Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/hHP7fBg2n7KdlqYO59TAAZZUSr8.roa
File: hHP7fBg2n7KdlqYO59TAAZZUSr8.roa (raw, json)
Hash identifier: 5HL9Fd3/a6lZnruQ6c/xhe+kSWDoq6rP3rrjK2pWSh4=
Subject key identifier: 84:73:FB:7C:18:36:9F:B2:9D:96:A6:0E:E7:D4:C0:01:96:54:4A:BF
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0187805279C54841115BFB3681BAFA2E8AB0
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/hHP7fBg2n7KdlqYO59TAAZZUSr8.roa
Signing time: Fri 14 Apr 2023 15:11:41 +0000
ROA not before: Fri 14 Apr 2023 15:11:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 286
IP address blocks: 62.132.116.0/23 maxlen: 23
62.132.114.0/23 maxlen: 23
192.129.32.0/23 maxlen: 24
192.129.36.0/24 maxlen: 24
62.132.132.0/23 maxlen: 23
192.129.43.0/24 maxlen: 24
192.129.44.0/24 maxlen: 24
192.129.46.0/24 maxlen: 24
192.129.48.0/24 maxlen: 24
62.41.160.0/24 maxlen: 24
193.141.0.0/23 maxlen: 23
194.45.4.0/23 maxlen: 23
192.129.56.0/24 maxlen: 24
192.129.54.0/24 maxlen: 24
193.141.2.0/24 maxlen: 24
62.41.80.0/22 maxlen: 22
62.41.84.0/23 maxlen: 23
62.41.102.0/24 maxlen: 24
193.242.80.0/20 maxlen: 20
194.45.98.0/23 maxlen: 23
192.16.202.0/24 maxlen: 24
194.121.52.0/22 maxlen: 22
194.45.12.0/23 maxlen: 23
193.141.44.0/23 maxlen: 23
193.141.40.0/22 maxlen: 22
194.45.47.0/24 maxlen: 24
194.45.182.0/23 maxlen: 23
92.71.0.0/17 maxlen: 17
192.67.190.0/23 maxlen: 23
192.67.192.0/22 maxlen: 22
192.67.196.0/24 maxlen: 24
193.141.140.0/23 maxlen: 23
62.41.16.0/21 maxlen: 21
62.132.0.0/22 maxlen: 22
62.41.24.0/22 maxlen: 22
62.132.16.0/22 maxlen: 22
62.41.37.0/24 maxlen: 24
62.41.32.0/24 maxlen: 24
62.132.24.0/23 maxlen: 23
62.132.28.0/24 maxlen: 24
92.71.128.0/18 maxlen: 18
62.132.42.0/23 maxlen: 23
62.41.56.0/21 maxlen: 21
194.41.62.0/24 maxlen: 24
62.41.64.0/20 maxlen: 20
192.54.104.0/24 maxlen: 24
62.41.0.0/20 maxlen: 20
2a00:1750::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:80:52:79:c5:48:41:11:5b:fb:36:81:ba:fa:2e:8a:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Apr 14 15:11:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8473fb7c18369fb29d96a60ee7d4c00196544abf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f5:3f:32:b4:1e:e2:d5:f3:71:38:7d:8c:ba:
a9:f1:ad:49:09:d7:a8:44:42:7f:99:f7:49:09:c9:
73:96:07:3b:1c:cc:97:ee:33:b2:e3:b5:c9:f1:ca:
b1:96:a7:8f:3f:30:a2:a0:20:17:70:04:cd:32:09:
3e:e7:f6:f6:e8:0a:e0:05:d3:e6:c3:46:06:7e:1e:
0c:e3:6e:fa:3f:a5:65:3e:69:f1:d0:ce:fa:50:e3:
33:60:92:b6:30:f4:d5:7b:a3:dd:7c:ce:f1:de:2d:
37:63:02:44:7c:6d:1f:41:ed:59:03:54:9d:91:1f:
aa:7e:f7:c9:2a:f0:38:40:07:14:1b:24:6c:8e:39:
21:27:0e:cf:b1:d5:73:39:2e:57:91:3f:33:0a:c8:
37:bb:c8:ea:67:93:05:ae:0b:0d:b0:ec:84:46:44:
5f:02:bf:b4:c7:5a:4f:8d:bb:05:7a:a5:2a:a6:42:
61:4c:9e:e2:67:54:e2:30:89:46:93:f2:b4:a0:ea:
b1:a6:27:2b:77:13:4c:a2:c8:25:2f:93:2b:1f:c1:
2e:bc:63:d6:71:75:e6:47:6a:4d:02:6c:b6:b0:5a:
30:65:a0:bc:41:95:d2:44:f2:9e:10:a9:e7:7f:3a:
21:2c:3a:e7:db:9f:48:45:38:cb:dc:06:eb:7d:de:
c8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:73:FB:7C:18:36:9F:B2:9D:96:A6:0E:E7:D4:C0:01:96:54:4A:BF
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/hHP7fBg2n7KdlqYO59TAAZZUSr8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.41.0.0-62.41.27.255
