Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/Hf3LdS3qxmd5R2nLU-NZ2nlFxv8.roa
File: Hf3LdS3qxmd5R2nLU-NZ2nlFxv8.roa (raw, json)
Hash identifier: 1nqYDBdbKH9iWm/rNe7q/kX4wt4vZueAizsHQ6+9ikE=
Subject key identifier: 1D:FD:CB:75:2D:EA:C6:67:79:47:69:CB:53:E3:59:DA:79:45:C6:FF
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 042818D5
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/Hf3LdS3qxmd5R2nLU-NZ2nlFxv8.roa
Signing time: Mon 16 May 2022 07:45:30 +0000
ROA not before: Mon 16 May 2022 07:45:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
188.215.8.0/22 maxlen: 22
93.114.240.0/22 maxlen: 22
77.83.124.0/22 maxlen: 22
176.100.224.0/24 maxlen: 24
176.100.225.0/24 maxlen: 24
176.100.224.0/20 maxlen: 20
185.97.168.0/22 maxlen: 22
193.31.36.0/22 maxlen: 22
185.170.147.0/24 maxlen: 24
193.26.148.0/22 maxlen: 22
193.35.14.0/23 maxlen: 23
193.35.26.0/23 maxlen: 23
176.100.208.0/22 maxlen: 22
176.100.212.0/22 maxlen: 22
2a06:6c0:3::/48 maxlen: 48
2a06:6c0:254::/48 maxlen: 48
2a06:6c0:2::/48 maxlen: 48
2a06:6c0:1::/48 maxlen: 48
2a06:6c0:255::/48 maxlen: 48
2a06:6c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 69736661 (0x42818d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: May 16 07:45:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dfdcb752deac667794769cb53e359da7945c6ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:6e:37:63:34:5b:72:66:0d:d9:33:b6:11:4d:
4d:c7:24:be:bf:e3:2a:71:3e:bf:bd:8e:f6:e7:64:
14:1c:fc:b2:38:c8:81:96:14:64:84:57:ba:78:e8:
0c:75:89:fd:f4:1c:8d:91:94:3e:84:fd:e7:a7:65:
dd:dc:b4:8d:33:9e:17:4e:8e:52:65:26:a6:0d:8b:
33:0f:a2:66:14:92:80:48:05:99:db:f0:ca:ef:e9:
ba:14:0b:42:88:fd:a1:8b:68:72:f1:97:a0:4d:18:
17:1f:06:70:c2:81:b9:88:cb:cc:65:c7:28:78:0d:
ba:3f:f8:29:13:72:bc:e0:fd:8a:6a:4a:aa:04:a0:
a8:c8:ee:b1:db:03:74:2c:98:e1:0d:38:64:b9:63:
85:eb:9d:86:a9:77:d3:be:f1:cf:46:59:05:bb:e7:
6b:fe:fc:82:4f:e5:12:8b:a2:5c:17:1b:bc:dc:7b:
6d:61:56:86:4c:bf:c1:ea:a8:61:1b:80:ec:d6:e2:
28:e2:3f:a4:31:68:7d:51:ea:d3:87:b3:11:dd:e0:
26:37:a0:de:e4:c9:0c:a7:1b:4c:bc:8e:14:7f:06:
5e:53:8f:e7:b4:95:f6:28:3f:27:91:72:45:13:af:
bf:8a:5b:67:cb:8a:5f:fd:0b:e5:db:f0:90:d7:2c:
bc:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:FD:CB:75:2D:EA:C6:67:79:47:69:CB:53:E3:59:DA:79:45:C6:FF
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/Hf3LdS3qxmd5R2nLU-NZ2nlFxv8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/23
77.83.124.0/22
93.114.240.0/22
176.100.208.0/21
176.100.224.0/20
185.97.168.0/22
185.170.147.0/24
188.215.8.0/22
193.26.148.0/22
193.31.36.0/22
193.35.14.0/23
193.35.26.0/23
IPv6:
2a06:6c0::/46
2a06:6c0:254::/47
Signature Algorithm: sha256WithRSAEncryption
