Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/175762-6929-4e70-b3eb-fb0ee5f997da/1/hooMq8c-22OJg--k3PS-Fi587mg.roa
File: hooMq8c-22OJg--k3PS-Fi587mg.roa (raw, json)
Hash identifier: uCZs0fgvwFEnADL9Q6ShXNaE6xf3x8njQkY/aQU0I4Y=
Subject key identifier: 86:8A:0C:AB:C7:3E:DB:63:89:83:EF:A4:DC:F4:BE:16:2E:7C:EE:68
Certificate issuer: /CN=934959adebf7de943555bca2508807eb913ce6f2
Certificate serial: 15E948FC
Authority key identifier: 93:49:59:AD:EB:F7:DE:94:35:55:BC:A2:50:88:07:EB:91:3C:E6:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k0lZrev33pQ1VbyiUIgH65E85vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/175762-6929-4e70-b3eb-fb0ee5f997da/1/hooMq8c-22OJg--k3PS-Fi587mg.roa
Signing time: Sat 01 Jan 2022 00:52:01 +0000
ROA not before: Sat 01 Jan 2022 00:52:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201739
IP address blocks: 185.22.252.0/22 maxlen: 22
185.22.252.0/24 maxlen: 24
185.22.253.0/24 maxlen: 24
185.22.255.0/24 maxlen: 24
185.22.254.0/24 maxlen: 24
45.152.2.0/24 maxlen: 24
45.152.3.0/24 maxlen: 24
45.152.0.0/22 maxlen: 22
45.152.0.0/24 maxlen: 24
45.152.1.0/24 maxlen: 24
185.65.111.0/24 maxlen: 24
185.65.109.0/24 maxlen: 24
185.65.110.0/24 maxlen: 24
185.65.108.0/22 maxlen: 22
185.65.108.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 367610108 (0x15e948fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=934959adebf7de943555bca2508807eb913ce6f2
Validity
Not Before: Jan 1 00:52:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=868a0cabc73edb638983efa4dcf4be162e7cee68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:28:da:61:f5:1d:66:cd:20:1d:0f:2f:98:b8:
02:48:34:a6:b1:f7:36:07:7b:80:15:2d:58:8a:a1:
c2:4a:48:44:19:e1:46:8a:97:e4:37:ae:6c:ca:66:
96:da:f0:82:65:09:ea:a5:15:92:df:fc:23:47:34:
00:09:86:be:20:0e:dd:6e:26:8c:06:de:18:05:2e:
50:86:39:f2:5d:25:7f:ac:63:09:91:16:7a:05:c9:
b7:26:1b:d0:72:ac:1f:a7:e9:ad:fd:54:ab:f5:af:
78:3a:e9:01:ab:c9:29:58:e7:af:4e:72:8c:2f:b6:
d0:6c:2a:20:22:6d:d9:95:77:39:db:f0:a5:79:ee:
b5:1c:74:f0:bd:1f:75:11:48:e9:ff:a4:25:db:07:
54:62:0c:dd:95:51:03:97:5a:8d:3f:2c:72:fd:44:
c5:06:1a:28:24:1b:ba:b3:3c:72:35:0c:58:d7:a6:
1d:a5:12:87:fc:dd:22:10:2e:f7:b1:a5:38:de:70:
6f:d2:33:84:5c:78:e7:21:d3:b7:1e:b6:23:89:20:
c9:ed:0c:fe:e4:9d:a0:44:43:c1:8a:5f:1f:27:f8:
38:e3:3a:3f:7f:3d:76:7a:72:48:43:58:e1:6a:75:
e7:5b:3d:9d:63:71:65:3c:50:10:5b:70:ad:b0:71:
e7:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:8A:0C:AB:C7:3E:DB:63:89:83:EF:A4:DC:F4:BE:16:2E:7C:EE:68
X509v3 Authority Key Identifier:
keyid:93:49:59:AD:EB:F7:DE:94:35:55:BC:A2:50:88:07:EB:91:3C:E6:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k0lZrev33pQ1VbyiUIgH65E85vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/175762-6929-4e70-b3eb-fb0ee5f997da/1/hooMq8c-22OJg--k3PS-Fi587mg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/175762-6929-4e70-b3eb-fb0ee5f997da/1/k0lZrev33pQ1VbyiUIgH65E85vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.0.0/22
