Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/HyP7ghFnRemOKnIzpsDcoqUIAys.roa
File: HyP7ghFnRemOKnIzpsDcoqUIAys.roa (raw, json)
Hash identifier: NlIYzQJiy0U903IffkPZW9/xS9l3U8bfOIYodh1iPbY=
Subject key identifier: 1F:23:FB:82:11:67:45:E9:8E:2A:72:33:A6:C0:DC:A2:A5:08:03:2B
Certificate issuer: /CN=9e32aef0067c4f0ba20ee6663440005b1b3b887b
Certificate serial: 192E0298
Authority key identifier: 9E:32:AE:F0:06:7C:4F:0B:A2:0E:E6:66:34:40:00:5B:1B:3B:88:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njKu8AZ8TwuiDuZmNEAAWxs7iHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/HyP7ghFnRemOKnIzpsDcoqUIAys.roa
Signing time: Sat 01 Jan 2022 06:58:32 +0000
ROA not before: Sat 01 Jan 2022 06:58:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199567
IP address blocks: 185.8.209.0/24 maxlen: 24
185.8.208.0/24 maxlen: 24
185.8.211.0/24 maxlen: 24
185.8.208.0/22 maxlen: 22
185.8.210.0/24 maxlen: 24
194.40.245.0/24 maxlen: 24
2a02:d740::/29 maxlen: 29
2a02:d740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 422445720 (0x192e0298)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e32aef0067c4f0ba20ee6663440005b1b3b887b
Validity
Not Before: Jan 1 06:58:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f23fb82116745e98e2a7233a6c0dca2a508032b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fd:65:40:bb:23:36:8a:81:e1:0a:28:b2:57:
80:9b:b7:8c:81:b5:99:50:6d:57:a3:22:ec:b4:07:
7c:2a:a4:f3:a9:8a:5a:14:29:94:7b:46:dc:7b:2d:
cb:e7:dc:21:97:85:1b:d3:1e:31:0e:34:ae:2a:62:
78:da:44:83:0a:a9:af:e7:3a:1f:16:32:1c:ec:4a:
83:ae:76:d2:cc:2a:9d:90:d2:5a:0c:15:dd:86:a8:
79:dc:30:e2:46:68:1e:e9:94:e7:92:18:c5:25:2a:
c9:99:ef:95:81:16:c7:34:50:ea:0e:b8:47:a9:ee:
23:03:37:51:e0:e9:cc:02:fd:88:a6:93:fb:7f:50:
78:10:0b:57:40:1f:87:28:ae:fe:0f:cc:4b:11:54:
85:5f:33:86:6b:10:69:67:28:f3:82:5b:40:ce:f2:
dd:bd:a9:38:69:88:77:62:38:4b:9a:c9:1f:3e:c4:
f7:c6:fa:52:e7:cf:ce:0f:6f:3c:a1:b3:c3:69:44:
03:d4:4e:33:69:d7:fc:a1:43:ca:96:46:cf:71:da:
b7:44:d4:43:15:59:4c:60:8f:86:91:16:99:a1:e9:
ab:7a:91:50:8f:e0:67:90:40:6e:6e:42:70:58:e5:
3e:62:2c:ff:02:d3:7f:f7:4b:08:95:70:7f:7f:fa:
a1:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:23:FB:82:11:67:45:E9:8E:2A:72:33:A6:C0:DC:A2:A5:08:03:2B
X509v3 Authority Key Identifier:
keyid:9E:32:AE:F0:06:7C:4F:0B:A2:0E:E6:66:34:40:00:5B:1B:3B:88:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njKu8AZ8TwuiDuZmNEAAWxs7iHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/HyP7ghFnRemOKnIzpsDcoqUIAys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/8c2874-ebba-4c77-96c6-c31c6d8691d0/1/njKu8AZ8TwuiDuZmNEAAWxs7iHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.8.208.0/22