b4:8b:0b:4a:b6:1d:11:d0:b5:21:74:9a:2f:7b:ba:6b:86:43:
20:c9:f6:43:5f:fc:dd:d0:b8:a6:53:cf:68:fb:9f:3d:63:2b:
de:86:81:e2:04:ad:2b:b7:ec:b6:6b:8a:63:86:5a:b7:49:a9:
3d:1f:17:36:bd:2d:8e:dc:fd:21:73:3e:4d:67:3d:47:f7:42:
46:4d:08:29:74:0b:d0:70:15:e7:4b:ef:a4:71:a5:44:4a:2b:
3f:52:87:36:48:f9:d4:52:7d:46:d8:5c:e6:37:f9:62:9e:14:
78:ef:84:52:14:a5:f1:64:29:70:c5:bd:f0:0d:5b:e3:f3:2d:
8c:ca:aa:65:fe:68:a2:86:e0:52:18:d9:bb:35:51:1b:ac:b0:
7e:b5:8a:c7:e7:71:c5:30:33:36:b4:5f:08:46:47:41:54:a0:
ec:e1:ef:a3:27:8d:e9:78:b4:68:6a:83:65:6b:67:e5:4d:00:
71:48:a8:81:5f:2f:c8:1f:27:e0:47:89:fc:58:b8:13:66:1b:
c5:d7:2d:c6:8d:b4:cc:a3:9a:c7:6d:9e:13:3a:18:ed:42:c3:
1b:28:59:2b:7e:ba:26:28:b5:f1:e3:bb:73:ac:02:94:e5:ae:
34:5b:af:8d:0c:f7:f2:06:10:7f:65:6a:f3:81:0a:35:bb:8c:
4f:71:12:7b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIEBCgY1TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
MDk0YTQyNTU5NWU5MjNjNGI1M2I5YzAwMGFhOGYxOWFkOTIzZjIwMB4XDTIyMDUx
NjA3NDUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRmZGNiNzUyZGVh
YzY2Nzc5NDc2OWNiNTNlMzU5ZGE3OTQ1YzZmZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANduN2M0W3JmDdkzthFNTcckvr/jKnE+v72O9udkFBz8sjjI
gZYUZIRXunjoDHWJ/fQcjZGUPoT956dl3dy0jTOeF06OUmUmpg2LMw+iZhSSgEgF
mdvwyu/puhQLQoj9oYtocvGXoE0YFx8GcMKBuYjLzGXHKHgNuj/4KRNyvOD9impK
qgSgqMjusdsDdCyY4Q04ZLljheudhql3077xz0ZZBbvna/78gk/lEouiXBcbvNx7
bWFWhky/weqoYRuA7NbiKOI/pDFofVHq04ezEd3gJjeg3uTJDKcbTLyOFH8GXlOP
57SV9ig/J5FyRROvv4pbZ8uKX/0L5dvwkNcsvLUCAwEAAaOCAmUwggJhMB0GA1Ud
DgQWBBQd/ct1LerGZ3lHactT41naeUXG/zAfBgNVHSMEGDAWgBRwlKQlWV6SPEtT
ucAAqo8ZrZI/IDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2NKU2tKVmxla2p4TFU3bkFBS3FQR2EyU1B5QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmEvOTYzMTcwLTU4YmUtNDZiYi1hNWRlLTc3NzM3M2U2MDU1ZS8x
L0hmM0xkUzNxeG1kNVIybkxVLU5aMm5sRnh2OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmEv
OTYzMTcwLTU4YmUtNDZiYi1hNWRlLTc3NzM3M2U2MDU1ZS8xL2NKU2tKVmxla2p4
TFU3bkFBS3FQR2EyU1B5QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB7
BggrBgEFBQcBBwEB/wRsMGowTgQCAAEwSAMEAS2BFAMEAk1TfAMEAl1y8AMEA7Bk
0AMEBLBk4AMEArlhqAMEALmqkwMEArzXCAMEAsEalAMEAsEfJAMEAcEjDgMEAcEj
GjAYBAIAAjASAwcCKgYGwAAAAwcBKgYGwAJUMA0GCSqGSIb3DQEBCwUAA4IBAQC0
iwtKth0R0LUhdJove7prhkMgyfZDX/zd0LimU89o+589YyvehoHiBK0rt+y2a4pj
hlq3Sak9Hxc2vS2O3P0hcz5NZz1H90JGTQgpdAvQcBXnS++kcaVESis/Uoc2SPnU
Un1G2FzmN/linhR474RSFKXxZClwxb3wDVvj8y2Myqpl/miihuBSGNm7NVEbrLB+
tYrH53HFMDM2tF8IRkdBVKDs4e+jJ43peLRoaoNla2flTQBxSKiBXy/IHyfgR4n8
WLgTZhvF1y3GjbTMo5rHbZ4TOhjtQsMbKFkrfromKLXx47tzrAKU5a40W6+NDPfy
BhB/ZWrzgQo1u4xPcRJ7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:33 2023 by rpki-client on console-ams.rpki-client.org