Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/HznE7mbsCa1ZXYYWELIhZN6GRwQ.roa
File: HznE7mbsCa1ZXYYWELIhZN6GRwQ.roa (raw, json)
Hash identifier: twH9E57NyW/S5iL4FsxDlRWM3x0ATaqZgB1YGAN2F6Y=
Subject key identifier: 1F:39:C4:EE:66:EC:09:AD:59:5D:86:16:10:B2:21:64:DE:86:47:04
Certificate issuer: /CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Certificate serial: 18BA90CD
Authority key identifier: 95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/HznE7mbsCa1ZXYYWELIhZN6GRwQ.roa
Signing time: Sat 01 Jan 2022 04:01:57 +0000
ROA not before: Sat 01 Jan 2022 04:01:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202105
IP address blocks: 185.82.116.0/24 maxlen: 24
185.82.117.0/24 maxlen: 24
185.82.118.0/24 maxlen: 24
185.51.205.0/24 maxlen: 24
185.51.206.0/24 maxlen: 24
185.51.204.0/24 maxlen: 24
185.51.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 414879949 (0x18ba90cd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=959efe6ef97728a4282ae2c7b05a240506571f1c
Validity
Not Before: Jan 1 04:01:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1f39c4ee66ec09ad595d861610b22164de864704
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:16:30:0c:ed:84:48:c8:1d:44:04:56:75:21:
3f:11:cf:5d:fe:d1:9d:af:72:c2:3f:f4:02:63:3b:
21:e0:36:0c:51:03:b0:61:e2:30:78:1d:dc:bb:ae:
10:a0:09:48:a5:91:b5:c6:d8:1c:f8:79:31:6c:15:
74:2e:69:a8:cb:27:de:fd:48:78:90:bf:1d:0a:4e:
76:71:30:b3:ed:1f:77:62:24:99:37:a2:29:1f:7e:
c8:45:2c:b0:fa:8a:da:1d:7a:1a:7c:89:29:a5:1e:
64:b8:f6:ad:6f:59:d2:cc:59:fc:38:7a:12:21:57:
34:96:3c:c4:33:b5:0b:75:d8:33:ef:27:73:b8:25:
f4:2e:37:bb:ca:40:bb:73:34:d8:1c:ef:1c:73:26:
dd:15:21:91:37:de:76:54:09:fc:9f:30:bf:e8:bd:
1a:4b:3e:e8:8e:12:35:38:fb:fe:64:f8:eb:2d:ab:
10:21:b8:8c:74:6b:24:5c:8f:55:d2:54:12:0d:c3:
f6:31:db:d8:82:14:4e:af:0a:74:45:02:f9:e6:c9:
e7:2a:eb:8a:4d:51:90:e1:e5:9e:69:81:35:e5:cf:
2c:11:0c:6b:89:1e:7d:95:f6:35:04:0d:77:45:0e:
fb:25:ab:8e:cb:9d:a5:5b:c6:97:69:40:9e:a0:2a:
52:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:39:C4:EE:66:EC:09:AD:59:5D:86:16:10:B2:21:64:DE:86:47:04
X509v3 Authority Key Identifier:
keyid:95:9E:FE:6E:F9:77:28:A4:28:2A:E2:C7:B0:5A:24:05:06:57:1F:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lZ7-bvl3KKQoKuLHsFokBQZXHxw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/HznE7mbsCa1ZXYYWELIhZN6GRwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8c1e49-7dd1-448d-8815-a09266bb4d8c/1/lZ7-bvl3KKQoKuLHsFokBQZXHxw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.204.0/22
185.82.116.0-185.82.118.255
Signature Algorithm: sha256WithRSAEncryption
