Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/HzYfBBpQrCiUQC_9ijeQZpuQyMw.roa
File: HzYfBBpQrCiUQC_9ijeQZpuQyMw.roa (raw, json)
Hash identifier: IOcANv4ty6Cn+qubUG92uY0d76ObQngDKQbV2Ie1bGM=
Subject key identifier: 1F:36:1F:04:1A:50:AC:28:94:40:2F:FD:8A:37:90:66:9B:90:C8:CC
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 1989C811
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/HzYfBBpQrCiUQC_9ijeQZpuQyMw.roa
Signing time: Fri 03 Jun 2022 15:20:20 +0000
ROA not before: Fri 03 Jun 2022 15:20:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9127
IP address blocks: 82.146.4.0/23 maxlen: 24
212.72.192.0/24 maxlen: 24
212.72.192.0/22 maxlen: 22
84.238.164.0/24 maxlen: 24
84.238.166.0/24 maxlen: 24
82.146.8.0/23 maxlen: 24
212.72.196.0/23 maxlen: 23
82.146.10.0/24 maxlen: 24
212.72.204.0/24 maxlen: 24
212.72.200.0/23 maxlen: 23
82.146.14.0/24 maxlen: 24
212.72.213.0/24 maxlen: 24
212.72.208.0/22 maxlen: 22
213.130.94.0/24 maxlen: 24
212.72.215.0/24 maxlen: 24
82.146.30.0/24 maxlen: 24
212.72.216.0/22 maxlen: 22
212.72.220.0/24 maxlen: 24
212.72.222.0/23 maxlen: 23
213.130.70.0/23 maxlen: 23
213.130.72.0/23 maxlen: 23
213.130.75.0/24 maxlen: 24
2a00:e40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 428460049 (0x1989c811)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jun 3 15:20:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f361f041a50ac2894402ffd8a3790669b90c8cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:11:fa:02:62:61:12:f9:16:01:92:1f:bc:51:
b5:98:48:a7:02:6d:4b:0a:39:d2:55:7d:f9:24:09:
7d:1c:b7:c6:0f:2c:38:f4:8e:25:5d:91:e8:25:2f:
33:23:50:10:00:cd:32:07:72:2e:44:a7:39:b3:48:
d4:fe:f5:5a:0a:77:4b:d0:2a:fc:a0:7d:7c:6a:a7:
b9:b5:22:2b:0e:21:05:e0:fa:dc:26:47:af:46:80:
37:b8:fe:59:92:72:3e:82:97:df:ab:dd:f7:7b:35:
6e:37:79:52:3d:5a:af:b4:33:0c:ed:76:9b:be:ae:
a5:ec:73:f3:70:68:3f:9b:7e:3f:1c:24:76:74:77:
dd:77:4f:97:87:83:35:2c:67:fa:f9:bc:0c:f8:d9:
d9:12:2a:5f:cb:a6:11:2b:6e:e3:6c:e3:0b:67:3f:
5a:8a:a0:3e:c0:99:5f:1b:70:37:57:c6:ea:41:d2:
0d:84:5a:1d:05:19:35:8c:dd:d0:7b:06:33:19:78:
27:c3:78:8f:3f:6e:ea:3d:ce:45:20:06:c9:d2:7c:
0a:40:d8:5d:00:ff:2b:0d:76:94:82:1e:2f:6e:1f:
9c:0f:f8:72:b2:8e:ab:48:14:03:a3:3c:d5:42:9f:
c6:18:33:6f:9a:a1:34:b6:75:30:15:6f:fc:9b:61:
4d:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:36:1F:04:1A:50:AC:28:94:40:2F:FD:8A:37:90:66:9B:90:C8:CC
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/HzYfBBpQrCiUQC_9ijeQZpuQyMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.4.0/23
82.146.8.0-82.146.10.255
82.146.14.0/24
82.146.30.0/24
84.238.164.0/24
84.238.166.0/24
212.72.192.0-212.72.197.255
212.72.200.0/23
212.72.204.0/24
212.72.208.0/22
212.72.213.0/24
212.72.215.0-212.72.220.255
212.72.222.0/23
213.130.70.0-213.130.73.255
