Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d90be8-f605-4fc8-8f09-021040aa3c8a/1/hse9bToYVzi614JuMII-VrOIlXM.roa
File: hse9bToYVzi614JuMII-VrOIlXM.roa (raw, json)
Hash identifier: 2f4aw4VZSTzJMSFjqffLDiPVfLV5jJIRtVEzrn21lXI=
Subject key identifier: 86:C7:BD:6D:3A:18:57:38:BA:D7:82:6E:30:82:3E:56:B3:88:95:73
Certificate issuer: /CN=eeb320be89726831f3fd900740f1f906f9b19c6a
Certificate serial: 07135A08
Authority key identifier: EE:B3:20:BE:89:72:68:31:F3:FD:90:07:40:F1:F9:06:F9:B1:9C:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rMgvolyaDHz_ZAHQPH5BvmxnGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/d90be8-f605-4fc8-8f09-021040aa3c8a/1/hse9bToYVzi614JuMII-VrOIlXM.roa
Signing time: Sat 01 Jan 2022 14:01:15 +0000
ROA not before: Sat 01 Jan 2022 14:01:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200322
IP address blocks: 185.245.248.0/22 maxlen: 22
2a0d:7080::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 118708744 (0x7135a08)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeb320be89726831f3fd900740f1f906f9b19c6a
Validity
Not Before: Jan 1 14:01:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86c7bd6d3a185738bad7826e30823e56b3889573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f7:01:0e:90:9f:5e:91:68:a7:1e:38:7e:2b:
ad:e6:ff:d0:2a:93:60:1d:21:3b:93:dc:c6:eb:6a:
63:b9:73:42:13:7c:bf:78:14:2e:39:51:7e:35:44:
3f:ec:2f:ea:ec:70:fc:3b:f8:42:85:4c:d7:40:65:
a4:f5:e6:96:28:81:c3:da:d7:7c:8b:d1:63:28:e6:
ac:f3:c8:87:1a:25:00:37:d9:6d:ae:6c:5a:62:18:
5b:2c:71:24:e3:e6:74:99:b5:2c:a7:f8:f9:59:b3:
98:fa:d8:f0:ac:9b:be:fa:27:2e:b3:15:79:ee:d1:
98:a0:9a:3a:bc:a4:51:ab:cb:7f:a4:b5:b9:00:4b:
1f:e6:83:19:69:c2:6b:24:74:6e:f2:fe:b0:38:41:
44:b4:d7:3a:61:9b:c3:20:d5:b3:3e:ff:f8:70:3f:
fe:0c:62:e8:97:c7:7c:0b:a2:68:1b:b4:5f:29:49:
46:c6:5e:6b:06:de:fa:dc:55:9d:b7:23:61:77:85:
dc:80:f1:0b:8b:8f:04:df:2c:fd:e8:b4:b9:65:9b:
fe:81:59:e7:74:2a:21:77:62:cb:58:b6:d1:90:5e:
79:19:17:c2:9d:c4:99:2c:ff:ac:fb:9c:d0:f5:22:
bd:f6:a6:c5:39:fd:c3:ec:e3:48:72:66:a9:9b:c4:
0f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C7:BD:6D:3A:18:57:38:BA:D7:82:6E:30:82:3E:56:B3:88:95:73
X509v3 Authority Key Identifier:
keyid:EE:B3:20:BE:89:72:68:31:F3:FD:90:07:40:F1:F9:06:F9:B1:9C:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rMgvolyaDHz_ZAHQPH5BvmxnGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d90be8-f605-4fc8-8f09-021040aa3c8a/1/hse9bToYVzi614JuMII-VrOIlXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d90be8-f605-4fc8-8f09-021040aa3c8a/1/7rMgvolyaDHz_ZAHQPH5BvmxnGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.245.248.0/22
