Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/HPMNB36TDR1los5YD_E_KFLmeCU.roa
File: HPMNB36TDR1los5YD_E_KFLmeCU.roa (raw, json)
Hash identifier: VloePf6g5NPkHg1AmsXP3xeFFbSc/E70kJiVkD+m3Gw=
Subject key identifier: 1C:F3:0D:07:7E:93:0D:1D:65:A2:CE:58:0F:F1:3F:28:52:E6:78:25
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 035FAB77
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/HPMNB36TDR1los5YD_E_KFLmeCU.roa
Signing time: Sat 01 Jan 2022 01:53:23 +0000
ROA not before: Sat 01 Jan 2022 01:53:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208677
IP address blocks: 37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
178.170.242.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
37.230.139.0/24 maxlen: 24
37.18.102.0/24 maxlen: 24
37.18.100.0/23 maxlen: 23
37.18.107.0/24 maxlen: 24
37.18.112.0/23 maxlen: 23
37.18.108.0/22 maxlen: 22
37.18.115.0/24 maxlen: 24
37.18.114.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.18.122.0/24 maxlen: 24
37.230.186.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.180.0/23 maxlen: 23
46.243.206.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
37.18.72.0/23 maxlen: 23
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
94.139.252.0/22 maxlen: 22
178.170.192.0/22 maxlen: 22
178.170.191.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
141.101.201.0/24 maxlen: 24
45.89.224.0/22 maxlen: 22
2a0c:2b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56601463 (0x35fab77)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Jan 1 01:53:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cf30d077e930d1d65a2ce580ff13f2852e67825
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b5:7a:c4:97:ac:98:d5:ca:7c:9d:6b:28:fd:
06:05:89:10:ef:4a:c6:3b:48:bb:89:56:30:25:7b:
79:4c:1a:14:73:23:af:3f:c2:bd:be:25:d2:77:9d:
c4:8f:10:d7:30:4d:84:3d:90:30:86:9e:4a:4e:03:
80:b5:84:30:65:8d:88:a8:c3:11:09:3e:aa:a0:6d:
83:86:54:d0:47:ad:b0:1c:df:f6:8d:c7:c0:a2:16:
79:81:48:b1:29:e4:54:78:1c:a8:86:f5:1c:10:3d:
7f:55:7b:e9:14:9c:48:f2:33:31:a2:6f:26:68:2c:
2e:10:f5:20:32:bb:f7:30:f2:4e:10:7c:c2:20:e2:
d6:30:a8:ad:13:33:2e:bd:a7:aa:c4:d1:b6:7d:22:
f3:a0:63:b9:73:80:5e:49:b8:1c:eb:55:42:76:7e:
1d:03:58:3e:b1:ab:b3:36:b8:a5:5b:98:37:b0:62:
79:01:14:d1:3a:1b:ac:bb:85:15:c7:b5:48:ca:da:
f3:16:b6:68:48:b4:af:2a:45:7c:26:c5:9a:a5:3e:
0a:42:79:74:f9:4d:4f:53:b1:a7:99:ff:8b:27:23:
a0:ff:1e:0f:be:21:39:67:62:3c:d9:63:17:02:88:
b2:20:42:dd:28:d2:14:fa:5f:ee:d2:33:7e:8d:70:
ed:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F3:0D:07:7E:93:0D:1D:65:A2:CE:58:0F:F1:3F:28:52:E6:78:25
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/HPMNB36TDR1los5YD_E_KFLmeCU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.230.139.0/24
37.230.180.0/23
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
46.243.141.0-46.243.143.255
46.243.201.0/24
46.243.206.0/24
