Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/Hq4wdlcYhtJ2BW9CX7p1YMCE5ao.roa
File: Hq4wdlcYhtJ2BW9CX7p1YMCE5ao.roa (raw, json)
Hash identifier: nJG4+5RFjvwb8jT2fMg3tsq8eMPYug1fEVDnJdSDMF0=
Subject key identifier: 1E:AE:30:76:57:18:86:D2:76:05:6F:42:5F:BA:75:60:C0:84:E5:AA
Certificate issuer: /CN=965a6abfdb0874f2fec2262cdea3373adcb2dc55
Certificate serial: 037651
Authority key identifier: 96:5A:6A:BF:DB:08:74:F2:FE:C2:26:2C:DE:A3:37:3A:DC:B2:DC:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/llpqv9sIdPL-wiYs3qM3Otyy3FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/Hq4wdlcYhtJ2BW9CX7p1YMCE5ao.roa
Signing time: Tue 15 Mar 2022 08:36:33 +0000
ROA not before: Tue 15 Mar 2022 08:36:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12511
IP address blocks: 194.41.128.0/17 maxlen: 18
138.191.0.0/16 maxlen: 16
138.189.0.0/16 maxlen: 16
84.246.232.0/21 maxlen: 22
2a00:17c8::/32 maxlen: 32
2a00:17cf::/32 maxlen: 32
2a00:17c9::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 226897 (0x37651)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=965a6abfdb0874f2fec2262cdea3373adcb2dc55
Validity
Not Before: Mar 15 08:36:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1eae3076571886d276056f425fba7560c084e5aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:92:eb:e0:df:6c:fc:ce:a7:ff:73:bf:98:d8:
0d:4b:f3:b0:46:30:60:a2:cf:33:00:93:17:71:55:
4f:21:ca:82:74:6b:c6:20:2a:cd:00:45:ca:8e:4a:
e3:f9:c9:39:0b:78:6c:6e:e8:cf:83:ac:1c:04:57:
a8:fe:7c:c4:1d:ef:30:e5:16:48:df:b5:50:9a:6b:
c9:47:2e:05:25:4a:a8:82:f2:df:07:a9:7a:e2:17:
3c:55:c0:34:55:0f:d6:04:09:a4:0e:5e:b5:18:63:
71:f4:2b:7c:b4:f5:2d:de:fd:cb:69:44:eb:a2:cb:
89:e3:0b:6e:59:34:8a:22:15:26:21:f1:a8:fd:58:
3c:56:fa:c5:b6:4a:36:7d:7f:77:63:3d:ca:8e:08:
94:bf:f4:fe:86:cf:64:dd:b1:d1:ec:6a:61:5a:76:
19:73:0b:03:a6:d9:af:78:aa:cc:5a:e6:e7:ae:35:
19:64:c7:73:11:90:00:bb:3f:b7:b9:14:2f:16:29:
f4:17:99:a0:50:9f:e5:01:71:55:bf:95:e0:c0:60:
5e:e7:2d:47:64:f0:55:05:de:3c:e7:e5:d4:3d:9e:
69:d9:91:62:a9:f1:da:13:a4:fa:0a:93:5a:c5:55:
41:4d:a2:25:e7:8d:b0:ce:17:66:4a:18:20:2f:9a:
8a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AE:30:76:57:18:86:D2:76:05:6F:42:5F:BA:75:60:C0:84:E5:AA
X509v3 Authority Key Identifier:
keyid:96:5A:6A:BF:DB:08:74:F2:FE:C2:26:2C:DE:A3:37:3A:DC:B2:DC:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/llpqv9sIdPL-wiYs3qM3Otyy3FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/Hq4wdlcYhtJ2BW9CX7p1YMCE5ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/12417f-7665-4098-a338-4949b1e2b60f/1/llpqv9sIdPL-wiYs3qM3Otyy3FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.232.0/21
138.189.0.0/16
138.191.0.0/16
194.41.128.0/17
IPv6:
2a00:17c8::/31
2a00:17cf::/32
Signature Algorithm: sha256WithRSAEncryption
40:ae:b0:8b:d4:00:c7:c6:e8:8d:0a:e1:f3:14:1d:00:0e:a7:
e5:44:ab:6c:b1:6e:a6:b7:3f:97:a1:7b:61:b3:d2:50:2f:b5:
8f:dd:41:2e:f5:7d:bf:05:9f:52:f8:f0:23:38:a0:e5:24:7a:
0e:28:bb:27:89:d5:f8:e8:32:f6:09:a1:ac:93:b8:65:27:7e:
87:6d:25:7f:8e:c4:c5:0b:39:54:61:99:87:7a:60:85:2e:39:
1a:e5:a1:f8:87:83:7a:c0:20:b9:77:e8:8d:af:e6:84:be:f8:
37:72:bb:bf:22:24:b7:72:23:c3:4e:e9:8d:f7:b2:93:4f:f3:
10:1a:f9:c9:dd:08:88:cf:59:03:98:2f:0d:0d:1b:2e:9b:c5:
40:17:7e:f3:c1:b6:08:f8:ea:ee:87:21:4c:ac:a7:5a:18:6d:
5e:05:ff:9b:fa:12:8c:e5:d7:59:0a:18:47:ea:0d:ea:da:56:
3f:29:60:5b:65:79:58:a5:c8:bf:d9:cd:59:06:7d:4f:20:d1:
14:99:21:27:ce:4d:34:9d:9f:30:db:d1:68:41:a8:54:3b:cd:
3a:57:72:1e:2f:e2:68:78:20:b2:96:8e:3b:73:25:7e:31:23:
00:2d:d2:fc:90:78:69:79:ba:50:24:c9:9f:1e:6a:94:30:10:
da:ed:4a:b2
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgIDA3ZRMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDk2
NWE2YWJmZGIwODc0ZjJmZWMyMjYyY2RlYTMzNzNhZGNiMmRjNTUwHhcNMjIwMzE1
MDgzNjMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxZWFlMzA3NjU3MTg4
NmQyNzYwNTZmNDI1ZmJhNzU2MGMwODRlNWFhMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAl5Lr4N9s/M6n/3O/mNgNS/OwRjBgos8zAJMXcVVPIcqCdGvG
ICrNAEXKjkrj+ck5C3hsbujPg6wcBFeo/nzEHe8w5RZI37VQmmvJRy4FJUqogvLf
B6l64hc8VcA0VQ/WBAmkDl61GGNx9Ct8tPUt3v3LaUTrosuJ4wtuWTSKIhUmIfGo
/Vg8VvrFtko2fX93Yz3KjgiUv/T+hs9k3bHR7GphWnYZcwsDptmveKrMWubnrjUZ
ZMdzEZAAuz+3uRQvFin0F5mgUJ/lAXFVv5XgwGBe5y1HZPBVBd485+XUPZ5p2ZFi
qfHaE6T6CpNaxVVBTaIl542wzhdmShggL5qKFwIDAQABo4ICLzCCAiswHQYDVR0O
BBYEFB6uMHZXGIbSdgVvQl+6dWDAhOWqMB8GA1UdIwQYMBaAFJZaar/bCHTy/sIm
LN6jNzrcstxVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
bGxwcXY5c0lkUEwtd2lZczNxTTNPdHl5M0ZVLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8xMC8xMjQxN2YtNzY2NS00MDk4LWEzMzgtNDk0OWIxZTJiNjBmLzEv
SHE0d2RsY1lodEoyQlc5Q1g3cDFZTUNFNWFvLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8x
MjQxN2YtNzY2NS00MDk4LWEzMzgtNDk0OWIxZTJiNjBmLzEvbGxwcXY5c0lkUEwt
d2lZczNxTTNPdHl5M0ZVLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMEUG
CCsGAQUFBwEHAQH/BDYwNDAcBAIAATAWAwQDVPboAwMAir0DAwCKvwMEB8IpgDAU
BAIAAjAOAwUBKgAXyAMFACoAF88wDQYJKoZIhvcNAQELBQADggEBAECusIvUAMfG
6I0K4fMUHQAOp+VEq2yxbqa3P5ehe2Gz0lAvtY/dQS71fb8Fn1L48CM4oOUkeg4o
uyeJ1fjoMvYJoayTuGUnfodtJX+OxMULOVRhmYd6YIUuORrlofiHg3rAILl36I2v
5oS++Ddyu78iJLdyI8NO6Y33spNP8xAa+cndCIjPWQOYLw0NGy6bxUAXfvPBtgj4
6u6HIUysp1oYbV4F/5v6Eozl11kKGEfqDeraVj8pYFtleVilyL/ZzVkGfU8g0RSZ
ISfOTTSdnzDb0WhBqFQ7zTpXch4v4mh4ILKWjjtzJX4xIwAt0vyQeGl5ulAkyZ8e
apQwENrtSrI=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:08 2023 by rpki-client on console-fra.rpki-client.org