Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/H25I5UPnuQnr4quyFpl73m1YfFQ.roa
File: H25I5UPnuQnr4quyFpl73m1YfFQ.roa (raw, json)
Hash identifier: /IV0MMmahLRk5lcGCQQPWvm09FxqVrYu3SXANmGklcs=
Subject key identifier: 1F:6E:48:E5:43:E7:B9:09:EB:E2:AB:B2:16:99:7B:DE:6D:58:7C:54
Certificate issuer: /CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Certificate serial: 1FE71EB3
Authority key identifier: AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/H25I5UPnuQnr4quyFpl73m1YfFQ.roa
Signing time: Tue 05 Jul 2022 06:17:25 +0000
ROA not before: Tue 05 Jul 2022 06:17:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44507
IP address blocks: 185.16.56.0/22 maxlen: 22
146.247.32.0/21 maxlen: 21
46.42.32.0/21 maxlen: 21
46.42.40.0/21 maxlen: 21
46.228.96.0/20 maxlen: 20
5.175.88.0/21 maxlen: 21
178.57.32.0/21 maxlen: 21
46.42.0.0/18 maxlen: 18
178.57.40.0/21 maxlen: 21
46.42.8.0/21 maxlen: 21
178.57.48.0/21 maxlen: 21
46.42.16.0/21 maxlen: 21
46.42.24.0/21 maxlen: 21
134.90.152.0/21 maxlen: 21
194.58.160.0/21 maxlen: 21
194.58.176.0/21 maxlen: 21
188.120.48.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 535240371 (0x1fe71eb3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa2a58c697a1449976b0d11d6f126025e14089c6
Validity
Not Before: Jul 5 06:17:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f6e48e543e7b909ebe2abb216997bde6d587c54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:c0:b3:2b:d8:6b:1b:2f:6f:97:e4:f0:34:a7:
a8:34:f3:42:ad:94:39:19:bf:ff:64:76:7c:35:d8:
e1:b4:c3:81:87:8e:3a:52:79:67:cb:fc:52:c9:12:
e1:34:2d:d2:f5:c2:cf:6d:bd:be:48:f2:94:9c:44:
bb:e8:85:86:cf:ac:6b:eb:88:74:df:09:4b:2d:14:
2b:49:75:82:df:6a:ea:6d:4a:70:0f:8c:b9:ee:30:
1f:0c:1c:6e:37:94:0f:04:03:27:a3:c1:b3:e5:79:
14:c7:16:24:4c:90:38:54:cd:3f:e3:4c:ea:74:9a:
84:3f:2e:5c:cb:82:a3:30:05:8c:65:9d:22:f2:78:
9e:42:d2:46:f8:38:44:fa:db:1c:11:2f:bc:f2:81:
0f:10:92:ed:fa:e2:9a:05:64:01:86:76:14:7b:5a:
dd:6d:f4:d9:7f:c6:bb:68:92:0c:04:12:03:9e:53:
c8:78:58:75:f1:6c:9b:41:25:2c:19:d3:24:1f:22:
a2:ff:4c:2f:d6:62:bc:ad:34:5a:e4:4d:47:7b:c2:
5c:91:2b:2c:97:01:a8:85:a2:17:22:2a:77:a5:ea:
6f:63:80:25:5c:fd:b7:ce:0b:07:1b:e2:16:6b:ff:
36:66:19:15:1e:8a:dc:31:6b:1b:54:74:61:42:9c:
da:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6E:48:E5:43:E7:B9:09:EB:E2:AB:B2:16:99:7B:DE:6D:58:7C:54
X509v3 Authority Key Identifier:
keyid:AA:2A:58:C6:97:A1:44:99:76:B0:D1:1D:6F:12:60:25:E1:40:89:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qipYxpehRJl2sNEdbxJgJeFAicY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/H25I5UPnuQnr4quyFpl73m1YfFQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/3142a5-d92d-4d06-8228-be622c3132df/1/qipYxpehRJl2sNEdbxJgJeFAicY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.88.0/21
46.42.0.0/18
46.228.96.0/20
