Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/nh2JZg4yzz2gPQkGwpeHpWfUR5I.roa
File: nh2JZg4yzz2gPQkGwpeHpWfUR5I.roa (raw, json)
Hash identifier: hLYXoZ28UE5+p0GkMNUWzs/iUXDh1+LtMHbeB8KUjiA=
Subject key identifier: 9E:1D:89:66:0E:32:CF:3D:A0:3D:09:06:C2:97:87:A5:67:D4:47:92
Certificate issuer: /CN=85c3f6a9e8550c090bc3b257f72b8f65b69a9f61
Certificate serial: 01833FB16DCC1733E1040F5DD7C7148A5873
Authority key identifier: 85:C3:F6:A9:E8:55:0C:09:0B:C3:B2:57:F7:2B:8F:65:B6:9A:9F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hcP2qehVDAkLw7JX9yuPZbaan2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/nh2JZg4yzz2gPQkGwpeHpWfUR5I.roa
Signing time: Thu 15 Sep 2022 05:48:56 +0000
ROA not before: Thu 15 Sep 2022 05:48:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 400039
IP address blocks: 185.212.119.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3f:b1:6d:cc:17:33:e1:04:0f:5d:d7:c7:14:8a:58:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85c3f6a9e8550c090bc3b257f72b8f65b69a9f61
Validity
Not Before: Sep 15 05:48:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9e1d89660e32cf3da03d0906c29787a567d44792
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:79:85:b6:17:77:04:34:22:24:fc:ca:a2:07:
2f:c3:9a:24:5f:d7:15:a5:25:2c:fb:d6:1d:11:97:
97:70:6d:50:d9:66:3e:93:7c:27:90:7e:ff:18:94:
97:21:4a:35:d1:d4:ba:d8:02:c6:c1:51:69:5c:1e:
f4:12:e9:16:11:7e:51:cf:ad:2b:f0:4a:e7:1a:d4:
89:6e:46:1e:43:95:c3:6e:29:4b:81:d3:a6:6b:ec:
8f:b4:25:26:90:ef:50:22:c1:2b:55:3b:e2:e2:f5:
3c:97:f6:62:b5:bb:ac:2c:db:e6:44:0a:24:2d:63:
dd:9d:68:05:90:75:83:f8:51:8d:79:a8:2c:69:52:
ac:7f:31:16:4d:37:dd:1a:bb:a7:e7:b5:d9:27:36:
04:09:a7:34:9c:e3:14:7d:ad:30:c4:4b:92:e7:2d:
e5:51:1f:55:f4:30:a7:c6:0d:2e:f6:15:4f:20:07:
a7:3a:24:89:04:c9:c7:3a:72:99:dc:e9:57:9f:37:
80:45:29:03:fe:de:0a:dc:8f:5d:85:2e:96:51:31:
cd:85:1d:a3:d9:01:91:60:d0:59:29:f5:c2:a9:94:
7d:38:e8:e7:f1:13:99:9b:57:ea:8c:ea:c0:39:b1:
65:65:a2:6d:73:32:2f:ba:2f:92:d1:be:22:d3:1a:
54:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:1D:89:66:0E:32:CF:3D:A0:3D:09:06:C2:97:87:A5:67:D4:47:92
X509v3 Authority Key Identifier:
keyid:85:C3:F6:A9:E8:55:0C:09:0B:C3:B2:57:F7:2B:8F:65:B6:9A:9F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hcP2qehVDAkLw7JX9yuPZbaan2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/nh2JZg4yzz2gPQkGwpeHpWfUR5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/524ba5-096d-47ff-a8f4-dc8a2d9ec6f3/1/hcP2qehVDAkLw7JX9yuPZbaan2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.212.119.0/24
