Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/hc9cZkAn7Kk2qoQb0xbTBMAbeEY.roa
File: hc9cZkAn7Kk2qoQb0xbTBMAbeEY.roa (raw, json)
Hash identifier: 9RvS3KQedUQUf+CbpmY0APDBXd4Fg5tPllEmRwf7vlI=
Subject key identifier: 85:CF:5C:66:40:27:EC:A9:36:AA:84:1B:D3:16:D3:04:C0:1B:78:46
Certificate issuer: /CN=01335442514d5249b5143cfdf821216bb5c52940
Certificate serial: 03E4A8A2
Authority key identifier: 01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/hc9cZkAn7Kk2qoQb0xbTBMAbeEY.roa
Signing time: Sat 01 Jan 2022 06:57:06 +0000
ROA not before: Sat 01 Jan 2022 06:57:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39134
IP address blocks: 185.206.100.0/22 maxlen: 24
185.206.100.0/24 maxlen: 24
88.212.220.0/22 maxlen: 24
88.212.224.0/22 maxlen: 24
88.212.229.0/24 maxlen: 24
88.212.228.0/22 maxlen: 24
88.212.230.0/23 maxlen: 23
88.212.192.0/24 maxlen: 24
88.212.192.0/20 maxlen: 24
88.212.196.0/24 maxlen: 24
88.212.204.0/24 maxlen: 24
88.212.208.0/22 maxlen: 24
2a02:2100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65317026 (0x3e4a8a2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01335442514d5249b5143cfdf821216bb5c52940
Validity
Not Before: Jan 1 06:57:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85cf5c664027eca936aa841bd316d304c01b7846
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:b3:ff:13:35:20:ac:6c:cb:30:fe:40:8e:bc:
75:f6:2b:72:31:63:50:9b:ea:f3:df:b5:6b:40:d3:
28:06:69:3b:f1:ad:1c:db:0e:74:01:1c:53:0f:56:
16:54:9e:8c:ec:83:3e:31:17:8d:c4:89:21:1d:65:
a3:c2:b4:eb:8c:dd:c2:dc:60:bc:50:a2:05:dd:7b:
c0:0a:69:68:e5:97:2d:bc:17:e4:46:bd:32:fd:49:
3a:91:c2:b0:06:99:10:39:a5:25:c5:8b:69:84:bf:
5d:9b:a2:17:de:b4:7f:12:ee:75:d8:a5:70:1f:43:
1c:28:4f:a9:04:f0:6f:12:7a:9f:82:33:03:03:4e:
51:a0:97:f8:13:0e:27:53:c2:37:5b:7a:d9:be:0e:
81:43:ca:9a:96:aa:59:81:0f:67:dc:15:da:51:39:
2c:12:65:97:e1:26:1f:aa:53:13:2f:fc:27:35:7f:
6a:e6:cf:86:58:83:4a:63:0a:c4:76:4a:7a:a2:e2:
39:ea:8a:ef:98:49:63:c6:8a:50:0a:7a:52:98:7d:
2e:29:f9:d6:ca:ab:bb:42:66:8a:b1:ef:a6:4a:ca:
db:a9:3f:ad:72:48:0c:2c:59:ff:70:42:98:b7:a6:
c5:30:1c:c4:c2:df:c1:ff:a3:73:36:33:66:29:b9:
36:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:CF:5C:66:40:27:EC:A9:36:AA:84:1B:D3:16:D3:04:C0:1B:78:46
X509v3 Authority Key Identifier:
keyid:01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/hc9cZkAn7Kk2qoQb0xbTBMAbeEY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ATNUQlFNUkm1FDz9-CEha7XFKUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.212.192.0-88.212.211.255
88.212.220.0-88.212.231.255
185.206.100.0/22
IPv6:
2a02:2100::/32
Signature Algorithm: sha256WithRSAEncryption
