Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/hsVOMxim65d7XRFerzcPi5Nc4_I.roa
File: hsVOMxim65d7XRFerzcPi5Nc4_I.roa (raw, json)
Hash identifier: WkXQGkGt/a40ve0lyaF5lKy4qBAm5ZYP8AmlXTp3vl0=
Subject key identifier: 86:C5:4E:33:18:A6:EB:97:7B:5D:11:5E:AF:37:0F:8B:93:5C:E3:F2
Certificate issuer: /CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Certificate serial: 0E412CFF
Authority key identifier: 29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/hsVOMxim65d7XRFerzcPi5Nc4_I.roa
Signing time: Sat 01 Jan 2022 05:00:30 +0000
ROA not before: Sat 01 Jan 2022 05:00:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3549
IP address blocks: 185.114.187.0/24 maxlen: 24
185.114.186.0/24 maxlen: 24
185.114.185.0/24 maxlen: 24
185.114.184.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 239152383 (0xe412cff)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2995944e84dc37ba6a42d68bb1e2b9a4421e84a4
Validity
Not Before: Jan 1 05:00:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86c54e3318a6eb977b5d115eaf370f8b935ce3f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:03:9b:67:f6:da:ca:ca:4e:64:e8:bc:b0:
ed:e4:5a:c5:2d:11:77:79:93:e6:ce:19:f1:61:a8:
d3:ad:70:c9:c6:4d:73:be:4c:96:90:9a:d4:87:36:
03:fa:2e:86:c5:bb:06:e0:30:3a:23:6d:42:82:d1:
95:41:96:52:a2:d3:ae:e6:04:3a:24:90:16:c4:85:
75:b7:f9:4a:57:e4:82:b0:d6:84:a7:25:aa:e3:62:
e3:1e:0c:9b:0f:b9:88:5b:1a:5b:a5:91:d2:c5:6d:
ec:ca:30:0c:19:d9:f5:7d:0b:09:b7:fe:c6:0c:15:
a9:ef:c2:f0:42:06:69:ad:fd:cd:60:74:ff:e5:f8:
59:c1:91:ec:ac:07:47:e4:e5:16:b5:4d:c5:24:e3:
98:75:16:85:f5:19:dd:f0:ba:d7:c6:30:dd:49:bc:
6b:48:e2:9e:d2:0c:61:b1:ef:89:e4:43:74:4f:33:
d2:02:f9:14:8d:8c:59:5b:86:be:1f:32:b1:60:ff:
01:6e:44:f0:07:50:bc:99:53:a9:03:b9:83:2b:ab:
48:8d:e4:6b:76:7e:74:b0:28:d3:a2:e2:2e:6e:49:
b8:a6:ba:6e:ed:57:58:10:c8:e6:3a:c1:29:93:2c:
7a:75:df:13:82:85:95:d4:5f:4f:de:a8:49:e3:8f:
d6:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:C5:4E:33:18:A6:EB:97:7B:5D:11:5E:AF:37:0F:8B:93:5C:E3:F2
X509v3 Authority Key Identifier:
keyid:29:95:94:4E:84:DC:37:BA:6A:42:D6:8B:B1:E2:B9:A4:42:1E:84:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZWUToTcN7pqQtaLseK5pEIehKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/hsVOMxim65d7XRFerzcPi5Nc4_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a12069-a061-442e-9bfb-338bdd439ee1/1/KZWUToTcN7pqQtaLseK5pEIehKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.114.184.0/22
Signature Algorithm: sha256WithRSAEncryption
