Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/HirmleBvuVWDikR-IXVZkg5706M.roa
File: HirmleBvuVWDikR-IXVZkg5706M.roa (raw, json)
Hash identifier: MZCaW2FTcy7ssVH+CjVypelWsxrMxozYWMMe4lmO5S8=
Subject key identifier: 1E:2A:E6:95:E0:6F:B9:55:83:8A:44:7E:21:75:59:92:0E:7B:D3:A3
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 1588BCA6
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/HirmleBvuVWDikR-IXVZkg5706M.roa
Signing time: Sun 01 May 2022 17:16:39 +0000
ROA not before: Sun 01 May 2022 17:16:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200532
IP address blocks: 89.33.41.0/24 maxlen: 24
185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
185.111.104.0/22 maxlen: 22
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.80.0/22 maxlen: 22
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.113.132.0/22 maxlen: 22
185.113.132.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.192.0/22 maxlen: 22
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
2a06:940::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 361282726 (0x1588bca6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: May 1 17:16:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e2ae695e06fb955838a447e217559920e7bd3a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4a:c2:6b:01:22:ae:7a:aa:bc:d5:ef:ad:e8:
83:37:cf:34:34:a7:3b:d8:22:da:56:84:dc:32:50:
62:22:8a:a9:08:ee:eb:94:3c:66:27:dc:03:9b:85:
c7:04:da:1c:71:16:24:89:2f:fe:57:5f:19:ce:f2:
61:27:e9:1e:21:46:e6:4a:51:40:09:49:87:43:89:
81:b9:4d:6f:43:b5:9d:14:f6:49:e8:2d:eb:9e:60:
40:63:8f:d4:3c:78:3f:d8:fe:c3:bb:6a:8a:79:03:
89:a4:d2:72:01:f6:d2:6f:99:a1:d2:d0:01:e3:0b:
48:75:4d:c0:1a:be:7a:d5:93:f1:f0:7e:cf:ee:a9:
71:c7:c8:a3:a7:28:b0:c2:ee:74:b0:ea:03:af:2b:
3f:aa:d2:2c:02:65:08:09:66:ba:61:3e:8a:ab:7f:
cf:5c:d2:ba:07:e9:1f:16:68:16:a9:dd:3e:c0:d3:
4d:24:10:07:07:a8:cd:67:b7:82:86:12:bd:1e:34:
d3:61:03:68:d9:67:7e:36:2d:b8:36:2b:d2:b3:74:
d4:65:e8:b2:c1:96:93:73:c0:59:a4:2e:20:49:f1:
c6:bc:b3:5f:8a:2c:81:03:94:dd:b7:6f:9c:5d:81:
f1:8f:c8:0f:13:42:f6:a1:90:4c:a2:12:67:35:95:
5a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:2A:E6:95:E0:6F:B9:55:83:8A:44:7E:21:75:59:92:0E:7B:D3:A3
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/HirmleBvuVWDikR-IXVZkg5706M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.41.0/24
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
188.241.216.0/23
IPv6:
2a06:940::/56
Signature Algorithm: sha256WithRSAEncryption
12:58:3a:c2:5f:36:76:a2:75:4b:49:1f:ef:dc:fe:43:f2:d6:
55:91:e3:4c:49:fa:fd:6b:9b:6c:90:6d:92:ca:1d:73:a5:b0:
62:56:69:55:ab:89:15:18:b5:64:6f:1a:45:c5:cd:00:77:39:
8c:dc:fa:91:b4:b2:35:55:3d:0e:66:af:6b:5c:62:10:c3:b5:
e3:c7:4c:7e:ef:70:2d:52:a9:08:01:c1:a8:26:a1:54:94:47:
31:57:68:0b:c7:d0:52:3c:5d:f4:72:9b:d9:26:09:2d:89:d2:
09:f1:b9:4c:56:c8:4a:4f:57:46:78:20:1b:e8:3b:ff:fd:e0:
c3:05:b2:35:26:5d:2a:3b:4d:54:bc:ed:f8:e6:f8:5b:3a:bf:
90:b6:65:93:30:2b:37:07:84:f8:32:b3:2a:45:dd:4b:8d:a5:
e1:ab:36:2d:38:02:60:71:94:c8:c6:2b:fc:c4:2e:43:9d:9c:
ab:36:f1:6c:9b:31:5e:19:8e:b2:a9:15:61:cd:15:cb:f8:72:
08:f0:ec:29:e1:60:c2:f6:aa:36:dd:5f:05:8e:50:89:f2:bb:
0f:6e:cb:72:f9:c0:3b:d3:ad:33:06:bb:5b:83:6a:bc:dc:c7:
ba:5a:23:a7:45:22:43:8d:64:e7:82:64:47:f8:56:48:b0:d1:
1b:38:7b:a9
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEFYi8pjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMB4XDTIyMDUw
MTE3MTYzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWUyYWU2OTVlMDZm
Yjk1NTgzOGE0NDdlMjE3NTU5OTIwZTdiZDNhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL1KwmsBIq56qrzV763ogzfPNDSnO9gi2laE3DJQYiKKqQju
65Q8ZifcA5uFxwTaHHEWJIkv/ldfGc7yYSfpHiFG5kpRQAlJh0OJgblNb0O1nRT2
Segt655gQGOP1Dx4P9j+w7tqinkDiaTScgH20m+ZodLQAeMLSHVNwBq+etWT8fB+
z+6pccfIo6cosMLudLDqA68rP6rSLAJlCAlmumE+iqt/z1zSugfpHxZoFqndPsDT
TSQQBweozWe3goYSvR4002EDaNlnfjYtuDYr0rN01GXossGWk3PAWaQuIEnxxryz
X4osgQOU3bdvnF2B8Y/IDxNC9qGQTKISZzWVWg8CAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBQeKuaV4G+5VYOKRH4hdVmSDnvTozAfBgNVHSMEGDAWgBQohVhSpLzRvx7I
E/PBOw8fNy85cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tJVllVcVM4MGI4ZXlCUHp3VHNQSHpjdk9YRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8x
L0hpcm1sZUJ2dVZXRGlrUi1JWFZaa2c1NzA2TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4
ZXlCUHp3VHNQSHpjdk9YRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwQgQCAAEwPAMEAFkhKQMEArliBAMEArlkQAMEArlv
aAMEArlxhAMEArl0wAMEArl5UAMEArl9WAMEArmBMAMEAbzx2DAQBAIAAjAKAwgA
KgYJQAAAADANBgkqhkiG9w0BAQsFAAOCAQEAElg6wl82dqJ1S0kf79z+Q/LWVZHj
TEn6/WubbJBtksodc6WwYlZpVauJFRi1ZG8aRcXNAHc5jNz6kbSyNVU9Dmava1xi
EMO148dMfu9wLVKpCAHBqCahVJRHMVdoC8fQUjxd9HKb2SYJLYnSCfG5TFbISk9X
RnggG+g7//3gwwWyNSZdKjtNVLzt+Ob4Wzq/kLZlkzArNweE+DKzKkXdS42l4as2
LTgCYHGUyMYr/MQuQ52cqzbxbJsxXhmOsqkVYc0Vy/hyCPDsKeFgwvaqNt1fBY5Q
ifK7D27LcvnAO9OtMwa7W4NqvNzHulojp0UiQ41k54JkR/hWSLDRGzh7qQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:51 2023 by rpki-client on console-ams.rpki-client.org