Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/HZe6Xiz4M93D8KZB8cSrdQs3Tcg.roa
File: HZe6Xiz4M93D8KZB8cSrdQs3Tcg.roa (raw, json)
Hash identifier: 7DSQVhGFM0g8D78AqQJHCvR/N4fS1B0NfiKZIfFjJ6A=
Subject key identifier: 1D:97:BA:5E:2C:F8:33:DD:C3:F0:A6:41:F1:C4:AB:75:0B:37:4D:C8
Certificate issuer: /CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Certificate serial: 0B82ACD6
Authority key identifier: B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/HZe6Xiz4M93D8KZB8cSrdQs3Tcg.roa
Signing time: Sat 01 Jan 2022 07:56:00 +0000
ROA not before: Sat 01 Jan 2022 07:56:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200590
IP address blocks: 87.255.200.0/23 maxlen: 24
89.223.2.0/24 maxlen: 24
194.76.124.0/22 maxlen: 24
89.223.0.0/24 maxlen: 24
79.143.20.0/22 maxlen: 24
5.188.152.0/22 maxlen: 24
178.238.78.0/23 maxlen: 24
84.252.156.0/22 maxlen: 24
5.188.64.0/22 maxlen: 24
94.126.201.0/24 maxlen: 24
185.97.112.0/22 maxlen: 24
87.255.196.0/22 maxlen: 24
87.255.194.0/23 maxlen: 24
93.190.240.0/22 maxlen: 24
2a06:580::/29 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 193113302 (0xb82acd6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b09fff8e8ffd8f8e7d9a7b66d1cc73dc39281ef6
Validity
Not Before: Jan 1 07:56:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d97ba5e2cf833ddc3f0a641f1c4ab750b374dc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4b:04:6c:02:93:5b:d8:48:f0:18:52:7e:50:
1a:78:18:89:c7:8b:90:8e:d7:56:4b:c9:68:99:98:
70:3c:75:af:62:49:0d:e3:f4:fd:57:ad:38:35:0a:
26:b8:bc:57:e8:d1:59:4a:0d:c0:0e:e0:d8:1d:2b:
72:38:58:87:bb:cf:db:4d:99:02:53:85:05:96:16:
22:5c:ff:44:0e:94:64:82:4b:d8:72:3a:93:75:83:
5a:32:d4:74:ef:a2:78:bb:6e:dc:9d:be:4b:ee:82:
b7:b9:5c:8f:b4:0f:e6:63:5c:e2:dc:66:23:b4:eb:
88:c5:05:e5:67:10:b1:39:c5:7f:42:1e:ad:2b:8c:
46:d3:23:3f:3e:7f:d1:96:24:e8:88:1d:06:28:30:
e9:75:14:4e:6f:14:9a:91:41:0d:66:1a:2f:e3:5d:
4e:ed:54:35:c0:f1:4c:30:21:9d:e0:b4:15:85:97:
f2:2d:80:4f:c9:62:b4:51:ea:14:fa:40:17:c3:6a:
91:2f:d2:2a:54:dd:c1:b8:c8:3c:91:42:32:26:ab:
40:75:24:ff:de:c8:35:60:e9:c2:9e:5e:f1:d0:fc:
78:df:34:5a:22:7b:ac:c0:a4:ae:63:b8:ed:8d:3f:
62:69:f7:95:a0:56:56:b7:be:9e:e7:ae:90:b8:0d:
61:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:97:BA:5E:2C:F8:33:DD:C3:F0:A6:41:F1:C4:AB:75:0B:37:4D:C8
X509v3 Authority Key Identifier:
keyid:B0:9F:FF:8E:8F:FD:8F:8E:7D:9A:7B:66:D1:CC:73:DC:39:28:1E:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sJ__jo_9j459mntm0cxz3DkoHvY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/HZe6Xiz4M93D8KZB8cSrdQs3Tcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/8fbc7e-1f47-487c-8292-e5a77f7a7aa2/1/sJ__jo_9j459mntm0cxz3DkoHvY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.188.64.0/22
5.188.152.0/22
79.143.20.0/22
84.252.156.0/22
87.255.194.0-87.255.201.255
89.223.0.0/24
