Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/b7bac3-f62d-4142-af3c-2e984fbff8b1/1/fHvxpi9KVuCtOfzhpd604PAGCeE.roa
File: fHvxpi9KVuCtOfzhpd604PAGCeE.roa (raw, json)
Hash identifier: hln8sgk4WMyfwP3D6ymnQsJZybAQ/tJQk0AxLecelXs=
Subject key identifier: 7C:7B:F1:A6:2F:4A:56:E0:AD:39:FC:E1:A5:DE:B4:E0:F0:06:09:E1
Certificate issuer: /CN=84b87af5334c5c45141b6675a9ed46e57b7976ac
Certificate serial: 0EE94981
Authority key identifier: 84:B8:7A:F5:33:4C:5C:45:14:1B:66:75:A9:ED:46:E5:7B:79:76:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLh69TNMXEUUG2Z1qe1G5Xt5dqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/b7bac3-f62d-4142-af3c-2e984fbff8b1/1/fHvxpi9KVuCtOfzhpd604PAGCeE.roa
Signing time: Sat 01 Jan 2022 03:52:50 +0000
ROA not before: Sat 01 Jan 2022 03:52:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197696
IP address blocks: 185.236.224.0/22 maxlen: 22
185.236.224.0/24 maxlen: 24
185.236.226.0/23 maxlen: 23
31.170.8.0/21 maxlen: 21
31.170.8.0/22 maxlen: 22
31.170.13.0/24 maxlen: 24
185.236.224.1/32 maxlen: 32
185.236.224.2/32 maxlen: 32
2a01:9500:80::/48 maxlen: 48
2a01:9500::/42 maxlen: 42
2a01:9500::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 250169729 (0xee94981)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b87af5334c5c45141b6675a9ed46e57b7976ac
Validity
Not Before: Jan 1 03:52:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7c7bf1a62f4a56e0ad39fce1a5deb4e0f00609e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:51:9c:89:3a:df:bc:9a:57:0e:73:35:3c:c8:
75:46:0e:e3:05:19:10:b2:51:9e:de:00:37:d5:05:
8c:64:a1:42:b7:db:eb:d6:c4:51:4c:a7:11:a8:ba:
90:55:44:e3:19:e9:ac:c5:ce:66:12:43:ec:d6:29:
5b:ed:ba:13:bf:a4:4d:61:ba:81:b9:b8:97:16:17:
a3:78:2c:ee:85:bd:8b:5a:9b:4c:62:d6:d3:b7:73:
1e:30:47:f8:74:11:76:7b:0f:25:03:8b:d8:7a:46:
be:59:05:dd:d4:13:88:7d:33:95:65:5d:b3:24:e8:
ad:72:0e:49:ea:86:d0:ce:de:f3:0d:52:4a:5f:c5:
e3:b9:54:97:58:94:05:37:d1:a9:9c:17:15:9a:8d:
68:a6:ab:c3:32:d2:2a:26:e5:0d:a6:ec:a7:14:14:
d5:ca:55:7b:02:19:2b:60:b4:c1:e7:f7:1b:f8:6e:
9c:2e:72:2a:54:56:0d:6d:3e:df:04:d2:44:b3:97:
22:70:e8:55:62:45:33:32:18:6f:d9:a6:b6:cd:c2:
b4:b1:f0:61:be:27:7f:8b:16:ee:19:35:84:50:9b:
37:5b:c7:6f:31:9a:2c:0a:05:c1:65:9c:27:b3:81:
da:4e:13:cb:50:74:2b:88:64:16:ab:30:54:27:10:
a3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:7B:F1:A6:2F:4A:56:E0:AD:39:FC:E1:A5:DE:B4:E0:F0:06:09:E1
X509v3 Authority Key Identifier:
keyid:84:B8:7A:F5:33:4C:5C:45:14:1B:66:75:A9:ED:46:E5:7B:79:76:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLh69TNMXEUUG2Z1qe1G5Xt5dqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b7bac3-f62d-4142-af3c-2e984fbff8b1/1/fHvxpi9KVuCtOfzhpd604PAGCeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/b7bac3-f62d-4142-af3c-2e984fbff8b1/1/hLh69TNMXEUUG2Z1qe1G5Xt5dqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.8.0/21