0b:f6:f4:8b:be:67:80:5e:2a:ce:b9:53:52:cb:33:ed:98:b1:
7f:81:53:02:d9:7f:fd:0b:0b:3e:37:9f:08:55:6e:fd:5f:72:
09:31:3e:1e:d6:e5:bb:7a:4f:78:ec:c3:e1:7e:f2:bc:b5:46:
3c:96:1c:2e:d5:61:ae:33:51:cc:d1:30:b1:de:12:59:86:3f:
3a:b4:18:b8:c8:e5:ce:3a:db:2a:34:32:b7:2a:aa:8b:fe:07:
e1:cf:e1:b2:1b:0a:3f:a3:44:3d:92:b0:d5:4a:17:db:26:25:
cd:64:69:83:43:3a:5f:47:06:93:26:04:94:a4:ed:82:6a:66:
c4:85:b7:db:42:50:84:a1:fb:c1:2b:be:a5:d3:70:aa:2f:d5:
3e:b0:46:62:5c:d9:40:c9:1f:e7:16:8f:93:a4:23:d7:94:f9:
dc:33:e7:97:bc:70:d7:f7:83:f9:7e:88:f0:44:6b:9d:86:2d:
81:44:c3:6e:6d:2a:e4:34:f3:7a:74:03:52:07:ad:dd:f7:aa:
ec:08:d5:80:15:72:23:d3:68:a6:cb:b2:e7:d8:85:78:3f:27:
fd:cb:73:57:79:12:bb:60:0b:2e:3f:df:b3:e1:21:47:e6:56:
f8:46:bf:8b:8a:f8:a6:ff:58:fd:c9:a3:59:3e:3b:25:c2:d0:
7d:d6:0e:54
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEA+SoojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTMzNTQ0MjUxNGQ1MjQ5YjUxNDNjZmRmODIxMjE2YmI1YzUyOTQwMB4XDTIyMDEw
MTA2NTcwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODVjZjVjNjY0MDI3
ZWNhOTM2YWE4NDFiZDMxNmQzMDRjMDFiNzg0NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO+z/xM1IKxsyzD+QI68dfYrcjFjUJvq89+1a0DTKAZpO/Gt
HNsOdAEcUw9WFlSejOyDPjEXjcSJIR1lo8K064zdwtxgvFCiBd17wAppaOWXLbwX
5Ea9Mv1JOpHCsAaZEDmlJcWLaYS/XZuiF960fxLuddilcB9DHChPqQTwbxJ6n4Iz
AwNOUaCX+BMOJ1PCN1t62b4OgUPKmpaqWYEPZ9wV2lE5LBJll+EmH6pTEy/8JzV/
aubPhliDSmMKxHZKeqLiOeqK75hJY8aKUAp6Uph9Lin51sqru0JmirHvpkrK26k/
rXJIDCxZ/3BCmLemxTAcxMLfwf+jczYzZim5NiUCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBSFz1xmQCfsqTaqhBvTFtMEwBt4RjAfBgNVHSMEGDAWgBQBM1RCUU1SSbUU
PP34ISFrtcUpQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FUTlVRbEZOVWttMUZEejktQ0VoYTdYRktVQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYzdhNjhmLTdiZjgtNGY4MC1hOWEyLTgxNWQyYzAyNjY0Ni8x
L2hjOWNaa0FuN0trMnFvUWIweGJUQk1BYmVFWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YzdhNjhmLTdiZjgtNGY4MC1hOWEyLTgxNWQyYzAyNjY0Ni8xL0FUTlVRbEZOVWtt
MUZEejktQ0VoYTdYRktVQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwKAQCAAEwIjAMAwQGWNTAAwQCWNTQMAwDBAJY1NwD
BANY1OADBAK5zmQwDQQCAAIwBwMFACoCIQAwDQYJKoZIhvcNAQELBQADggEBAAv2
9Iu+Z4BeKs65U1LLM+2YsX+BUwLZf/0LCz43nwhVbv1fcgkxPh7W5bt6T3jsw+F+
8ry1RjyWHC7VYa4zUczRMLHeElmGPzq0GLjI5c462yo0Mrcqqov+B+HP4bIbCj+j
RD2SsNVKF9smJc1kaYNDOl9HBpMmBJSk7YJqZsSFt9tCUISh+8ErvqXTcKov1T6w
RmJc2UDJH+cWj5OkI9eU+dwz55e8cNf3g/l+iPBEa52GLYFEw25tKuQ083p0A1IH
rd33quwI1YAVciPTaKbLsufYhXg/J/3Lc1d5ErtgCy4/37PhIUfmVvhGv4uK+Kb/
WP3Jo1k+OyXC0H3WDlQ=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:16 2023 by rpki-client on console-ams.rpki-client.org