Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/HUIKDzMaf-1x8tOBecBYH3ioKSw.roa
File: HUIKDzMaf-1x8tOBecBYH3ioKSw.roa (raw, json)
Hash identifier: gXBABFJxPWF2hw4GtEvCKkwE23AQCQahEht5kEt7olo=
Subject key identifier: 1D:42:0A:0F:33:1A:7F:ED:71:F2:D3:81:79:C0:58:1F:78:A8:29:2C
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 0187DBBEBD8969FACFDC77CE2817B3F09111
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/HUIKDzMaf-1x8tOBecBYH3ioKSw.roa
Signing time: Tue 02 May 2023 09:15:23 +0000
ROA not before: Tue 02 May 2023 09:15:23 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29518
IP address blocks: 94.255.128.0/17 maxlen: 17
91.191.128.0/20 maxlen: 20
31.208.0.0/16 maxlen: 16
217.118.208.0/20 maxlen: 20
213.185.16.0/23 maxlen: 23
217.72.56.0/22 maxlen: 22
217.72.54.0/24 maxlen: 24
213.185.12.0/22 maxlen: 22
217.72.52.0/23 maxlen: 23
213.185.24.0/24 maxlen: 24
213.185.20.0/23 maxlen: 23
217.72.62.0/24 maxlen: 24
217.72.60.0/23 maxlen: 23
195.238.255.0/24 maxlen: 24
213.185.26.0/24 maxlen: 24
193.23.57.0/24 maxlen: 24
89.233.192.0/18 maxlen: 18
213.185.4.0/24 maxlen: 24
213.185.10.0/24 maxlen: 24
213.185.8.0/23 maxlen: 23
213.185.7.0/24 maxlen: 24
213.185.6.0/24 maxlen: 24
89.160.0.0/17 maxlen: 17
62.220.160.0/19 maxlen: 19
31.209.0.0/18 maxlen: 18
217.78.32.0/20 maxlen: 20
82.209.128.0/18 maxlen: 18
87.251.192.0/19 maxlen: 19
83.219.192.0/19 maxlen: 19
185.113.96.0/22 maxlen: 22
213.142.0.0/19 maxlen: 19
217.76.80.0/20 maxlen: 20
46.162.64.0/18 maxlen: 18
83.233.0.0/16 maxlen: 16
217.115.32.0/19 maxlen: 19
2a00:1598::/29 maxlen: 29
2001:9c8::/29 maxlen: 29
2a02:7b8::/32 maxlen: 32
2a00:8280::/32 maxlen: 32
2a02:23c0::/32 maxlen: 32
2a01:b700::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:db:be:bd:89:69:fa:cf:dc:77:ce:28:17:b3:f0:91:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: May 2 09:15:23 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=1d420a0f331a7fed71f2d38179c0581f78a8292c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a7:b4:3e:42:d1:a9:c1:97:c2:f6:7f:ad:bf:
63:69:4c:8d:a9:1f:8e:aa:8d:d7:95:80:61:24:20:
58:ea:f1:7e:9d:d1:28:68:ff:dc:4f:a6:31:ff:79:
6b:45:6d:0e:76:40:7e:72:2c:46:58:b8:a3:40:46:
b1:ad:8e:23:70:3a:f1:96:07:66:ed:3a:c9:27:89:
e8:5b:c0:aa:e7:de:85:b9:79:13:ae:18:21:36:4b:
42:07:8d:bd:cb:56:a2:28:40:a8:85:93:9b:5f:9e:
4b:61:27:41:dc:ba:af:20:97:01:ee:90:8b:6d:7f:
9e:93:5d:2f:c3:dd:f9:33:5d:f5:32:02:1b:13:1e:
b2:6d:c0:73:ab:bd:1f:4b:ea:36:67:03:cf:05:31:
06:39:91:5e:8b:20:25:8c:3c:8f:93:68:3f:cf:89:
4b:db:04:24:15:d9:00:c0:1c:65:69:68:24:c1:9c:
a7:fb:88:b0:2d:04:0f:79:59:16:9a:5a:df:4d:8b:
2c:0a:d3:2c:79:61:51:52:a3:ba:89:47:d2:f6:89:
6b:83:f0:0a:c4:14:91:b5:13:47:69:39:5e:45:0d:
ef:9d:91:19:3f:f3:a6:58:d7:64:c9:ce:1c:f4:94:
c1:7d:02:b1:44:c2:d4:95:4b:3a:be:4c:ed:e5:bc:
d2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:42:0A:0F:33:1A:7F:ED:71:F2:D3:81:79:C0:58:1F:78:A8:29:2C
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/HUIKDzMaf-1x8tOBecBYH3ioKSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.208.0.0-31.209.63.255
46.162.64.0/18