60:f5:03:d9:45:a0:5b:63:e3:96:01:58:b2:f0:42:19:57:8d:
0e:e4:50:c7:94:32:2d:43:08:9b:09:f6:9f:9d:23:8d:0b:39:
08:ea:26:e0:19:ed:85:6f:a0:c9:4d:e1:5f:39:74:2b:d1:fe:
80:40:f8:67:bd:e1:58:1a:f6:9d:2a:bf:68:f3:5d:78:15:29:
6c:59:46:41:2b:8e:2d:2c:6d:18:e6:68:ec:6f:b4:1c:c0:2c:
93:03:db:ee:84:49:18:0e:4f:74:a3:2c:6e:b5:50:55:0b:4d:
fc:53:e5:24:06:dc:6c:cf:53:89:3a:91:37:96:9e:10:6f:a8:
d6:11:ae:65:ab:72:84:d0:88:9e:17:6f:c8:8b:3d:7c:88:a1:
72:ee:07:9b:a4:1c:5a:a6:5a:f0:e9:90:9f:c5:6c:dc:53:db:
7f:6c:73:21:2b:fd:17:17:f2:d6:c3:0a:7e:89:50:2c:36:40:
d4:fb:be:fd:ef:04:09:ac:e3:95:b6:bf:3c:bd:76:67:58:c8:
65:9a:4d:3a:f1:72:6a:4d:25:e8:22:45:62:cc:a2:33:ec:8e:
6a:17:59:6e:23:27:53:3f:44:8d:1b:6d:ae:78:dc:31:23:1b:
8f:64:7b:79:1b:da:14:4a:a5:e7:c0:4f:3f:d2:1f:d8:63:78:
7e:b6:b6:85
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEDkEs/zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTk1OTQ0ZTg0ZGMzN2JhNmE0MmQ2OGJiMWUyYjlhNDQyMWU4NGE0MB4XDTIyMDEw
MTA1MDAzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZjNTRlMzMxOGE2
ZWI5NzdiNWQxMTVlYWYzNzBmOGI5MzVjZTNmMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/nA5tn9trKyk5k6Lyw7eRaxS0Rd3mT5s4Z8WGo061wycZN
c75MlpCa1Ic2A/ouhsW7BuAwOiNtQoLRlUGWUqLTruYEOiSQFsSFdbf5SlfkgrDW
hKclquNi4x4Mmw+5iFsaW6WR0sVt7MowDBnZ9X0LCbf+xgwVqe/C8EIGaa39zWB0
/+X4WcGR7KwHR+TlFrVNxSTjmHUWhfUZ3fC618Yw3Um8a0jintIMYbHvieRDdE8z
0gL5FI2MWVuGvh8ysWD/AW5E8AdQvJlTqQO5gyurSI3ka3Z+dLAo06LiLm5JuKa6
bu1XWBDI5jrBKZMsenXfE4KFldRfT96oSeOP1h8CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSGxU4zGKbrl3tdEV6vNw+Lk1zj8jAfBgNVHSMEGDAWgBQplZROhNw3umpC
1oux4rmkQh6EpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0taV1VUb1RjTjdwcVF0YUxzZUs1cEVJZWhLUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYTEyMDY5LWEwNjEtNDQyZS05YmZiLTMzOGJkZDQzOWVlMS8x
L2hzVk9NeGltNjVkN1hSRmVyemNQaTVOYzRfSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YTEyMDY5LWEwNjEtNDQyZS05YmZiLTMzOGJkZDQzOWVlMS8xL0taV1VUb1RjTjdw
cVF0YUxzZUs1cEVJZWhLUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlyuDANBgkqhkiG9w0BAQsFAAOC
AQEAYPUD2UWgW2PjlgFYsvBCGVeNDuRQx5QyLUMImwn2n50jjQs5COom4BnthW+g
yU3hXzl0K9H+gED4Z73hWBr2nSq/aPNdeBUpbFlGQSuOLSxtGOZo7G+0HMAskwPb
7oRJGA5PdKMsbrVQVQtN/FPlJAbcbM9TiTqRN5aeEG+o1hGuZatyhNCInhdvyIs9
fIihcu4Hm6QcWqZa8OmQn8Vs3FPbf2xzISv9Fxfy1sMKfolQLDZA1Pu+/e8ECazj
lba/PL12Z1jIZZpNOvFyak0l6CJFYsyiM+yOahdZbiMnUz9EjRttrnjcMSMbj2R7
eRvaFEql58BPP9If2GN4fra2hQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:34 2024 by rpki-client on console-fra.rpki-client.org