185.22.252.0/22
185.65.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:4e:e3:3d:df:32:96:fb:23:a0:96:81:5e:21:9f:21:f1:94:
e2:ad:7d:06:33:ab:78:40:66:8d:e8:67:fb:6b:77:3f:3b:41:
c9:9a:6d:3e:eb:f2:f0:7e:5b:80:6e:4d:94:8e:5a:05:48:b3:
33:ec:8c:fd:43:3b:d0:ea:0c:a4:21:e0:b2:be:d2:e8:76:bf:
4c:90:43:c3:e1:79:6f:ca:db:d0:40:93:3a:a3:ef:90:1d:0f:
f2:6d:14:a0:67:c8:88:23:6c:fc:f0:83:2c:da:81:46:8e:95:
f9:a6:9a:b5:4b:4d:e0:79:19:d2:08:d4:34:5a:69:bd:38:e6:
10:d6:af:66:5a:71:cc:ad:6b:ec:a0:6f:f1:df:c1:c9:89:27:
30:77:5d:87:ab:d1:0b:31:d2:1d:30:cf:de:6c:f6:e1:d6:66:
98:ce:6d:42:f8:18:48:7d:7b:18:5b:31:47:c7:4e:b0:2a:12:
e4:19:79:97:93:dc:29:db:ba:09:4c:32:ca:33:84:9e:b0:e8:
7a:62:5b:e1:93:2f:aa:eb:82:a4:b6:79:cf:88:11:b5:81:d5:
11:dd:72:5b:37:f6:3f:ff:e0:3d:56:a1:d6:44:b7:8f:36:35:
eb:86:f9:54:dd:d7:20:0e:f4:98:32:f0:33:09:00:67:c7:ec:
8f:ba:4d:25
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEFelI/DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
MzQ5NTlhZGViZjdkZTk0MzU1NWJjYTI1MDg4MDdlYjkxM2NlNmYyMB4XDTIyMDEw
MTAwNTIwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY4YTBjYWJjNzNl
ZGI2Mzg5ODNlZmE0ZGNmNGJlMTYyZTdjZWU2ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOso2mH1HWbNIB0PL5i4Akg0prH3Ngd7gBUtWIqhwkpIRBnh
RoqX5DeubMpmltrwgmUJ6qUVkt/8I0c0AAmGviAO3W4mjAbeGAUuUIY58l0lf6xj
CZEWegXJtyYb0HKsH6fprf1Uq/WveDrpAavJKVjnr05yjC+20GwqICJt2ZV3Odvw
pXnutRx08L0fdRFI6f+kJdsHVGIM3ZVRA5dajT8scv1ExQYaKCQburM8cjUMWNem
HaUSh/zdIhAu97GlON5wb9IzhFx45yHTtx62I4kgye0M/uSdoERDwYpfHyf4OOM6
P389dnpySENY4Wp151s9nWNxZTxQEFtwrbBx520CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBSGigyrxz7bY4mD76Tc9L4WLnzuaDAfBgNVHSMEGDAWgBSTSVmt6/felDVV
vKJQiAfrkTzm8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2swbFpyZXYzM3BRMVZieWlVSWdINjVFODV2SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvMTc1NzYyLTY5MjktNGU3MC1iM2ViLWZiMGVlNWY5OTdkYS8x
L2hvb01xOGMtMjJPSmctLWszUFMtRmk1ODdtZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
MTc1NzYyLTY5MjktNGU3MC1iM2ViLWZiMGVlNWY5OTdkYS8xL2swbFpyZXYzM3BR
MVZieWlVSWdINjVFODV2SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi2YAAMEArkW/AMEArlBbDANBgkq
hkiG9w0BAQsFAAOCAQEAqE7jPd8ylvsjoJaBXiGfIfGU4q19BjOreEBmjehn+2t3
PztByZptPuvy8H5bgG5NlI5aBUizM+yM/UM70OoMpCHgsr7S6Ha/TJBDw+F5b8rb
0ECTOqPvkB0P8m0UoGfIiCNs/PCDLNqBRo6V+aaatUtN4HkZ0gjUNFppvTjmENav
ZlpxzK1r7KBv8d/ByYknMHddh6vRCzHSHTDP3mz24dZmmM5tQvgYSH17GFsxR8dO
sCoS5Bl5l5PcKdu6CUwyyjOEnrDoemJb4ZMvquuCpLZ5z4gRtYHVEd1yWzf2P//g
PVah1kS3jzY164b5VN3XIA70mDLwMwkAZ8fsj7pNJQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:04 2023 by rpki-client on console.sobornost.net