Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/HadvRQ3CYimp2wPk5xCr5KRwSII.roa
File: HadvRQ3CYimp2wPk5xCr5KRwSII.roa (raw, json)
Hash identifier: TUZopGZ4UGtrd+Sp11zdHz8zq4tyfHWmagWZUmihc0k=
Subject key identifier: 1D:A7:6F:45:0D:C2:62:29:A9:DB:03:E4:E7:10:AB:E4:A4:70:48:82
Certificate issuer: /CN=04732b985f8f63ff8ae8eac7c70832b30cee80ad
Certificate serial: 12173554
Authority key identifier: 04:73:2B:98:5F:8F:63:FF:8A:E8:EA:C7:C7:08:32:B3:0C:EE:80:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BHMrmF-PY_-K6OrHxwgyswzugK0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/HadvRQ3CYimp2wPk5xCr5KRwSII.roa
Signing time: Sat 01 Jan 2022 01:57:35 +0000
ROA not before: Sat 01 Jan 2022 01:57:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39176
IP address blocks: 185.86.52.0/24 maxlen: 24
185.86.52.0/23 maxlen: 23
185.86.55.0/24 maxlen: 24
185.86.54.0/24 maxlen: 24
185.86.53.0/24 maxlen: 24
2a05:b500:54::/48 maxlen: 48
2a05:b500:55::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303510868 (0x12173554)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04732b985f8f63ff8ae8eac7c70832b30cee80ad
Validity
Not Before: Jan 1 01:57:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1da76f450dc26229a9db03e4e710abe4a4704882
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b1:b8:29:35:3a:0e:d8:eb:49:bc:57:a2:6e:
25:87:d4:90:2c:dd:84:c1:f9:45:9b:e1:28:3f:86:
29:1e:36:03:88:99:99:26:49:98:be:4f:bd:67:d6:
8d:f7:01:53:ab:f6:b3:76:65:29:0e:b4:c9:bc:78:
20:dc:e6:03:50:96:4e:a1:cd:2a:b8:a4:68:eb:89:
99:4e:d2:95:26:c0:ad:dd:e3:49:45:be:0d:94:20:
22:6b:1a:2c:c7:42:c3:2d:78:1b:b2:26:29:f2:c9:
86:1a:ac:83:57:6d:40:72:13:09:a7:df:4f:c9:ad:
a1:57:9f:d5:ad:34:22:5e:af:cf:34:7c:51:a3:2d:
50:41:5e:6c:05:ed:54:d5:a8:74:55:df:9a:94:f1:
b2:6d:7c:cd:1b:69:9a:95:5a:60:08:36:9d:96:a9:
84:cd:d7:24:26:0a:91:fe:0d:a1:cf:7e:3c:0f:d0:
da:0f:26:f0:13:84:06:83:b5:5c:e5:52:16:e3:e6:
88:2c:3d:d7:0f:2a:cd:18:d2:6a:cc:74:fc:9b:fc:
c6:3e:5f:e1:58:a5:a6:fd:51:1b:0d:f5:63:53:5e:
dc:3b:07:33:d8:f6:48:13:33:af:0b:ea:4a:ea:c6:
43:59:fe:b5:7a:70:d7:2e:91:0e:10:9d:a1:fa:34:
a2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A7:6F:45:0D:C2:62:29:A9:DB:03:E4:E7:10:AB:E4:A4:70:48:82
X509v3 Authority Key Identifier:
keyid:04:73:2B:98:5F:8F:63:FF:8A:E8:EA:C7:C7:08:32:B3:0C:EE:80:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BHMrmF-PY_-K6OrHxwgyswzugK0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/HadvRQ3CYimp2wPk5xCr5KRwSII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/6da0aa-1327-4fa6-a947-ada270825218/1/BHMrmF-PY_-K6OrHxwgyswzugK0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.52.0/22