213.130.75.0/24
213.130.94.0/24
IPv6:
2a00:e40::/32
Signature Algorithm: sha256WithRSAEncryption
0f:d5:6b:72:93:85:49:91:88:bb:80:9d:78:e3:57:7d:ae:a8:
57:28:49:88:32:94:3e:9e:05:b0:1e:f7:44:b9:ba:c1:7c:34:
64:98:40:b5:fd:8d:aa:1d:dc:b8:a5:4a:2a:9f:bb:35:7e:0a:
5e:35:97:5b:11:f5:2a:34:9a:a4:38:ca:50:cd:c5:f9:22:15:
51:30:10:3e:6f:11:86:9a:30:0d:86:7b:4b:e0:a4:0c:8c:60:
11:05:3b:ce:43:88:2c:a9:59:aa:d5:b9:f5:13:d9:82:2c:8f:
4b:53:85:8a:4a:2a:59:8b:fd:99:d3:59:67:6a:a2:fb:ec:11:
52:82:d1:69:f1:b4:5e:e7:bb:25:fd:c2:97:7d:56:5f:57:6b:
6b:bd:36:40:bd:07:ea:cc:c4:ed:9c:a9:b5:e2:03:cf:c3:7a:
19:93:e1:1c:af:c8:69:08:03:5e:4e:8a:6f:86:b8:00:ee:73:
1f:bd:6a:31:7b:54:5e:bc:58:bf:6d:e5:b8:cc:cf:a5:af:60:
0f:63:ff:02:78:05:2e:20:78:f7:97:0e:c6:62:16:ef:5b:8b:
84:1c:65:e6:35:7d:9f:9f:6f:82:c1:70:a4:2e:ed:db:e5:70:
f2:b7:5e:3b:bc:0a:1a:96:86:13:02:17:c1:83:77:d8:ce:83:
4a:6d:de:5d
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgIEGYnIETANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGIyZjRmYTUxNjNhZjk2MTY4ZTg4ZmJmOWNiNGVkMWVkOGZiNGM0MB4XDTIyMDYw
MzE1MjAyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWYzNjFmMDQxYTUw
YWMyODk0NDAyZmZkOGEzNzkwNjY5YjkwYzhjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANUR+gJiYRL5FgGSH7xRtZhIpwJtSwo50lV9+SQJfRy3xg8s
OPSOJV2R6CUvMyNQEADNMgdyLkSnObNI1P71Wgp3S9Aq/KB9fGqnubUiKw4hBeD6
3CZHr0aAN7j+WZJyPoKX36vd93s1bjd5Uj1ar7QzDO12m76upexz83BoP5t+Pxwk
dnR33XdPl4eDNSxn+vm8DPjZ2RIqX8umEStu42zjC2c/WoqgPsCZXxtwN1fG6kHS
DYRaHQUZNYzd0HsGMxl4J8N4jz9u6j3ORSAGydJ8CkDYXQD/Kw12lIIeL24fnA/4
crKOq0gUA6M81UKfxhgzb5qhNLZ1MBVv/JthTV0CAwEAAaOCApcwggKTMB0GA1Ud
DgQWBBQfNh8EGlCsKJRAL/2KN5Bmm5DIzDAfBgNVHSMEGDAWgBSEsvT6UWOvlhaO
iPv5y07R7Y+0xDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hMTDAtbEZqcjVZV2pvajctY3RPMGUyUHRNUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8x
L0h6WWZCQnBRckNpVVFDXzlpamVRWnB1UXlNdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGFhNzg5LTg3OGItNDcyYi1iODQ3LTg3MmJhMmQ5ZjQ0Yy8xL2hMTDAtbEZqcjVZ
V2pvajctY3RPMGUyUHRNUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
rAYIKwYBBQUHAQcBAf8EgZwwgZkwgYcEAgABMIGAAwQBUpIEMAwDBANSkggDBABS
kgoDBABSkg4DBABSkh4DBABU7qQDBABU7qYwDAMEBtRIwAMEAdRIxAMEAdRIyAME
ANRIzAMEAtRI0AMEANRI1TAMAwQA1EjXAwQA1EjcAwQB1EjeMAwDBAHVgkYDBAHV
gkgDBADVgksDBADVgl4wDQQCAAIwBwMFACoADkAwDQYJKoZIhvcNAQELBQADggEB
AA/Va3KThUmRiLuAnXjjV32uqFcoSYgylD6eBbAe90S5usF8NGSYQLX9jaod3Lil
SiqfuzV+Cl41l1sR9So0mqQ4ylDNxfkiFVEwED5vEYaaMA2Ge0vgpAyMYBEFO85D
iCypWarVufUT2YIsj0tThYpKKlmL/ZnTWWdqovvsEVKC0WnxtF7nuyX9wpd9Vl9X
a2u9NkC9B+rMxO2cqbXiA8/DehmT4RyvyGkIA15Oim+GuADucx+9ajF7VF68WL9t
5bjMz6WvYA9j/wJ4BS4gePeXDsZiFu9bi4QcZeY1fZ+fb4LBcKQu7dvlcPK3Xju8
ChqWhhMCF8GDd9jOg0pt3l0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:38:53 2024 by rpki-client on console-ams.rpki-client.org