Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ihp_q4EBdHz0G2q3GaOXlq05Zuk.roa
File: ihp_q4EBdHz0G2q3GaOXlq05Zuk.roa (raw, json)
Hash identifier: LdrDFXK5++2w+deUP5BwqM8ru37e4+E6ZmKeYxBM3LA=
Subject key identifier: 8A:1A:7F:AB:81:01:74:7C:F4:1B:6A:B7:19:A3:97:96:AD:39:66:E9
Certificate issuer: /CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Certificate serial: 07CED94B
Authority key identifier: 73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ihp_q4EBdHz0G2q3GaOXlq05Zuk.roa
Signing time: Wed 16 Mar 2022 20:46:29 +0000
ROA not before: Wed 16 Mar 2022 20:46:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39521
IP address blocks: 185.144.56.0/22 maxlen: 24
45.130.100.0/22 maxlen: 22
95.178.107.0/24 maxlen: 24
45.10.16.0/22 maxlen: 22
45.95.40.0/22 maxlen: 22
45.88.5.0/24 maxlen: 24
45.88.6.0/24 maxlen: 24
45.88.7.0/24 maxlen: 24
188.191.48.0/22 maxlen: 22
5.22.204.0/22 maxlen: 22
193.57.94.0/23 maxlen: 23
2a05:e4c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 130996555 (0x7ced94b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73f210f1299a1e0aee71dc1d79e5fb12092d30a9
Validity
Not Before: Mar 16 20:46:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8a1a7fab8101747cf41b6ab719a39796ad3966e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:53:9d:3e:26:12:ff:a6:81:ce:77:0e:ff:96:
27:bc:7f:4e:c0:d4:52:62:97:c1:51:c7:c4:4a:41:
cc:18:35:f4:a9:ce:cf:09:bc:c9:06:a3:17:16:6f:
c5:7b:ee:bb:8f:68:d8:31:7b:d5:be:ff:cf:77:c1:
b6:78:37:6b:df:c9:80:be:5e:c8:07:2e:fc:9b:70:
15:08:99:dc:4a:51:51:c2:c5:63:64:80:12:3d:28:
99:96:74:3c:2e:00:23:87:db:ff:55:33:c9:4d:b7:
52:3a:1e:1c:84:2c:0b:f0:87:3a:95:9b:21:57:4a:
51:9b:c1:31:d4:ca:9a:d1:8f:07:82:3f:52:32:f1:
b6:54:b8:41:26:eb:e9:77:bc:a0:ba:2e:f2:eb:34:
d4:b8:cc:f1:4a:8b:f4:f0:db:c5:47:f3:5e:94:65:
1d:dd:f7:13:f9:3c:00:5e:ee:8a:66:1d:2b:86:f9:
b8:c7:0e:b5:e9:ad:e6:bb:de:29:e6:fd:b4:03:5b:
e5:af:4c:1e:69:13:aa:af:6f:55:17:98:60:ba:55:
38:bd:26:d2:b3:6a:5f:a5:eb:1c:7e:df:ed:f5:20:
06:1e:02:08:db:74:3c:b2:9a:4c:fb:d8:6a:c4:e0:
1e:e8:38:ab:d4:2c:22:63:f4:6e:a8:55:77:8a:3a:
c5:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1A:7F:AB:81:01:74:7C:F4:1B:6A:B7:19:A3:97:96:AD:39:66:E9
X509v3 Authority Key Identifier:
keyid:73:F2:10:F1:29:9A:1E:0A:EE:71:DC:1D:79:E5:FB:12:09:2D:30:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c_IQ8SmaHgrucdwdeeX7EgktMKk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/ihp_q4EBdHz0G2q3GaOXlq05Zuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/db1b48-1cc5-4833-93d9-b9464718ba37/1/c_IQ8SmaHgrucdwdeeX7EgktMKk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.204.0/22
45.10.16.0/22
45.88.5.0-45.88.7.255
45.95.40.0/22
45.130.100.0/22
95.178.107.0/24
185.144.56.0/22
