Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/HGuYaKJDR4vAtSjMuYHsiTabmv8.roa
File: HGuYaKJDR4vAtSjMuYHsiTabmv8.roa (raw, json)
Hash identifier: 2uUJUv6B8/iYi5dQLN3n39/dLWCEFOz4sZX1+/o1lrY=
Subject key identifier: 1C:6B:98:68:A2:43:47:8B:C0:B5:28:CC:B9:81:EC:89:36:9B:9A:FF
Certificate issuer: /CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Certificate serial: 01830089A9698597CCC2ACAFCB13D82DA415
Authority key identifier: F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/HGuYaKJDR4vAtSjMuYHsiTabmv8.roa
Signing time: Fri 02 Sep 2022 23:29:25 +0000
ROA not before: Fri 02 Sep 2022 23:29:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202448
IP address blocks: 45.137.151.0/24 maxlen: 24
45.137.150.0/24 maxlen: 24
45.137.148.0/24 maxlen: 32
45.137.149.0/24 maxlen: 24
2.56.213.0/24 maxlen: 24
2.56.212.0/24 maxlen: 24
89.43.33.0/24 maxlen: 24
86.107.197.0/24 maxlen: 24
93.114.128.0/24 maxlen: 24
2.56.215.0/24 maxlen: 24
2.56.214.0/24 maxlen: 24
194.32.78.0/24 maxlen: 24
194.32.77.0/24 maxlen: 24
194.32.76.0/24 maxlen: 24
194.32.79.0/24 maxlen: 24
91.250.248.0/24 maxlen: 32
91.250.249.0/24 maxlen: 32
185.234.52.0/24 maxlen: 32
185.96.163.0/24 maxlen: 24
178.157.82.0/24 maxlen: 24
185.170.213.0/24 maxlen: 24
178.157.91.0/24 maxlen: 24
185.170.212.0/24 maxlen: 24
178.157.90.0/24 maxlen: 24
185.170.215.0/24 maxlen: 24
185.170.214.0/24 maxlen: 24
45.153.184.0/24 maxlen: 24
45.153.186.0/24 maxlen: 24
45.153.185.0/24 maxlen: 24
45.153.187.0/24 maxlen: 24
86.106.181.0/24 maxlen: 24
89.38.135.0/24 maxlen: 32
91.227.40.0/24 maxlen: 24
86.105.252.0/24 maxlen: 24
94.176.182.0/24 maxlen: 24
185.243.214.0/24 maxlen: 32
185.243.215.0/24 maxlen: 24
194.99.23.0/24 maxlen: 24
194.99.22.0/24 maxlen: 24
194.99.21.0/24 maxlen: 24
194.99.20.0/24 maxlen: 24
89.38.131.0/24 maxlen: 24
31.14.238.0/24 maxlen: 24
89.38.130.0/24 maxlen: 24
89.38.129.0/24 maxlen: 24
93.114.133.0/24 maxlen: 24
93.115.23.0/24 maxlen: 24
93.115.22.0/24 maxlen: 24
93.115.21.0/24 maxlen: 24
93.115.20.0/24 maxlen: 24
93.115.19.0/24 maxlen: 24
93.115.18.0/24 maxlen: 24
2a05:8280::/32 maxlen: 32
2a09:cd42::/32 maxlen: 32
2a09:cd45::/32 maxlen: 32
2a09:cd43::/32 maxlen: 32
2a0c:b9c1::/32 maxlen: 32
2a09:cd41::/32 maxlen: 32
2a09:cd40::/32 maxlen: 32
2a0c:b9c0::/32 maxlen: 32
