Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/hkUxpenH-hRo_726UNh0TLwrdmA.roa
File: hkUxpenH-hRo_726UNh0TLwrdmA.roa (raw, json)
Hash identifier: DUj/a1IhpSxkV4ubO+yqr7dyZ41E3mXDR3KG3HGPbGo=
Subject key identifier: 86:45:31:A5:E9:C7:FA:14:68:FF:BD:BA:50:D8:74:4C:BC:2B:76:60
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 08DB9CAE
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/hkUxpenH-hRo_726UNh0TLwrdmA.roa
Signing time: Mon 04 Jul 2022 11:59:16 +0000
ROA not before: Mon 04 Jul 2022 11:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39521
IP address blocks: 185.144.56.0/22 maxlen: 24
83.229.113.0/24 maxlen: 24
45.95.40.0/22 maxlen: 22
83.229.23.0/24 maxlen: 24
188.191.48.0/22 maxlen: 22
5.22.204.0/22 maxlen: 22
217.194.153.0/24 maxlen: 24
83.229.34.0/24 maxlen: 24
45.130.100.0/22 maxlen: 22
95.178.107.0/24 maxlen: 24
45.88.5.0/24 maxlen: 24
45.88.6.0/24 maxlen: 24
45.88.7.0/24 maxlen: 24
2a05:e4c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 148610222 (0x8db9cae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Jul 4 11:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=864531a5e9c7fa1468ffbdba50d8744cbc2b7660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:e2:16:02:ec:ea:df:ec:59:3b:b9:04:6a:d9:
00:10:0a:9a:9c:b8:99:26:b1:26:16:2c:da:9b:68:
82:ce:39:fa:0e:93:3a:fb:c1:59:88:c6:1d:a1:09:
8e:28:64:bc:d3:bf:db:2d:b8:20:f8:e6:5d:01:f7:
fa:cc:85:9c:14:f2:d0:9f:9a:ee:57:f5:3a:c5:6f:
c8:0b:44:4c:3f:06:e1:68:e5:cd:6b:d4:48:2a:80:
50:36:96:30:cb:a6:7c:48:64:0e:68:63:2a:84:6d:
51:3b:d6:1b:a5:1c:fb:ae:e9:ab:eb:3b:f1:44:75:
34:26:30:6d:ee:5a:ef:76:93:34:f5:23:b3:33:5a:
16:e7:13:20:13:ad:de:2e:33:e1:5b:7d:da:cf:ed:
13:e9:79:c5:db:6f:c9:51:bd:e3:67:63:4a:81:f0:
16:a5:fb:99:60:26:19:f4:c1:63:ff:54:e9:84:57:
14:6f:1e:e8:32:87:e6:81:5b:cc:0b:ac:bf:ed:36:
f7:a8:02:77:1e:be:93:ef:f0:40:b5:50:51:86:28:
08:8b:45:01:ca:60:fb:d4:89:8b:48:0f:89:1e:f6:
4d:f7:17:a9:20:e5:39:6f:14:56:1f:f0:80:53:db:
2f:05:3e:95:99:57:ea:37:4d:b2:e1:0d:2a:5a:ad:
a6:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:45:31:A5:E9:C7:FA:14:68:FF:BD:BA:50:D8:74:4C:BC:2B:76:60
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/hkUxpenH-hRo_726UNh0TLwrdmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.204.0/22
45.88.5.0-45.88.7.255
45.95.40.0/22
45.130.100.0/22
83.229.23.0/24
83.229.34.0/24
83.229.113.0/24
95.178.107.0/24
185.144.56.0/22
188.191.48.0/22
217.194.153.0/24
IPv6:
2a05:e4c0::/29
Signature Algorithm: sha256WithRSAEncryption
89:5b:a6:f9:b6:53:13:05:e1:db:06:ea:75:59:1a:99:9b:ae:
