Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/cHPRV8kQ5_vXK-ph8aFkrKjf53A.roa
File: cHPRV8kQ5_vXK-ph8aFkrKjf53A.roa (raw, json)
Hash identifier: n0z+8hajvUaKMSCvXFWCue2lhfyMPLoV+zYwUtfB1pg=
Subject key identifier: 70:73:D1:57:C9:10:E7:FB:D7:2B:EA:61:F1:A1:64:AC:A8:DF:E7:70
Certificate issuer: /CN=d629010cdb0b312c32e07aaf9b720d73d3bcd3ab
Certificate serial: 07207723
Authority key identifier: D6:29:01:0C:DB:0B:31:2C:32:E0:7A:AF:9B:72:0D:73:D3:BC:D3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/cHPRV8kQ5_vXK-ph8aFkrKjf53A.roa
Signing time: Tue 03 May 2022 06:40:26 +0000
ROA not before: Tue 03 May 2022 06:40:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206757
IP address blocks: 195.10.218.0/24 maxlen: 24
203.78.160.0/24 maxlen: 24
116.204.252.0/22 maxlen: 24
185.218.236.0/22 maxlen: 24
45.147.16.0/22 maxlen: 24
193.16.151.0/24 maxlen: 24
193.16.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 119568163 (0x7207723)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d629010cdb0b312c32e07aaf9b720d73d3bcd3ab
Validity
Not Before: May 3 06:40:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7073d157c910e7fbd72bea61f1a164aca8dfe770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:94:f0:76:2d:78:94:ef:10:09:97:0a:79:dd:
33:a0:30:b1:d6:35:22:7b:62:27:82:e2:b2:99:3c:
9a:b9:fb:66:e7:5f:02:5b:eb:18:9f:19:b3:ae:5f:
3c:45:e9:30:1c:82:2e:79:83:23:ce:60:2e:40:a5:
d4:f2:8f:09:70:6f:9b:28:a3:71:ed:52:e3:48:b4:
f0:5f:59:db:a2:1b:a1:68:6c:0b:c9:7a:21:94:40:
ef:49:5f:e9:3c:cd:30:bd:a9:f3:38:ca:a7:ee:3e:
d5:d2:37:73:34:67:7a:64:51:a5:8c:e1:e6:e4:ba:
d5:86:57:54:e0:f9:72:4d:9b:1f:09:d9:8c:c3:78:
3c:93:32:23:e9:10:44:81:d7:35:05:cb:eb:9d:9d:
3d:25:a2:1f:2c:99:66:58:76:74:f0:34:91:2a:01:
6d:4e:cc:0e:d7:81:af:7a:87:04:7d:63:6c:70:41:
69:f6:ea:fb:02:d6:d3:e2:bc:2f:d2:31:48:57:76:
2d:0a:dc:87:a9:9c:8a:96:8e:fc:ae:fe:6f:32:26:
e3:d4:9f:2a:3f:12:74:05:c8:48:30:fd:17:19:1f:
2c:fc:ef:39:81:54:2a:ea:f9:4e:0b:f1:a0:02:a1:
e9:2f:c3:9d:da:9c:71:0e:f3:b1:02:49:18:c1:48:
ce:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:73:D1:57:C9:10:E7:FB:D7:2B:EA:61:F1:A1:64:AC:A8:DF:E7:70
X509v3 Authority Key Identifier:
keyid:D6:29:01:0C:DB:0B:31:2C:32:E0:7A:AF:9B:72:0D:73:D3:BC:D3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/cHPRV8kQ5_vXK-ph8aFkrKjf53A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/1ikBDNsLMSwy4Hqvm3INc9O806s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.16.0/22
116.204.252.0/22
185.218.236.0/22
193.16.151.0/24
193.16.156.0/24
195.10.218.0/24