62.220.160.0/19
82.209.128.0/18
83.219.192.0/19
83.233.0.0/16
87.251.192.0/19
89.160.0.0/17
89.233.192.0/18
91.191.128.0/20
94.255.128.0/17
185.113.96.0/22
193.23.57.0/24
195.238.255.0/24
213.142.0.0/19
213.185.4.0/24
213.185.6.0-213.185.10.255
213.185.12.0-213.185.17.255
213.185.20.0/23
213.185.24.0/24
213.185.26.0/24
217.72.52.0-217.72.54.255
217.72.56.0-217.72.62.255
217.76.80.0/20
217.78.32.0/20
217.115.32.0/19
217.118.208.0/20
IPv6:
2001:9c8::/29
2a00:1598::/29
2a00:8280::/32
2a01:b700::/32
2a02:7b8::/32
2a02:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
5a:c3:95:0a:d3:b6:38:fb:f3:27:3f:a1:c2:3c:68:1e:ea:c8:
f4:a7:32:40:fb:ad:f4:05:6f:a7:22:f0:6d:f2:5b:53:3e:00:
7e:6d:54:e5:c4:fc:7b:4a:4a:c4:dc:17:78:87:17:a5:99:eb:
c5:f0:c4:26:c1:db:e3:cc:45:6d:54:c3:3e:8f:a6:f0:f7:ab:
b8:c1:b9:55:c1:a8:20:e0:dd:17:b0:ac:0d:53:d4:ee:3e:86:
3b:26:d5:03:4b:54:c8:2a:9a:aa:76:86:72:f1:16:20:b1:8d:
43:b4:eb:8c:bb:dd:cd:76:1d:49:98:c1:3c:00:cc:0a:cc:0c:
1b:51:85:f4:b3:81:7c:65:24:59:8c:a5:8b:4f:b3:94:07:cb:
74:cb:ab:19:57:d3:ac:36:b9:f8:c4:19:21:e6:01:dc:c1:0c:
79:ce:65:61:30:ac:a1:f0:3f:c1:52:5a:b9:e8:fd:2e:5d:5e:
cf:13:c4:2f:db:41:6d:92:02:05:6b:79:2d:41:ba:18:f3:ad:
75:84:d8:b9:7e:b3:5a:f6:58:73:b6:19:6a:e7:53:b5:10:5a:
83:06:e0:1c:e3:83:f4:2d:06:5c:eb:e8:48:d4:32:59:b4:4e:
8b:23:32:6c:17:50:97:48:05:b7:1e:9f:8b:c7:b8:93:60:76:
aa:c2:57:71
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAYfbvr2JafrP3HfOKBez8JERMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjMwNTAyMDkxNTIzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDQyMGEwZjMzMWE3ZmVkNzFmMmQzODE3OWMwNTgxZjc4YTgyOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqe0PkLRqcGXwvZ/rb9jaUyNqR+O
qo3XlYBhJCBY6vF+ndEoaP/cT6Yx/3lrRW0OdkB+cixGWLijQEaxrY4jcDrxlgdm
7TrJJ4noW8Cq596FuXkTrhghNktCB429y1aiKECohZObX55LYSdB3LqvIJcB7pCL
bX+ek10vw935M131MgIbEx6ybcBzq70fS+o2ZwPPBTEGOZFeiyAljDyPk2g/z4lL
2wQkFdkAwBxlaWgkwZyn+4iwLQQPeVkWmlrfTYssCtMseWFRUqO6iUfS9olrg/AK
xBSRtRNHaTleRQ3vnZEZP/OmWNdkyc4c9JTBfQKxRMLUlUs6vkzt5bzSIwIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFB1CCg8zGn/tcfLTgXnAWB94qCksMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvSFVJS0R6TWFmLTF4OHRPQmVjQllIM2lvS1N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBGQYIKwYBBQUHAQcBAf8EggEIMIIBBDCBzwQCAAEwgcgw
CwMDBB/QAwQGH9EAAwQGLqJAAwQFPtygAwQGUtGAAwQFU9vAAwMAU+kDBAVX+8AD
BAdZoAADBAZZ6cADBARbv4ADBAde/4ADBAK5cWADBADBFzkDBADD7v8DBAXVjgAD
BADVuQQwDAMEAdW5BgMEANW5CjAMAwQC1bkMAwQB1bkQAwQB1bkUAwQA1bkYAwQA
1bkaMAwDBALZSDQDBADZSDYwDAMEA9lIOAMEANlIPgMEBNlMUAMEBNlOIAMEBdlz
IAMEBNl20DAwBAIAAjAqAwUDIAEJyAMFAyoAFZgDBQAqAIKAAwUAKgG3AAMFACoC
B7gDBQAqAiPAMA0GCSqGSIb3DQEBCwUAA4IBAQBaw5UK07Y4+/MnP6HCPGge6sj0
pzJA+630BW+nIvBt8ltTPgB+bVTlxPx7SkrE3Bd4hxelmevF8MQmwdvjzEVtVMM+
j6bw96u4wblVwagg4N0XsKwNU9TuPoY7JtUDS1TIKpqqdoZy8RYgsY1DtOuMu93N
dh1JmME8AMwKzAwbUYX0s4F8ZSRZjKWLT7OUB8t0y6sZV9OsNrn4xBkh5gHcwQx5
zmVhMKyh8D/BUlq56P0uXV7PE8Qv20FtkgIFa3ktQboY8611hNi5frNa9lhzthlq
51O1EFqDBuAc44P0LQZc6+hI1DJZtE6LIzJsF1CXSAW3Hp+Lx7iTYHaqwldx
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:11:19 2025 by rpki-client