Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/HjJWpEd4qksLCgIsCK0UM-QNmBc.roa
File: HjJWpEd4qksLCgIsCK0UM-QNmBc.roa (raw, json)
Hash identifier: 4eSOCo1bz612CLW8wsYCaVLLX3BsHJbODxRZ7iMwNpA=
Subject key identifier: 1E:32:56:A4:47:78:AA:4B:0B:0A:02:2C:08:AD:14:33:E4:0D:98:17
Certificate issuer: /CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Certificate serial: 372BD300
Authority key identifier: 07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/HjJWpEd4qksLCgIsCK0UM-QNmBc.roa
Signing time: Sat 01 Jan 2022 13:55:16 +0000
ROA not before: Sat 01 Jan 2022 13:55:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51319
IP address blocks: 185.164.8.0/22 maxlen: 22
178.251.144.0/21 maxlen: 21
2a02:2340::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 925618944 (0x372bd300)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07da03c9c82685ae6d6b3d21d684bbcf468bf75b
Validity
Not Before: Jan 1 13:55:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e3256a44778aa4b0b0a022c08ad1433e40d9817
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:68:20:a4:94:62:40:16:0e:37:37:99:76:7b:
a5:27:e1:62:f4:00:5d:77:ef:bf:a5:c0:15:6a:16:
76:0e:25:c2:87:6d:8f:4f:d5:72:91:a9:4c:cc:8c:
c8:a1:07:20:2a:4b:d5:0a:be:52:d6:54:3a:c0:40:
48:54:be:c7:b9:f8:0c:f1:bf:4b:a3:f9:59:d6:5c:
86:cb:fd:6a:8f:e6:7e:64:d5:f5:1f:1f:ff:d4:e6:
58:62:8d:75:14:c2:4d:79:5b:b8:a0:61:c4:34:12:
e9:17:68:63:a6:9c:57:35:01:b9:58:a4:73:3b:af:
42:73:1c:bf:dd:25:ba:e5:61:36:80:8b:45:47:b2:
d8:42:60:6c:3b:6e:3a:0a:cf:b1:b2:dc:db:a1:1c:
7e:7d:4d:19:8a:c1:b5:96:58:1e:31:77:e3:bb:b5:
5b:2f:25:04:25:f7:79:b9:0e:ef:69:73:38:fa:6c:
77:15:19:9f:75:3a:1a:d7:eb:a1:8e:48:d1:fc:b5:
e7:0e:01:f4:31:72:5f:86:ee:ed:90:51:b7:9c:e8:
77:5c:ba:57:36:22:fa:7c:54:d5:b3:ef:7a:2f:5b:
e2:a7:ce:56:9e:94:51:fc:16:92:96:61:de:b1:e7:
b9:f7:71:e5:c7:8b:41:33:91:4b:b7:2a:85:ce:99:
b1:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:32:56:A4:47:78:AA:4B:0B:0A:02:2C:08:AD:14:33:E4:0D:98:17
X509v3 Authority Key Identifier:
keyid:07:DA:03:C9:C8:26:85:AE:6D:6B:3D:21:D6:84:BB:CF:46:8B:F7:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9oDycgmha5taz0h1oS7z0aL91s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/HjJWpEd4qksLCgIsCK0UM-QNmBc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/deef22-2624-49b6-a23b-aa01dcd3dfa7/1/B9oDycgmha5taz0h1oS7z0aL91s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.251.144.0/21
185.164.8.0/22
IPv6:
2a02:2340::/32
Signature Algorithm: sha256WithRSAEncryption
