Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/HHPVn8AmS7F6AVA6dCVYJLFAhNA.roa
File: HHPVn8AmS7F6AVA6dCVYJLFAhNA.roa (raw, json)
Hash identifier: dZf1cFds4pSFsULh6YL5t8+RiIaRO9R7u0wo3vNb32g=
Subject key identifier: 1C:73:D5:9F:C0:26:4B:B1:7A:01:50:3A:74:25:58:24:B1:40:84:D0
Certificate issuer: /CN=34077b41e98873e7f06fb1df3f5d39c721b1343f
Certificate serial: 13C226A1
Authority key identifier: 34:07:7B:41:E9:88:73:E7:F0:6F:B1:DF:3F:5D:39:C7:21:B1:34:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/HHPVn8AmS7F6AVA6dCVYJLFAhNA.roa
Signing time: Wed 25 May 2022 05:11:13 +0000
ROA not before: Wed 25 May 2022 05:11:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8449
IP address blocks: 185.54.252.0/22 maxlen: 24
212.42.96.0/19 maxlen: 24
77.95.56.0/21 maxlen: 24
31.192.249.0/24 maxlen: 24
31.192.248.0/21 maxlen: 24
94.143.192.0/21 maxlen: 24
5.57.8.0/21 maxlen: 24
2a00:7160::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 331490977 (0x13c226a1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34077b41e98873e7f06fb1df3f5d39c721b1343f
Validity
Not Before: May 25 05:11:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c73d59fc0264bb17a01503a74255824b14084d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:de:0f:5a:fe:bc:a9:a0:ae:61:2a:73:f6:85:
3f:fd:6a:bf:b2:84:58:c1:51:08:bd:79:d1:ea:fc:
4b:a7:15:52:5e:32:3f:69:eb:69:59:7a:af:05:bc:
c4:81:7b:28:47:69:b4:8c:a9:68:83:79:28:9b:bb:
85:fc:98:eb:3a:4e:c7:de:37:55:4e:98:8f:8f:52:
ec:c6:c1:2f:20:75:82:56:ac:2f:7f:08:42:42:59:
88:41:b5:2a:47:b0:fa:ce:d1:0e:64:3f:aa:35:5a:
62:ea:81:f5:b3:92:b1:3e:90:37:8d:ba:b1:09:6b:
97:71:e1:2b:7b:e4:b4:9d:d0:4e:91:0b:1b:81:1c:
82:03:91:99:83:26:1e:cf:89:a4:94:d1:74:9e:ae:
66:71:ae:74:73:f4:c2:34:5f:74:ef:59:2b:a0:87:
95:51:d8:69:27:de:c7:08:5d:8e:64:ba:55:7e:a8:
de:41:b1:3b:8d:a0:19:3b:ff:e1:aa:e0:d5:ef:5c:
d0:0b:41:17:96:d1:b8:7a:f0:25:27:d7:6a:39:eb:
18:78:5e:a2:70:26:2a:5b:37:2c:04:45:2a:91:b0:
2a:18:73:15:69:e8:d4:82:46:07:79:9d:13:50:d1:
79:b0:17:fd:a8:da:31:d0:b7:1e:57:6f:20:d5:07:
aa:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:73:D5:9F:C0:26:4B:B1:7A:01:50:3A:74:25:58:24:B1:40:84:D0
X509v3 Authority Key Identifier:
keyid:34:07:7B:41:E9:88:73:E7:F0:6F:B1:DF:3F:5D:39:C7:21:B1:34:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NAd7QemIc-fwb7HfP105xyGxND8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/HHPVn8AmS7F6AVA6dCVYJLFAhNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/448800-829e-4b7a-92c4-cb7cbca7c1e0/1/NAd7QemIc-fwb7HfP105xyGxND8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.8.0/21
31.192.248.0/21
77.95.56.0/21
94.143.192.0/21
185.54.252.0/22
