Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/hOWEsOCgQiNiDy55VQJmbbAiD2o.roa
File: hOWEsOCgQiNiDy55VQJmbbAiD2o.roa (raw, json)
Hash identifier: k1uHNxyJBSQStQuwQvMOwnOGIIeaDYUFs4O9CpEd10Q=
Subject key identifier: 84:E5:84:B0:E0:A0:42:23:62:0F:2E:79:55:02:66:6D:B0:22:0F:6A
Certificate issuer: /CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Certificate serial: 0183859BE03B15C0E0980E02083B61C17252
Authority key identifier: 50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/hOWEsOCgQiNiDy55VQJmbbAiD2o.roa
Signing time: Wed 28 Sep 2022 19:38:48 +0000
ROA not before: Wed 28 Sep 2022 19:38:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201086
IP address blocks: 185.86.80.0/24 maxlen: 24
185.205.19.0/24 maxlen: 24
193.36.63.0/24 maxlen: 24
185.254.94.0/24 maxlen: 24
2a05:b700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:85:9b:e0:3b:15:c0:e0:98:0e:02:08:3b:61:c1:72:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50592e68895c7068b4655508917ad5bbddbd0a5f
Validity
Not Before: Sep 28 19:38:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84e584b0e0a04223620f2e795502666db0220f6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:17:26:20:92:4b:f0:69:1d:4e:a6:18:56:47:
66:4e:02:e2:95:65:f4:99:3b:49:6d:cc:02:84:ec:
b7:cf:4b:6a:05:2b:52:ed:37:b2:5f:5b:f4:05:58:
91:6c:7d:3d:e7:b6:e2:d7:00:0b:92:66:e9:98:8e:
e5:fd:05:41:c9:a3:14:e9:6d:46:e2:df:25:fb:f5:
81:23:35:ce:88:f6:01:a3:00:7a:8c:f7:03:f6:35:
a5:b1:b2:1e:dd:cd:84:fe:bd:db:37:ab:8e:78:2e:
e4:b8:db:a6:69:15:c5:bc:a7:6e:18:08:1e:10:a4:
d4:ab:74:67:01:41:70:52:fe:ea:f5:dd:9a:ea:a6:
fc:39:f9:b8:15:71:8f:58:7f:5b:c7:8c:03:c6:36:
75:ae:43:70:53:1b:38:28:10:da:8a:a0:6f:da:6d:
e6:b4:a7:6b:c0:bd:26:ac:d1:66:73:a2:85:28:73:
4b:3c:c9:2d:07:e0:96:47:0e:b0:2e:2a:c9:30:6d:
3b:77:a2:68:52:aa:b3:b2:e9:49:9b:f3:8c:c1:f6:
d4:2f:a1:88:13:19:8b:8f:d2:4d:48:a4:93:f8:f1:
d3:37:0b:a4:fd:19:b3:be:89:8c:9c:4a:d1:05:0c:
ad:e1:e7:46:33:fb:fd:df:dc:e6:ef:43:50:d6:ba:
b1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E5:84:B0:E0:A0:42:23:62:0F:2E:79:55:02:66:6D:B0:22:0F:6A
X509v3 Authority Key Identifier:
keyid:50:59:2E:68:89:5C:70:68:B4:65:55:08:91:7A:D5:BB:DD:BD:0A:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFkuaIlccGi0ZVUIkXrVu929Cl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/hOWEsOCgQiNiDy55VQJmbbAiD2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/2a8100-172b-48e3-a32a-7bbd28ce4a75/1/UFkuaIlccGi0ZVUIkXrVu929Cl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.80.0/24
185.205.19.0/24
185.254.94.0/24
