Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/h2AZuW_jPhp4UTEHZY-EhjakbQ4.roa
File: h2AZuW_jPhp4UTEHZY-EhjakbQ4.roa (raw, json)
Hash identifier: HFlbJb4ScZeds18aDmrVx3YqpGHXhUxoP1rrUjWolM0=
Subject key identifier: 87:60:19:B9:6F:E3:3E:1A:78:51:31:07:65:8F:84:86:36:A4:6D:0E
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 0184F127145FB3DFD31B4053756C0C3BB6A6
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/h2AZuW_jPhp4UTEHZY-EhjakbQ4.roa
Signing time: Thu 08 Dec 2022 09:53:00 +0000
ROA not before: Thu 08 Dec 2022 09:53:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34707
IP address blocks: 82.179.0.0/20 maxlen: 24
82.179.0.0/21 maxlen: 21
82.179.8.0/22 maxlen: 22
82.179.12.0/24 maxlen: 24
82.179.13.0/24 maxlen: 24
82.179.14.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f1:27:14:5f:b3:df:d3:1b:40:53:75:6c:0c:3b:b6:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Dec 8 09:53:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=876019b96fe33e1a78513107658f848636a46d0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:06:75:2a:ff:41:99:4d:ff:5f:b9:e4:f2:28:
f0:6c:9c:d0:dc:73:f5:ca:af:44:b5:9e:4e:26:ab:
3c:68:8d:22:92:8d:74:f0:7d:80:97:88:05:d8:ac:
73:93:df:ab:3f:2f:c7:32:48:f9:0c:7e:1d:da:d6:
64:95:be:94:33:a4:8d:a2:77:79:77:ad:96:d3:9b:
04:b9:06:ba:8c:d3:03:95:f3:f6:96:f2:e0:33:7c:
6a:3f:6c:8a:81:82:0c:51:16:e7:a8:49:fc:bf:d5:
c9:81:80:c5:3e:80:5f:13:78:c5:16:99:c1:47:a2:
6a:08:7c:8f:f1:fa:e7:19:99:ba:2d:80:51:a0:3c:
12:d7:5b:ea:57:5b:e4:44:30:4d:de:24:f5:53:e1:
fd:1b:41:10:d0:5a:9e:26:c7:a7:9b:68:ee:0e:c2:
52:2f:37:48:cf:77:94:97:9a:b1:1c:33:dc:6a:d6:
01:cb:ee:fd:3f:3c:70:3f:f7:ea:2e:9b:4e:e2:ba:
d9:dc:b6:16:e2:a1:11:56:5a:21:87:58:e4:13:bd:
f4:9b:7f:5c:67:d1:29:73:f8:b0:e7:37:b3:66:41:
23:be:76:fe:2b:18:21:2d:70:47:1f:77:2d:d0:6b:
8a:fa:df:bc:d6:ee:c0:12:19:7f:e2:3e:23:bb:87:
e3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:60:19:B9:6F:E3:3E:1A:78:51:31:07:65:8F:84:86:36:A4:6D:0E
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/h2AZuW_jPhp4UTEHZY-EhjakbQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.179.0.0/20
Signature Algorithm: sha256WithRSAEncryption
17:c4:e4:19:a3:38:05:08:7b:55:c4:24:79:53:90:b4:51:a7:
02:17:da:81:cd:e5:3d:53:16:b1:bc:07:20:4e:f0:64:7c:42:
f3:3f:e5:aa:ec:be:ae:06:d7:13:31:b6:6e:af:a1:59:b7:96:
b2:ea:c1:31:39:c4:e1:5a:6c:e6:35:42:d0:92:95:aa:48:bc:
50:41:1e:2c:c6:ff:3b:19:a4:4a:88:6a:35:2b:4f:c9:00:23:
7a:c7:21:93:64:d5:b9:6f:b6:8e:31:74:b5:86:5b:0d:94:06:
e4:da:80:57:f3:34:0f:33:ad:24:9d:71:75:9d:cd:d8:c4:56:
46:73:9c:65:81:f4:57:e9:a7:a7:fd:f6:96:5b:86:50:fe:7a:
f8:69:13:7f:2a:72:73:90:40:d6:43:3d:d4:0c:3f:50:56:2f:
b9:a7:51:70:3a:14:d4:76:eb:7e:62:ff:d7:4a:e8:62:70:db:
42:5b:b5:b7:42:3c:b0:8f:d6:4f:40:89:3d:f8:43:1f:bc:b7:
98:26:3c:4a:9e:0f:6d:8a:13:f6:be:81:50:e6:09:dc:78:3c:
e1:a0:0c:58:cb:93:c5:f7:ae:50:46:d1:5c:e4:b5:1a:52:0b:
b2:56:e7:42:9f:52:b4:5e:f0:7b:81:82:27:2b:ed:82:24:a0:
7f:70:b0:11
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTxJxRfs9/TG0BTdWwMO7amMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjIxMjA4MDk1MzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzYwMTliOTZmZTMzZTFhNzg1MTMxMDc2NThmODQ4NjM2YTQ2ZDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQZ1Kv9BmU3/X7nk8ijwbJzQ3HP1
yq9EtZ5OJqs8aI0iko108H2Al4gF2Kxzk9+rPy/HMkj5DH4d2tZklb6UM6SNond5
d62W05sEuQa6jNMDlfP2lvLgM3xqP2yKgYIMURbnqEn8v9XJgYDFPoBfE3jFFpnB
R6JqCHyP8frnGZm6LYBRoDwS11vqV1vkRDBN3iT1U+H9G0EQ0FqeJsenm2juDsJS
LzdIz3eUl5qxHDPcatYBy+79PzxwP/fqLptO4rrZ3LYW4qERVlohh1jkE730m39c
Z9Epc/iw5zezZkEjvnb+KxghLXBHH3ct0GuK+t+81u7AEhl/4j4ju4fjuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdgGblv4z4aeFExB2WPhIY2pG0OMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvaDJBWnVXX2pQaHA0VVRFSFpZLUVoamFrYlE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUrMAMA0G
CSqGSIb3DQEBCwUAA4IBAQAXxOQZozgFCHtVxCR5U5C0UacCF9qBzeU9UxaxvAcg
TvBkfELzP+Wq7L6uBtcTMbZur6FZt5ay6sExOcThWmzmNULQkpWqSLxQQR4sxv87
GaRKiGo1K0/JACN6xyGTZNW5b7aOMXS1hlsNlAbk2oBX8zQPM60knXF1nc3YxFZG
c5xlgfRX6aen/faWW4ZQ/nr4aRN/KnJzkEDWQz3UDD9QVi+5p1FwOhTUdut+Yv/X
SuhicNtCW7W3Qjywj9ZPQIk9+EMfvLeYJjxKng9tihP2voFQ5gnceDzhoAxYy5PF
965QRtFc5LUaUguyVudCn1K0XvB7gYInK+2CJKB/cLAR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org