212.42.96.0/19
IPv6:
2a00:7160::/32
Signature Algorithm: sha256WithRSAEncryption
ca:4e:87:80:c3:86:85:51:ee:83:66:24:65:e1:d5:6e:51:1f:
5e:69:de:7c:30:c6:6b:72:1e:69:4d:da:55:0e:b1:c8:1e:e6:
a9:66:b6:25:09:96:04:57:33:3f:3f:a0:11:5f:0d:28:be:c7:
e8:93:2d:57:6d:0e:66:92:96:f8:69:c6:86:a1:bd:07:22:ed:
fc:5e:55:98:26:ed:3a:b7:3a:30:88:8c:5a:b6:67:38:23:fb:
1b:37:82:49:0b:d9:58:02:95:3f:b2:13:7a:de:61:cf:af:4e:
0b:32:07:d7:50:09:48:7c:54:b6:65:91:a8:2a:4f:78:7e:66:
c7:0e:52:d5:5a:cc:d2:9e:49:0f:c3:a3:49:b3:d5:bd:67:c1:
c2:23:0e:ab:0a:4c:ed:9f:d1:94:30:b3:0a:37:d9:4c:84:ee:
7f:39:5a:ef:dd:0f:a8:e6:a3:aa:f7:a0:7f:e1:3a:2f:ab:e1:
cc:42:15:ec:32:ed:cd:6c:48:5b:f7:95:a0:c0:68:be:73:64:
99:a5:04:2e:3c:c6:8c:02:76:9a:23:d5:c1:41:22:e1:12:8e:
ca:91:db:65:e4:18:43:16:7e:3b:3a:31:fb:e2:b6:01:1f:db:
e6:2f:fe:27:4b:82:c2:43:76:a0:66:7c:d7:e2:34:7c:06:ac:
9e:94:6e:5e
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEE8ImoTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDA3N2I0MWU5ODg3M2U3ZjA2ZmIxZGYzZjVkMzljNzIxYjEzNDNmMB4XDTIyMDUy
NTA1MTExM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM3M2Q1OWZjMDI2
NGJiMTdhMDE1MDNhNzQyNTU4MjRiMTQwODRkMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI3eD1r+vKmgrmEqc/aFP/1qv7KEWMFRCL150er8S6cVUl4y
P2nraVl6rwW8xIF7KEdptIypaIN5KJu7hfyY6zpOx943VU6Yj49S7MbBLyB1glas
L38IQkJZiEG1Kkew+s7RDmQ/qjVaYuqB9bOSsT6QN426sQlrl3HhK3vktJ3QTpEL
G4EcggORmYMmHs+JpJTRdJ6uZnGudHP0wjRfdO9ZK6CHlVHYaSfexwhdjmS6VX6o
3kGxO42gGTv/4arg1e9c0AtBF5bRuHrwJSfXajnrGHheonAmKls3LARFKpGwKhhz
FWno1IJGB3mdE1DRebAX/ajaMdC3HldvINUHqgECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQcc9WfwCZLsXoBUDp0JVgksUCE0DAfBgNVHSMEGDAWgBQ0B3tB6Yhz5/Bv
sd8/XTnHIbE0PzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05BZDdRZW1JYy1md2I3SGZQMTA1eHlHeE5EOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2QvNDQ4ODAwLTgyOWUtNGI3YS05MmM0LWNiN2NiY2E3YzFlMC8x
L0hIUFZuOEFtUzdGNkFWQTZkQ1ZZSkxGQWhOQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Qv
NDQ4ODAwLTgyOWUtNGI3YS05MmM0LWNiN2NiY2E3YzFlMC8xL05BZDdRZW1JYy1m
d2I3SGZQMTA1eHlHeE5EOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAwU5CAMEAx/A+AMEA01fOAMEA16P
wAMEArk2/AMEBdQqYDANBAIAAjAHAwUAKgBxYDANBgkqhkiG9w0BAQsFAAOCAQEA
yk6HgMOGhVHug2YkZeHVblEfXmnefDDGa3IeaU3aVQ6xyB7mqWa2JQmWBFczPz+g
EV8NKL7H6JMtV20OZpKW+GnGhqG9ByLt/F5VmCbtOrc6MIiMWrZnOCP7GzeCSQvZ
WAKVP7ITet5hz69OCzIH11AJSHxUtmWRqCpPeH5mxw5S1VrM0p5JD8OjSbPVvWfB
wiMOqwpM7Z/RlDCzCjfZTITufzla790PqOajqvegf+E6L6vhzEIV7DLtzWxIW/eV
oMBovnNkmaUELjzGjAJ2miPVwUEi4RKOypHbZeQYQxZ+Ozox++K2AR/b5i/+J0uC
wkN2oGZ81+I0fAasnpRuXg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:05 2025 by rpki-client