188.191.48.0/22
193.57.94.0/23
IPv6:
2a05:e4c0::/29
Signature Algorithm: sha256WithRSAEncryption
6f:b9:0b:fe:f6:b3:8f:bf:2a:a9:e0:b7:fc:e3:79:5d:63:bc:
96:11:b0:40:f3:00:02:80:e5:b2:c6:47:35:ae:56:4c:10:07:
fb:2f:0f:a0:f7:91:85:87:11:a3:86:44:cb:44:49:04:1c:d3:
4d:68:31:a9:62:53:d0:21:c0:24:18:18:09:c3:0d:dd:79:1f:
c7:67:7b:7a:10:23:e1:75:a9:52:b1:e5:5e:4d:48:9c:57:bd:
6f:d2:99:35:cc:60:83:eb:9a:d7:9c:59:27:07:65:e4:40:ee:
17:27:4e:5e:af:36:54:4f:19:83:82:79:8d:1e:4f:d2:db:e2:
de:8f:e6:be:28:1c:f6:b2:90:96:3a:8d:78:7e:8f:8a:50:f8:
93:32:ab:83:04:9f:6d:16:84:6c:4a:cb:72:b9:e8:4a:80:07:
3d:43:d1:e7:32:e4:94:b6:10:77:cf:ee:6f:bd:3c:8e:80:9d:
2c:eb:d2:90:de:d7:f8:ea:36:f5:83:4f:9e:be:ef:ff:1b:c5:
85:cc:6a:d2:e2:2d:c2:e8:9b:15:16:38:ce:01:3e:c0:b6:28:
b1:5d:79:ff:7d:7d:61:87:73:24:5a:97:1c:9b:ce:42:af:6e:
5d:2f:b7:9c:e9:09:b1:5d:7c:20:87:03:95:9c:96:f0:4d:7b:
d0:28:0d:7c
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIEB87ZSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
M2YyMTBmMTI5OWExZTBhZWU3MWRjMWQ3OWU1ZmIxMjA5MmQzMGE5MB4XDTIyMDMx
NjIwNDYyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOGExYTdmYWI4MTAx
NzQ3Y2Y0MWI2YWI3MTlhMzk3OTZhZDM5NjZlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVTnT4mEv+mgc53Dv+WJ7x/TsDUUmKXwVHHxEpBzBg19KnO
zwm8yQajFxZvxXvuu49o2DF71b7/z3fBtng3a9/JgL5eyAcu/JtwFQiZ3EpRUcLF
Y2SAEj0omZZ0PC4AI4fb/1UzyU23UjoeHIQsC/CHOpWbIVdKUZvBMdTKmtGPB4I/
UjLxtlS4QSbr6Xe8oLou8us01LjM8UqL9PDbxUfzXpRlHd33E/k8AF7uimYdK4b5
uMcOtemt5rveKeb9tANb5a9MHmkTqq9vVReYYLpVOL0m0rNqX6XrHH7f7fUgBh4C
CNt0PLKaTPvYasTgHug4q9QsImP0bqhVd4o6xXkCAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBSKGn+rgQF0fPQbarcZo5eWrTlm6TAfBgNVHSMEGDAWgBRz8hDxKZoeCu5x
3B155fsSCS0wqTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NfSVE4U21hSGdydWNkd2RlZVg3RWdrdE1Lay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvZGIxYjQ4LTFjYzUtNDgzMy05M2Q5LWI5NDY0NzE4YmEzNy8x
L2locF9xNEVCZEh6MEcycTNHYU9YbHEwNVp1ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
ZGIxYjQ4LTFjYzUtNDgzMy05M2Q5LWI5NDY0NzE4YmEzNy8xL2NfSVE4U21hSGdy
dWNkd2RlZVg3RWdrdE1Lay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwRAQCAAEwPgMEAgUWzAMEAi0KEDAMAwQALVgFAwQD
LVgAAwQCLV8oAwQCLYJkAwQAX7JrAwQCuZA4AwQCvL8wAwQBwTleMA0EAgACMAcD
BQMqBeTAMA0GCSqGSIb3DQEBCwUAA4IBAQBvuQv+9rOPvyqp4Lf843ldY7yWEbBA
8wACgOWyxkc1rlZMEAf7Lw+g95GFhxGjhkTLREkEHNNNaDGpYlPQIcAkGBgJww3d
eR/HZ3t6ECPhdalSseVeTUicV71v0pk1zGCD65rXnFknB2XkQO4XJ05erzZUTxmD
gnmNHk/S2+Lej+a+KBz2spCWOo14fo+KUPiTMquDBJ9tFoRsSstyuehKgAc9Q9Hn
MuSUthB3z+5vvTyOgJ0s69KQ3tf46jb1g0+evu//G8WFzGrS4i3C6JsVFjjOAT7A
tiixXXn/fX1hh3MkWpccm85Cr25dL7ec6QmxXXwghwOVnJbwTXvQKA18
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:26 2024 by rpki-client on console-ams.rpki-client.org