134.90.152.0/21
146.247.32.0/21
178.57.32.0-178.57.55.255
185.16.56.0/22
188.120.48.0/20
194.58.160.0/21
194.58.176.0/21
Signature Algorithm: sha256WithRSAEncryption
03:37:5e:a9:f5:11:12:ab:e5:c2:03:41:73:3e:c8:74:5a:96:
15:7f:95:85:90:8c:d2:e5:59:9b:36:53:6f:61:78:62:68:57:
ba:c2:6b:2f:eb:cd:f6:56:b3:fd:05:1c:0f:ec:96:6f:16:c8:
7a:6e:84:1f:fc:87:4a:44:16:29:01:f6:aa:21:23:8d:0d:63:
cf:0c:6b:95:57:b9:54:dc:0e:8f:0b:3e:28:57:2f:d9:f9:0c:
a0:8c:9c:6d:ed:f7:bc:51:01:42:61:ae:50:87:17:29:6f:43:
88:66:81:69:eb:24:b3:c2:5e:34:3e:c9:9a:e0:7f:a6:52:3a:
54:b5:d0:86:a7:b6:0e:4f:e0:15:99:9e:4d:6f:4d:fc:f5:a2:
fc:d3:13:e3:a5:38:20:02:a3:52:46:4c:90:57:0f:9e:4a:69:
89:ac:b7:38:4e:87:3f:cc:e5:c1:35:71:a3:c4:bc:05:f0:00:
8c:cf:05:b2:7e:94:89:d2:8c:6a:a0:00:5d:16:9d:67:7b:9e:
00:e2:3c:ab:9e:1e:90:f8:bf:3f:4d:99:83:1d:03:68:2d:24:
80:6f:d1:e7:82:3a:f2:84:6f:c9:ff:d3:47:6d:c3:7d:07:65:
29:41:6d:a9:32:12:8e:55:f2:e4:7c:9a:9b:b0:44:8f:84:34:
3a:47:09:5f
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgIEH+ceszANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YTJhNThjNjk3YTE0NDk5NzZiMGQxMWQ2ZjEyNjAyNWUxNDA4OWM2MB4XDTIyMDcw
NTA2MTcyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWY2ZTQ4ZTU0M2U3
YjkwOWViZTJhYmIyMTY5OTdiZGU2ZDU4N2M1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOjAsyvYaxsvb5fk8DSnqDTzQq2UORm//2R2fDXY4bTDgYeO
OlJ5Z8v8UskS4TQt0vXCz229vkjylJxEu+iFhs+sa+uIdN8JSy0UK0l1gt9q6m1K
cA+Mue4wHwwcbjeUDwQDJ6PBs+V5FMcWJEyQOFTNP+NM6nSahD8uXMuCozAFjGWd
IvJ4nkLSRvg4RPrbHBEvvPKBDxCS7frimgVkAYZ2FHta3W302X/Gu2iSDAQSA55T
yHhYdfFsm0ElLBnTJB8iov9ML9ZivK00WuRNR3vCXJErLJcBqIWiFyIqd6Xqb2OA
JVz9t84LBxviFmv/NmYZFR6K3DFrG1R0YUKc2vcCAwEAAaOCAkcwggJDMB0GA1Ud
DgQWBBQfbkjlQ+e5Ceviq7IWmXvebVh8VDAfBgNVHSMEGDAWgBSqKljGl6FEmXaw
0R1vEmAl4UCJxjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FpcFl4cGVoUkpsMnNORWRieEpnSmVGQWljWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvMzE0MmE1LWQ5MmQtNGQwNi04MjI4LWJlNjIyYzMxMzJkZi8x
L0gyNUk1VVBudVFucjRxdXlGcGw3M20xWWZGUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
MzE0MmE1LWQ5MmQtNGQwNi04MjI4LWJlNjIyYzMxMzJkZi8xL3FpcFl4cGVoUkps
MnNORWRieEpnSmVGQWljWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBd
BggrBgEFBQcBBwEB/wROMEwwSgQCAAEwRAMEAwWvWAMEBi4qAAMEBC7kYAMEA4Za
mAMEA5L3IDAMAwQFsjkgAwQDsjkwAwQCuRA4AwQEvHgwAwQDwjqgAwQDwjqwMA0G
CSqGSIb3DQEBCwUAA4IBAQADN16p9RESq+XCA0FzPsh0WpYVf5WFkIzS5VmbNlNv
YXhiaFe6wmsv6832VrP9BRwP7JZvFsh6boQf/IdKRBYpAfaqISONDWPPDGuVV7lU
3A6PCz4oVy/Z+QygjJxt7fe8UQFCYa5Qhxcpb0OIZoFp6ySzwl40Psma4H+mUjpU
tdCGp7YOT+AVmZ5Nb0389aL80xPjpTggAqNSRkyQVw+eSmmJrLc4Toc/zOXBNXGj
xLwF8ACMzwWyfpSJ0oxqoABdFp1ne54A4jyrnh6Q+L8/TZmDHQNoLSSAb9Hngjry
hG/J/9NHbcN9B2UpQW2pMhKOVfLkfJqbsESPhDQ6Rwlf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:24:56 2024 by rpki-client on console-fra.rpki-client.org