Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c58671-3d4e-4775-af21-20af3d1b8ef9/1/Hm-NeoNyjWa2GtgNdsDNmIZAoBg.roa
File: Hm-NeoNyjWa2GtgNdsDNmIZAoBg.roa (raw, json)
Hash identifier: baglLj2eEY0Q3lsspPHtY0o1UdPM8AlhXwgKaenk+ec=
Subject key identifier: 1E:6F:8D:7A:83:72:8D:66:B6:1A:D8:0D:76:C0:CD:98:86:40:A0:18
Certificate issuer: /CN=97a23bb0aca9d226d05adfac08554181c48ef82e
Certificate serial: 0D9F9B69
Authority key identifier: 97:A2:3B:B0:AC:A9:D2:26:D0:5A:DF:AC:08:55:41:81:C4:8E:F8:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l6I7sKyp0ibQWt-sCFVBgcSO-C4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c58671-3d4e-4775-af21-20af3d1b8ef9/1/Hm-NeoNyjWa2GtgNdsDNmIZAoBg.roa
Signing time: Sat 01 Jan 2022 15:03:22 +0000
ROA not before: Sat 01 Jan 2022 15:03:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205243
IP address blocks: 185.215.200.0/22 maxlen: 22
185.224.200.0/22 maxlen: 22
2a0d:3c00::/29 maxlen: 29
2a0b:adc0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 228563817 (0xd9f9b69)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97a23bb0aca9d226d05adfac08554181c48ef82e
Validity
Not Before: Jan 1 15:03:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e6f8d7a83728d66b61ad80d76c0cd988640a018
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:aa:76:0f:23:84:43:78:06:48:0c:01:ca:70:
34:7f:35:87:fa:d8:34:19:8f:c7:b5:b1:6a:67:f9:
cc:02:41:4a:43:c3:2b:d4:89:c0:91:0d:f0:c6:a8:
d7:a9:07:19:e5:12:b2:3e:2d:b6:3f:e3:db:bc:ca:
ed:ae:fb:9f:a0:26:72:67:08:a6:36:71:8d:cd:c5:
2d:8b:8f:12:ee:da:f8:1d:00:d9:b7:99:25:f0:af:
c7:6b:46:9d:0d:e8:7e:30:61:42:96:9f:5f:7a:58:
81:42:79:cb:81:70:da:28:e1:e2:66:cc:fd:a4:1a:
f9:b8:4e:4f:29:b9:1a:f7:b0:49:d6:9b:3b:5b:0b:
ab:80:a5:6e:82:4d:e5:de:8b:31:5a:35:ed:7d:0e:
d1:5a:97:77:84:87:79:5b:0f:7c:55:0e:2d:f2:ed:
af:36:4b:05:3e:27:03:63:b5:67:74:26:26:02:dc:
18:99:c1:d5:3d:43:49:72:a0:70:85:6e:00:d2:3a:
56:2b:33:fd:c1:da:7f:ad:38:93:f7:38:6a:a5:1f:
ab:05:b6:ed:c7:1c:97:c1:9a:9a:65:06:84:52:90:
3a:a2:48:f1:45:44:45:eb:a8:bc:a0:b5:62:6d:97:
2c:fb:63:ea:98:2a:ff:ad:90:67:12:be:22:a0:99:
87:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:6F:8D:7A:83:72:8D:66:B6:1A:D8:0D:76:C0:CD:98:86:40:A0:18
X509v3 Authority Key Identifier:
keyid:97:A2:3B:B0:AC:A9:D2:26:D0:5A:DF:AC:08:55:41:81:C4:8E:F8:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l6I7sKyp0ibQWt-sCFVBgcSO-C4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c58671-3d4e-4775-af21-20af3d1b8ef9/1/Hm-NeoNyjWa2GtgNdsDNmIZAoBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c58671-3d4e-4775-af21-20af3d1b8ef9/1/l6I7sKyp0ibQWt-sCFVBgcSO-C4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.215.200.0/22