46.243.226.0/23
94.139.252.0/22
141.101.201.0/24
178.170.191.0-178.170.195.255
178.170.242.0/24
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
24:82:1c:75:c9:0b:e9:2c:3c:b5:3f:59:5d:4a:88:66:44:3c:
8e:dc:00:da:c3:52:3e:29:59:e8:5c:05:13:8b:91:68:ee:2e:
b3:c3:29:01:22:c5:41:db:35:92:4a:32:22:6f:de:1a:aa:1a:
86:aa:1a:4b:6c:29:20:63:11:fc:3b:34:d6:0e:6c:29:20:11:
e3:a2:7b:33:06:43:3e:38:e8:12:70:17:07:42:d7:6e:18:5b:
aa:67:10:d0:b4:81:08:3a:31:ce:9e:6b:ba:70:3b:77:87:a4:
6e:65:fa:38:3b:34:7a:f7:f5:5b:dc:ad:91:ce:c3:8e:30:ab:
c4:63:1b:fa:59:88:02:09:2a:9c:ac:d2:57:e4:95:a9:d1:66:
cf:bc:20:45:4c:9b:e6:f5:ed:1e:ab:05:c1:24:f8:c4:27:52:
7c:c2:9d:1d:a1:4f:c0:f5:b1:e0:dd:24:96:df:56:9e:e0:e5:
8c:56:64:dc:c8:6c:9d:93:58:40:97:16:60:d5:41:3d:0d:78:
22:3f:8c:e3:2d:41:fa:71:06:8b:47:57:90:87:43:21:06:30:
0f:ba:a2:95:30:cc:40:ed:a7:72:54:d2:9b:cf:bd:da:af:67:
48:d3:ef:66:5a:fe:68:7c:fb:d0:1d:30:cc:88:98:01:a0:3c:
20:a4:a4:89
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgIEA1+rdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTE5ZTFmM2ZlNjliNGViZGZmMDJhOWE4NTdlN2M2YzJiMjUzMDFhMB4XDTIyMDEw
MTAxNTMyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNmMzBkMDc3ZTkz
MGQxZDY1YTJjZTU4MGZmMTNmMjg1MmU2NzgyNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKW1esSXrJjVynydayj9BgWJEO9KxjtIu4lWMCV7eUwaFHMj
rz/Cvb4l0nedxI8Q1zBNhD2QMIaeSk4DgLWEMGWNiKjDEQk+qqBtg4ZU0EetsBzf
9o3HwKIWeYFIsSnkVHgcqIb1HBA9f1V76RScSPIzMaJvJmgsLhD1IDK79zDyThB8
wiDi1jCorRMzLr2nqsTRtn0i86BjuXOAXkm4HOtVQnZ+HQNYPrGrsza4pVuYN7Bi
eQEU0TobrLuFFce1SMra8xa2aEi0rypFfCbFmqU+CkJ5dPlNT1Oxp5n/iycjoP8e
D74hOWdiPNljFwKIsiBC3SjSFPpf7tIzfo1w7eMCAwEAAaOCAscwggLDMB0GA1Ud
DgQWBBQc8w0HfpMNHWWizlgP8T8oUuZ4JTAfBgNVHSMEGDAWgBT5GeHz/mm069/w
KpqFfnxsKyUwGjAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxUL2Y2LzFjOTgwOS0xZjYwLTQzYzItODEwMy1kYWQwNDIwYjg1ZDMv
MS9IUE1OQjM2VERSMWxvczVZRF9FX0tGTG1lQ1Uucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Y2
LzFjOTgwOS0xZjYwLTQzYzItODEwMy1kYWQwNDIwYjg1ZDMvMS8xLVJuaDhfNXB0
T3ZmOENxYWhYNThiQ3NsTUJvLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MIHaBggrBgEFBQcBBwEB/wSByjCBxzCBtQQCAAEwga4wDAMEAyUSCAMEACUSCgME
ACUSFgMEASUSSDAMAwQCJRJkAwQAJRJmMAwDBAAlEmsDBAAlEnoDBAAl5osDBAEl
5rQwDAMEAyXmuAMEACXmugMEAyXmwAMEACXm4AMEACXm6QMEAi0JGAMEAi1Z4DAM
AwQALvONAwQELvOAAwQALvPJAwQALvPOAwQBLvPiAwQCXov8AwQAjWXJMAwDBACy
qr8DBAKyqsADBACyqvIwDQQCAAIwBwMFAyoMK4AwDQYJKoZIhvcNAQELBQADggEB
ACSCHHXJC+ksPLU/WV1KiGZEPI7cANrDUj4pWehcBROLkWjuLrPDKQEixUHbNZJK
MiJv3hqqGoaqGktsKSBjEfw7NNYObCkgEeOiezMGQz446BJwFwdC124YW6pnENC0
gQg6Mc6ea7pwO3eHpG5l+jg7NHr39VvcrZHOw44wq8RjG/pZiAIJKpys0lfklanR
Zs+8IEVMm+b17R6rBcEk+MQnUnzCnR2hT8D1seDdJJbfVp7g5YxWZNzIbJ2TWECX
FmDVQT0NeCI/jOMtQfpxBotHV5CHQyEGMA+6opUwzEDtp3JU0pvPvdqvZ0jT72Za
/mh8+9AdMMyImAGgPCCkpIk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:52 2024 by rpki-client on console-fra.rpki-client.org