Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/HbL86GECVlSEZMYaVXw-VGgXZss.roa
File: HbL86GECVlSEZMYaVXw-VGgXZss.roa (raw, json)
Hash identifier: h5SYoknKP7vPIRpJJjFPyoag4N1aMrPL3tXwKzASYtA=
Subject key identifier: 1D:B2:FC:E8:61:02:56:54:84:64:C6:1A:55:7C:3E:54:68:17:66:CB
Certificate issuer: /CN=cc110bef9c5b96a831c7abf95592744bbaf1ee67
Certificate serial: 018508AC1520E5AEB7B8EA57B40618084E74
Authority key identifier: CC:11:0B:EF:9C:5B:96:A8:31:C7:AB:F9:55:92:74:4B:BA:F1:EE:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zBEL75xblqgxx6v5VZJ0S7rx7mc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/HbL86GECVlSEZMYaVXw-VGgXZss.roa
Signing time: Mon 12 Dec 2022 23:29:33 +0000
ROA not before: Mon 12 Dec 2022 23:29:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205500
IP address blocks: 45.152.171.0/24 maxlen: 24
45.152.168.0/22 maxlen: 22
185.216.16.0/22 maxlen: 22
2a0f:5000::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:ac:15:20:e5:ae:b7:b8:ea:57:b4:06:18:08:4e:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc110bef9c5b96a831c7abf95592744bbaf1ee67
Validity
Not Before: Dec 12 23:29:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1db2fce8610256548464c61a557c3e54681766cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:63:28:1f:1c:1f:91:78:61:94:a0:42:4a:19:
bb:d3:a2:6a:e5:ba:a8:0c:96:29:1d:41:36:00:15:
ff:2d:7e:52:70:54:07:68:54:c6:cb:14:15:20:a9:
76:35:ae:00:e7:e3:1a:4b:ce:01:60:34:7f:82:65:
49:68:74:ab:2c:6a:23:05:9d:64:cd:16:1c:fc:01:
d5:5d:21:c3:83:56:36:74:74:9b:f9:e6:8c:05:3e:
b1:97:14:2d:dc:95:45:1e:ea:d8:5a:df:a0:67:f2:
5b:3f:ff:aa:3a:04:63:fb:09:e5:19:1b:ad:a8:15:
a7:e1:df:e5:e1:94:d9:5e:82:fc:aa:60:a8:93:5b:
e7:48:28:89:9d:df:c4:65:76:70:72:5e:92:a6:f1:
96:c4:e5:48:3b:86:4a:c0:f5:14:ca:8a:41:4a:04:
56:e5:a6:30:d4:5a:ef:a8:67:cb:8d:c8:f7:00:96:
81:af:ad:e2:4e:d0:6b:8d:1e:fd:91:e5:44:97:f2:
f1:89:f7:56:d3:35:e6:14:a0:b8:05:ae:62:01:a5:
96:8f:8b:fc:ee:c3:d1:bf:bf:32:c1:1a:da:df:4e:
bd:53:b9:d3:c1:70:83:fe:58:3c:7c:94:96:1c:35:
ac:70:dd:80:ee:e9:94:9e:61:4f:3d:af:ad:9a:99:
c9:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B2:FC:E8:61:02:56:54:84:64:C6:1A:55:7C:3E:54:68:17:66:CB
X509v3 Authority Key Identifier:
keyid:CC:11:0B:EF:9C:5B:96:A8:31:C7:AB:F9:55:92:74:4B:BA:F1:EE:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zBEL75xblqgxx6v5VZJ0S7rx7mc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/HbL86GECVlSEZMYaVXw-VGgXZss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/529be9-1fcf-46a3-b13d-c8acb7173b62/1/zBEL75xblqgxx6v5VZJ0S7rx7mc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.168.0/22
