Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/38ec5b-336d-4a1c-a84a-f6c6859b30f0/1/HK4eAgB9KwYKSM5V83wfiNs9qnE.roa
File: HK4eAgB9KwYKSM5V83wfiNs9qnE.roa (raw, json)
Hash identifier: 8uFZnUNaEBAhnBTpukO7K/Mf4uYpXl0yizxhbNuO8gM=
Subject key identifier: 1C:AE:1E:02:00:7D:2B:06:0A:48:CE:55:F3:7C:1F:88:DB:3D:AA:71
Certificate issuer: /CN=e29ed9a9d1b6b5383ebf946d5fc54980612563ea
Certificate serial: 346873B9
Authority key identifier: E2:9E:D9:A9:D1:B6:B5:38:3E:BF:94:6D:5F:C5:49:80:61:25:63:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4p7ZqdG2tTg-v5RtX8VJgGElY-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/38ec5b-336d-4a1c-a84a-f6c6859b30f0/1/HK4eAgB9KwYKSM5V83wfiNs9qnE.roa
Signing time: Sat 01 Jan 2022 07:58:22 +0000
ROA not before: Sat 01 Jan 2022 07:58:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197745
IP address blocks: 185.2.0.0/22 maxlen: 24
2a00:90c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 879260601 (0x346873b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29ed9a9d1b6b5383ebf946d5fc54980612563ea
Validity
Not Before: Jan 1 07:58:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cae1e02007d2b060a48ce55f37c1f88db3daa71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:86:3e:7b:db:6c:87:6c:6e:d0:a9:56:e8:9d:
59:e5:1c:f4:c7:45:68:c5:7f:03:77:8c:db:94:f1:
c1:8a:67:ac:01:57:b9:92:fc:71:25:5c:5c:90:60:
cf:c4:32:fe:81:ea:36:fe:25:c6:da:48:6b:e0:4a:
aa:6f:77:7a:e0:d2:e1:9d:ba:84:ef:83:f4:01:81:
e6:a8:53:26:26:fe:00:35:78:fe:db:0f:cd:8e:58:
bd:b1:15:72:4f:8d:87:48:40:45:66:bb:4d:4b:ac:
08:fe:6f:17:d5:49:e4:f8:d4:66:61:9f:e3:c8:c7:
cc:e0:ba:b0:ac:28:70:2d:6a:f9:74:1f:12:72:f4:
7b:47:ef:f6:97:b9:ff:c9:34:7d:5e:44:d0:72:d8:
33:48:87:e9:6f:c2:8c:c3:70:c9:e5:c0:b2:ef:c2:
6e:c3:46:19:49:49:a8:86:bc:9f:3e:89:cb:66:da:
eb:bc:9a:3d:74:29:bc:f6:c5:0b:14:40:e3:ab:83:
d6:4d:bc:ca:20:a6:3a:5d:f5:27:9a:cc:b3:c6:bb:
18:09:1b:75:52:0d:40:03:98:86:4e:a3:85:e5:eb:
62:81:a2:51:08:32:e4:ca:4e:aa:bf:86:da:c4:53:
ba:a2:69:44:66:c2:ca:48:56:51:66:d0:23:c2:c4:
12:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AE:1E:02:00:7D:2B:06:0A:48:CE:55:F3:7C:1F:88:DB:3D:AA:71
X509v3 Authority Key Identifier:
keyid:E2:9E:D9:A9:D1:B6:B5:38:3E:BF:94:6D:5F:C5:49:80:61:25:63:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4p7ZqdG2tTg-v5RtX8VJgGElY-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/38ec5b-336d-4a1c-a84a-f6c6859b30f0/1/HK4eAgB9KwYKSM5V83wfiNs9qnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/38ec5b-336d-4a1c-a84a-f6c6859b30f0/1/4p7ZqdG2tTg-v5RtX8VJgGElY-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.0.0/22
