Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/ofHQnFslUuRdE4YUIqDwhC9BRtk.roa
File: ofHQnFslUuRdE4YUIqDwhC9BRtk.roa (raw, json)
Hash identifier: g0Qvu09kmCGGPwnQm7uktecCrXkausLd8C/zKYoqngo=
Subject key identifier: A1:F1:D0:9C:5B:25:52:E4:5D:13:86:14:22:A0:F0:84:2F:41:46:D9
Certificate issuer: /CN=1fe8ee87853406cd8d04ba8e39bf7a51ffb8a3bc
Certificate serial: 01841F55DBA56297FE7117B18EAF7195AA80
Authority key identifier: 1F:E8:EE:87:85:34:06:CD:8D:04:BA:8E:39:BF:7A:51:FF:B8:A3:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H-juh4U0Bs2NBLqOOb96Uf-4o7w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/ofHQnFslUuRdE4YUIqDwhC9BRtk.roa
Signing time: Fri 28 Oct 2022 16:03:51 +0000
ROA not before: Fri 28 Oct 2022 16:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50033
IP address blocks: 185.161.124.0/22 maxlen: 22
185.211.52.0/22 maxlen: 22
185.60.162.0/24 maxlen: 24
2a07:c3c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1f:55:db:a5:62:97:fe:71:17:b1:8e:af:71:95:aa:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1fe8ee87853406cd8d04ba8e39bf7a51ffb8a3bc
Validity
Not Before: Oct 28 16:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1f1d09c5b2552e45d13861422a0f0842f4146d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e9:13:dd:c8:c6:bb:1a:37:d6:0b:b0:31:7f:
e2:c2:be:6c:27:93:1f:bf:70:35:de:1d:63:44:99:
e4:83:08:a0:38:da:c5:f1:15:f9:75:b5:cb:72:5e:
20:aa:3a:df:9e:f6:e1:e4:06:a7:39:20:03:77:a4:
76:7b:e9:3c:2d:e6:13:f0:b4:42:b1:24:71:64:32:
03:a9:e4:59:48:72:9d:38:d8:87:2d:84:2d:3e:16:
bd:11:01:a7:a8:66:e7:df:50:33:3d:67:e3:43:29:
51:88:81:76:f6:fd:6c:65:40:c7:93:2d:28:4f:47:
bc:e3:68:88:da:b8:b6:b6:15:bb:a9:fe:9f:14:3c:
87:f2:98:9b:24:b4:02:a7:18:0a:3e:4c:67:66:1b:
36:37:7d:e1:dc:50:92:3f:a5:79:25:95:71:e0:7c:
06:8e:f5:47:1c:a7:28:cf:a7:94:ec:db:37:da:12:
ae:6f:50:44:5d:01:8d:99:17:c1:8c:37:98:6c:6c:
81:0b:fb:c8:41:7f:b7:f5:88:4a:54:84:17:7c:6e:
3c:d6:db:24:37:79:53:dc:16:e1:78:e7:fb:48:63:
e5:0a:6a:e6:63:d5:e4:6e:1f:19:12:06:f7:9f:4e:
46:3d:f1:56:c2:50:e8:9f:15:ed:19:82:0c:ee:0d:
e8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F1:D0:9C:5B:25:52:E4:5D:13:86:14:22:A0:F0:84:2F:41:46:D9
X509v3 Authority Key Identifier:
keyid:1F:E8:EE:87:85:34:06:CD:8D:04:BA:8E:39:BF:7A:51:FF:B8:A3:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H-juh4U0Bs2NBLqOOb96Uf-4o7w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/ofHQnFslUuRdE4YUIqDwhC9BRtk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/00441d-80e4-4d18-9581-5c5eab8a9e3c/1/H-juh4U0Bs2NBLqOOb96Uf-4o7w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.162.0/24
185.161.124.0/22
185.211.52.0/22