89.223.2.0/24
93.190.240.0/22
94.126.201.0/24
178.238.78.0/23
185.97.112.0/22
194.76.124.0/22
IPv6:
2a06:580::/29
Signature Algorithm: sha256WithRSAEncryption
b1:61:9b:d6:6b:13:1c:09:4c:31:37:93:dd:c2:69:aa:48:f8:
4d:fe:06:d2:f7:a3:54:77:49:28:63:25:17:6e:c1:d7:2e:f6:
2b:dc:ab:72:69:46:55:a9:fd:82:da:32:4e:91:eb:27:e1:cf:
a6:23:6b:31:a9:b9:3c:06:82:f9:c6:8a:f5:b6:12:79:fb:d2:
ad:2e:ef:c6:9f:13:fc:09:3c:22:bf:a2:13:b1:75:9a:65:82:
0e:e3:11:dd:e1:12:45:6f:6c:85:32:16:fd:42:77:6d:e3:74:
2a:65:4d:a8:80:7c:83:a0:82:a2:33:24:c8:e7:fa:e1:ba:db:
41:bd:62:7b:8d:d6:4a:29:a8:5d:e7:7b:9e:74:28:6e:f7:b0:
3e:b0:17:59:b7:69:d2:26:f8:97:a7:bc:d0:58:79:38:95:47:
bf:e8:69:ff:68:ca:fa:63:e6:27:cf:a6:59:fe:2c:b8:d0:23:
9d:37:49:7b:be:6c:69:4e:72:e2:fc:c6:36:40:78:c7:b6:e2:
49:e5:d6:f0:10:d0:4b:0f:c0:b3:a6:2f:9a:eb:08:0d:a5:38:
c2:d1:10:32:05:fb:27:46:3a:32:b4:1f:f4:cb:9a:0b:48:c6:
f1:62:0e:ad:54:5b:1d:b8:22:47:8d:d0:f8:14:32:d0:97:66:
b5:e5:e7:fb
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgIEC4Ks1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
MDlmZmY4ZThmZmQ4ZjhlN2Q5YTdiNjZkMWNjNzNkYzM5MjgxZWY2MB4XDTIyMDEw
MTA3NTYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ5N2JhNWUyY2Y4
MzNkZGMzZjBhNjQxZjFjNGFiNzUwYjM3NGRjODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALRLBGwCk1vYSPAYUn5QGngYiceLkI7XVkvJaJmYcDx1r2JJ
DeP0/VetODUKJri8V+jRWUoNwA7g2B0rcjhYh7vP202ZAlOFBZYWIlz/RA6UZIJL
2HI6k3WDWjLUdO+ieLtu3J2+S+6Ct7lcj7QP5mNc4txmI7TriMUF5WcQsTnFf0Ie
rSuMRtMjPz5/0ZYk6IgdBigw6XUUTm8UmpFBDWYaL+NdTu1UNcDxTDAhneC0FYWX
8i2AT8litFHqFPpAF8NqkS/SKlTdwbjIPJFCMiarQHUk/97INWDpwp5e8dD8eN80
WiJ7rMCkrmO47Y0/Ymn3laBWVre+nueukLgNYUMCAwEAAaOCAmIwggJeMB0GA1Ud
DgQWBBQdl7peLPgz3cPwpkHxxKt1CzdNyDAfBgNVHSMEGDAWgBSwn/+Oj/2Pjn2a
e2bRzHPcOSge9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3NKX19qb185ajQ1OW1udG0wY3h6M0Rrb0h2WS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTMvOGZiYzdlLTFmNDctNDg3Yy04MjkyLWU1YTc3ZjdhN2FhMi8x
L0haZTZYaXo0TTkzRDhLWkI4Y1NyZFFzM1RjZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTMv
OGZiYzdlLTFmNDctNDg3Yy04MjkyLWU1YTc3ZjdhN2FhMi8xL3NKX19qb185ajQ1
OW1udG0wY3h6M0Rrb0h2WS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB4
BggrBgEFBQcBBwEB/wRpMGcwVgQCAAEwUAMEAgW8QAMEAgW8mAMEAk+PFAMEAlT8
nDAMAwQBV//CAwQBV//IAwQAWd8AAwQAWd8CAwQCXb7wAwQAXn7JAwQBsu5OAwQC
uWFwAwQCwkx8MA0EAgACMAcDBQMqBgWAMA0GCSqGSIb3DQEBCwUAA4IBAQCxYZvW
axMcCUwxN5PdwmmqSPhN/gbS96NUd0koYyUXbsHXLvYr3KtyaUZVqf2C2jJOkesn
4c+mI2sxqbk8BoL5xor1thJ5+9KtLu/GnxP8CTwiv6ITsXWaZYIO4xHd4RJFb2yF
Mhb9Qndt43QqZU2ogHyDoIKiMyTI5/rhuttBvWJ7jdZKKahd53uedChu97A+sBdZ
t2nSJviXp7zQWHk4lUe/6Gn/aMr6Y+Ynz6ZZ/iy40COdN0l7vmxpTnLi/MY2QHjH
tuJJ5dbwENBLD8Czpi+a6wgNpTjC0RAyBfsnRjoytB/0y5oLSMbxYg6tVFsduCJH
jdD4FDLQl2a15ef7
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:25 2024 by rpki-client on console-ams.rpki-client.org