Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/Ha_4wPUVSFCNKawCK1bEKWCqQ_g.roa
File: Ha_4wPUVSFCNKawCK1bEKWCqQ_g.roa (raw, json)
Hash identifier: DjN9D/9OWgiyyt8LmZao/KQpH8/ISRDgiB4iVOrENOM=
Subject key identifier: 1D:AF:F8:C0:F5:15:48:50:8D:29:AC:02:2B:56:C4:29:60:AA:43:F8
Certificate issuer: /CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Certificate serial: 137F7E6A
Authority key identifier: EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/Ha_4wPUVSFCNKawCK1bEKWCqQ_g.roa
Signing time: Sat 01 Jan 2022 08:04:03 +0000
ROA not before: Sat 01 Jan 2022 08:04:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35425
IP address blocks: 185.128.221.0/24 maxlen: 24
2a03:9ba0::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 327122538 (0x137f7e6a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8669e70cea94973afd34fb08eb59e9d86b57fc
Validity
Not Before: Jan 1 08:04:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1daff8c0f51548508d29ac022b56c42960aa43f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f0:2d:ac:8a:e2:3c:8c:9a:2e:37:07:8c:35:
34:88:bf:a4:00:3a:fc:70:b9:d4:f1:ab:72:f7:50:
63:d7:78:3d:b8:02:20:55:6f:ac:44:f8:7b:fe:65:
1d:4e:3b:e9:d2:07:72:a8:d7:f0:3c:29:b8:22:ca:
0c:e4:db:73:e0:b9:9d:d9:0e:26:d5:d9:8e:de:a8:
e5:b4:a8:36:24:12:d1:f4:82:67:30:b5:b1:f8:03:
e8:ef:fb:44:8c:94:9c:24:23:f8:a3:4a:a0:97:9a:
98:69:9a:e9:20:5f:92:f9:be:77:fd:ec:1a:7e:82:
ae:9b:4a:ab:0b:37:fa:b9:8a:a9:a4:d8:38:09:58:
71:b7:a6:a8:0d:e4:4a:fa:c3:6c:a7:6d:12:ea:b2:
69:7a:96:bc:dc:92:6e:b5:c8:5d:38:db:b3:98:ca:
d5:7f:fe:e5:66:5d:13:45:89:62:f8:21:7b:4a:0a:
6f:69:9a:9a:f0:25:5e:91:c1:09:c7:47:51:db:28:
d1:59:af:db:85:36:93:b1:f4:10:f5:1d:ed:1d:11:
b0:f5:d9:3b:a7:b8:d3:ac:83:86:03:b5:0d:6e:78:
0b:2e:7d:ac:99:1c:69:f8:28:8c:c1:7e:4d:2e:52:
0f:87:2f:dd:51:0e:2c:82:03:99:c6:25:d4:43:31:
3a:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AF:F8:C0:F5:15:48:50:8D:29:AC:02:2B:56:C4:29:60:AA:43:F8
X509v3 Authority Key Identifier:
keyid:EF:86:69:E7:0C:EA:94:97:3A:FD:34:FB:08:EB:59:E9:D8:6B:57:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74Zp5wzqlJc6_TT7COtZ6dhrV_w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/Ha_4wPUVSFCNKawCK1bEKWCqQ_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/397c1e-51a7-416f-a45c-2a0213179c07/1/74Zp5wzqlJc6_TT7COtZ6dhrV_w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.221.0/24
IPv6:
2a03:9ba0::/40
Signature Algorithm: sha256WithRSAEncryption
33:26:dd:16:9f:50:03:50:c1:2d:c5:ad:d1:0f:f1:9f:d4:cf:
