Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/hZWPGoXczcRHMSPsOLF_EvSaOZM.roa
File: hZWPGoXczcRHMSPsOLF_EvSaOZM.roa (raw, json)
Hash identifier: XA01LzK72QiLfIn5zRLCFIMPHZk8K6+MZA7HdI/jacc=
Subject key identifier: 85:95:8F:1A:85:DC:CD:C4:47:31:23:EC:38:B1:7F:12:F4:9A:39:93
Certificate issuer: /CN=e9aab1446100a8fce03df19d755e06329ee24713
Certificate serial: 18538A86
Authority key identifier: E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/hZWPGoXczcRHMSPsOLF_EvSaOZM.roa
Signing time: Sat 01 Jan 2022 15:59:29 +0000
ROA not before: Sat 01 Jan 2022 15:59:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43948
IP address blocks: 46.21.96.0/22 maxlen: 22
46.21.96.0/20 maxlen: 20
195.149.101.0/24 maxlen: 24
46.21.100.0/23 maxlen: 23
46.21.100.0/24 maxlen: 24
46.21.106.0/24 maxlen: 24
185.157.220.0/22 maxlen: 22
185.39.146.0/23 maxlen: 23
31.192.224.0/21 maxlen: 21
31.192.228.0/24 maxlen: 24
193.108.196.0/24 maxlen: 24
109.74.0.0/20 maxlen: 20
79.99.2.0/23 maxlen: 23
79.99.0.0/23 maxlen: 23
79.99.0.0/21 maxlen: 21
91.228.193.0/24 maxlen: 24
91.228.194.0/23 maxlen: 23
5.178.77.0/24 maxlen: 24
5.178.75.0/24 maxlen: 24
5.178.72.0/21 maxlen: 24
94.247.168.0/21 maxlen: 21
94.247.175.0/24 maxlen: 24
94.247.173.0/24 maxlen: 24
37.152.56.0/21 maxlen: 21
37.152.60.0/24 maxlen: 24
194.54.164.0/24 maxlen: 24
194.54.164.0/22 maxlen: 22
195.238.76.0/23 maxlen: 23
185.39.144.0/22 maxlen: 22
159.253.24.0/21 maxlen: 21
159.253.26.0/24 maxlen: 24
159.253.28.0/24 maxlen: 24
159.253.29.0/24 maxlen: 24
195.246.120.0/23 maxlen: 23
195.20.206.0/23 maxlen: 23
2a02:750::/29 maxlen: 48
2a02:750:5::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 408128134 (0x18538a86)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9aab1446100a8fce03df19d755e06329ee24713
Validity
Not Before: Jan 1 15:59:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=85958f1a85dccdc4473123ec38b17f12f49a3993
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:27:db:bd:b0:9d:05:f4:43:66:bd:e7:25:fd:
20:8b:58:cf:f7:46:48:66:7e:7c:ce:87:3d:63:1c:
17:69:dd:74:85:be:68:16:51:bd:d7:4d:b2:0c:95:
0d:95:e1:91:6b:c2:28:5c:54:9e:13:63:64:1b:f6:
df:2a:e8:2e:4f:38:aa:d7:1c:f2:d4:0c:d0:79:57:
bd:8c:85:5b:3f:9d:a2:d0:09:0d:27:bd:90:83:69:
46:9f:21:8f:8d:d6:2a:7a:59:9b:46:a0:28:99:65:
b6:3c:cb:74:ca:0e:e5:c1:fe:6b:75:aa:16:07:62:
b5:57:a3:57:84:02:19:aa:db:43:b0:02:e7:d4:4f:
45:9f:c9:46:e6:0b:bb:ff:61:87:59:0b:3a:aa:f5:
05:70:74:a4:73:53:4b:37:8e:dd:ad:15:01:0f:03:
83:c8:39:db:41:69:c2:8c:9c:d7:e8:30:d4:6a:12:
34:4d:88:bd:51:d4:4f:6d:64:b2:5f:6b:a4:0a:f3:
f6:59:9b:a4:df:2d:55:d6:5d:52:d5:74:4e:60:ae:
d2:1e:57:fc:81:c8:e5:f7:d9:3c:cf:df:c3:33:0e:
a9:eb:1a:cb:f9:93:4e:f9:76:0f:ad:27:1a:46:13:
10:77:95:5e:36:ba:02:4e:58:13:65:b4:f7:bc:40:
b3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:95:8F:1A:85:DC:CD:C4:47:31:23:EC:38:B1:7F:12:F4:9A:39:93
X509v3 Authority Key Identifier:
keyid:E9:AA:B1:44:61:00:A8:FC:E0:3D:F1:9D:75:5E:06:32:9E:E2:47:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6aqxRGEAqPzgPfGddV4GMp7iRxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/hZWPGoXczcRHMSPsOLF_EvSaOZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/71e09c-28f3-4825-806f-a0dc354f4ca3/1/6aqxRGEAqPzgPfGddV4GMp7iRxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.72.0/21
