:18:d2:
f0:12:d8:c6:f4:2f:7f:d6:dd:04:fb:4a:6b:6d:1e:31:03:8b:
c7:2c:66:da:23:c5:b8:12:66:68:e0:f8:6f:8e:64:62:9d:0e:
0e:05:6b:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVsyuCa39LwEk6OB1+OSXm2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWI4NTYyNjE1ZjUxMTBkMzU1MWY4ZWM1ZGQwNTZmYjBh
NDhhYmEwHhcNMjMwMTAxMTAwNTEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOGUzMjM2Mjg2ODc5NWNmMmI0MGQyYTA0M2U5NjVlZjY3MDI4ODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRy/yQM+VP7ZhsPHBSL2TdxxOpT3
fI6f1iewHJlqMjUYDp4tJlgXxROOsGnst5ncVZuJgze06nQ3SJx5rcPLSpulYG2x
hoY10vl8xHn4MJRvdY+STeB1WTYvFML57j/xAaUaJRXxkH+P+ffpEeVcnVvj/ML1
oFVMvR2JRjWQgJfYFQ4whjh4wQWMJBnX3cI4eZlHWWbQ/IrI8lA8No4YNMKamxoM
Vcbr9//OlPl5WE6XRilD2PF92fcg7YPV6fPzy2H3+oZnaAVH3hMAgSXErZtLmeqc
LmpWl0gWENCrQBrUX494rbI8PKLYf/nhy7CVheAyR05sM2aQebOWCOtH5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAjjI2KGh5XPK0DSoEPpZe9nAohfMB8GA1UdIwQY
MBaAFB6bhWJhX1EQ01UfjsXdBW+wpIq6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHB1RlltRmZVUkRUVlItT3hkMEZiN0NraXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80NTQ0ZTQtMzVkYi00MDk4LTkwNDAt
NTM5YTBmMjY2ODRkLzEvQ09NallvYUhsYzhyUU5LZ1EtbGw3MmNDaUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80NTQ0ZTQtMzVkYi00MDk4LTkwNDAtNTM5YTBmMjY2ODRk
LzEvSHB1RlltRmZVUkRUVlItT3hkMEZiN0NraXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuTiMAwQC
uW8cMA0GCSqGSIb3DQEBCwUAA4IBAQCXz5qhJhMFf0Jnd/ZSOcfLO4q1IbThapIP
7tESd/S3HeqSccsAp4qqsbZEpfmSATvdeUUdnLbDZG31tlDkNxpuLV27eh+sNO4c
wLUTAFZjNHCmk9/HkmUgj9FIVQlA4hkth0/AsL9KB1QbfVfyHFrM8WXi+teg6ejx
MRHTm94P24K2RKW94ifmgtuwCcfrzg8nIx2e1Ia8/8ikp2c++YH9pZgeRdH1FQFj
9WpYS8NI1Ihvo0JP1i7S+pI+uJ+Jg6wzAMu0xtThzlKjXCU3ejxyUvRYLtVVGNLw
EtjG9C9/1t0E+0prbR4xA4vHLGbaI8W4EmZo4PhvjmRinQ4OBWsl
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:33:03 2025 by rpki-client