Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/hSver79t-aUqGXplqu-IRJEHqis.roa
File: hSver79t-aUqGXplqu-IRJEHqis.roa (raw, json)
Hash identifier: zr6QQacsQik7TOghaCopZZg1HSQWPKKbWpPh/LMNMMk=
Subject key identifier: 85:2B:DE:AF:BF:6D:F9:A5:2A:19:7A:65:AA:EF:88:44:91:07:AA:2B
Certificate issuer: /CN=447c52d81edc1249644ad794be028af90e024a16
Certificate serial: 01860F78AD66BC5B9207C577655CE6688ACB
Authority key identifier: 44:7C:52:D8:1E:DC:12:49:64:4A:D7:94:BE:02:8A:F9:0E:02:4A:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RHxS2B7cEklkSteUvgKK-Q4CShY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/hSver79t-aUqGXplqu-IRJEHqis.roa
Signing time: Thu 02 Feb 2023 00:13:32 +0000
ROA not before: Thu 02 Feb 2023 00:13:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57684
IP address blocks: 194.110.156.0/22 maxlen: 24
185.205.212.0/22 maxlen: 24
2a0b:a40::/29 maxlen: 48
2001:67c:2674::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0f:78:ad:66:bc:5b:92:07:c5:77:65:5c:e6:68:8a:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=447c52d81edc1249644ad794be028af90e024a16
Validity
Not Before: Feb 2 00:13:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=852bdeafbf6df9a52a197a65aaef88449107aa2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7a:de:85:9f:57:45:8b:76:9c:b6:34:be:d7:
53:79:77:b7:9d:f8:6a:9f:18:ea:76:78:c9:8b:fc:
c4:53:f3:f5:9d:73:5b:c3:f9:b3:b7:58:55:ae:4e:
ea:3d:85:ec:08:dd:8a:a8:35:ce:86:de:4d:6f:f4:
45:c1:a8:1e:a9:a3:cf:0f:54:37:41:6f:63:1f:19:
94:41:6c:d7:89:06:83:9c:20:ad:f1:ec:8b:f4:61:
72:61:a8:b8:3a:a7:59:54:c2:b9:bb:d8:89:dc:3d:
c3:2a:84:67:9c:e5:08:e3:c0:28:61:8a:a2:6f:fd:
eb:a3:91:cb:ff:f2:22:55:f4:b7:34:7c:03:d3:86:
11:e7:5e:9f:f9:4e:45:8e:55:00:c5:82:c6:68:33:
da:bf:d6:ff:fe:ad:b3:ab:ad:de:c8:b5:9e:7f:17:
c3:ce:a4:9c:6d:0c:72:51:71:e7:5a:02:19:4c:66:
a7:eb:b8:63:70:63:e6:9c:7b:43:93:a3:95:98:db:
eb:79:c6:bb:e7:19:5e:bd:f3:54:ad:08:80:51:fb:
c1:79:67:50:03:45:68:1e:fd:89:3c:8b:f0:54:3d:
8b:f2:a2:04:76:ce:13:6e:f6:8b:80:15:53:29:dd:
48:69:82:ce:cd:c6:32:ac:01:53:21:e0:3c:b7:34:
30:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:2B:DE:AF:BF:6D:F9:A5:2A:19:7A:65:AA:EF:88:44:91:07:AA:2B
X509v3 Authority Key Identifier:
keyid:44:7C:52:D8:1E:DC:12:49:64:4A:D7:94:BE:02:8A:F9:0E:02:4A:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RHxS2B7cEklkSteUvgKK-Q4CShY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/hSver79t-aUqGXplqu-IRJEHqis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/761b17-6cb5-47fd-8c4f-efa6789fd972/1/RHxS2B7cEklkSteUvgKK-Q4CShY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.205.212.0/22