f8:a6:df:fe:16:cd:a4:4a:9c:dd:ef:c0:94:fe:78:11:80:96:
71:fa:95:90:e8:11:52:69:81:73:22:09:39:f2:94:01:3e:e0:
87:9a:1e:dc:fb:e2:99:5d:f2:4e:c2:6d:b2:b8:00:95:57:80:
65:23:5b:bf:57:43:a0:74:f1:ef:7a:fa:6f:02:a8:71:cf:b6:
f6:dd:e5:ef:63:e7:92:74:93:35:87:07:13:19:7d:c3:d8:95:
02:0c:b1:ce:04:dd:6e:59:f7:f8:54:9e:bf:90:99:dc:23:24:
08:a1:fb:05:7b:d2:61:09:ae:05:7c:51:55:cf:75:01:53:a1:
7a:73:c1:31:21:d2:3d:39:06:5f:20:6a:f3:d6:6e:0f:d4:3d:
f8:34:3a:ab:5f:26:d1:6b:af:f8:0f:26:e6:cc:76:b3:b3:5a:
5b:86:83:fa:ee:9d:09:26:43:e7:91:99:c3:b8:d6:40:4a:eb:
e0:86:a1:bd:56:39:4d:13:63:b1:51:fb:76:38:4c:87:4d:5a:
dd:07:73:5e:20:ff:94:44:03:7d:18:f8:f0:4e:4f:71:a7:d1:
d7:84:16:56:b8:36:f2:1b:9d:b2:d9:0e:4d:06:d7:d3:00:46:
e7:3b:ef:50
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEE39+ajANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
Zjg2NjllNzBjZWE5NDk3M2FmZDM0ZmIwOGViNTllOWQ4NmI1N2ZjMB4XDTIyMDEw
MTA4MDQwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRhZmY4YzBmNTE1
NDg1MDhkMjlhYzAyMmI1NmM0Mjk2MGFhNDNmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJLwLayK4jyMmi43B4w1NIi/pAA6/HC51PGrcvdQY9d4PbgC
IFVvrET4e/5lHU476dIHcqjX8DwpuCLKDOTbc+C5ndkOJtXZjt6o5bSoNiQS0fSC
ZzC1sfgD6O/7RIyUnCQj+KNKoJeamGma6SBfkvm+d/3sGn6CrptKqws3+rmKqaTY
OAlYcbemqA3kSvrDbKdtEuqyaXqWvNySbrXIXTjbs5jK1X/+5WZdE0WJYvghe0oK
b2mamvAlXpHBCcdHUdso0Vmv24U2k7H0EPUd7R0RsPXZO6e406yDhgO1DW54Cy59
rJkcafgojMF+TS5SD4cv3VEOLIIDmcYl1EMxOscCAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBQdr/jA9RVIUI0prAIrVsQpYKpD+DAfBgNVHSMEGDAWgBTvhmnnDOqUlzr9
NPsI61np2GtX/DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzc0WnA1d3pxbEpjNl9UVDdDT3RaNmRoclZfdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWEvMzk3YzFlLTUxYTctNDE2Zi1hNDVjLTJhMDIxMzE3OWMwNy8x
L0hhXzR3UFVWU0ZDTkthd0NLMWJFS1dDcVFfZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEv
Mzk3YzFlLTUxYTctNDE2Zi1hNDVjLTJhMDIxMzE3OWMwNy8xLzc0WnA1d3pxbEpj
Nl9UVDdDT3RaNmRoclZfdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEALmA3TAOBAIAAjAIAwYAKgOboAAw
DQYJKoZIhvcNAQELBQADggEBADMm3RafUANQwS3FrdEP8Z/Uz/im3/4WzaRKnN3v
wJT+eBGAlnH6lZDoEVJpgXMiCTnylAE+4IeaHtz74pld8k7CbbK4AJVXgGUjW79X
Q6B08e96+m8CqHHPtvbd5e9j55J0kzWHBxMZfcPYlQIMsc4E3W5Z9/hUnr+Qmdwj
JAih+wV70mEJrgV8UVXPdQFToXpzwTEh0j05Bl8gavPWbg/UPfg0OqtfJtFrr/gP
JubMdrOzWluGg/runQkmQ+eRmcO41kBK6+CGob1WOU0TY7FR+3Y4TIdNWt0Hc14g
/5REA30Y+PBOT3Gn0deEFla4NvIbnbLZDk0G19MARuc771A=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:42 2023 by rpki-client on console-ams.rpki-client.org