Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/HDZ_CUGUBDI9lJuKSPr5dsFcPOU.roa
File: HDZ_CUGUBDI9lJuKSPr5dsFcPOU.roa (raw, json)
Hash identifier: l0sC37WTVgEI1dP31H7dTHAnL7KKFDNDTQ6dUKzoRjM=
Subject key identifier: 1C:36:7F:09:41:94:04:32:3D:94:9B:8A:48:FA:F9:76:C1:5C:3C:E5
Certificate issuer: /CN=a4f8436003d37602026b65531755ca8fcd31bed2
Certificate serial: 0181D429A792A73B97F825332DE557406C31
Authority key identifier: A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/HDZ_CUGUBDI9lJuKSPr5dsFcPOU.roa
Signing time: Wed 06 Jul 2022 15:38:28 +0000
ROA not before: Wed 06 Jul 2022 15:38:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31027
IP address blocks: 93.176.64.0/18 maxlen: 18
193.105.149.0/24 maxlen: 24
80.88.128.0/20 maxlen: 20
80.243.112.0/20 maxlen: 20
5.56.144.0/20 maxlen: 20
89.221.160.0/20 maxlen: 20
193.105.116.0/24 maxlen: 24
87.116.0.0/18 maxlen: 18
212.60.120.0/21 maxlen: 21
83.151.128.0/18 maxlen: 18
83.136.88.0/21 maxlen: 21
77.233.224.0/19 maxlen: 19
130.185.128.0/20 maxlen: 20
94.18.211.0/24 maxlen: 24
217.195.176.0/20 maxlen: 20
217.195.178.0/24 maxlen: 24
62.12.32.0/20 maxlen: 20
78.153.160.0/19 maxlen: 19
62.12.48.0/21 maxlen: 21
185.67.128.0/22 maxlen: 22
82.192.160.0/19 maxlen: 19
37.49.128.0/20 maxlen: 20
212.98.96.0/24 maxlen: 24
185.20.240.0/22 maxlen: 22
195.140.132.0/22 maxlen: 22
217.74.208.0/20 maxlen: 20
188.120.80.0/21 maxlen: 21
5.179.80.0/20 maxlen: 20
92.62.192.0/20 maxlen: 20
194.182.96.0/21 maxlen: 21
62.116.192.0/19 maxlen: 19
217.116.208.0/20 maxlen: 20
46.32.156.0/22 maxlen: 22
2a02:188::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:d4:29:a7:92:a7:3b:97:f8:25:33:2d:e5:57:40:6c:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4f8436003d37602026b65531755ca8fcd31bed2
Validity
Not Before: Jul 6 15:38:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c367f09419404323d949b8a48faf976c15c3ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:b6:23:aa:44:2f:86:0b:8c:15:e6:7e:c9:30:
66:04:bc:57:de:76:67:d6:cf:dc:ba:65:bb:9e:0b:
d1:fb:cf:7a:1f:c3:93:e1:69:8f:ae:f8:ac:3d:2d:
d5:8a:4f:4f:7f:92:31:ce:29:e2:26:42:0c:56:a7:
77:d6:6b:da:33:ea:58:9b:6d:bc:7e:93:36:b4:e0:
08:b3:01:c9:e6:b9:4e:72:1a:8d:6e:8a:1a:9c:1b:
ad:e1:3e:51:4c:bc:9d:72:e0:fc:bc:2f:ec:38:92:
73:ad:f6:5d:be:19:2f:c5:3e:e2:73:92:d7:76:2f:
1e:68:18:8e:23:49:58:25:c2:e5:9d:e0:8b:a0:02:
21:37:d4:6c:ac:b1:d1:c8:c0:a4:36:2d:db:fe:bf:
98:b9:50:d2:b2:d5:4e:d9:b1:5e:53:f8:4f:79:04:
27:9c:96:30:7d:87:32:35:d7:c7:eb:f5:99:59:9c:
b9:d6:09:ee:ea:ab:13:0f:7d:e1:71:7f:55:55:10:
4b:16:5f:ff:c6:40:23:bf:0c:b6:0c:0d:7d:0b:45:
91:60:ec:6e:02:e8:8f:c5:39:e7:7d:c3:4d:1a:88:
4e:9c:f3:34:10:30:c4:1e:96:eb:6e:a0:26:8c:e9:
15:8f:c3:5f:f1:f4:f8:7a:26:1c:8f:73:f8:78:f6:
64:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:36:7F:09:41:94:04:32:3D:94:9B:8A:48:FA:F9:76:C1:5C:3C:E5
X509v3 Authority Key Identifier:
keyid:A4:F8:43:60:03:D3:76:02:02:6B:65:53:17:55:CA:8F:CD:31:BE:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pPhDYAPTdgICa2VTF1XKj80xvtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/HDZ_CUGUBDI9lJuKSPr5dsFcPOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/515608-5012-4a40-b324-27bf83cded6b/1/pPhDYAPTdgICa2VTF1XKj80xvtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.144.0/20