2a09:cd46::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:00:89:a9:69:85:97:cc:c2:ac:af:cb:13:d8:2d:a4:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f43bf90808ae7eca063f746a8f1d88865734c8a3
Validity
Not Before: Sep 2 23:29:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c6b9868a243478bc0b528ccb981ec89369b9aff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:9b:8b:7e:4a:11:0a:ac:ee:6e:4a:79:cd:04:
4b:96:29:ec:95:04:f1:19:56:2c:2d:3f:ab:fe:ca:
a5:2a:ad:4b:10:dc:b2:2f:c9:a2:d4:7a:79:a6:6b:
41:ca:75:ec:89:58:8e:f6:cd:05:55:9f:24:8d:c9:
05:fc:45:55:7f:0a:30:01:96:4e:b3:67:b9:85:37:
44:8f:15:a2:ac:32:21:b6:93:2d:06:bf:ac:d4:4c:
4a:2e:5e:6b:ac:1a:05:4b:bd:90:36:80:86:be:fe:
82:ad:31:b0:42:b0:02:54:d3:d6:8f:8e:86:be:3b:
62:af:ef:76:c5:ff:d8:46:9f:a2:4b:09:57:5e:af:
a1:a3:d5:9f:4c:73:75:25:55:fd:c3:94:4a:94:8b:
83:88:f8:f1:fe:e1:19:04:ad:2a:ce:db:1f:cb:74:
56:28:c3:ea:16:2e:aa:7e:c0:1e:91:a1:a5:5e:36:
1c:16:e9:3d:f2:61:14:84:d1:ad:fa:ef:3a:0f:d4:
2b:f2:48:a5:61:87:bc:b2:64:ef:74:42:67:b9:e2:
9a:96:dc:da:f0:5d:ae:19:8e:d3:ce:5b:1c:1a:26:
a0:c7:2f:88:14:cf:d1:42:8b:7e:3a:66:46:d1:ee:
07:1d:98:a1:c1:22:90:2f:08:2e:4f:b3:db:f5:b5:
ce:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:6B:98:68:A2:43:47:8B:C0:B5:28:CC:B9:81:EC:89:36:9B:9A:FF
X509v3 Authority Key Identifier:
keyid:F4:3B:F9:08:08:AE:7E:CA:06:3F:74:6A:8F:1D:88:86:57:34:C8:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/HGuYaKJDR4vAtSjMuYHsiTabmv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a8d943-f082-4b18-b840-389195c4f07b/1/9Dv5CAiufsoGP3Rqjx2Ihlc0yKM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.212.0/22
31.14.238.0/24
45.137.148.0/22
45.153.184.0/22
86.105.252.0/24
86.106.181.0/24
86.107.197.0/24
89.38.129.0-89.38.131.255
89.38.135.0/24
89.43.33.0/24
91.227.40.0/24
91.250.248.0/23
93.114.128.0/24
93.114.133.0/24
93.115.18.0-93.115.23.255
94.176.182.0/24
178.157.82.0/24
178.157.90.0/23
185.96.163.0/24
185.170.212.0/22
185.234.52.0/24
185.243.214.0/23
194.32.76.0/22
194.99.20.0/22
IPv6:
2a05:8280::/32
2a09:cd40::/30
2a09:cd45::-2a09:cd46:ffff:ffff:ffff:ffff:ffff:ffff
2a0c:b9c0::/31
Signature Algorithm: sha256WithRSAEncryption
0a:43:31:3a:31:66:2f:87:17:8f:35:e2:10:52:09:61:59:d0:
6a:39:10:53:59:b0:56:5f:56:3c:72:60:3e:8f:ff:89:e9:0d:
38:1a:6e:49:83:25:15:d0:10:66:04:11:26:7e:cc:d6:8e:3b:
c9:73:a3:59:d6:dd:50:2d:11:40:45:8a:d4:76:7f:50:c4:7e:
7f:f0:dd:df:52:20:a6:ba:e9:83:55:70:77:e9:c1:f8:52:7e:
6c:2d:b8:71:b1:7a:7d:dd:ed:ac:e9:e9:9a:ac:c9:7c:33:9d:
e6:30:bc:ad:f3:c8:b4:29:51:f8:6b:ae:34:73:50:e1:24:46:
ea:04:a7:6e:08:34:bc:fb:45:61:78:35:ee:84:94:bc:90:9b:
07:c5:14:6e:b3:0f:37:f1:5b:50:44:4f:93:e6:88:f5:fc:26:
52:58:68:fc:18:61:da:43:b7:ef:76:00:d1:3f:7a:1a:5c:64:
6b:63:ca:94:52:56:4e:18:3e:6b:01:7c:88:34:93:88:50:cd:
be:0e:db:1d:db:f1:41:9b:f5:9d:dd:f9:12:88:86:9c:0e:3d:
0a:2a:fd:fe:c3:61:7f:1f:a5:3a:ef:b6:eb:5b:c2:ba:14:e7:
56:eb:a4:4e:0a:84:8b:49:49:3b:fd:21:04:9d:2c:01:35:6a:
54:50:aa:d1
-----BEGIN CERTIFICATE-----
MIIFyTCCBLGgAwIBAgISAYMAialphZfMwqyvyxPYLaQVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0M2JmOTA4MDhhZTdlY2EwNjNmNzQ2YThmMWQ4ODg2NTcz
NGM4YTMwHhcNMjIwOTAyMjMyOTI1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzZiOTg2OGEyNDM0NzhiYzBiNTI4Y2NiOTgxZWM4OTM2OWI5YWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpuLfkoRCqzubkp5zQRLlinslQTx
GVYsLT+r/sqlKq1LENyyL8mi1Hp5pmtBynXsiViO9s0FVZ8kjckF/EVVfwowAZZO
s2e5hTdEjxWirDIhtpMtBr+s1ExKLl5rrBoFS72QNoCGvv6CrTGwQrACVNPWj46G
vjtir+92xf/YRp+iSwlXXq+ho9WfTHN1JVX9w5RKlIuDiPjx/uEZBK0qztsfy3RW
KMPqFi6qfsAekaGlXjYcFuk98mEUhNGt+u86D9Qr8kilYYe8smTvdEJnueKaltza
8F2uGY7TzlscGiagxy+IFM/RQot+OmZG0e4HHZihwSKQLwguT7Pb9bXOJQIDAQAB
o4IC1TCCAtEwHQYDVR0OBBYEFBxrmGiiQ0eLwLUozLmB7Ik2m5r/MB8GA1UdIwQY
MBaAFPQ7+QgIrn7KBj90ao8diIZXNMijMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAt
Mzg5MTk1YzRmMDdiLzEvSEd1WWFLSkRSNHZBdFNqTXVZSHNpVGFibXY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hOGQ5NDMtZjA4Mi00YjE4LWI4NDAtMzg5MTk1YzRmMDdi
LzEvOUR2NUNBaXVmc29HUDNScWp4MklobGMweUtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHqBggrBgEFBQcBBwEB/wSB2jCB1zCBpwQCAAEwgaADBAIC
ONQDBAAfDu4DBAItiZQDBAItmbgDBABWafwDBABWarUDBABWa8UwDAMEAFkmgQME
AlkmgAMEAFkmhwMEAFkrIQMEAFvjKAMEAVv6+AMEAF1ygAMEAF1yhTAMAwQBXXMS
AwQDXXMQAwQAXrC2AwQAsp1SAwQBsp1aAwQAuWCjAwQCuarUAwQAueo0AwQBufPW
AwQCwiBMAwQCwmMUMCsEAgACMCUDBQAqBYKAAwUCKgnNQDAOAwUAKgnNRQMFACoJ
zUYDBQEqDLnAMA0GCSqGSIb3DQEBCwUAA4IBAQAKQzE6MWYvhxePNeIQUglhWdBq
ORBTWbBWX1Y8cmA+j/+J6Q04Gm5JgyUV0BBmBBEmfszWjjvJc6NZ1t1QLRFARYrU
dn9QxH5/8N3fUiCmuumDVXB36cH4Un5sLbhxsXp93e2s6emarMl8M53mMLyt88i0
KVH4a640c1DhJEbqBKduCDS8+0VheDXuhJS8kJsHxRRusw838VtQRE+T5oj1/CZS
WGj8GGHaQ7fvdgDRP3oaXGRrY8qUUlZOGD5rAXyINJOIUM2+Dtsd2/FBm/Wd3fkS
iIacDj0KKv3+w2F/H6U677brW8K6FOdW66ROCoSLSUk7/SEEnSwBNWpUUKrR
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:22 2023 by rpki-client on console-ams.rpki-client.org