Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/9ff8a1-3647-4134-b15f-e5dd6382a1c7/1/HlboebTEn9uVodreK80wpvtcoEM.roa
File: HlboebTEn9uVodreK80wpvtcoEM.roa (raw, json)
Hash identifier: TD1y6QHdVoMyoI6eyfhegxK0B1jSTc+tZxXfKGNS4Jg=
Subject key identifier: 1E:56:E8:79:B4:C4:9F:DB:95:A1:DA:DE:2B:CD:30:A6:FB:5C:A0:43
Certificate issuer: /CN=46078b2dc086ce5955e62db922f354b82d13cd5b
Certificate serial: 1216C129
Authority key identifier: 46:07:8B:2D:C0:86:CE:59:55:E6:2D:B9:22:F3:54:B8:2D:13:CD:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RgeLLcCGzllV5i25IvNUuC0TzVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/9ff8a1-3647-4134-b15f-e5dd6382a1c7/1/HlboebTEn9uVodreK80wpvtcoEM.roa
Signing time: Sat 01 Jan 2022 12:02:47 +0000
ROA not before: Sat 01 Jan 2022 12:02:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60524
IP address blocks: 185.153.84.0/24 maxlen: 24
185.153.84.0/22 maxlen: 22
185.153.85.0/24 maxlen: 24
185.153.86.0/24 maxlen: 24
185.153.87.0/24 maxlen: 24
2a0a:6c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 303481129 (0x1216c129)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46078b2dc086ce5955e62db922f354b82d13cd5b
Validity
Not Before: Jan 1 12:02:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e56e879b4c49fdb95a1dade2bcd30a6fb5ca043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ab:44:20:1e:09:bb:b8:ad:59:5c:8b:1e:7e:
96:0c:a9:40:70:59:ee:ac:5a:dd:5f:d7:b7:a5:2c:
8a:1a:75:1e:67:82:fa:19:ca:11:4e:98:c5:1f:2d:
eb:3d:9f:3e:ca:9e:51:c2:44:27:54:90:e4:b3:8b:
d9:e3:dd:3f:b8:ec:aa:22:dd:6a:9a:87:e0:ab:c6:
b2:b6:77:63:9c:57:e4:cc:e9:fb:da:1d:1c:ee:01:
22:44:e0:88:e4:e4:ac:10:cd:45:4d:7d:82:5c:30:
7e:7f:e9:f2:c5:fb:ab:34:0e:47:f1:2c:7b:14:a8:
df:47:26:17:06:ea:66:f5:d9:ee:66:c0:d4:82:5b:
2b:31:d4:4f:e2:fc:d4:c2:95:f0:e2:38:94:fe:cd:
3f:5f:d1:30:5e:78:42:f9:fd:c3:31:11:b0:a0:b9:
68:05:29:ee:3c:ba:ed:40:93:f7:75:b8:08:c6:9e:
29:7b:b9:15:02:15:be:a9:4e:27:d1:3c:57:52:ac:
d1:f1:25:64:88:fe:23:cb:4a:c7:ab:66:27:38:14:
b3:35:1e:9e:26:c2:00:47:7e:4a:d7:2e:f2:56:ec:
e5:8e:53:74:b0:31:b7:a5:82:45:e3:19:46:e2:f9:
2e:75:5c:b1:ec:a4:9d:b7:85:63:d0:9e:17:19:8c:
2b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:56:E8:79:B4:C4:9F:DB:95:A1:DA:DE:2B:CD:30:A6:FB:5C:A0:43
X509v3 Authority Key Identifier:
keyid:46:07:8B:2D:C0:86:CE:59:55:E6:2D:B9:22:F3:54:B8:2D:13:CD:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RgeLLcCGzllV5i25IvNUuC0TzVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9ff8a1-3647-4134-b15f-e5dd6382a1c7/1/HlboebTEn9uVodreK80wpvtcoEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/9ff8a1-3647-4134-b15f-e5dd6382a1c7/1/RgeLLcCGzllV5i25IvNUuC0TzVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.153.84.0/22