IPv6:
2a07:c3c0::/29
Signature Algorithm: sha256WithRSAEncryption
ba:74:02:92:79:d2:12:4c:08:04:a7:2d:4c:92:70:ae:5a:ab:
be:29:71:86:a6:56:29:1c:5f:fe:d5:8c:62:f8:cd:8a:ad:84:
d1:f1:03:ba:92:31:f9:c1:2e:93:ff:28:87:f4:b9:ec:5e:35:
96:ea:a3:a3:3c:77:7b:c0:2a:9f:33:ca:cb:e7:3b:9e:6b:87:
11:59:4e:f0:f0:f3:0d:3e:2b:4a:10:ba:01:87:48:f2:09:8f:
43:6f:90:8d:f2:85:9f:ff:2b:00:e0:32:a8:7f:57:84:82:fb:
c3:02:d8:26:40:c9:73:6f:34:10:de:e3:25:5d:ee:89:bf:15:
bf:d9:ab:36:9b:79:d5:de:8c:1c:10:76:bb:18:d8:62:46:3f:
4e:6d:01:36:a5:f5:e2:05:3e:e2:17:c2:31:95:33:a4:55:8a:
4f:50:92:db:82:ba:ed:ac:a3:0b:55:e6:ff:51:c9:32:ea:9b:
41:af:0c:e1:7b:c2:70:08:3f:ba:2f:7a:03:af:75:a5:af:d5:
23:f7:c8:e8:3c:b6:50:c7:df:01:10:e3:38:c7:88:fe:b0:10:
f1:11:39:67:1c:09:6c:86:1c:3f:26:3a:b5:9e:52:f1:83:12:
cd:ce:3b:be:93:f9:57:3a:92:d7:ef:46:e6:c4:56:fc:c0:cf:
91:c7:be:1f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYQfVdulYpf+cRexjq9xlaqAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmZThlZTg3ODUzNDA2Y2Q4ZDA0YmE4ZTM5YmY3YTUxZmZi
OGEzYmMwHhcNMjIxMDI4MTYwMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWYxZDA5YzViMjU1MmU0NWQxMzg2MTQyMmEwZjA4NDJmNDE0NmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtukT3cjGuxo31guwMX/iwr5sJ5Mf
v3A13h1jRJnkgwigONrF8RX5dbXLcl4gqjrfnvbh5AanOSADd6R2e+k8LeYT8LRC
sSRxZDIDqeRZSHKdONiHLYQtPha9EQGnqGbn31AzPWfjQylRiIF29v1sZUDHky0o
T0e842iI2ri2thW7qf6fFDyH8pibJLQCpxgKPkxnZhs2N33h3FCSP6V5JZVx4HwG
jvVHHKcoz6eU7Ns32hKub1BEXQGNmRfBjDeYbGyBC/vIQX+39YhKVIQXfG481tsk
N3lT3BbheOf7SGPlCmrmY9Xkbh8ZEgb3n05GPfFWwlDonxXtGYIM7g3oWwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKHx0JxbJVLkXROGFCKg8IQvQUbZMB8GA1UdIwQY
MBaAFB/o7oeFNAbNjQS6jjm/elH/uKO8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSC1qdWg0VTBCczJOQkxxT09iOTZVZi00bzd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS8wMDQ0MWQtODBlNC00ZDE4LTk1ODEt
NWM1ZWFiOGE5ZTNjLzEvb2ZIUW5Gc2xVdVJkRTRZVUlxRHdoQzlCUnRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS8wMDQ0MWQtODBlNC00ZDE4LTk1ODEtNWM1ZWFiOGE5ZTNj
LzEvSC1qdWg0VTBCczJOQkxxT09iOTZVZi00bzd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAuTyiAwQC
uaF8AwQCudM0MA0EAgACMAcDBQMqB8PAMA0GCSqGSIb3DQEBCwUAA4IBAQC6dAKS
edISTAgEpy1MknCuWqu+KXGGplYpHF/+1Yxi+M2KrYTR8QO6kjH5wS6T/yiH9Lns
XjWW6qOjPHd7wCqfM8rL5zuea4cRWU7w8PMNPitKELoBh0jyCY9Db5CN8oWf/ysA
4DKof1eEgvvDAtgmQMlzbzQQ3uMlXe6JvxW/2as2m3nV3owcEHa7GNhiRj9ObQE2
pfXiBT7iF8IxlTOkVYpPUJLbgrrtrKMLVeb/Ucky6ptBrwzhe8JwCD+6L3oDr3Wl
r9Uj98joPLZQx98BEOM4x4j+sBDxETlnHAlshhw/Jjq1nlLxgxLNzju+k/lXOpLX
70bmxFb8wM+Rx74f
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:17 2023 by rpki-client on console-ams.rpki-client.org