IPv6:
2a0d:7080::/29
Signature Algorithm: sha256WithRSAEncryption
52:b7:c2:17:7c:a5:63:0a:c5:e2:12:e7:1d:53:cb:31:30:67:
48:92:1d:4f:b1:18:6d:ce:e6:10:99:52:87:a2:63:8a:7b:10:
5d:24:69:71:03:fb:7e:5b:15:12:82:90:e7:3c:52:86:34:3e:
62:d4:14:75:4f:d8:5a:00:10:9c:b8:b5:2e:da:fa:6a:01:11:
59:50:ab:66:ce:0d:6e:50:f1:d5:40:da:c8:a1:d8:e8:5c:76:
63:ad:1e:26:89:13:e2:2e:be:1c:c5:4a:c1:26:67:64:c4:7e:
f8:6e:ed:35:42:cf:db:38:6e:6d:8c:5c:39:44:16:87:78:a5:
21:4f:04:24:69:17:d2:fa:f3:12:60:e5:00:38:38:c1:a9:a9:
64:14:ab:17:16:26:01:2a:a7:d7:49:25:01:09:0e:fb:67:75:
56:bc:93:27:19:26:fc:57:90:11:d1:01:3c:e5:e8:5e:d0:2c:
6c:73:82:3a:b6:c3:41:21:8f:03:23:b9:64:95:00:5a:62:56:
02:3e:1a:36:c3:6c:66:3e:46:a5:8e:61:ce:11:c8:5f:51:b3:
22:11:33:b8:e6:10:e0:8e:c8:95:2c:d8:60:fb:c5:4f:4b:f8:
b6:aa:0d:bc:f2:2e:86:1b:5f:4e:5c:52:67:da:de:c9:ff:99:
0c:50:a2:75
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBxNaCDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZWIzMjBiZTg5NzI2ODMxZjNmZDkwMDc0MGYxZjkwNmY5YjE5YzZhMB4XDTIyMDEw
MTE0MDExNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZjN2JkNmQzYTE4
NTczOGJhZDc4MjZlMzA4MjNlNTZiMzg4OTU3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIj3AQ6Qn16RaKceOH4rreb/0CqTYB0hO5PcxutqY7lzQhN8
v3gULjlRfjVEP+wv6uxw/Dv4QoVM10BlpPXmliiBw9rXfIvRYyjmrPPIhxolADfZ
ba5sWmIYWyxxJOPmdJm1LKf4+VmzmPrY8KybvvonLrMVee7RmKCaOrykUavLf6S1
uQBLH+aDGWnCayR0bvL+sDhBRLTXOmGbwyDVsz7/+HA//gxi6JfHfAuiaBu0XylJ
RsZeawbe+txVnbcjYXeF3IDxC4uPBN8s/ei0uWWb/oFZ53QqIXdiy1i20ZBeeRkX
wp3EmSz/rPuc0PUivfamxTn9w+zjSHJmqZvED40CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBSGx71tOhhXOLrXgm4wgj5Ws4iVczAfBgNVHSMEGDAWgBTusyC+iXJoMfP9
kAdA8fkG+bGcajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdyTWd2b2x5YURIel9aQUhRUEg1QnZteG5Hby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWEvZDkwYmU4LWY2MDUtNGZjOC04ZjA5LTAyMTA0MGFhM2M4YS8x
L2hzZTliVG9ZVnppNjE0SnVNSUktVnJPSWxYTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWEv
ZDkwYmU4LWY2MDUtNGZjOC04ZjA5LTAyMTA0MGFhM2M4YS8xLzdyTWd2b2x5YURI
el9aQUhRUEg1QnZteG5Hby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArn1+DANBAIAAjAHAwUDKg1wgDAN
BgkqhkiG9w0BAQsFAAOCAQEAUrfCF3ylYwrF4hLnHVPLMTBnSJIdT7EYbc7mEJlS
h6JjinsQXSRpcQP7flsVEoKQ5zxShjQ+YtQUdU/YWgAQnLi1Ltr6agERWVCrZs4N
blDx1UDayKHY6Fx2Y60eJokT4i6+HMVKwSZnZMR++G7tNULP2zhubYxcOUQWh3il
IU8EJGkX0vrzEmDlADg4wampZBSrFxYmASqn10klAQkO+2d1VryTJxkm/FeQEdEB
POXoXtAsbHOCOrbDQSGPAyO5ZJUAWmJWAj4aNsNsZj5GpY5hzhHIX1GzIhEzuOYQ
4I7IlSzYYPvFT0v4tqoNvPIuhhtfTlxSZ9reyf+ZDFCidQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:14 2024 by rpki-client on console-fra.rpki-client.org