Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/HNkl4RbNw-NMSGvnnlVdrNMtTgE.roa
File: HNkl4RbNw-NMSGvnnlVdrNMtTgE.roa (raw, json)
Hash identifier: 0cxISGUNI2vjyauIUDrg1arq+jSDgSV/eDNcvtGkyAM=
Subject key identifier: 1C:D9:25:E1:16:CD:C3:E3:4C:48:6B:E7:9E:55:5D:AC:D3:2D:4E:01
Certificate issuer: /CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Certificate serial: 04C1B103
Authority key identifier: 0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/HNkl4RbNw-NMSGvnnlVdrNMtTgE.roa
Signing time: Thu 12 May 2022 12:43:02 +0000
ROA not before: Thu 12 May 2022 12:43:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 5606
IP address blocks: 128.140.224.0/21 maxlen: 24
109.205.88.0/24 maxlen: 24
109.205.91.0/24 maxlen: 24
109.205.90.0/24 maxlen: 24
109.205.89.0/24 maxlen: 24
109.205.95.0/24 maxlen: 24
194.105.1.0/24 maxlen: 24
2001:4d80::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 79802627 (0x4c1b103)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0af61798dd18965c027afa7f93ae030ff5e1d76e
Validity
Not Before: May 12 12:43:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cd925e116cdc3e34c486be79e555dacd32d4e01
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:44:15:f9:f0:fb:f6:50:d5:18:34:6c:15:eb:
a3:24:a4:99:0f:1d:f2:0b:a1:d4:43:04:97:61:f8:
93:a1:8f:f1:7c:46:21:3f:9e:2a:f9:33:1e:31:36:
e9:2e:97:34:fc:a1:52:4f:fa:0d:e7:cb:05:8d:c3:
a6:ee:a9:37:23:48:26:52:94:78:0e:bd:7c:46:44:
0c:df:71:19:f0:dd:2c:3c:f6:c1:31:01:53:e1:26:
20:d1:fb:34:28:72:be:c7:c8:7f:be:cb:03:5d:68:
df:71:02:3f:1c:12:dd:d6:67:94:3c:83:df:15:79:
d9:28:9e:d5:e0:9a:8a:b2:53:42:f3:af:48:cd:a2:
b6:b8:1f:f2:d0:9b:4e:f6:68:68:01:8c:f6:5b:3c:
28:43:10:60:42:a8:05:ce:94:9d:fb:36:21:aa:05:
26:9e:84:bb:84:56:79:c5:5f:ba:d2:d5:d7:6e:35:
4c:de:27:59:bc:b0:d6:16:1a:f2:4b:b5:0a:ce:9f:
17:cf:ab:e8:05:d6:a8:86:96:7f:21:d0:16:46:44:
6f:11:98:31:79:d5:3e:55:0f:96:54:c1:3b:f0:e9:
40:e2:5f:60:4d:10:ee:f6:07:c3:c9:8f:6d:78:34:
44:cd:ea:83:91:98:ef:85:04:02:15:f5:54:df:68:
72:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D9:25:E1:16:CD:C3:E3:4C:48:6B:E7:9E:55:5D:AC:D3:2D:4E:01
X509v3 Authority Key Identifier:
keyid:0A:F6:17:98:DD:18:96:5C:02:7A:FA:7F:93:AE:03:0F:F5:E1:D7:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CvYXmN0YllwCevp_k64DD_Xh124.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/HNkl4RbNw-NMSGvnnlVdrNMtTgE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/615164-6d96-488a-96ba-d6e1e347f9c7/1/CvYXmN0YllwCevp_k64DD_Xh124.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.88.0/22
109.205.95.0/24
128.140.224.0/21
194.105.1.0/24
IPv6:
2001:4d80::/32