194.40.245.0/24
IPv6:
2a02:d740::/29
Signature Algorithm: sha256WithRSAEncryption
91:cc:67:fe:2b:d7:53:7a:ab:0f:9a:d3:cf:2d:10:30:01:f2:
d1:c4:1d:62:e8:53:82:c5:9d:a2:94:4f:4a:b4:78:9e:17:d0:
af:87:47:da:85:cc:c0:00:3f:cd:6c:a6:ea:5d:c4:5a:e5:49:
14:59:97:01:cc:40:cc:58:f7:89:f4:99:8c:fa:e7:b6:5f:7b:
37:f5:bf:cc:8b:79:e1:23:70:4a:0a:71:87:76:28:2f:0e:28:
5d:da:22:6a:8e:90:96:31:6b:84:ca:2e:37:ce:2d:bb:bd:07:
b6:94:99:f5:b4:6a:2b:01:52:e4:c8:ff:5c:e4:1e:45:72:2e:
b8:f7:62:3a:ae:58:4a:2d:d2:4d:9a:21:b2:06:d7:78:c8:d4:
f0:c8:4e:76:f1:52:d2:27:04:ab:f5:06:5c:51:a2:0f:40:5f:
71:aa:78:e4:cc:48:72:ca:91:7b:3a:96:47:e5:59:ad:c0:68:
b2:45:82:61:67:7d:87:3b:de:ae:6a:86:a6:e5:31:10:31:d4:
6c:d2:8f:53:c3:bb:38:f0:63:64:ac:6f:d6:3f:3e:f6:e2:55:
b5:7f:c5:e5:8b:d1:27:a3:c1:08:91:f2:75:43:1f:0d:2c:a0:
fe:b4:66:83:06:13:f2:a1:82:cb:6a:9f:a1:43:b6:c6:9e:92:
27:78:cf:fe
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEGS4CmDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ZTMyYWVmMDA2N2M0ZjBiYTIwZWU2NjYzNDQwMDA1YjFiM2I4ODdiMB4XDTIyMDEw
MTA2NTgzMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWYyM2ZiODIxMTY3
NDVlOThlMmE3MjMzYTZjMGRjYTJhNTA4MDMyYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKD9ZUC7IzaKgeEKKLJXgJu3jIG1mVBtV6Mi7LQHfCqk86mK
WhQplHtG3Hsty+fcIZeFG9MeMQ40ripieNpEgwqpr+c6HxYyHOxKg6520swqnZDS
WgwV3Yaoedww4kZoHumU55IYxSUqyZnvlYEWxzRQ6g64R6nuIwM3UeDpzAL9iKaT
+39QeBALV0Afhyiu/g/MSxFUhV8zhmsQaWco84JbQM7y3b2pOGmId2I4S5rJHz7E
98b6UufPzg9vPKGzw2lEA9ROM2nX/KFDypZGz3Hat0TUQxVZTGCPhpEWmaHpq3qR
UI/gZ5BAbm5CcFjlPmIs/wLTf/dLCJVwf3/6obECAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBQfI/uCEWdF6Y4qcjOmwNyipQgDKzAfBgNVHSMEGDAWgBSeMq7wBnxPC6IO
5mY0QABbGzuIezAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L25qS3U4QVo4VHd1aUR1Wm1ORUFBV3hzN2lIcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvOGMyODc0LWViYmEtNGM3Ny05NmM2LWMzMWM2ZDg2OTFkMC8x
L0h5UDdnaEZuUmVtT0tuSXpwc0Rjb3FVSUF5cy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
OGMyODc0LWViYmEtNGM3Ny05NmM2LWMzMWM2ZDg2OTFkMC8xL25qS3U4QVo4VHd1
aUR1Wm1ORUFBV3hzN2lIcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEArkI0AMEAMIo9TANBAIAAjAHAwUD
KgLXQDANBgkqhkiG9w0BAQsFAAOCAQEAkcxn/ivXU3qrD5rTzy0QMAHy0cQdYuhT
gsWdopRPSrR4nhfQr4dH2oXMwAA/zWym6l3EWuVJFFmXAcxAzFj3ifSZjPrntl97
N/W/zIt54SNwSgpxh3YoLw4oXdoiao6QljFrhMouN84tu70HtpSZ9bRqKwFS5Mj/
XOQeRXIuuPdiOq5YSi3STZohsgbXeMjU8MhOdvFS0icEq/UGXFGiD0Bfcap45MxI
csqRezqWR+VZrcBoskWCYWd9hzvermqGpuUxEDHUbNKPU8O7OPBjZKxv1j8+9uJV
tX/F5YvRJ6PBCJHydUMfDSyg/rRmgwYT8qGCy2qfoUO2xp6SJ3jP/g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:47 2024 by rpki-client on console-ams.rpki-client.org