bf:ab:8e:6c:6e:8b:0a:5a:9e:43:02:36:ae:06:04:95:3d:42:
a9:a3:50:1c:9b:35:ed:0f:3d:84:6a:47:9a:4e:0d:8f:2e:42:
60:72:a2:62:0e:81:f4:4c:aa:d3:95:b0:20:d7:5d:5c:57:6e:
03:bc:0a:58:e9:7a:7a:a0:cb:bc:1c:92:1c:0c:e1:5b:c6:ad:
14:e4:cd:cc:fb:88:f2:8a:2b:9a:1b:62:e6:5c:0a:f5:33:16:
1a:b1:e5:06:a1:e6:5b:98:1c:f6:da:5a:c5:ea:ab:78:0f:82:
6f:3e:35:81:37:19:6c:f8:e9:a1:81:d9:35:6d:4a:8e:a7:12:
c0:5b:7c:08:c6:6a:6f:53:c0:73:e3:dd:81:8e:f0:8f:70:78:
94:3f:37:77:07:00:74:c7:d1:3b:7f:3a:21:f7:00:d0:9f:a6:
40:63:53:5a:d7:d5:f5:ec:04:ff:d1:c2:59:a9:94:c2:33:e8:
6f:e8:e2:99:9f:41:d2:29:4a:9f:40:b3:19:01:80:d6:2b:f5:
09:95:1c:be:85:7d:0b:0d:69:f1:e3:e8:13:f8:d6:18:86:f4:
f4:fa:e4:15:46:c4:a2:bb:82:32:b5:0a:19:46:2b:e0:0c:d2:
d5:bf:34:5a
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIECNucrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2YyMTBmMTI5OWExZTBhZWU3MWRjMWQ3OWU1ZmIxMjA5MmQzMGE5MB4XDTIyMDcw
NDExNTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY0NTMxYTVlOWM3
ZmExNDY4ZmZiZGJhNTBkODc0NGNiYzJiNzY2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALTiFgLs6t/sWTu5BGrZABAKmpy4mSaxJhYs2ptogs45+g6T
OvvBWYjGHaEJjihkvNO/2y24IPjmXQH3+syFnBTy0J+a7lf1OsVvyAtETD8G4Wjl
zWvUSCqAUDaWMMumfEhkDmhjKoRtUTvWG6Uc+67pq+s78UR1NCYwbe5a73aTNPUj
szNaFucTIBOt3i4z4Vt92s/tE+l5xdtvyVG942djSoHwFqX7mWAmGfTBY/9U6YRX
FG8e6DKH5oFbzAusv+0296gCdx6+k+/wQLVQUYYoCItFAcpg+9SJi0gPiR72TfcX
qSDlOW8UVh/wgFPbLwU+lZlX6jdNsuENKlqtpg8CAwEAAaOCAlwwggJYMB0GA1Ud
DgQWBBSGRTGl6cf6FGj/vbpQ2HRMvCt2YDAfBgNVHSMEGDAWgBRz8hDxKZoeCu5x
3B155fsSCS0wqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NfSVE4U21hSGdydWNkd2RlZVg3RWdrdE1Lay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZGIxYjQ4LTFjYzUtNDgzMy05M2Q5LWI5NDY0NzE4YmEzNy8x
L2hrVXhwZW5ILWhSb183MjZVTmgwVEx3cmRtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZGIxYjQ4LTFjYzUtNDgzMy05M2Q5LWI5NDY0NzE4YmEzNy8xL2NfSVE4U21hSGdy
dWNkd2RlZVg3RWdrdE1Lay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBy
BggrBgEFBQcBBwEB/wRjMGEwUAQCAAEwSgMEAgUWzDAMAwQALVgFAwQDLVgAAwQC
LV8oAwQCLYJkAwQAU+UXAwQAU+UiAwQAU+VxAwQAX7JrAwQCuZA4AwQCvL8wAwQA
2cKZMA0EAgACMAcDBQMqBeTAMA0GCSqGSIb3DQEBCwUAA4IBAQCJW6b5tlMTBeHb
Bup1WRqZm66/q45sbosKWp5DAjauBgSVPUKpo1AcmzXtDz2EakeaTg2PLkJgcqJi
DoH0TKrTlbAg111cV24DvApY6Xp6oMu8HJIcDOFbxq0U5M3M+4jyiiuaG2LmXAr1
MxYaseUGoeZbmBz22lrF6qt4D4JvPjWBNxls+Omhgdk1bUqOpxLAW3wIxmpvU8Bz
492BjvCPcHiUPzd3BwB0x9E7fzoh9wDQn6ZAY1Na19X17AT/0cJZqZTCM+hv6OKZ
n0HSKUqfQLMZAYDWK/UJlRy+hX0LDWnx4+gT+NYYhvT0+uQVRsSiu4IytQoZRivg
DNLVvzRa
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:07 2024 by rpki-client on console-fra.rpki-client.org