Signature Algorithm: sha256WithRSAEncryption
6b:68:b1:8a:b2:b6:33:fc:41:ff:bf:62:f3:f3:70:9c:c4:65:
2c:7a:f2:e1:c3:12:70:1b:2c:ed:05:e5:61:7f:3b:ac:d7:9b:
64:4d:12:44:05:11:3b:36:32:8c:c0:a3:dd:7e:de:0b:e6:63:
9b:17:93:fa:01:5a:f8:4e:44:34:71:23:87:f7:dc:a6:83:18:
76:f9:58:7b:fd:65:9d:1b:ce:bf:0f:84:ab:1d:50:94:e9:fc:
0d:fc:df:35:2d:bb:da:07:2f:61:63:02:70:58:62:56:87:48:
c9:94:59:0a:b2:1a:96:be:97:aa:f5:52:7a:40:9a:51:40:ac:
c4:77:e5:02:14:3f:a4:3a:19:b3:19:77:34:a7:4e:53:3e:a0:
74:bc:d9:84:09:99:6c:da:ec:2d:ea:c5:44:97:f1:e8:85:48:
c1:de:20:de:28:a4:f1:44:ff:3f:ff:3c:e7:de:dc:67:c9:b4:
37:37:cb:cf:c4:77:9e:1c:7d:99:b8:1d:bc:c5:06:e2:c2:4a:
8a:ab:e8:91:e1:27:1f:b2:58:3d:32:80:0b:98:56:6a:45:39:
12:79:35:d5:51:b1:99:14:7e:40:dd:82:fe:cd:6a:35:e0:96:
95:5a:25:23:ad:ce:2c:a5:02:8c:8b:86:76:90:34:a5:4b:80:
7c:ed:0b:21
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBMGxAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YWY2MTc5OGRkMTg5NjVjMDI3YWZhN2Y5M2FlMDMwZmY1ZTFkNzZlMB4XDTIyMDUx
MjEyNDMwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNkOTI1ZTExNmNk
YzNlMzRjNDg2YmU3OWU1NTVkYWNkMzJkNGUwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMdEFfnw+/ZQ1Rg0bBXroySkmQ8d8guh1EMEl2H4k6GP8XxG
IT+eKvkzHjE26S6XNPyhUk/6DefLBY3Dpu6pNyNIJlKUeA69fEZEDN9xGfDdLDz2
wTEBU+EmINH7NChyvsfIf77LA11o33ECPxwS3dZnlDyD3xV52Sie1eCairJTQvOv
SM2itrgf8tCbTvZoaAGM9ls8KEMQYEKoBc6Unfs2IaoFJp6Eu4RWecVfutLV1241
TN4nWbyw1hYa8ku1Cs6fF8+r6AXWqIaWfyHQFkZEbxGYMXnVPlUPllTBO/DpQOJf
YE0Q7vYHw8mPbXg0RM3qg5GY74UEAhX1VN9ocqsCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQc2SXhFs3D40xIa+eeVV2s0y1OATAfBgNVHSMEGDAWgBQK9heY3RiWXAJ6
+n+TrgMP9eHXbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0N2WVhtTjBZbGx3Q2V2cF9rNjRERF9YaDEyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGQvNjE1MTY0LTZkOTYtNDg4YS05NmJhLWQ2ZTFlMzQ3ZjljNy8x
L0hOa2w0UmJOdy1OTVNHdm5ubFZkck5NdFRnRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGQv
NjE1MTY0LTZkOTYtNDg4YS05NmJhLWQ2ZTFlMzQ3ZjljNy8xL0N2WVhtTjBZbGx3
Q2V2cF9rNjRERF9YaDEyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEAm3NWAMEAG3NXwMEA4CM4AMEAMJp
ATANBAIAAjAHAwUAIAFNgDANBgkqhkiG9w0BAQsFAAOCAQEAa2ixirK2M/xB/79i
8/NwnMRlLHry4cMScBss7QXlYX87rNebZE0SRAUROzYyjMCj3X7eC+ZjmxeT+gFa
+E5ENHEjh/fcpoMYdvlYe/1lnRvOvw+Eqx1QlOn8DfzfNS272gcvYWMCcFhiVodI
yZRZCrIalr6XqvVSekCaUUCsxHflAhQ/pDoZsxl3NKdOUz6gdLzZhAmZbNrsLerF
RJfx6IVIwd4g3iik8UT/P/88597cZ8m0NzfLz8R3nhx9mbgdvMUG4sJKiqvokeEn
H7JYPTKAC5hWakU5Enk11VGxmRR+QN2C/s1qNeCWlVolI63OLKUCjIuGdpA0pUuA
fO0LIQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:41 2023 by rpki-client on console-fra.rpki-client.org