Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/hqTIWNM5vwRAC0URuSX-bW6gGyM.roa
File: hqTIWNM5vwRAC0URuSX-bW6gGyM.roa (raw, json)
Hash identifier: XJKj02zPD/bn9Bjzp8OHhVTbmOctWuCusoGiWRQfXKw=
Subject key identifier: 86:A4:C8:58:D3:39:BF:04:40:0B:45:11:B9:25:FE:6D:6E:A0:1B:23
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 018B84CFDA3EEF7E4F5331F55DF7111C06B8
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/hqTIWNM5vwRAC0URuSX-bW6gGyM.roa
Signing time: Tue 31 Oct 2023 08:18:15 +0000
ROA not before: Tue 31 Oct 2023 08:18:15 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206119
IP address blocks: 194.0.207.0/24 maxlen: 24
185.213.169.0/24 maxlen: 24
185.213.171.0/24 maxlen: 24
185.213.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:84:cf:da:3e:ef:7e:4f:53:31:f5:5d:f7:11:1c:06:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: Oct 31 08:18:15 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=86a4c858d339bf04400b4511b925fe6d6ea01b23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:53:63:20:6f:c5:ef:bf:23:04:fa:15:ef:88:
da:7d:54:24:2c:e6:3c:fb:0e:d3:9f:37:76:6e:07:
6a:d2:ee:f3:88:42:82:ca:89:29:69:50:10:a9:51:
76:de:c2:dd:19:53:f4:c8:52:ec:7b:c6:0f:99:84:
5a:bd:65:63:6b:6c:80:fb:63:2d:d5:7c:b7:ad:94:
1e:60:b3:e1:61:f2:d0:89:fb:e1:a3:0f:dd:d9:e9:
15:0f:34:81:36:34:cd:d8:ef:1e:f5:a7:0f:da:eb:
97:d1:14:90:36:90:66:53:56:43:da:ca:fc:de:56:
51:d3:98:71:0c:a9:d0:15:b7:65:93:c9:25:9a:2f:
4a:8e:b8:4e:07:28:dd:33:33:ea:b8:52:3b:73:06:
a6:1c:b7:a7:94:db:f6:b4:05:14:eb:e7:7d:39:04:
7c:b8:c9:ae:21:22:96:49:14:5e:8d:d2:53:83:c7:
b6:a6:f9:4f:a5:c3:14:67:55:29:c9:f4:27:1d:a9:
e4:31:68:30:d9:cc:22:5c:d3:16:52:ab:33:fa:11:
08:80:d2:f4:1c:bc:75:2a:dc:0b:fb:40:e4:6d:8d:
99:60:67:ef:23:82:6b:33:05:0b:6b:ae:29:65:8a:
e5:38:b6:c9:54:78:6f:bd:50:3a:bf:ff:11:81:04:
ac:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A4:C8:58:D3:39:BF:04:40:0B:45:11:B9:25:FE:6D:6E:A0:1B:23
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/hqTIWNM5vwRAC0URuSX-bW6gGyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.169.0-185.213.171.255
194.0.207.0/24
Signature Algorithm: sha256WithRSAEncryption
59:1d:ed:55:45:dd:86:69:30:fe:19:fd:7e:19:12:7c:12:94:
8b:b8:04:0c:cb:13:fd:f4:bb:b0:0f:6e:0c:76:05:dd:31:3f:
e4:d5:63:2e:91:d9:81:a3:4c:6c:56:8e:52:86:d3:2f:13:ea:
75:14:38:76:1d:6e:c2:fc:df:67:fa:01:ab:ad:1d:09:c6:80:
f6:b2:09:cf:30:16:7d:69:df:41:ef:c4:e9:b8:79:92:ba:d3:
39:22:70:74:d4:ca:48:87:64:fe:4d:11:bc:99:90:d2:31:75:
53:f6:37:57:2b:4a:97:cd:5e:84:b5:71:a2:af:ba:b5:22:9f:
a2:81:c1:f4:71:f0:81:a7:44:c8:26:72:b0:8b:02:4f:9b:87:
a9:b5:c2:1c:d4:70:e6:56:f9:6b:6f:24:cf:67:49:73:c4:40:
33:76:29:c9:81:32:ef:19:3b:f4:15:d7:7b:23:92:e7:d3:c2:
88:be:8b:d4:7b:59:95:d4:98:53:3e:26:59:95:78:dc:08:e5:
da:0f:7c:e0:c5:01:56:6f:9d:69:cd:d8:a0:3d:ac:9a:16:d6:
ff:d6:21:49:1c:4e:e1:ee:cf:fe:26:0b:9c:20:31:9f:2c:46:
e0:85:56:fd:d0:6f:ea:e6:5b:75:69:c0:cc:1d:a9:11:55:73:
5a:7c:ad:77
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYuEz9o+735PUzH1XfcRHAa4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjMxMDMxMDgxODE1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE0Yzg1OGQzMzliZjA0NDAwYjQ1MTFiOTI1ZmU2ZDZlYTAxYjIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs1NjIG/F778jBPoV74jafVQkLOY8
+w7Tnzd2bgdq0u7ziEKCyokpaVAQqVF23sLdGVP0yFLse8YPmYRavWVja2yA+2Mt
1Xy3rZQeYLPhYfLQifvhow/d2ekVDzSBNjTN2O8e9acP2uuX0RSQNpBmU1ZD2sr8
3lZR05hxDKnQFbdlk8klmi9KjrhOByjdMzPquFI7cwamHLenlNv2tAUU6+d9OQR8
uMmuISKWSRRejdJTg8e2pvlPpcMUZ1UpyfQnHankMWgw2cwiXNMWUqsz+hEIgNL0
HLx1KtwL+0DkbY2ZYGfvI4JrMwULa64pZYrlOLbJVHhvvVA6v/8RgQSshQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFIakyFjTOb8EQAtFEbkl/m1uoBsjMB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvaHFUSVdOTTV2d1JBQzBVUnVTWC1iVzZnR3lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAC51akD
BAK51agDBADCAM8wDQYJKoZIhvcNAQELBQADggEBAFkd7VVF3YZpMP4Z/X4ZEnwS
lIu4BAzLE/30u7APbgx2Bd0xP+TVYy6R2YGjTGxWjlKG0y8T6nUUOHYdbsL832f6
AautHQnGgPayCc8wFn1p30HvxOm4eZK60zkicHTUykiHZP5NEbyZkNIxdVP2N1cr
SpfNXoS1caKvurUin6KBwfRx8IGnRMgmcrCLAk+bh6m1whzUcOZW+WtvJM9nSXPE
QDN2KcmBMu8ZO/QV13sjkufTwoi+i9R7WZXUmFM+JlmVeNwI5doPfODFAVZvnWnN
2KA9rJoW1v/WIUkcTuHuz/4mC5wgMZ8sRuCFVv3Qb+rmW3VpwMwdqRFVc1p8rXc=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:00 2025 by rpki-client