185.216.16.0/22
IPv6:
2a0f:5000::/29
Signature Algorithm: sha256WithRSAEncryption
c3:12:44:2d:1d:0f:bf:f0:10:c0:c9:21:a3:33:d5:fc:30:5f:
48:c8:15:aa:a4:2c:e3:a5:9b:96:f2:3b:08:d2:da:42:56:58:
62:a0:b8:e7:12:e8:a8:67:9b:bd:c6:72:c6:af:b8:46:5f:b9:
f2:2d:ae:9c:bf:80:bf:f5:79:0a:6a:c8:35:3c:4e:99:d4:bf:
43:0a:25:6c:a8:a9:6a:2a:69:31:68:53:47:e7:81:fc:d7:eb:
25:c0:5d:4f:0e:2f:d3:c5:e6:29:46:96:31:38:9c:2e:72:03:
d7:53:61:a7:9f:99:bb:33:c6:89:0f:37:cd:7f:7a:d9:ec:4a:
fe:16:43:ea:d6:4a:27:4c:15:28:25:45:14:94:c0:1e:51:e2:
2d:6b:26:70:3d:f5:fa:b4:da:00:31:5a:9a:a9:da:ec:f4:48:
cf:8c:a7:82:0a:86:b4:62:d3:13:d6:9d:4c:c4:28:9a:ea:bb:
4d:86:0d:2d:ae:56:74:66:b3:0d:30:8a:a4:5b:0e:6b:f4:7a:
0e:48:c9:72:a6:87:dc:71:ba:1e:ce:49:d8:59:48:77:25:01:
6d:fe:63:00:49:d6:5d:33:97:cf:1c:df:77:21:61:d2:55:01:
95:e9:95:ba:c1:64:71:a9:d3:bb:05:9f:a1:42:97:a7:20:e8:
04:31:66:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYUIrBUg5a63uOpXtAYYCE50MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMTEwYmVmOWM1Yjk2YTgzMWM3YWJmOTU1OTI3NDRiYmFm
MWVlNjcwHhcNMjIxMjEyMjMyOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIyZmNlODYxMDI1NjU0ODQ2NGM2MWE1NTdjM2U1NDY4MTc2NmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmMoHxwfkXhhlKBCShm706Jq5bqo
DJYpHUE2ABX/LX5ScFQHaFTGyxQVIKl2Na4A5+MaS84BYDR/gmVJaHSrLGojBZ1k
zRYc/AHVXSHDg1Y2dHSb+eaMBT6xlxQt3JVFHurYWt+gZ/JbP/+qOgRj+wnlGRut
qBWn4d/l4ZTZXoL8qmCok1vnSCiJnd/EZXZwcl6SpvGWxOVIO4ZKwPUUyopBSgRW
5aYw1FrvqGfLjcj3AJaBr63iTtBrjR79keVEl/LxifdW0zXmFKC4Ba5iAaWWj4v8
7sPRv78ywRra3069U7nTwXCD/lg8fJSWHDWscN2A7umUnmFPPa+tmpnJhQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB2y/OhhAlZUhGTGGlV8PlRoF2bLMB8GA1UdIwQY
MBaAFMwRC++cW5aoMcer+VWSdEu68e5nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekJFTDc1eGJscWd4eDZ2NVZaSjBTN3J4N21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81MjliZTktMWZjZi00NmEzLWIxM2Qt
YzhhY2I3MTczYjYyLzEvSGJMODZHRUNWbFNFWk1ZYVZYdy1WR2dYWnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81MjliZTktMWZjZi00NmEzLWIxM2QtYzhhY2I3MTczYjYy
LzEvekJFTDc1eGJscWd4eDZ2NVZaSjBTN3J4N21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLZioAwQC
udgQMA0EAgACMAcDBQMqD1AAMA0GCSqGSIb3DQEBCwUAA4IBAQDDEkQtHQ+/8BDA
ySGjM9X8MF9IyBWqpCzjpZuW8jsI0tpCVlhioLjnEuioZ5u9xnLGr7hGX7nyLa6c
v4C/9XkKasg1PE6Z1L9DCiVsqKlqKmkxaFNH54H81+slwF1PDi/TxeYpRpYxOJwu
cgPXU2Gnn5m7M8aJDzfNf3rZ7Er+FkPq1konTBUoJUUUlMAeUeItayZwPfX6tNoA
MVqaqdrs9EjPjKeCCoa0YtMT1p1MxCia6rtNhg0trlZ0ZrMNMIqkWw5r9HoOSMly
pofccboezknYWUh3JQFt/mMASdZdM5fPHN93IWHSVQGV6ZW6wWRxqdO7BZ+hQpen
IOgEMWYg
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:19 2024 by rpki-client on console-ams.rpki-client.org