IPv6:
2a00:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
43:62:10:11:a3:30:5c:a5:73:d7:f6:f7:59:f6:3e:a1:37:78:
37:31:86:72:81:61:c1:3c:68:54:58:fe:55:c4:d8:77:84:48:
64:86:94:f6:0a:cb:0f:71:72:14:70:cb:de:ba:5c:59:64:6e:
2a:c0:fc:be:d5:86:59:b8:eb:3a:f3:09:ac:dc:79:89:1a:64:
61:7e:14:78:8a:b7:bc:b2:72:69:4f:12:fa:36:07:d5:29:06:
40:c1:d4:9e:b9:b7:02:8c:e4:05:07:7a:5e:a6:87:47:b6:89:
46:e9:ea:73:23:21:23:45:13:26:6b:82:1c:8a:71:7c:7b:34:
35:47:f9:f6:4c:4a:3c:69:07:89:ee:af:8b:fe:5b:8f:bf:3f:
f7:05:53:76:4f:da:70:e8:12:f4:03:8a:1f:17:8f:62:62:13:
f5:fb:93:fe:df:8b:ea:8c:29:90:18:f9:36:80:7f:ce:af:d1:
01:55:53:a3:b4:7b:06:9e:5e:cf:2c:df:c7:22:86:1b:28:12:
3b:5e:c5:c0:b7:53:83:e6:ba:23:e3:20:f5:fc:5e:b7:88:f8:
38:51:dc:01:bb:45:79:2f:c2:8e:78:26:8d:02:72:eb:f8:12:
e5:a7:d6:03:70:18:15:a3:aa:c6:35:5c:50:23:f6:d9:04:e4:
0d:0f:bd:6c
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIENGhzuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
MjllZDlhOWQxYjZiNTM4M2ViZjk0NmQ1ZmM1NDk4MDYxMjU2M2VhMB4XDTIyMDEw
MTA3NTgyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNhZTFlMDIwMDdk
MmIwNjBhNDhjZTU1ZjM3YzFmODhkYjNkYWE3MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKWGPnvbbIdsbtCpVuidWeUc9MdFaMV/A3eM25TxwYpnrAFX
uZL8cSVcXJBgz8Qy/oHqNv4lxtpIa+BKqm93euDS4Z26hO+D9AGB5qhTJib+ADV4
/tsPzY5YvbEVck+Nh0hARWa7TUusCP5vF9VJ5PjUZmGf48jHzOC6sKwocC1q+XQf
EnL0e0fv9pe5/8k0fV5E0HLYM0iH6W/CjMNwyeXAsu/CbsNGGUlJqIa8nz6Jy2ba
67yaPXQpvPbFCxRA46uD1k28yiCmOl31J5rMs8a7GAkbdVINQAOYhk6jheXrYoGi
UQgy5MpOqr+G2sRTuqJpRGbCykhWUWbQI8LEEp0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQcrh4CAH0rBgpIzlXzfB+I2z2qcTAfBgNVHSMEGDAWgBTintmp0ba1OD6/
lG1fxUmAYSVj6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzRwN1pxZEcydFRnLXY1UnRYOFZKZ0dFbFktby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvMzhlYzViLTMzNmQtNGExYy1hODRhLWY2YzY4NTliMzBmMC8x
L0hLNGVBZ0I5S3dZS1NNNVY4M3dmaU5zOXFuRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
MzhlYzViLTMzNmQtNGExYy1hODRhLWY2YzY4NTliMzBmMC8xLzRwN1pxZEcydFRn
LXY1UnRYOFZKZ0dFbFktby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArkCADANBAIAAjAHAwUDKgCQwDAN
BgkqhkiG9w0BAQsFAAOCAQEAQ2IQEaMwXKVz1/b3WfY+oTd4NzGGcoFhwTxoVFj+
VcTYd4RIZIaU9grLD3FyFHDL3rpcWWRuKsD8vtWGWbjrOvMJrNx5iRpkYX4UeIq3
vLJyaU8S+jYH1SkGQMHUnrm3AozkBQd6XqaHR7aJRunqcyMhI0UTJmuCHIpxfHs0
NUf59kxKPGkHie6vi/5bj78/9wVTdk/acOgS9AOKHxePYmIT9fuT/t+L6owpkBj5
NoB/zq/RAVVTo7R7Bp5ezyzfxyKGGygSO17FwLdTg+a6I+Mg9fxet4j4OFHcAbtF
eS/CjngmjQJy6/gS5afWA3AYFaOqxjVcUCP22QTkDQ+9bA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:33 2023 by rpki-client on console-fra.rpki-client.org