193.36.63.0/24
IPv6:
2a05:b700::/29
Signature Algorithm: sha256WithRSAEncryption
30:61:da:ed:7b:8c:dc:a6:cc:29:4b:7b:ef:33:ad:1f:f4:27:
e8:b9:88:41:6e:84:be:f2:23:2d:5f:e8:1c:fb:6f:ab:d2:10:
be:69:a1:d2:28:8b:0d:81:d5:ce:49:22:97:c6:7c:c3:c2:fd:
c7:2d:83:97:75:4d:e6:d0:d6:cf:ac:2f:c4:2b:4a:0c:eb:45:
44:53:dc:eb:26:39:f8:f1:78:aa:72:6d:09:94:87:07:41:de:
c0:44:b8:d8:e3:52:d3:d6:be:dc:14:b8:1b:a4:fd:a7:f5:7c:
2a:1c:6a:7d:74:8a:40:0a:ff:e0:a8:a5:fa:eb:39:c8:44:31:
b9:11:70:e3:78:1f:d7:a3:f0:20:88:63:f3:ab:ba:45:db:18:
54:86:ee:c4:5f:99:ae:b3:be:d0:9b:79:2f:57:02:9f:d6:04:
8e:fd:b9:dc:87:02:47:38:6e:ef:cd:b5:66:08:9e:6c:5f:b6:
25:50:43:c0:be:5d:d7:1b:08:47:8c:f2:ca:33:74:d6:c7:ee:
df:2e:7b:71:d6:7a:64:20:96:ba:78:16:7b:50:c7:4c:2e:ca:
8a:73:11:c5:5c:23:af:a9:e1:e1:c3:44:e3:36:b3:2b:4f:6a:
7a:7a:35:d4:c8:e5:6c:d3:a6:ac:4a:11:ed:8e:f8:fa:1b:8e:
fe:a3:b0:46
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYOFm+A7FcDgmA4CCDthwXJSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTkyZTY4ODk1YzcwNjhiNDY1NTUwODkxN2FkNWJiZGRi
ZDBhNWYwHhcNMjIwOTI4MTkzODQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGU1ODRiMGUwYTA0MjIzNjIwZjJlNzk1NTAyNjY2ZGIwMjIwZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjBcmIJJL8GkdTqYYVkdmTgLilWX0
mTtJbcwChOy3z0tqBStS7TeyX1v0BViRbH0957bi1wALkmbpmI7l/QVByaMU6W1G
4t8l+/WBIzXOiPYBowB6jPcD9jWlsbIe3c2E/r3bN6uOeC7kuNumaRXFvKduGAge
EKTUq3RnAUFwUv7q9d2a6qb8Ofm4FXGPWH9bx4wDxjZ1rkNwUxs4KBDaiqBv2m3m
tKdrwL0mrNFmc6KFKHNLPMktB+CWRw6wLirJMG07d6JoUqqzsulJm/OMwfbUL6GI
ExmLj9JNSKST+PHTNwuk/RmzvomMnErRBQyt4edGM/v939zm70NQ1rqxWQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFITlhLDgoEIjYg8ueVUCZm2wIg9qMB8GA1UdIwQY
MBaAFFBZLmiJXHBotGVVCJF61bvdvQpfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEt
N2JiZDI4Y2U0YTc1LzEvaE9XRXNPQ2dRaU5pRHk1NVZRSm1iYkFpRDJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8yYTgxMDAtMTcyYi00OGUzLWEzMmEtN2JiZDI4Y2U0YTc1
LzEvVUZrdWFJbGNjR2kwWlZVSWtYclZ1OTI5Q2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAuVZQAwQA
uc0TAwQAuf5eAwQAwSQ/MA0EAgACMAcDBQMqBbcAMA0GCSqGSIb3DQEBCwUAA4IB
AQAwYdrte4zcpswpS3vvM60f9CfouYhBboS+8iMtX+gc+2+r0hC+aaHSKIsNgdXO
SSKXxnzDwv3HLYOXdU3m0NbPrC/EK0oM60VEU9zrJjn48Xiqcm0JlIcHQd7ARLjY
41LT1r7cFLgbpP2n9XwqHGp9dIpACv/gqKX66znIRDG5EXDjeB/Xo/AgiGPzq7pF
2xhUhu7EX5mus77Qm3kvVwKf1gSO/bnchwJHOG7vzbVmCJ5sX7YlUEPAvl3XGwhH
jPLKM3TWx+7fLntx1npkIJa6eBZ7UMdMLsqKcxHFXCOvqeHhw0TjNrMrT2p6ejXU
yOVs06asShHtjvj6G47+o7BG
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:59 2024 by rpki-client on console-fra.rpki-client.org