8a:2f:ea:4c:e5:ed:a4:f6:14:12:48:bd:b6:62:1b:9c:cf:74:
52:0a:ff:c9:1b:bc:46:e5:44:8c:9d:77:81:f7:3f:7b:18:a2:
6c:14:2e:ef:2a:fb:e6:e8:b8:0c:85:85:c6:c7:94:ca:3f:9f:
61:e1:b9:7e:97:12:73:91:a0:e7:84:e9:57:56:02:fd:a2:04:
41:53:c2:78:39:15:57:e3:39:ee:1c:b9:5f:d6:3f:78:95:5f:
68:bb:dd:af:70:71:c0:4a:c9:d1:51:f0:51:70:9e:2a:d0:3d:
e9:31:72:87:9a:b8:b7:d0:84:b4:82:b8:30:c9:38:48:ac:e0:
44:27:77:b1:d8:6c:e6:fd:4b:10:38:3a:25:3f:a0:02:25:39:
dc:05:03:f1:a0:1a:c2:ae:ef:1b:1a:2a:5a:cc:b8:42:38:5c:
00:76:ea:8a:5e:4a:51:1e:81:8d:dd:1a:b5:b6:03:73:59:64:
3a:3b:16:f4:a7:b0:8e:8c:49:f0:43:c6:09:74:e8:2d:d0:7a:
8d:2c:ca:fb:81:92:06:b9:24:93:e6:2e:50:a6:51:14:ee:dc:
41:60:8e:8b:b7:31:37:a2:f1:33:80:20:bd:5c:11:42:08:39:
0a:8e:cd:ee:70:ea:dc:58:cf:1a:84:e6:16:a5:4c:9b:c9:3c:
51:e4:68:82
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIENyvTADANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
N2RhMDNjOWM4MjY4NWFlNmQ2YjNkMjFkNjg0YmJjZjQ2OGJmNzViMB4XDTIyMDEw
MTEzNTUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWUzMjU2YTQ0Nzc4
YWE0YjBiMGEwMjJjMDhhZDE0MzNlNDBkOTgxNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALNoIKSUYkAWDjc3mXZ7pSfhYvQAXXfvv6XAFWoWdg4lwodt
j0/VcpGpTMyMyKEHICpL1Qq+UtZUOsBASFS+x7n4DPG/S6P5WdZchsv9ao/mfmTV
9R8f/9TmWGKNdRTCTXlbuKBhxDQS6RdoY6acVzUBuVikczuvQnMcv90luuVhNoCL
RUey2EJgbDtuOgrPsbLc26Ecfn1NGYrBtZZYHjF347u1Wy8lBCX3ebkO72lzOPps
dxUZn3U6GtfroY5I0fy15w4B9DFyX4bu7ZBRt5zod1y6VzYi+nxU1bPvei9b4qfO
Vp6UUfwWkpZh3rHnufdx5ceLQTORS7cqhc6ZsQcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQeMlakR3iqSwsKAiwIrRQz5A2YFzAfBgNVHSMEGDAWgBQH2gPJyCaFrm1r
PSHWhLvPRov3WzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0I5b0R5Y2dtaGE1dGF6MGgxb1M3ejBhTDkxcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvZGVlZjIyLTI2MjQtNDliNi1hMjNiLWFhMDFkY2QzZGZhNy8x
L0hqSldwRWQ0cWtzTENnSXNDSzBVTS1RTm1CYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
ZGVlZjIyLTI2MjQtNDliNi1hMjNiLWFhMDFkY2QzZGZhNy8xL0I5b0R5Y2dtaGE1
dGF6MGgxb1M3ejBhTDkxcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA7L7kAMEArmkCDANBAIAAjAHAwUA
KgIjQDANBgkqhkiG9w0BAQsFAAOCAQEAii/qTOXtpPYUEki9tmIbnM90Ugr/yRu8
RuVEjJ13gfc/exiibBQu7yr75ui4DIWFxseUyj+fYeG5fpcSc5Gg54TpV1YC/aIE
QVPCeDkVV+M57hy5X9Y/eJVfaLvdr3BxwErJ0VHwUXCeKtA96TFyh5q4t9CEtIK4
MMk4SKzgRCd3sdhs5v1LEDg6JT+gAiU53AUD8aAawq7vGxoqWsy4QjhcAHbqil5K
UR6Bjd0atbYDc1lkOjsW9KewjoxJ8EPGCXToLdB6jSzK+4GSBrkkk+YuUKZRFO7c
QWCOi7cxN6LxM4AgvVwRQgg5Co7N7nDq3FjPGoTmFqVMm8k8UeRogg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:16 2023 by rpki-client on console-fra.rpki-client.org