Signature Algorithm: sha256WithRSAEncryption
16:f2:93:90:05:ab:e9:d8:2a:7e:79:77:40:40:5e:51:6c:c8:
55:d0:a5:69:8e:1a:c4:ab:e9:06:61:4f:13:42:e6:3d:1b:87:
99:a2:af:54:ab:24:06:70:27:9f:b4:ce:ae:44:cd:ba:42:6c:
42:b3:05:0f:57:98:7d:ea:33:1b:b6:fb:c9:8d:c6:04:bc:83:
93:cb:00:6d:66:16:8c:d4:12:de:d8:51:16:96:09:e9:d1:53:
37:3e:a0:fe:33:dc:fc:6d:1c:f1:05:c5:78:ca:2f:42:53:99:
eb:a3:d8:2e:fc:28:71:01:70:fa:fa:c8:a0:bd:f4:64:1b:a9:
e7:53:0c:a6:59:8c:77:96:85:42:6a:38:17:b3:a1:7e:17:3d:
eb:2e:44:a4:8e:fd:53:87:78:64:4a:57:db:c9:4e:dd:bf:ea:
24:ff:48:7d:63:08:de:9f:53:f3:fd:47:2e:a0:16:0f:4e:cb:
ff:56:d6:cb:ae:62:ce:39:5f:36:29:54:e5:7c:09:ef:9e:d5:
0f:1e:81:5a:9f:cf:ad:03:64:d6:a8:69:f1:82:a6:15:c3:8c:
c1:a5:1b:fc:66:b5:b8:7e:94:f3:24:cf:42:2b:3a:46:32:50:
cf:88:eb:d9:38:04:55:2a:8d:a8:7a:42:0a:da:ba:ec:6e:9d:
02:6e:dc:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYM/sW3MFzPhBA9d18cUilhzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YzNmNmE5ZTg1NTBjMDkwYmMzYjI1N2Y3MmI4ZjY1YjY5
YTlmNjEwHhcNMjIwOTE1MDU0ODU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTFkODk2NjBlMzJjZjNkYTAzZDA5MDZjMjk3ODdhNTY3ZDQ0NzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnmFthd3BDQiJPzKogcvw5okX9cV
pSUs+9YdEZeXcG1Q2WY+k3wnkH7/GJSXIUo10dS62ALGwVFpXB70EukWEX5Rz60r
8ErnGtSJbkYeQ5XDbilLgdOma+yPtCUmkO9QIsErVTvi4vU8l/ZitbusLNvmRAok
LWPdnWgFkHWD+FGNeagsaVKsfzEWTTfdGrun57XZJzYECac0nOMUfa0wxEuS5y3l
UR9V9DCnxg0u9hVPIAenOiSJBMnHOnKZ3OlXnzeARSkD/t4K3I9dhS6WUTHNhR2j
2QGRYNBZKfXCqZR9OOjn8ROZm1fqjOrAObFlZaJtczIvui+S0b4i0xpUxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ4diWYOMs89oD0JBsKXh6Vn1EeSMB8GA1UdIwQY
MBaAFIXD9qnoVQwJC8OyV/crj2W2mp9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGNQMnFlaFZEQWtMdzdKWDl5dVBaYmFhbjJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS81MjRiYTUtMDk2ZC00N2ZmLWE4ZjQt
ZGM4YTJkOWVjNmYzLzEvbmgySlpnNHl6ejJnUFFrR3dwZUhwV2ZVUjVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS81MjRiYTUtMDk2ZC00N2ZmLWE4ZjQtZGM4YTJkOWVjNmYz
LzEvaGNQMnFlaFZEQWtMdzdKWDl5dVBaYmFhbjJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudR3MA0G
CSqGSIb3DQEBCwUAA4IBAQAW8pOQBavp2Cp+eXdAQF5RbMhV0KVpjhrEq+kGYU8T
QuY9G4eZoq9UqyQGcCeftM6uRM26QmxCswUPV5h96jMbtvvJjcYEvIOTywBtZhaM
1BLe2FEWlgnp0VM3PqD+M9z8bRzxBcV4yi9CU5nro9gu/ChxAXD6+sigvfRkG6nn
UwymWYx3loVCajgXs6F+Fz3rLkSkjv1Th3hkSlfbyU7dv+ok/0h9Ywjen1Pz/Ucu
oBYPTsv/VtbLrmLOOV82KVTlfAnvntUPHoFan8+tA2TWqGnxgqYVw4zBpRv8ZrW4
fpTzJM9CKzpGMlDPiOvZOARVKo2oekIK2rrsbp0CbtxR
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:51 2023 by rpki-client on console-fra.rpki-client.org