31.192.224.0/21
37.152.56.0/21
46.21.96.0/20
79.99.0.0/21
91.228.193.0-91.228.195.255
94.247.168.0/21
109.74.0.0/20
159.253.24.0/21
185.39.144.0/22
185.157.220.0/22
193.108.196.0/24
194.54.164.0/22
195.20.206.0/23
195.149.101.0/24
195.238.76.0/23
195.246.120.0/23
IPv6:
2a02:750::/29
Signature Algorithm: sha256WithRSAEncryption
a5:8e:28:cd:0d:15:ca:65:be:3f:76:ed:89:e1:32:8b:77:f6:
07:19:b8:e5:7d:cf:ee:24:b7:36:44:ba:c0:f3:6e:68:2a:39:
ff:b1:6c:fb:55:e5:b2:c0:9f:6b:ab:e8:37:20:62:f6:b9:90:
ec:e5:f4:85:40:ce:5b:be:10:9c:a7:7d:8f:9c:d3:9c:d8:0c:
7b:59:29:2e:d1:22:0b:dc:4d:0f:4b:6d:32:a4:00:53:26:88:
f4:85:4c:46:d4:c5:05:de:99:7e:92:e7:07:8a:5e:77:15:91:
70:4b:90:7f:3d:6c:9d:49:8a:c8:69:08:e9:30:e2:52:64:48:
46:3b:a6:9b:a0:ab:fe:53:77:55:a0:3d:d5:b0:4c:a5:3b:5d:
1c:f3:b2:54:91:71:04:c3:f9:44:0a:61:2b:0a:41:f8:3f:28:
4b:05:b6:b6:00:35:f7:cd:16:1e:08:6f:ce:e7:6e:9d:96:c2:
de:d2:61:ee:61:80:38:09:89:57:28:1f:bf:58:f1:43:95:a9:
90:e5:8d:17:55:26:92:67:bb:c0:e4:a9:00:e0:9a:44:27:0d:
1f:2b:62:b4:0d:9f:a0:d6:e0:7c:02:8c:c4:c1:3c:68:75:dc:
41:6e:1c:16:97:38:57:ad:49:2e:66:cc:17:48:1b:4e:63:e4:
4c:4d:0b:56
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgIEGFOKhjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OWFhYjE0NDYxMDBhOGZjZTAzZGYxOWQ3NTVlMDYzMjllZTI0NzEzMB4XDTIyMDEw
MTE1NTkyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODU5NThmMWE4NWRj
Y2RjNDQ3MzEyM2VjMzhiMTdmMTJmNDlhMzk5MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMkn272wnQX0Q2a95yX9IItYz/dGSGZ+fM6HPWMcF2nddIW+
aBZRvddNsgyVDZXhkWvCKFxUnhNjZBv23yroLk84qtcc8tQM0HlXvYyFWz+dotAJ
DSe9kINpRp8hj43WKnpZm0agKJlltjzLdMoO5cH+a3WqFgditVejV4QCGarbQ7AC
59RPRZ/JRuYLu/9hh1kLOqr1BXB0pHNTSzeO3a0VAQ8Dg8g520Fpwoyc1+gw1GoS
NE2IvVHUT21ksl9rpArz9lmbpN8tVdZdUtV0TmCu0h5X/IHI5ffZPM/fwzMOqesa
y/mTTvl2D60nGkYTEHeVXja6Ak5YE2W097xAs+cCAwEAAaOCAoMwggJ/MB0GA1Ud
DgQWBBSFlY8ahdzNxEcxI+w4sX8S9Jo5kzAfBgNVHSMEGDAWgBTpqrFEYQCo/OA9
8Z11XgYynuJHEzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZhcXhSR0VBcVB6Z1BmR2RkVjRHTXA3aVJ4TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjkvNzFlMDljLTI4ZjMtNDgyNS04MDZmLWEwZGMzNTRmNGNhMy8x
L2haV1BHb1hjemNSSE1TUHNPTEZfRXZTYU9aTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjkv
NzFlMDljLTI4ZjMtNDgyNS04MDZmLWEwZGMzNTRmNGNhMy8xLzZhcXhSR0VBcVB6
Z1BmR2RkVjRHTXA3aVJ4TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
mAYIKwYBBQUHAQcBAf8EgYgwgYUwdAQCAAEwbgMEAwWySAMEAx/A4AMEAyWYOAME
BC4VYAMEA09jADAMAwQAW+TBAwQCW+TAAwQDXveoAwQEbUoAAwQDn/0YAwQCuSeQ
AwQCuZ3cAwQAwWzEAwQCwjakAwQBwxTOAwQAw5VlAwQBw+5MAwQBw/Z4MA0EAgAC
MAcDBQMqAgdQMA0GCSqGSIb3DQEBCwUAA4IBAQCljijNDRXKZb4/du2J4TKLd/YH
Gbjlfc/uJLc2RLrA825oKjn/sWz7VeWywJ9rq+g3IGL2uZDs5fSFQM5bvhCcp32P
nNOc2Ax7WSku0SIL3E0PS20ypABTJoj0hUxG1MUF3pl+kucHil53FZFwS5B/PWyd
SYrIaQjpMOJSZEhGO6aboKv+U3dVoD3VsEylO10c87JUkXEEw/lECmErCkH4PyhL
Bba2ADX3zRYeCG/O526dlsLe0mHuYYA4CYlXKB+/WPFDlamQ5Y0XVSaSZ7vA5KkA
4JpEJw0fK2K0DZ+g1uB8AozEwTxoddxBbhwWlzhXrUkuZswXSBtOY+RMTQtW
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:38 2023 by rpki-client on console-fra.rpki-client.org