Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/RhwupJa84rBKIbasFqEnoJRMdtY.roa
File: RhwupJa84rBKIbasFqEnoJRMdtY.roa (raw, json)
Hash identifier: LY3xMcNhIHrOTmR7dBkKrWhnkRcF9qhs9dTOSnlSb+o=
Subject key identifier: 46:1C:2E:A4:96:BC:E2:B0:4A:21:B6:AC:16:A1:27:A0:94:4C:76:D6
Certificate issuer: /CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
Certificate serial: 01856D16626316A118C40C89780184588DC1
Authority key identifier: 7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/RhwupJa84rBKIbasFqEnoJRMdtY.roa
Signing time: Sun 01 Jan 2023 11:27:41 +0000
ROA not before: Sun 01 Jan 2023 11:27:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50819
IP address blocks: 185.18.226.0/23 maxlen: 23
185.102.88.0/22 maxlen: 22
2a0c:eec0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:16:62:63:16:a1:18:c4:0c:89:78:01:84:58:8d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dec72837efbbc4ea6ddd4be94361916b4c362da
Validity
Not Before: Jan 1 11:27:41 2023 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=461c2ea496bce2b04a21b6ac16a127a0944c76d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:38:82:f6:ba:35:4e:f9:ba:87:4b:77:6e:40:
01:25:33:f8:c7:78:3e:81:4e:f0:9c:f8:b1:8c:77:
41:62:74:00:cc:a2:f0:4d:6e:de:ac:12:f2:14:fe:
11:75:88:de:68:21:5d:55:e5:c3:71:41:37:39:bf:
59:e2:fc:f4:05:fd:df:d3:0a:5c:14:c4:19:0c:8d:
2a:44:0e:37:5a:54:39:4f:40:3a:d9:0f:be:ee:26:
5b:fc:f9:4c:21:2e:4f:54:29:dd:6d:c8:7b:0f:66:
22:a5:38:c9:13:99:0a:fb:b9:eb:63:e5:eb:b6:94:
78:33:0d:65:64:0c:be:b7:f4:5b:1e:b0:55:48:a8:
fe:4f:ec:7b:b0:48:60:09:bb:f1:a1:30:cb:b0:b9:
1a:13:61:1d:6f:98:65:6d:51:7d:88:21:d8:52:5d:
9b:3d:1b:13:8c:55:22:23:8f:0b:c2:26:bd:62:08:
78:35:7e:33:41:9d:96:9b:3a:07:da:4e:58:c7:1a:
e4:1e:4f:3a:44:67:69:f0:71:42:dc:ef:69:b3:66:
0e:1d:56:77:4c:bc:52:47:a8:c4:11:c7:26:5c:c8:
7b:7b:4c:de:7c:55:3d:9d:f8:1e:fd:77:97:f9:65:
0b:a3:17:47:70:34:0a:e8:11:b3:01:e3:a6:44:53:
30:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:1C:2E:A4:96:BC:E2:B0:4A:21:B6:AC:16:A1:27:A0:94:4C:76:D6
X509v3 Authority Key Identifier:
keyid:7D:EC:72:83:7E:FB:BC:4E:A6:DD:D4:BE:94:36:19:16:B4:C3:62:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fexyg377vE6m3dS-lDYZFrTDYto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/RhwupJa84rBKIbasFqEnoJRMdtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/44478f-e980-4e60-9d6e-386617a664fe/1/fexyg377vE6m3dS-lDYZFrTDYto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.18.226.0/23
185.102.88.0/22
IPv6:
2a0c:eec0::/29
Signature Algorithm: sha256WithRSAEncryption
75:08:84:a4:21:17:7d:73:58:8f:ac:e6:ee:8e:65:49:b8:27:
3d:51:3a:5d:13:5b:3f:50:e3:18:e1:6d:c6:3e:c2:92:9a:0a:
30:e8:71:a7:cb:b8:34:80:77:8c:c1:fc:94:42:f3:bd:08:3a:
36:68:14:e7:31:63:3f:63:3d:1a:e0:2b:88:e2:da:c8:95:a3:
44:67:db:32:73:fd:96:84:df:01:12:7b:ff:50:93:2a:0f:aa:
1c:10:4c:7b:65:ea:a3:b6:6a:76:17:cb:2d:13:2e:89:d2:12:
11:77:67:af:aa:f7:1a:52:d6:d8:fa:8f:6b:55:2a:a4:70:d0:
0a:fb:68:5d:a9:ab:d9:3b:8c:66:96:72:08:84:a6:5e:7a:49:
17:39:ec:eb:01:09:8c:3f:e7:f5:31:e2:62:bd:2e:d2:de:ad:
1b:ef:92:27:22:25:83:66:53:d0:f6:c3:d1:9f:9d:93:bb:bf:
b6:9e:96:9c:3a:75:8b:c0:20:c6:f0:dd:8a:ec:19:c6:86:6a:
c2:2a:90:3e:b0:bc:e6:e9:23:87:af:ac:6d:1b:ad:15:e4:84:
ab:4c:2a:b0:e8:fa:ff:37:42:88:18:cf:21:90:30:31:d0:1d:
33:0e:64:2f:8c:cc:28:5c:14:4e:67:8d:af:5a:21:e6:2e:e3:
65:f3:3f:44
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVtFmJjFqEYxAyJeAGEWI3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZWM3MjgzN2VmYmJjNGVhNmRkZDRiZTk0MzYxOTE2YjRj
MzYyZGEwHhcNMjMwMTAxMTEyNzQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjFjMmVhNDk2YmNlMmIwNGEyMWI2YWMxNmExMjdhMDk0NGM3NmQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsziC9ro1Tvm6h0t3bkABJTP4x3g+
gU7wnPixjHdBYnQAzKLwTW7erBLyFP4RdYjeaCFdVeXDcUE3Ob9Z4vz0Bf3f0wpc
FMQZDI0qRA43WlQ5T0A62Q++7iZb/PlMIS5PVCndbch7D2YipTjJE5kK+7nrY+Xr
tpR4Mw1lZAy+t/RbHrBVSKj+T+x7sEhgCbvxoTDLsLkaE2Edb5hlbVF9iCHYUl2b
PRsTjFUiI48Lwia9Ygh4NX4zQZ2WmzoH2k5YxxrkHk86RGdp8HFC3O9ps2YOHVZ3
TLxSR6jEEccmXMh7e0zefFU9nfge/XeX+WULoxdHcDQK6BGzAeOmRFMwbQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFEYcLqSWvOKwSiG2rBahJ6CUTHbWMB8GA1UdIwQY
MBaAFH3scoN++7xOpt3UvpQ2GRa0w2LaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUt
Mzg2NjE3YTY2NGZlLzEvUmh3dXBKYTg0ckJLSWJhc0ZxRW5vSlJNZHRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy80NDQ3OGYtZTk4MC00ZTYwLTlkNmUtMzg2NjE3YTY2NGZl
LzEvZmV4eWczNzd2RTZtM2RTLWxEWVpGclREWXRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBuRLiAwQC
uWZYMA0EAgACMAcDBQMqDO7AMA0GCSqGSIb3DQEBCwUAA4IBAQB1CISkIRd9c1iP
rObujmVJuCc9UTpdE1s/UOMY4W3GPsKSmgow6HGny7g0gHeMwfyUQvO9CDo2aBTn
MWM/Yz0a4CuI4trIlaNEZ9syc/2WhN8BEnv/UJMqD6ocEEx7Zeqjtmp2F8stEy6J
0hIRd2evqvcaUtbY+o9rVSqkcNAK+2hdqavZO4xmlnIIhKZeekkXOezrAQmMP+f1
MeJivS7S3q0b75InIiWDZlPQ9sPRn52Tu7+2npacOnWLwCDG8N2K7BnGhmrCKpA+
sLzm6SOHr6xtG60V5ISrTCqw6Pr/N0KIGM8hkDAx0B0zDmQvjMwoXBROZ42vWiHm
LuNl8z9E
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:08 2024 by rpki-client on console-fra.rpki-client.org