5.179.80.0/20
37.49.128.0/20
46.32.156.0/22
62.12.32.0-62.12.55.255
62.116.192.0/19
77.233.224.0/19
78.153.160.0/19
80.88.128.0/20
80.243.112.0/20
82.192.160.0/19
83.136.88.0/21
83.151.128.0/18
87.116.0.0/18
89.221.160.0/20
92.62.192.0/20
93.176.64.0/18
94.18.211.0/24
130.185.128.0/20
185.20.240.0/22
185.67.128.0/22
188.120.80.0/21
193.105.116.0/24
193.105.149.0/24
194.182.96.0/21
195.140.132.0/22
212.60.120.0/21
212.98.96.0/24
217.74.208.0/20
217.116.208.0/20
217.195.176.0/20
IPv6:
2a02:188::/29
Signature Algorithm: sha256WithRSAEncryption
58:8c:be:f8:8f:7b:d4:0a:e8:39:ca:49:8f:44:94:d9:30:92:
d4:40:f3:3c:de:17:4a:8a:13:35:5a:af:53:d1:14:93:72:e5:
88:b3:72:70:cf:0f:1f:f1:4a:57:3b:3b:1f:d2:50:3f:12:85:
fb:8c:a7:c0:04:ef:18:67:51:a1:cc:57:3a:65:3a:86:88:dd:
7f:9c:ab:a9:39:f4:7d:fb:e2:07:b5:73:cf:e2:57:e5:6f:12:
fa:51:9e:f5:11:f9:60:e6:39:e5:59:40:09:a1:0c:26:21:7f:
d2:28:5b:c9:3b:c8:7b:06:53:91:91:16:3f:03:e6:2e:fc:8d:
5a:4b:da:e2:c0:d9:3a:a5:c9:1a:2e:b3:1a:34:8e:50:73:79:
2b:d4:78:fa:ea:5c:63:dc:b1:83:dc:48:13:8c:16:6b:08:3b:
e5:14:78:25:23:a0:54:8e:20:ef:1f:de:dd:80:44:f8:ce:cd:
6d:e8:b8:73:d7:0d:d9:d3:0e:f2:34:96:24:43:20:1f:2b:20:
2b:a3:b6:eb:51:16:55:9f:6b:3a:27:11:2f:95:b0:b7:32:a7:
4f:79:76:48:e7:21:27:a2:9a:6a:da:e7:29:b8:e8:cb:c8:b0:
0c:c5:a0:d5:e8:be:c9:c9:8c:1c:95:cc:41:92:74:a9:94:93:
a8:72:eb:df
-----BEGIN CERTIFICATE-----
MIIFzTCCBLWgAwIBAgISAYHUKaeSpzuX+CUzLeVXQGwxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Zjg0MzYwMDNkMzc2MDIwMjZiNjU1MzE3NTVjYThmY2Qz
MWJlZDIwHhcNMjIwNzA2MTUzODI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzM2N2YwOTQxOTQwNDMyM2Q5NDliOGE0OGZhZjk3NmMxNWMzY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2rYjqkQvhguMFeZ+yTBmBLxX3nZn
1s/cumW7ngvR+896H8OT4WmPrvisPS3Vik9Pf5IxziniJkIMVqd31mvaM+pYm228
fpM2tOAIswHJ5rlOchqNbooanBut4T5RTLydcuD8vC/sOJJzrfZdvhkvxT7ic5LX
di8eaBiOI0lYJcLlneCLoAIhN9RsrLHRyMCkNi3b/r+YuVDSstVO2bFeU/hPeQQn
nJYwfYcyNdfH6/WZWZy51gnu6qsTD33hcX9VVRBLFl//xkAjvwy2DA19C0WRYOxu
AuiPxTnnfcNNGohOnPM0EDDEHpbrbqAmjOkVj8Nf8fT4eiYcj3P4ePZkOQIDAQAB
o4IC2TCCAtUwHQYDVR0OBBYEFBw2fwlBlAQyPZSbikj6+XbBXDzlMB8GA1UdIwQY
MBaAFKT4Q2AD03YCAmtlUxdVyo/NMb7SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQt
MjdiZjgzY2RlZDZiLzEvSERaX0NVR1VCREk5bEp1S1NQcjVkc0ZjUE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81MTU2MDgtNTAxMi00YTQwLWIzMjQtMjdiZjgzY2RlZDZi
LzEvcFBoRFlBUFRkZ0lDYTJWVEYxWEtqODB4dnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHuBggrBgEFBQcBBwEB/wSB3jCB2zCByQQCAAEwgcIDBAQF
OJADBAQFs1ADBAQlMYADBAIuIJwwDAMEBT4MIAMEAz4MMAMEBT50wAMEBU3p4AME
BU6ZoAMEBFBYgAMEBFDzcAMEBVLAoAMEA1OIWAMEBlOXgAMEBld0AAMEBFndoAME
BFw+wAMEBl2wQAMEAF4S0wMEBIK5gAMEArkU8AMEArlDgAMEA7x4UAMEAMFpdAME
AMFplQMEA8K2YAMEAsOMhAMEA9Q8eAMEANRiYAMEBNlK0AMEBNl00AMEBNnDsDAN
BAIAAjAHAwUDKgIBiDANBgkqhkiG9w0BAQsFAAOCAQEAWIy++I971AroOcpJj0SU
2TCS1EDzPN4XSooTNVqvU9EUk3LliLNycM8PH/FKVzs7H9JQPxKF+4ynwATvGGdR
ocxXOmU6hojdf5yrqTn0ffviB7Vzz+JX5W8S+lGe9RH5YOY55VlACaEMJiF/0ihb
yTvIewZTkZEWPwPmLvyNWkva4sDZOqXJGi6zGjSOUHN5K9R4+upcY9yxg9xIE4wW
awg75RR4JSOgVI4g7x/e3YBE+M7Nbei4c9cN2dMO8jSWJEMgHysgK6O261EWVZ9r
OicRL5WwtzKnT3l2SOchJ6KaatrnKbjoy8iwDMWg1ei+ycmMHJXMQZJ0qZSTqHLr
3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:51 2024 by rpki-client on console-fra.rpki-client.org