Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/hiGGK_xRjL-UpVtDpgW3qggvgFA.roa
File: hiGGK_xRjL-UpVtDpgW3qggvgFA.roa (raw, json)
Hash identifier: +QPdoBAdFLdMJ/cq8J93YY+A0Xh7G3wlLQAGPW8UHnI=
Subject key identifier: 86:21:86:2B:FC:51:8C:BF:94:A5:5B:43:A6:05:B7:AA:08:2F:80:50
Certificate issuer: /CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Certificate serial: 083D7397
Authority key identifier: 32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/hiGGK_xRjL-UpVtDpgW3qggvgFA.roa
Signing time: Mon 14 Feb 2022 21:24:04 +0000
ROA not before: Mon 14 Feb 2022 21:24:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59741
IP address blocks: 185.73.240.0/24 maxlen: 24
185.73.241.0/24 maxlen: 24
45.155.79.0/24 maxlen: 24
45.141.54.0/24 maxlen: 24
45.141.52.0/22 maxlen: 24
2a05:4740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 138245015 (0x83d7397)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32474ac7ca85e09c2d48b33e7bf66f8ed764de0f
Validity
Not Before: Feb 14 21:24:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8621862bfc518cbf94a55b43a605b7aa082f8050
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b5:77:e7:ca:55:23:1d:c1:81:0b:2c:8d:f1:
df:05:d1:ef:92:c5:01:c5:e8:8d:e6:37:6f:2e:dc:
e7:2d:0e:3c:25:ec:fc:86:89:39:30:a3:a0:bb:f3:
92:e0:98:72:93:54:00:8a:1b:13:00:9d:4a:44:73:
b4:19:fe:8b:3c:ed:19:96:b1:66:5a:c9:64:59:c3:
b0:34:9d:30:f1:32:e0:c1:23:04:23:41:a6:ef:71:
64:4f:73:78:88:62:0d:6a:ef:ea:cd:51:b5:bc:30:
b5:91:6d:b6:e2:f7:61:0c:2b:b7:05:81:38:7c:2b:
de:5e:7f:9c:d2:44:42:8c:5a:fe:95:01:84:20:c3:
d6:22:69:61:dd:c9:14:1f:de:0c:34:9f:1f:78:3a:
86:64:81:7a:8e:3f:55:26:37:29:fe:2f:e9:b8:c6:
d6:eb:41:e1:e0:b3:23:9f:af:8d:9e:92:1e:74:77:
56:fc:f2:73:7e:0e:82:10:1b:a3:3b:01:1f:80:6f:
20:b1:13:3a:af:84:de:67:1f:3f:fb:cf:f5:19:e8:
6d:0e:72:37:a5:f6:76:ce:67:59:21:e1:80:f8:81:
e0:39:83:c4:85:38:b7:33:0b:b4:b3:9d:ef:0e:c9:
93:6f:9e:96:20:dd:65:fe:4e:8b:55:7b:7d:5b:42:
a5:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:21:86:2B:FC:51:8C:BF:94:A5:5B:43:A6:05:B7:AA:08:2F:80:50
X509v3 Authority Key Identifier:
keyid:32:47:4A:C7:CA:85:E0:9C:2D:48:B3:3E:7B:F6:6F:8E:D7:64:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/hiGGK_xRjL-UpVtDpgW3qggvgFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/1fd0a6-4517-4a0b-b3c9-12ec22c9c5a2/1/MkdKx8qF4JwtSLM-e_Zvjtdk3g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.52.0/22
45.155.79.0/24
185.73.240.0/23
IPv6:
2a05:4740::/32
Signature Algorithm: sha256WithRSAEncryption
09:85:eb:71:42:51:0c:6a:f9:4f:97:f8:52:6a:3a:66:0d:cc:
50:ad:fd:75:a5:0e:e2:d5:67:08:68:ea:df:f9:b6:e1:39:1d:
ea:2f:1e:1a:f4:49:5a:7b:24:41:a7:cd:5c:24:62:40:3e:c9:
c9:ea:c3:ca:ce:ea:59:41:2e:7d:5e:a1:ec:18:4f:87:3f:6c:
9e:c3:42:ff:e6:2d:d5:e5:8f:b9:ac:05:62:f5:33:f7:ca:11:
e1:c2:10:b2:44:26:b2:3f:79:d7:c5:c4:1d:4b:ad:d1:c8:2c:
d2:88:59:1e:ce:1c:6b:70:df:3d:a8:82:ef:7b:e1:0d:7f:3d:
1f:b8:e6:52:19:62:17:05:e6:0d:5e:75:89:30:a0:ea:aa:e6:
f5:ef:64:e1:cd:b4:f3:8f:55:73:cb:73:c4:73:80:85:69:b1:
13:e9:b7:5c:10:84:8e:ee:c9:48:43:bb:c2:f5:be:98:ec:22:
54:36:f8:85:51:30:3a:e3:52:a4:98:35:04:c1:d9:1b:14:91:
59:e2:e7:ad:a0:5d:5a:4f:30:ed:4c:f1:a4:1c:23:cf:34:ec:
d0:79:1e:ae:82:4b:d5:b3:63:62:b4:65:6d:8a:5f:66:8c:2e:
42:b9:61:3f:83:48:32:0a:14:49:0c:10:00:ae:89:36:14:86:
f1:8b:03:3f
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECD1zlzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjQ3NGFjN2NhODVlMDljMmQ0OGIzM2U3YmY2NmY4ZWQ3NjRkZTBmMB4XDTIyMDIx
NDIxMjQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYyMTg2MmJmYzUx
OGNiZjk0YTU1YjQzYTYwNWI3YWEwODJmODA1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANO1d+fKVSMdwYELLI3x3wXR75LFAcXojeY3by7c5y0OPCXs
/IaJOTCjoLvzkuCYcpNUAIobEwCdSkRztBn+izztGZaxZlrJZFnDsDSdMPEy4MEj
BCNBpu9xZE9zeIhiDWrv6s1RtbwwtZFttuL3YQwrtwWBOHwr3l5/nNJEQoxa/pUB
hCDD1iJpYd3JFB/eDDSfH3g6hmSBeo4/VSY3Kf4v6bjG1utB4eCzI5+vjZ6SHnR3
Vvzyc34OghAbozsBH4BvILETOq+E3mcfP/vP9RnobQ5yN6X2ds5nWSHhgPiB4DmD
xIU4tzMLtLOd7w7Jk2+eliDdZf5Oi1V7fVtCpSMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSGIYYr/FGMv5SlW0OmBbeqCC+AUDAfBgNVHSMEGDAWgBQyR0rHyoXgnC1I
sz579m+O12TeDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01rZEt4OHFGNEp3dFNMTS1lX1p2anRkazNnOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmQvMWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8x
L2hpR0dLX3hSakwtVXBWdERwZ1czcWdndmdGQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmQv
MWZkMGE2LTQ1MTctNGEwYi1iM2M5LTEyZWMyMmM5YzVhMi8xL01rZEt4OHFGNEp3
dFNMTS1lX1p2anRkazNnOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAi2NNAMEAC2bTwMEAblJ8DANBAIA
AjAHAwUAKgVHQDANBgkqhkiG9w0BAQsFAAOCAQEACYXrcUJRDGr5T5f4Umo6Zg3M
UK39daUO4tVnCGjq3/m24Tkd6i8eGvRJWnskQafNXCRiQD7JyerDys7qWUEufV6h
7BhPhz9snsNC/+Yt1eWPuawFYvUz98oR4cIQskQmsj9518XEHUut0cgs0ohZHs4c
a3DfPaiC73vhDX89H7jmUhliFwXmDV51iTCg6qrm9e9k4c20849Vc8tzxHOAhWmx
E+m3XBCEju7JSEO7wvW+mOwiVDb4hVEwOuNSpJg1BMHZGxSRWeLnraBdWk8w7Uzx
pBwjzzTs0HkeroJL1bNjYrRlbYpfZowuQrlhP4NIMgoUSQwQAK6JNhSG8YsDPw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:06 2023 by rpki-client on console-fra.rpki-client.org