185.236.224.0/22
IPv6:
2a01:9500::/32
Signature Algorithm: sha256WithRSAEncryption
8b:23:cb:60:36:70:7f:27:c6:be:0f:84:f5:86:92:72:66:8e:
19:e8:ae:dd:84:cd:53:96:ff:62:eb:9c:4a:37:7d:af:04:8a:
5f:8f:76:bb:93:db:08:da:8d:8a:cb:98:d1:86:01:2d:01:ff:
e8:d2:6d:f2:21:9c:fa:6b:05:38:95:98:7f:45:4f:b5:42:f5:
0d:73:29:46:3e:de:a8:6d:e2:f6:b4:ea:42:98:ca:0a:30:f0:
fa:df:e5:1b:52:c1:a5:7f:cb:d4:3f:43:92:56:b3:70:85:a7:
e7:7d:80:1a:46:9d:a2:83:58:16:c5:0c:0e:bc:01:8a:e0:e6:
dd:b3:87:20:5e:22:0e:bb:07:65:36:37:94:ea:66:a2:c2:9a:
ee:2f:64:e5:8f:bb:07:c7:8d:30:5c:1e:2a:7f:78:8a:47:ec:
dd:53:eb:d9:90:b0:de:ad:b1:11:a1:37:a6:ed:44:b8:8d:04:
44:e3:5e:02:7a:2d:aa:6d:9d:cb:c1:a0:ab:6d:dc:22:94:24:
ed:9f:3b:96:ef:bd:af:f1:55:1e:ee:45:55:7c:ab:d0:5b:f7:
43:9a:b7:7f:dc:80:f7:c7:a8:9f:6c:ab:c7:30:1a:8b:4c:f8:
fa:d2:2e:b8:4e:0a:8b:3f:2e:72:11:6d:cf:b0:7d:2f:66:9a:
77:76:cf:45
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEDulJgTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGI4N2FmNTMzNGM1YzQ1MTQxYjY2NzVhOWVkNDZlNTdiNzk3NmFjMB4XDTIyMDEw
MTAzNTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoN2M3YmYxYTYyZjRh
NTZlMGFkMzlmY2UxYTVkZWI0ZTBmMDA2MDllMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMNRnIk637yaVw5zNTzIdUYO4wUZELJRnt4AN9UFjGShQrfb
69bEUUynEai6kFVE4xnprMXOZhJD7NYpW+26E7+kTWG6gbm4lxYXo3gs7oW9i1qb
TGLW07dzHjBH+HQRdnsPJQOL2HpGvlkF3dQTiH0zlWVdsyTorXIOSeqG0M7e8w1S
Sl/F47lUl1iUBTfRqZwXFZqNaKarwzLSKiblDabspxQU1cpVewIZK2C0wef3G/hu
nC5yKlRWDW0+3wTSRLOXInDoVWJFMzIYb9mmts3CtLHwYb4nf4sW7hk1hFCbN1vH
bzGaLAoFwWWcJ7OB2k4Ty1B0K4hkFqswVCcQo08CAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBR8e/GmL0pW4K05/OGl3rTg8AYJ4TAfBgNVHSMEGDAWgBSEuHr1M0xcRRQb
ZnWp7Uble3l2rDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMaDY5VE5NWEVVVUcyWjFxZTFHNVh0NWRxdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGMvYjdiYWMzLWY2MmQtNDE0Mi1hZjNjLTJlOTg0ZmJmZjhiMS8x
L2ZIdnhwaTlLVnVDdE9memhwZDYwNFBBR0NlRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGMv
YjdiYWMzLWY2MmQtNDE0Mi1hZjNjLTJlOTg0ZmJmZjhiMS8xL2hMaDY5VE5NWEVV
VUcyWjFxZTFHNVh0NWRxdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAx+qCAMEArns4DANBAIAAjAHAwUA
KgGVADANBgkqhkiG9w0BAQsFAAOCAQEAiyPLYDZwfyfGvg+E9YaScmaOGeiu3YTN
U5b/YuucSjd9rwSKX492u5PbCNqNisuY0YYBLQH/6NJt8iGc+msFOJWYf0VPtUL1
DXMpRj7eqG3i9rTqQpjKCjDw+t/lG1LBpX/L1D9DklazcIWn532AGkadooNYFsUM
DrwBiuDm3bOHIF4iDrsHZTY3lOpmosKa7i9k5Y+7B8eNMFweKn94ikfs3VPr2ZCw
3q2xEaE3pu1EuI0ERONeAnotqm2dy8Ggq23cIpQk7Z87lu+9r/FVHu5FVXyr0Fv3
Q5q3f9yA98eon2yrxzAai0z4+tIuuE4Kiz8uchFtz7B9L2aad3bPRQ==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:49 2023 by rpki-client on console.sobornost.net