2c:dd:72:f2:36:6e:9a:88:29:97:99:1b:78:82:c4:df:4b:eb:
90:8f:ab:49:58:a3:ff:8e:7c:23:95:3b:45:8c:a3:40:8a:6f:
20:ef:3e:4c:51:a3:a7:9c:94:9e:c3:a4:e0:82:48:2d:56:35:
ca:5c:e9:f0:55:4f:33:dd:cb:aa:2e:5a:8c:0b:20:ee:7a:ef:
d7:ac:c4:10:ea:32:1f:96:10:80:97:f7:73:21:38:d0:e7:b2:
d0:a0:06:d0:e6:cd:df:67:63:6a:ed:84:e5:8e:98:81:6f:fe:
f8:97:8c:81:cd:75:3f:d4:6b:8b:38:c1:bc:95:11:3b:e2:5d:
79:c8:b1:cc:8b:ab:d8:1b:2d:a9:72:61:9a:79:e6:3e:08:e7:
f4:98:6b:a2:68:f5:8d:84:95:69:31:d2:ec:f5:43:19:38:02:
38:ea:88:e7:ee:07:ed:89:28:c5:f1:3a:c7:e6:84:66:03:5b:
4b:72:23:d2:5e:39:44:68:c8:20:26:94:e5:60:c5:b2:bc:2d:
a6:2c:61:93:76:05:ed:90:0c:38:c7:88:06:75:7e:35:dd:20:
cf:91:53:f0:ac:db:04:1d:1b:9d:ca:f7:b2:a3:8a:ca:b4:9d:
4b:ab:17:a1:5f:be:31:32:5b:9c:48:ea:ef:fa:af:28:c5:3e:
7f:45:2b:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgIEGLqQzTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTllZmU2ZWY5NzcyOGE0MjgyYWUyYzdiMDVhMjQwNTA2NTcxZjFjMB4XDTIyMDEw
MTA0MDE1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWYzOWM0ZWU2NmVj
MDlhZDU5NWQ4NjE2MTBiMjIxNjRkZTg2NDcwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4WMAzthEjIHUQEVnUhPxHPXf7Rna9ywj/0AmM7IeA2DFED
sGHiMHgd3LuuEKAJSKWRtcbYHPh5MWwVdC5pqMsn3v1IeJC/HQpOdnEws+0fd2Ik
mTeiKR9+yEUssPqK2h16GnyJKaUeZLj2rW9Z0sxZ/Dh6EiFXNJY8xDO1C3XYM+8n
c7gl9C43u8pAu3M02BzvHHMm3RUhkTfedlQJ/J8wv+i9Gks+6I4SNTj7/mT46y2r
ECG4jHRrJFyPVdJUEg3D9jHb2IIUTq8KdEUC+ebJ5yrrik1RkOHlnmmBNeXPLBEM
a4kefZX2NQQNd0UO+yWrjsudpVvGl2lAnqAqUtMCAwEAAaOCAhcwggITMB0GA1Ud
DgQWBBQfOcTuZuwJrVldhhYQsiFk3oZHBDAfBgNVHSMEGDAWgBSVnv5u+XcopCgq
4sewWiQFBlcfHDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xaNy1idmwzS0tRb0t1TEhzRm9rQlFaWEh4dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDUvOGMxZTQ5LTdkZDEtNDQ4ZC04ODE1LWEwOTI2NmJiNGQ4Yy8x
L0h6bkU3bWJzQ2ExWlhZWVdFTEloWk42R1J3US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDUv
OGMxZTQ5LTdkZDEtNDQ4ZC04ODE1LWEwOTI2NmJiNGQ4Yy8xL2xaNy1idmwzS0tR
b0t1TEhzRm9rQlFaWEh4dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAt
BggrBgEFBQcBBwEB/wQeMBwwGgQCAAEwFAMEArkzzDAMAwQCuVJ0AwQAuVJ2MA0G
CSqGSIb3DQEBCwUAA4IBAQAs3XLyNm6aiCmXmRt4gsTfS+uQj6tJWKP/jnwjlTtF
jKNAim8g7z5MUaOnnJSew6TggkgtVjXKXOnwVU8z3cuqLlqMCyDueu/XrMQQ6jIf
lhCAl/dzITjQ57LQoAbQ5s3fZ2Nq7YTljpiBb/74l4yBzXU/1GuLOMG8lRE74l15
yLHMi6vYGy2pcmGaeeY+COf0mGuiaPWNhJVpMdLs9UMZOAI46ojn7gftiSjF8TrH
5oRmA1tLciPSXjlEaMggJpTlYMWyvC2mLGGTdgXtkAw4x4gGdX413SDPkVPwrNsE
HRudyveyo4rKtJ1LqxehX74xMlucSOrv+q8oxT5/RSsf
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:27:26 2024 by rpki-client on console-fra.rpki-client.org