203.78.160.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:44:de:b0:92:c4:44:28:cf:33:5a:b1:90:3f:d8:48:a5:ab:
92:65:ac:0a:89:f7:06:1a:b8:b5:33:cb:13:63:3d:29:f3:58:
8f:50:83:4e:a1:46:b6:d1:d4:4d:b7:ec:e2:cf:82:aa:43:72:
1a:84:f6:21:3c:18:95:0b:a4:c9:e5:c0:8d:11:ee:f9:a5:7e:
59:ef:cd:40:78:a3:66:3b:de:01:ec:52:6a:cb:77:21:75:31:
a6:56:44:a0:f9:1f:c9:49:ad:07:2f:16:23:d3:1c:65:05:83:
fd:1f:c0:34:36:5a:ff:53:07:a2:19:44:04:89:4b:a1:73:94:
bd:75:1d:dd:3d:53:19:73:37:33:ea:cd:19:af:ac:e2:ff:c6:
9a:2c:d5:8c:72:c6:67:b9:bb:96:ac:05:c1:ee:6c:6f:83:c8:
07:9d:24:04:9d:8d:6f:db:93:ed:4c:e0:d9:47:cc:a1:2c:bb:
f8:bc:05:bb:b5:49:5b:b0:61:9e:fa:c4:bd:7a:dc:e5:b3:5c:
fe:8f:5d:cc:a6:b8:09:82:4b:d4:86:da:ac:47:17:d5:44:01:
95:d6:d9:19:03:f6:8c:e5:5f:51:3f:bd:09:f0:c3:0c:e9:60:
2d:c8:4c:c4:b6:04:f6:29:41:e2:6c:5d:40:7f:6a:f2:aa:c5:
7e:d6:3a:82
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEByB3IzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NjI5MDEwY2RiMGIzMTJjMzJlMDdhYWY5YjcyMGQ3M2QzYmNkM2FiMB4XDTIyMDUw
MzA2NDAyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzA3M2QxNTdjOTEw
ZTdmYmQ3MmJlYTYxZjFhMTY0YWNhOGRmZTc3MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKaU8HYteJTvEAmXCnndM6AwsdY1IntiJ4Lispk8mrn7Zudf
AlvrGJ8Zs65fPEXpMByCLnmDI85gLkCl1PKPCXBvmyijce1S40i08F9Z26IboWhs
C8l6IZRA70lf6TzNML2p8zjKp+4+1dI3czRnemRRpYzh5uS61YZXVOD5ck2bHwnZ
jMN4PJMyI+kQRIHXNQXL652dPSWiHyyZZlh2dPA0kSoBbU7MDteBr3qHBH1jbHBB
afbq+wLW0+K8L9IxSFd2LQrch6mcipaO/K7+bzIm49SfKj8SdAXISDD9FxkfLPzv
OYFUKur5TgvxoAKh6S/DndqccQ7zsQJJGMFIzosCAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRwc9FXyRDn+9cr6mHxoWSsqN/ncDAfBgNVHSMEGDAWgBTWKQEM2wsxLDLg
eq+bcg1z07zTqzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFpa0JETnNMTVN3eTRIcXZtM0lOYzlPODA2cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGMvMTk0YzFlLTk3MTAtNGQzNS04MjNiLTVkZDMzOTk0YTI0MS8x
L2NIUFJWOGtRNV92WEstcGg4YUZrcktqZjUzQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGMv
MTk0YzFlLTk3MTAtNGQzNS04MjNiLTVkZDMzOTk0YTI0MS8xLzFpa0JETnNMTVN3
eTRIcXZtM0lOYzlPODA2cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAi2TEAMEAnTM/AMEArna7AMEAMEQ
lwMEAMEQnAMEAMMK2gMEAMtOoDANBgkqhkiG9w0BAQsFAAOCAQEAGkTesJLERCjP
M1qxkD/YSKWrkmWsCon3Bhq4tTPLE2M9KfNYj1CDTqFGttHUTbfs4s+CqkNyGoT2
ITwYlQukyeXAjRHu+aV+We/NQHijZjveAexSast3IXUxplZEoPkfyUmtBy8WI9Mc
ZQWD/R/ANDZa/1MHohlEBIlLoXOUvXUd3T1TGXM3M+rNGa+s4v/GmizVjHLGZ7m7
lqwFwe5sb4PIB50kBJ2Nb9uT7Uzg2UfMoSy7+LwFu7VJW7BhnvrEvXrc5bNc/o9d
zKa4CYJL1IbarEcX1UQBldbZGQP2jOVfUT+9CfDDDOlgLchMxLYE9ilB4mxdQH9q
8qrFftY6gg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:20 2024 by rpki-client on console-ams.rpki-client.org