Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/HmbFJ1rS8ApJxnV0XHy7Tm4MR7Q.roa
File: HmbFJ1rS8ApJxnV0XHy7Tm4MR7Q.roa (raw, json)
Hash identifier: twTzniBnO3PzGNN9MfuYvgb8u27iXhNDaa37pdEV2G8=
Subject key identifier: 1E:66:C5:27:5A:D2:F0:0A:49:C6:75:74:5C:7C:BB:4E:6E:0C:47:B4
Certificate issuer: /CN=ad3dd8d32cfc717a6e690ebe3e1db4386d8f6c64
Certificate serial: 02C3B869
Authority key identifier: AD:3D:D8:D3:2C:FC:71:7A:6E:69:0E:BE:3E:1D:B4:38:6D:8F:6C:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/HmbFJ1rS8ApJxnV0XHy7Tm4MR7Q.roa
Signing time: Sat 01 Jan 2022 08:58:52 +0000
ROA not before: Sat 01 Jan 2022 08:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211727
IP address blocks: 185.243.130.0/24 maxlen: 24
2a10:9d40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 46381161 (0x2c3b869)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad3dd8d32cfc717a6e690ebe3e1db4386d8f6c64
Validity
Not Before: Jan 1 08:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e66c5275ad2f00a49c675745c7cbb4e6e0c47b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f6:0b:79:ef:10:94:ee:1c:91:65:c0:a8:00:
e0:a0:87:41:45:e0:a4:68:ed:34:14:40:8d:44:7c:
74:40:7e:91:ac:69:47:de:b1:aa:01:b8:60:ea:1a:
65:62:82:c9:be:a4:df:ed:1d:3b:9c:f8:97:f4:e5:
96:a9:89:e4:29:c9:e5:7b:0f:94:a8:98:34:ec:63:
0f:f2:a5:a6:c6:22:55:3d:9b:98:8f:9a:2a:a2:d0:
c4:79:a9:d1:3c:8c:42:b8:a2:56:83:96:db:57:a4:
9c:dd:9a:73:4a:7e:da:69:71:2a:26:df:0f:67:50:
4a:0b:1a:c9:78:a2:a1:71:b9:c1:87:d7:15:66:7d:
ba:9a:1e:86:c7:b0:a1:e4:0e:a8:f3:b2:78:56:e9:
f4:d4:91:ad:c4:dd:bd:44:ce:e1:c6:14:48:7e:21:
bf:9b:9f:76:61:85:e0:30:0b:d3:06:60:5d:76:6d:
db:0c:2d:59:8f:f7:dc:0e:d2:cd:97:3f:b8:f6:95:
bd:ff:ab:fa:a8:a3:15:ad:fa:f3:66:bf:36:31:35:
23:e2:7e:9c:c2:c3:23:ec:7f:51:89:07:e9:a9:42:
4a:a6:2a:c4:68:87:e8:08:23:92:6a:3b:07:e6:6d:
ef:a6:f9:a2:1e:39:c9:92:df:42:f8:14:22:a3:70:
b9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:66:C5:27:5A:D2:F0:0A:49:C6:75:74:5C:7C:BB:4E:6E:0C:47:B4
X509v3 Authority Key Identifier:
keyid:AD:3D:D8:D3:2C:FC:71:7A:6E:69:0E:BE:3E:1D:B4:38:6D:8F:6C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/HmbFJ1rS8ApJxnV0XHy7Tm4MR7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/812800-9e70-4cd2-90fd-3bcd2399ee64/1/rT3Y0yz8cXpuaQ6-Ph20OG2PbGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.243.130.0/24
IPv6:
2a10:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
9d:89:bf:6e:6d:05:bc:fb:56:a3:4e:00:9c:6c:0f:6c:68:a7:
20:23:35:d1:b5:58:6a:82:0f:be:3c:2d:aa:28:3a:ba:a9:83:
cd:5b:fd:9a:87:95:f0:47:87:09:a8:3a:14:4b:70:38:8e:40:
32:0b:9a:e9:31:72:9b:1c:3c:de:94:93:3c:50:f2:ca:c3:a9:
d5:8c:c4:ad:19:49:88:76:b6:2c:92:88:47:23:d2:58:f0:54:
84:e8:00:67:5a:14:a5:09:d6:56:46:87:41:b8:df:14:db:f8:
5b:1e:6c:82:3c:66:54:b8:8d:96:69:82:56:7c:ac:15:d6:27:
3b:79:b2:98:a7:1e:38:16:b1:77:4d:a8:25:99:e7:19:56:2a:
bc:14:78:ef:c9:9b:5f:c7:9a:eb:80:cd:46:ff:07:fc:db:36:
fe:60:05:81:fb:a6:f6:cf:3b:a5:ad:da:87:bf:87:ec:4e:c2:
db:7f:30:a4:44:5d:8c:30:f8:0e:ea:a7:38:d5:e1:bd:c2:99:
b2:df:d7:cd:43:eb:78:1c:92:fc:b3:34:19:67:cc:cd:1f:1a:
05:fc:2e:fb:df:83:0b:07:f8:20:b5:79:85:67:64:52:b4:a4:
20:2e:b8:3c:24:7b:3d:72:0e:ab:fe:11:a3:95:4a:fe:89:02:
b7:ab:1f:ca
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAsO4aTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZDNkZDhkMzJjZmM3MTdhNmU2OTBlYmUzZTFkYjQzODZkOGY2YzY0MB4XDTIyMDEw
MTA4NTg1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU2NmM1Mjc1YWQy
ZjAwYTQ5YzY3NTc0NWM3Y2JiNGU2ZTBjNDdiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMX2C3nvEJTuHJFlwKgA4KCHQUXgpGjtNBRAjUR8dEB+kaxp
R96xqgG4YOoaZWKCyb6k3+0dO5z4l/TllqmJ5CnJ5XsPlKiYNOxjD/KlpsYiVT2b
mI+aKqLQxHmp0TyMQriiVoOW21eknN2ac0p+2mlxKibfD2dQSgsayXiioXG5wYfX
FWZ9upoehsewoeQOqPOyeFbp9NSRrcTdvUTO4cYUSH4hv5ufdmGF4DAL0wZgXXZt
2wwtWY/33A7SzZc/uPaVvf+r+qijFa3682a/NjE1I+J+nMLDI+x/UYkH6alCSqYq
xGiH6Agjkmo7B+Zt76b5oh45yZLfQvgUIqNwuckCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQeZsUnWtLwCknGdXRcfLtObgxHtDAfBgNVHSMEGDAWgBStPdjTLPxxem5p
Dr4+HbQ4bY9sZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3JUM1kweXo4Y1hwdWFRNi1QaDIwT0cyUGJHUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGIvODEyODAwLTllNzAtNGNkMi05MGZkLTNiY2QyMzk5ZWU2NC8x
L0htYkZKMXJTOEFwSnhuVjBYSHk3VG00TVI3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGIv
ODEyODAwLTllNzAtNGNkMi05MGZkLTNiY2QyMzk5ZWU2NC8xL3JUM1kweXo4Y1hw
dWFRNi1QaDIwT0cyUGJHUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnzgjANBAIAAjAHAwUDKhCdQDAN
BgkqhkiG9w0BAQsFAAOCAQEAnYm/bm0FvPtWo04AnGwPbGinICM10bVYaoIPvjwt
qig6uqmDzVv9moeV8EeHCag6FEtwOI5AMgua6TFymxw83pSTPFDyysOp1YzErRlJ
iHa2LJKIRyPSWPBUhOgAZ1oUpQnWVkaHQbjfFNv4Wx5sgjxmVLiNlmmCVnysFdYn
O3mymKceOBaxd02oJZnnGVYqvBR478mbX8ea64DNRv8H/Ns2/mAFgfum9s87pa3a
h7+H7E7C238wpERdjDD4DuqnONXhvcKZst/XzUPreByS/LM0GWfMzR8aBfwu+9+D
Cwf4ILV5hWdkUrSkIC64PCR7PXIOq/4Ro5VK/okCt6sfyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org