185.224.200.0/22
IPv6:
2a0b:adc0::/29
2a0d:3c00::/29
Signature Algorithm: sha256WithRSAEncryption
20:ff:8d:a8:a7:1d:e8:5b:b3:43:33:f5:f3:67:87:0e:41:bf:
d8:64:f9:c3:4d:38:43:89:c5:15:80:74:24:19:ab:05:06:45:
4e:75:8b:0e:42:18:d3:4a:33:9b:6e:45:05:a5:f3:37:d2:08:
0a:ce:79:63:b8:1e:2b:6e:2c:c6:8f:29:90:d7:cd:97:33:5f:
46:0b:b6:22:47:3d:6d:08:c2:cf:30:37:cb:42:bb:85:39:5c:
21:71:dc:86:e8:b7:07:76:c2:bb:72:22:04:87:6c:d0:47:b5:
bf:f9:aa:f6:ff:8b:40:4e:90:08:be:ef:3d:17:98:da:1f:92:
cb:ba:9c:31:cd:01:84:72:15:fd:68:d0:79:25:b7:4b:bb:03:
9e:39:1e:bc:1d:e7:a6:e1:a8:6d:9f:70:ed:90:96:f3:90:7d:
86:e5:e4:81:0b:76:8c:8d:93:ff:e2:ba:44:63:bc:98:6d:46:
3f:4a:1f:1f:54:a1:56:6d:f1:b0:64:a6:d5:dd:e6:cf:6e:8a:
b1:9d:9e:df:85:4e:ba:ff:23:52:b7:3c:5f:c8:1a:81:99:c7:
98:52:ae:d3:55:6b:89:b8:f2:63:55:9b:b7:a7:17:6a:2a:dc:
ae:63:fc:1e:25:29:5f:5f:7a:2c:a6:a7:5e:69:03:7c:31:80:
71:68:ba:aa
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgIEDZ+baTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
N2EyM2JiMGFjYTlkMjI2ZDA1YWRmYWMwODU1NDE4MWM0OGVmODJlMB4XDTIyMDEw
MTE1MDMyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU2ZjhkN2E4Mzcy
OGQ2NmI2MWFkODBkNzZjMGNkOTg4NjQwYTAxODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL6qdg8jhEN4BkgMAcpwNH81h/rYNBmPx7Wxamf5zAJBSkPD
K9SJwJEN8Mao16kHGeUSsj4ttj/j27zK7a77n6AmcmcIpjZxjc3FLYuPEu7a+B0A
2beZJfCvx2tGnQ3ofjBhQpafX3pYgUJ5y4Fw2ijh4mbM/aQa+bhOTym5GvewSdab
O1sLq4ClboJN5d6LMVo17X0O0VqXd4SHeVsPfFUOLfLtrzZLBT4nA2O1Z3QmJgLc
GJnB1T1DSXKgcIVuANI6Visz/cHaf604k/c4aqUfqwW27cccl8GammUGhFKQOqJI
8UVEReuovKC1Ym2XLPtj6pgq/62QZxK+IqCZh8sCAwEAAaOCAiUwggIhMB0GA1Ud
DgQWBBQeb416g3KNZrYa2A12wM2YhkCgGDAfBgNVHSMEGDAWgBSXojuwrKnSJtBa
36wIVUGBxI74LjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2w2STdzS3lwMGliUVd0LXNDRlZCZ2NTTy1DNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmUvYzU4NjcxLTNkNGUtNDc3NS1hZjIxLTIwYWYzZDFiOGVmOS8x
L0htLU5lb055aldhMkd0Z05kc0RObUlaQW9CZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmUv
YzU4NjcxLTNkNGUtNDc3NS1hZjIxLTIwYWYzZDFiOGVmOS8xL2w2STdzS3lwMGli
UVd0LXNDRlZCZ2NTTy1DNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA7
BggrBgEFBQcBBwEB/wQsMCowEgQCAAEwDAMEArnXyAMEArngyDAUBAIAAjAOAwUD
KgutwAMFAyoNPAAwDQYJKoZIhvcNAQELBQADggEBACD/jainHehbs0Mz9fNnhw5B
v9hk+cNNOEOJxRWAdCQZqwUGRU51iw5CGNNKM5tuRQWl8zfSCArOeWO4HituLMaP
KZDXzZczX0YLtiJHPW0Iws8wN8tCu4U5XCFx3Ibotwd2wrtyIgSHbNBHtb/5qvb/
i0BOkAi+7z0XmNofksu6nDHNAYRyFf1o0Hklt0u7A545Hrwd56bhqG2fcO2QlvOQ
fYbl5IELdoyNk//iukRjvJhtRj9KHx9UoVZt8bBkptXd5s9uirGdnt+FTrr/I1K3
PF/IGoGZx5hSrtNVa4m48mNVm7enF2oq3K5j/B4lKV9feiymp15pA3wxgHFouqo=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:30 2025 by rpki-client