IPv6:
2a05:b500:54::/47
Signature Algorithm: sha256WithRSAEncryption
69:b7:55:c9:ca:93:01:6e:f5:fd:41:6a:34:ef:3e:13:e9:90:
8e:cd:e0:89:9a:59:52:94:05:98:4e:75:46:1f:82:e0:2a:42:
91:91:5b:9f:85:c6:65:f1:4b:9f:b7:79:05:83:49:13:8c:76:
f4:5e:3d:26:ed:87:fb:0b:02:de:6c:0e:df:f7:ec:4a:0c:cf:
2a:55:f2:42:c4:39:55:ec:24:bf:60:0c:03:f4:e4:8f:1d:6d:
30:dd:d9:84:a6:8b:10:35:dd:d3:04:55:08:9b:0d:91:a4:48:
1d:2e:d3:cf:1b:d4:85:4d:45:9b:aa:09:c0:4c:77:ab:6b:8d:
46:15:a6:e3:da:26:c9:ad:c5:9a:32:34:90:83:f5:f1:3a:5b:
a7:ef:3d:ba:30:c9:c3:66:bd:54:47:7d:9f:5c:e5:5c:71:7f:
38:56:50:a3:61:a2:f1:ea:d7:77:ee:8e:90:74:e5:66:b5:3c:
41:35:3c:6e:9f:b5:f2:ca:eb:2d:30:30:62:ca:6a:ca:c9:be:
2c:f9:0f:b9:8a:31:7a:ce:3e:f1:e6:8f:65:68:ab:4b:69:d4:
bc:8b:d2:62:ed:0b:92:aa:58:ae:a2:5a:0f:f4:26:3b:09:62:
6b:b1:98:32:ee:2c:20:76:53:b7:ab:16:f6:bd:35:30:d2:01:
e7:cf:c8:85
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEEhc1VDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NDczMmI5ODVmOGY2M2ZmOGFlOGVhYzdjNzA4MzJiMzBjZWU4MGFkMB4XDTIyMDEw
MTAxNTczNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRhNzZmNDUwZGMy
NjIyOWE5ZGIwM2U0ZTcxMGFiZTRhNDcwNDg4MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ6xuCk1Og7Y60m8V6JuJYfUkCzdhMH5RZvhKD+GKR42A4iZ
mSZJmL5PvWfWjfcBU6v2s3ZlKQ60ybx4INzmA1CWTqHNKrikaOuJmU7SlSbArd3j
SUW+DZQgImsaLMdCwy14G7ImKfLJhhqsg1dtQHITCaffT8mtoVef1a00Il6vzzR8
UaMtUEFebAXtVNWodFXfmpTxsm18zRtpmpVaYAg2nZaphM3XJCYKkf4Noc9+PA/Q
2g8m8BOEBoO1XOVSFuPmiCw91w8qzRjSasx0/Jv8xj5f4Vilpv1RGw31Y1Ne3DsH
M9j2SBMzrwvqSurGQ1n+tXpw1y6RDhCdofo0osUCAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBQdp29FDcJiKanbA+TnEKvkpHBIgjAfBgNVHSMEGDAWgBQEcyuYX49j/4ro
6sfHCDKzDO6ArTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JITXJtRi1QWV8tSzZPckh4d2d5c3d6dWdLMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNmRhMGFhLTEzMjctNGZhNi1hOTQ3LWFkYTI3MDgyNTIxOC8x
L0hhZHZSUTNDWWltcDJ3UGs1eENyNUtSd1NJSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NmRhMGFhLTEzMjctNGZhNi1hOTQ3LWFkYTI3MDgyNTIxOC8xL0JITXJtRi1QWV8t
SzZPckh4d2d5c3d6dWdLMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEArlWNDAPBAIAAjAJAwcBKgW1AABU
MA0GCSqGSIb3DQEBCwUAA4IBAQBpt1XJypMBbvX9QWo07z4T6ZCOzeCJmllSlAWY
TnVGH4LgKkKRkVufhcZl8Uuft3kFg0kTjHb0Xj0m7Yf7CwLebA7f9+xKDM8qVfJC
xDlV7CS/YAwD9OSPHW0w3dmEposQNd3TBFUImw2RpEgdLtPPG9SFTUWbqgnATHer
a41GFabj2ibJrcWaMjSQg/XxOlun7z26MMnDZr1UR32fXOVccX84VlCjYaLx6td3
7o6QdOVmtTxBNTxun7XyyustMDBiymrKyb4s+Q+5ijF6zj7x5o9laKtLadS8i9Ji
7QuSqliuoloP9CY7CWJrsZgy7iwgdlO3qxb2vTUw0gHnz8iF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:19 2024 by rpki-client on console-ams.rpki-client.org