62.41.32.0/24
62.41.37.0/24
62.41.56.0-62.41.85.255
62.41.102.0/24
62.41.160.0/24
62.132.0.0/22
62.132.16.0/22
62.132.24.0/23
62.132.28.0/24
62.132.42.0/23
62.132.114.0-62.132.117.255
62.132.132.0/23
92.71.0.0-92.71.191.255
192.16.202.0/24
192.54.104.0/24
192.67.190.0-192.67.196.255
192.129.32.0/23
192.129.36.0/24
192.129.43.0-192.129.44.255
192.129.46.0/24
192.129.48.0/24
192.129.54.0/24
192.129.56.0/24
193.141.0.0-193.141.2.255
193.141.40.0-193.141.45.255
193.141.140.0/23
193.242.80.0/20
194.41.62.0/24
194.45.4.0/23
194.45.12.0/23
194.45.47.0/24
194.45.98.0/23
194.45.182.0/23
194.121.52.0/22
IPv6:
2a00:1750::/32
Signature Algorithm: sha256WithRSAEncryption
14:fb:d5:27:d2:db:cd:b9:f7:be:db:61:c6:03:95:49:df:ec:
55:43:ed:5a:e6:20:4d:34:bd:b7:ba:c5:a5:d9:2d:a5:f0:dd:
92:cb:38:0e:36:b3:1d:a2:45:d3:bf:de:5f:6f:f8:99:e8:f0:
58:33:1c:05:5a:e3:7e:10:76:82:aa:62:d5:d2:d9:ba:bb:ff:
e1:e4:bd:dc:60:8f:d9:6f:90:be:87:6a:a0:1c:27:de:ce:f0:
2d:5f:41:fa:1f:91:ff:70:12:17:38:aa:af:86:ed:55:69:ba:
42:3b:a5:ea:a0:60:14:78:e3:63:e7:d2:b4:04:da:4a:66:35:
39:19:30:2c:69:b3:90:30:d2:6c:0b:15:e6:8d:79:98:26:f9:
24:86:2b:4e:cf:f8:66:36:ec:b0:b8:69:11:a3:e8:46:78:53:
2f:67:ec:c8:c0:e0:d8:02:88:57:c9:fb:fe:18:10:4f:f3:90:
7f:df:d7:54:aa:d6:cc:dd:05:bb:0b:4d:82:76:31:bd:3a:0a:
f1:9a:33:a6:7d:47:bd:d2:8a:07:69:19:5b:88:26:a3:83:f4:
9a:f0:46:04:5d:c0:9d:1f:be:ef:c6:00:61:0f:c5:04:9b:d2:
04:4c:9e:ed:87:cf:d8:84:2f:71:7c:68:28:f7:e7:8a:58:42:
dd:73:b1:6d
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgISAYeAUnnFSEERW/s2gbr6LoqwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjMwNDE0MTUxMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDczZmI3YzE4MzY5ZmIyOWQ5NmE2MGVlN2Q0YzAwMTk2NTQ0YWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfU/MrQe4tXzcTh9jLqp8a1JCdeo
REJ/mfdJCclzlgc7HMyX7jOy47XJ8cqxlqePPzCioCAXcATNMgk+5/b26ArgBdPm
w0YGfh4M4276P6VlPmnx0M76UOMzYJK2MPTVe6PdfM7x3i03YwJEfG0fQe1ZA1Sd
kR+qfvfJKvA4QAcUGyRsjjkhJw7PsdVzOS5XkT8zCsg3u8jqZ5MFrgsNsOyERkRf
Ar+0x1pPjbsFeqUqpkJhTJ7iZ1TiMIlGk/K0oOqxpicrdxNMosglL5MrH8EuvGPW
cXXmR2pNAmy2sFowZaC8QZXSRPKeEKnnfzohLDrn259IRTjL3Abrfd7IXQIDAQAB
o4IDKzCCAycwHQYDVR0OBBYEFIRz+3wYNp+ynZamDufUwAGWVEq/MB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvaEhQN2ZCZzJuN0tkbHFZTzU5VEFBWlpVU3I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPwYIKwYBBQUHAQcBAf8EggEuMIIBKjCCARcEAgABMIIB
DzALAwMAPikDBAI+KRgDBAA+KSADBAA+KSUwDAMEAz4pOAMEAT4pVAMEAD4pZgME
AD4poAMEAj6EAAMEAj6EEAMEAT6EGAMEAD6EHAMEAT6EKjAMAwQBPoRyAwQBPoR0
AwQBPoSEMAsDAwBcRwMEBlxHgAMEAMAQygMEAMA2aDAMAwQBwEO+AwQAwEPEAwQB
wIEgAwQAwIEkMAwDBADAgSsDBADAgSwDBADAgS4DBADAgTADBADAgTYDBADAgTgw
CwMDAMGNAwQAwY0CMAwDBAPBjSgDBAHBjSwDBAHBjYwDBATB8lADBADCKT4DBAHC
LQQDBAHCLQwDBADCLS8DBAHCLWIDBAHCLbYDBALCeTQwDQQCAAIwBwMFACoAF1Aw
DQYJKoZIhvcNAQELBQADggEBABT71SfS2825977bYcYDlUnf7FVD7VrmIE00vbe6
xaXZLaXw3ZLLOA42sx2iRdO/3l9v+Jno8FgzHAVa434QdoKqYtXS2bq7/+Hkvdxg
j9lvkL6HaqAcJ97O8C1fQfofkf9wEhc4qq+G7VVpukI7peqgYBR442Pn0rQE2kpm
NTkZMCxps5Aw0mwLFeaNeZgm+SSGK07P+GY27LC4aRGj6EZ4Uy9n7MjA4NgCiFfJ
+/4YEE/zkH/f11Sq1szdBbsLTYJ2Mb06CvGaM6Z9R73SigdpGVuIJqOD9JrwRgRd
wJ0fvu/GAGEPxQSb0gRMnu2Hz9iEL3F8aCj354pYQt1zsW0=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:23:16 2025 by rpki-client