194.110.156.0/22
IPv6:
2001:67c:2674::/48
2a0b:a40::/29
Signature Algorithm: sha256WithRSAEncryption
44:c5:8c:5f:46:6b:f8:f0:6a:ce:e5:bf:99:98:ea:04:50:80:
4e:0c:da:cd:27:fc:ff:20:6c:de:df:c3:23:1d:63:18:c1:e9:
f6:6e:07:78:5e:cc:1f:a3:88:72:eb:c3:d7:b2:44:99:b8:3a:
ac:21:10:ed:9e:e4:a2:31:bb:78:e0:5a:35:76:3c:0a:02:a8:
57:7a:86:76:0f:c6:0a:44:87:d6:f5:6a:d2:ae:cf:1a:81:4e:
8b:b1:14:e3:be:88:41:f6:67:09:4b:52:0f:e8:25:d1:8d:4b:
34:4c:98:e1:47:81:e2:8a:fb:f5:4c:42:eb:94:96:25:2a:9e:
6e:ce:bf:ca:ef:d6:71:f7:38:f8:2a:1e:42:f5:10:a3:08:40:
ef:51:8a:9f:cb:99:15:4e:60:30:c3:dc:87:bc:95:a0:b2:20:
b9:bc:54:96:65:7c:ec:e6:11:ff:af:4d:fc:3e:ea:79:d1:d5:
49:f3:3f:d0:49:12:3d:73:dc:d9:97:dd:40:3f:a3:83:cf:25:
c8:c6:8f:dc:71:20:65:58:22:44:5e:35:07:b3:38:dc:42:bc:
98:ce:78:3a:d8:aa:1f:fd:88:d9:de:da:8d:56:87:16:d0:18:
40:de:bb:21:d7:96:1f:35:b9:e2:32:3c:4f:48:36:43:cd:a9:
07:7f:2d:2b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYYPeK1mvFuSB8V3ZVzmaIrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0N2M1MmQ4MWVkYzEyNDk2NDRhZDc5NGJlMDI4YWY5MGUw
MjRhMTYwHhcNMjMwMjAyMDAxMzMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTJiZGVhZmJmNmRmOWE1MmExOTdhNjVhYWVmODg0NDkxMDdhYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXrehZ9XRYt2nLY0vtdTeXe3nfhq
nxjqdnjJi/zEU/P1nXNbw/mzt1hVrk7qPYXsCN2KqDXOht5Nb/RFwageqaPPD1Q3
QW9jHxmUQWzXiQaDnCCt8eyL9GFyYai4OqdZVMK5u9iJ3D3DKoRnnOUI48AoYYqi
b/3ro5HL//IiVfS3NHwD04YR516f+U5FjlUAxYLGaDPav9b//q2zq63eyLWefxfD
zqScbQxyUXHnWgIZTGan67hjcGPmnHtDk6OVmNvreca75xlevfNUrQiAUfvBeWdQ
A0VoHv2JPIvwVD2L8qIEds4TbvaLgBVTKd1IaYLOzcYyrAFTIeA8tzQwcwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIUr3q+/bfmlKhl6ZarviESRB6orMB8GA1UdIwQY
MBaAFER8Utge3BJJZErXlL4CivkOAkoWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkh4UzJCN2NFa2xrU3RlVXZnS0stUTRDU2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC83NjFiMTctNmNiNS00N2ZkLThjNGYt
ZWZhNjc4OWZkOTcyLzEvaFN2ZXI3OXQtYVVxR1hwbHF1LUlSSkVIcWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC83NjFiMTctNmNiNS00N2ZkLThjNGYtZWZhNjc4OWZkOTcy
LzEvUkh4UzJCN2NFa2xrU3RlVXZnS0stUTRDU2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuc3UAwQC
wm6cMBYEAgACMBADBwAgAQZ8JnQDBQMqCwpAMA0GCSqGSIb3DQEBCwUAA4IBAQBE
xYxfRmv48GrO5b+ZmOoEUIBODNrNJ/z/IGze38MjHWMYwen2bgd4Xswfo4hy68PX
skSZuDqsIRDtnuSiMbt44Fo1djwKAqhXeoZ2D8YKRIfW9WrSrs8agU6LsRTjvohB
9mcJS1IP6CXRjUs0TJjhR4Hiivv1TELrlJYlKp5uzr/K79Zx9zj4Kh5C9RCjCEDv
UYqfy5kVTmAww9yHvJWgsiC5vFSWZXzs5hH/r038Pup50dVJ8z/QSRI9c9zZl91A
P6ODzyXIxo/ccSBlWCJEXjUHszjcQryYzng62Kof/YjZ3tqNVocW0BhA3rsh15Yf
NbniMjxPSDZDzakHfy0r
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:54:55 2025 by rpki-client