IPv6:
2a0a:6c00::/29
Signature Algorithm: sha256WithRSAEncryption
40:a7:c0:4e:a6:ca:7d:a1:9f:49:88:57:44:93:28:95:88:2f:
5e:b6:e5:af:0a:9e:fb:a3:8e:0a:cc:b2:2c:54:16:92:c7:cc:
c7:50:a7:35:d5:16:38:bf:7f:a9:b6:4a:39:52:a8:7d:f6:46:
eb:a6:fa:7d:4c:d1:79:e8:8b:be:03:7c:1a:9b:98:75:57:18:
d8:3f:d1:1f:b9:34:b4:7c:e6:63:55:54:98:16:39:52:92:6a:
c8:dd:88:5e:e9:e6:75:8c:73:3e:38:32:8e:17:60:df:e8:47:
6e:36:a5:9d:bd:e6:bb:7b:73:e2:4e:f2:ca:6b:76:b5:00:89:
99:06:4c:1d:00:3b:9c:72:84:aa:a4:23:b6:63:27:21:f0:03:
33:b8:57:45:fd:6f:68:da:8d:d3:16:4d:2b:ae:23:f7:f2:ab:
ba:19:0b:f1:df:ea:1c:d0:e7:7c:7f:37:f3:bb:c7:c9:df:c5:
5e:2b:6b:b2:06:d9:4d:d6:e4:4b:ed:96:63:a5:6b:79:73:f7:
e4:69:ad:8e:61:f8:bd:c0:ed:85:49:28:d0:a0:5c:7c:e3:e7:
02:c9:4b:07:49:d6:95:97:26:6f:cc:c4:da:79:e6:61:6f:40:
98:37:d1:57:d5:9d:60:14:cd:14:05:3d:70:98:31:a0:8e:22:
79:de:49:c3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEEhbBKTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NjA3OGIyZGMwODZjZTU5NTVlNjJkYjkyMmYzNTRiODJkMTNjZDViMB4XDTIyMDEw
MTEyMDI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU1NmU4NzliNGM0
OWZkYjk1YTFkYWRlMmJjZDMwYTZmYjVjYTA0MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALOrRCAeCbu4rVlcix5+lgypQHBZ7qxa3V/Xt6Usihp1HmeC
+hnKEU6YxR8t6z2fPsqeUcJEJ1SQ5LOL2ePdP7jsqiLdapqH4KvGsrZ3Y5xX5Mzp
+9odHO4BIkTgiOTkrBDNRU19glwwfn/p8sX7qzQOR/EsexSo30cmFwbqZvXZ7mbA
1IJbKzHUT+L81MKV8OI4lP7NP1/RMF54Qvn9wzERsKC5aAUp7jy67UCT93W4CMae
KXu5FQIVvqlOJ9E8V1Ks0fElZIj+I8tKx6tmJzgUszUenibCAEd+Stcu8lbs5Y5T
dLAxt6WCReMZRuL5LnVcseyknbeFY9CeFxmMK28CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBQeVuh5tMSf25Wh2t4rzTCm+1ygQzAfBgNVHSMEGDAWgBRGB4stwIbOWVXm
Lbki81S4LRPNWzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JnZUxMY0NHemxsVjVpMjVJdk5VdUMwVHpWcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTkvOWZmOGExLTM2NDctNDEzNC1iMTVmLWU1ZGQ2MzgyYTFjNy8x
L0hsYm9lYlRFbjl1Vm9kcmVLODB3cHZ0Y29FTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTkv
OWZmOGExLTM2NDctNDEzNC1iMTVmLWU1ZGQ2MzgyYTFjNy8xL1JnZUxMY0NHemxs
VjVpMjVJdk5VdUMwVHpWcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmZVDANBAIAAjAHAwUDKgpsADAN
BgkqhkiG9w0BAQsFAAOCAQEAQKfATqbKfaGfSYhXRJMolYgvXrblrwqe+6OOCsyy
LFQWksfMx1CnNdUWOL9/qbZKOVKoffZG66b6fUzReeiLvgN8GpuYdVcY2D/RH7k0
tHzmY1VUmBY5UpJqyN2IXunmdYxzPjgyjhdg3+hHbjalnb3mu3tz4k7yymt2tQCJ
mQZMHQA7nHKEqqQjtmMnIfADM7hXRf1vaNqN0xZNK64j9/KruhkL8d/qHNDnfH83
87vHyd/FXitrsgbZTdbkS+2WY6VreXP35GmtjmH4vcDthUko0KBcfOPnAslLB0nW
lZcmb8zE2nnmYW9AmDfRV9WdYBTNFAU9cJgxoI4ied5Jww==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:57 2023 by rpki-client on console.sobornost.net