Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/hTl8JzUs4KAIahsBB8B24_YX4uY.roa
File: hTl8JzUs4KAIahsBB8B24_YX4uY.roa (raw, json)
Hash identifier: GuwUEH0FLpqsH02aq31ZRzsmsipTLUVh0H1crASvoRs=
Subject key identifier: 85:39:7C:27:35:2C:E0:A0:08:6A:1B:01:07:C0:76:E3:F6:17:E2:E6
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0BA16FC6
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/hTl8JzUs4KAIahsBB8B24_YX4uY.roa
Signing time: Sat 01 Jan 2022 05:51:48 +0000
ROA not before: Sat 01 Jan 2022 05:51:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61157
IP address blocks: 46.23.208.0/20 maxlen: 20
212.1.32.0/19 maxlen: 19
188.64.192.0/21 maxlen: 21
185.209.64.0/22 maxlen: 22
195.244.96.0/19 maxlen: 19
2a02:ad0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 195129286 (0xba16fc6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jan 1 05:51:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85397c27352ce0a0086a1b0107c076e3f617e2e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b2:4d:22:79:34:01:32:d3:bd:76:72:b0:f7:
23:50:ff:68:dc:a5:cc:58:28:3b:31:e4:ca:5a:2f:
d4:a7:14:f0:98:86:b8:cb:b2:db:0c:5c:28:92:61:
7c:ae:c3:b0:34:d9:97:84:fe:d4:6c:9a:ff:11:56:
f8:3e:2b:26:6a:53:b9:f8:56:c3:e6:1d:ec:2f:b4:
4e:7b:e4:88:b3:ac:de:ea:c9:ee:80:6b:3c:b8:90:
08:2a:a2:21:d3:15:e3:4d:6f:60:ec:b4:7f:c8:38:
1b:e3:d2:ad:29:25:70:5e:8f:65:37:cc:32:39:23:
4c:aa:c5:9b:e3:d9:d4:5d:15:ed:91:81:f4:24:ae:
50:e3:ff:51:e1:2a:ce:92:10:b0:50:75:09:f1:c8:
87:ec:2d:c2:45:e6:f6:d5:69:0f:d1:e7:fe:63:83:
e4:4b:31:fe:b0:38:c5:91:b7:43:0e:fb:83:1e:f3:
91:46:43:1a:a1:d4:61:0b:81:64:db:cb:15:56:be:
19:8f:35:64:32:ec:78:3c:1c:14:aa:f7:11:4f:3b:
a3:d5:16:45:ed:7c:78:c6:ed:cd:8a:35:f1:67:f6:
52:5f:48:57:c1:2d:53:5e:e8:89:67:10:7a:87:e7:
ba:2d:a4:92:31:b0:63:0c:34:eb:6a:6c:96:e6:23:
75:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:39:7C:27:35:2C:E0:A0:08:6A:1B:01:07:C0:76:E3:F6:17:E2:E6
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/hTl8JzUs4KAIahsBB8B24_YX4uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.23.208.0/20
185.209.64.0/22
188.64.192.0/21
195.244.96.0/19
212.1.32.0/19
IPv6:
2a02:ad0::/29
Signature Algorithm: sha256WithRSAEncryption
af:df:d8:f1:69:75:a6:85:d6:29:f9:2a:07:57:c2:cd:f8:29:
30:b7:03:25:0c:c4:71:8e:bd:dd:a4:b9:43:b5:dd:0f:84:54:
4f:42:1d:1d:1b:53:b4:91:df:cc:99:8c:4a:f9:42:af:69:1e:
95:98:0f:b2:44:85:08:80:97:8a:97:af:48:6c:02:a0:3d:b5:
e1:c7:12:1f:79:83:3a:6f:bb:ed:56:7d:16:0c:32:45:71:97:
3d:e4:49:b9:a4:8a:b6:c1:75:15:f1:c2:8f:7f:ca:d4:3c:41:
12:38:c0:c0:e1:f2:99:f1:d5:ca:16:ad:1e:a6:8e:a9:e0:0a:
c0:75:00:94:03:fa:a2:73:72:7a:10:ef:d8:6d:bd:73:e3:ab:
d8:41:0e:92:f3:23:39:19:c5:4b:1d:05:7f:ed:b5:65:af:8a:
40:98:c6:20:86:a2:d5:99:58:44:55:6d:70:53:d9:69:ad:89:
d0:20:27:a9:bd:07:93:8d:fa:b3:2d:ff:12:a9:de:67:33:a4:
74:b2:af:fb:53:1f:fa:46:99:e5:6b:6e:81:c2:e8:bd:40:28:
35:a2:2b:d5:81:92:a2:af:13:30:6e:21:e4:3c:f2:89:23:d6:
34:36:eb:86:03:ea:59:f0:09:17:a5:3b:a5:8f:42:47:f5:5e:
63:bb:35:19
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEC6FvxjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDEw
MTA1NTE0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODUzOTdjMjczNTJj
ZTBhMDA4NmExYjAxMDdjMDc2ZTNmNjE3ZTJlNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2yTSJ5NAEy0712crD3I1D/aNylzFgoOzHkylov1KcU8JiG
uMuy2wxcKJJhfK7DsDTZl4T+1Gya/xFW+D4rJmpTufhWw+Yd7C+0TnvkiLOs3urJ
7oBrPLiQCCqiIdMV401vYOy0f8g4G+PSrSklcF6PZTfMMjkjTKrFm+PZ1F0V7ZGB
9CSuUOP/UeEqzpIQsFB1CfHIh+wtwkXm9tVpD9Hn/mOD5Esx/rA4xZG3Qw77gx7z
kUZDGqHUYQuBZNvLFVa+GY81ZDLseDwcFKr3EU87o9UWRe18eMbtzYo18Wf2Ul9I
V8EtU17oiWcQeofnui2kkjGwYww062psluYjdekCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSFOXwnNSzgoAhqGwEHwHbj9hfi5jAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L2hUbDhKelVzNEtBSWFoc0JCOEIyNF9ZWDR1WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBC4X0AMEArnRQAMEA7xAwAMEBcP0
YAMEBdQBIDANBAIAAjAHAwUDKgIK0DANBgkqhkiG9w0BAQsFAAOCAQEAr9/Y8Wl1
poXWKfkqB1fCzfgpMLcDJQzEcY693aS5Q7XdD4RUT0IdHRtTtJHfzJmMSvlCr2ke
lZgPskSFCICXipevSGwCoD214ccSH3mDOm+77VZ9FgwyRXGXPeRJuaSKtsF1FfHC
j3/K1DxBEjjAwOHymfHVyhatHqaOqeAKwHUAlAP6onNyehDv2G29c+Or2EEOkvMj
ORnFSx0Ff+21Za+KQJjGIIai1ZlYRFVtcFPZaa2J0CAnqb0Hk436sy3/EqneZzOk
dLKv+1Mf+kaZ5WtugcLovUAoNaIr1YGSoq8TMG4h5DzyiSPWNDbrhgPqWfAJF6U7
pY9CR/VeY7s1GQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:30 2023 by rpki-client on console-ams.rpki-client.org