Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/hPLTuvIIWVHf16RBU23pdtrsSI0.roa
File: hPLTuvIIWVHf16RBU23pdtrsSI0.roa (raw, json)
Hash identifier: TiQV/gbQralRW9LIPp8RKIyR8C5qkrRuoDooTpvZUT0=
Subject key identifier: 84:F2:D3:BA:F2:08:59:51:DF:D7:A4:41:53:6D:E9:76:DA:EC:48:8D
Certificate issuer: /CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Certificate serial: 0977B22E
Authority key identifier: D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/hPLTuvIIWVHf16RBU23pdtrsSI0.roa
Signing time: Sat 01 Jan 2022 10:56:57 +0000
ROA not before: Sat 01 Jan 2022 10:56:57 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48135
IP address blocks: 151.89.232.0/22 maxlen: 22
151.89.128.0/17 maxlen: 17
94.127.84.0/22 maxlen: 22
94.127.80.0/22 maxlen: 22
94.127.83.0/24 maxlen: 24
151.89.0.0/17 maxlen: 17
94.127.81.0/24 maxlen: 24
94.127.87.0/24 maxlen: 24
151.89.0.0/16 maxlen: 16
94.127.86.0/24 maxlen: 24
94.127.86.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 158839342 (0x977b22e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d766fc6f1b8e2b604f7fb73c29fd5d689a0ea81d
Validity
Not Before: Jan 1 10:56:57 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84f2d3baf2085951dfd7a441536de976daec488d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bb:73:21:0e:37:98:e3:a7:8e:2d:a2:ab:17:
fa:79:9e:0a:fa:30:79:6e:ca:5c:65:0a:c3:3d:18:
c1:ff:a0:a6:ab:b0:22:0b:36:21:87:7b:38:a3:f9:
3e:99:1b:22:33:77:de:08:6f:c9:c8:2a:45:e8:fe:
28:88:31:8f:ca:f4:6a:3e:21:0d:9b:a0:3b:a7:c3:
d0:e1:66:fa:fb:04:5b:13:e1:2f:43:36:17:e3:e4:
a1:ca:f9:87:06:0c:3e:12:b0:48:93:78:73:2b:9c:
c2:2f:f7:b9:1d:e1:e6:af:30:f0:09:fc:ba:94:d0:
e8:22:c9:cb:5e:41:85:5b:58:84:91:4d:86:ab:b7:
47:bc:46:8d:ed:3c:8e:ed:3f:01:11:8c:05:2a:af:
1f:1c:da:60:86:82:c1:0e:42:5e:ab:9e:6f:cd:06:
a2:f8:99:a2:9e:e0:2c:ee:13:ca:ed:21:49:c0:0d:
80:07:80:0e:3c:7a:bb:3d:7f:fd:15:46:e3:38:89:
fd:2f:f9:02:57:75:ad:04:db:d6:78:38:3c:d4:dc:
d2:7a:e8:70:bb:45:a2:94:3c:7f:c6:9d:74:1c:24:
90:60:16:06:87:89:93:0d:01:7d:70:82:a5:e2:27:
2a:e5:d1:29:3f:62:f9:64:d9:2d:eb:ce:4c:49:ba:
76:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F2:D3:BA:F2:08:59:51:DF:D7:A4:41:53:6D:E9:76:DA:EC:48:8D
X509v3 Authority Key Identifier:
keyid:D7:66:FC:6F:1B:8E:2B:60:4F:7F:B7:3C:29:FD:5D:68:9A:0E:A8:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12b8bxuOK2BPf7c8Kf1daJoOqB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/hPLTuvIIWVHf16RBU23pdtrsSI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f3829a-9527-444b-bd72-3ef3fd969957/1/12b8bxuOK2BPf7c8Kf1daJoOqB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.127.80.0/21
151.89.0.0/16
Signature Algorithm: sha256WithRSAEncryption
bc:8d:3e:6d:18:a5:70:60:d7:b8:ff:50:45:2d:65:37:30:27:
a2:18:cb:ff:01:ff:a2:5c:df:94:56:d1:d2:68:8e:18:11:e6:
2f:14:56:8b:33:4f:b4:7f:4e:6f:d4:42:40:ef:9b:07:18:49:
2a:0a:0d:df:c3:e1:cb:1b:15:5f:b9:0b:d0:c5:16:61:7e:f1:
9f:9a:ec:0f:3d:e9:0d:ae:02:0f:1d:bc:9d:53:0a:5e:55:f6:
05:63:16:6b:bf:a3:51:e4:4b:b6:06:c7:34:26:9a:65:8a:a7:
28:3c:8c:f9:7b:d6:75:4e:5e:d6:c3:6a:76:89:37:12:96:f2:
54:be:55:a4:21:9e:4b:e9:7a:d7:52:e6:50:32:e3:f2:f7:5f:
80:8a:20:c7:37:75:45:2e:ba:09:31:54:bb:d5:36:87:ce:c5:
9b:07:bd:18:da:f6:36:73:4c:d1:7b:c8:c1:89:aa:e0:a2:bd:
bf:25:2e:86:35:19:0e:58:7e:ed:4b:bd:4e:01:ec:fa:6c:16:
13:9a:d0:72:52:07:1d:4a:21:c5:97:08:44:7f:ba:6d:dc:e3:
b6:91:c1:89:5e:8a:04:4d:99:49:f8:fa:19:85:af:0c:ff:8d:
49:53:58:ca:f5:48:b7:1a:94:49:b7:fa:63:f1:18:38:c6:37:
ac:6b:97:00
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIECXeyLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzY2ZmM2ZjFiOGUyYjYwNGY3ZmI3M2MyOWZkNWQ2ODlhMGVhODFkMB4XDTIyMDEw
MTEwNTY1N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRmMmQzYmFmMjA4
NTk1MWRmZDdhNDQxNTM2ZGU5NzZkYWVjNDg4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKu7cyEON5jjp44toqsX+nmeCvoweW7KXGUKwz0Ywf+gpquw
Igs2IYd7OKP5PpkbIjN33ghvycgqRej+KIgxj8r0aj4hDZugO6fD0OFm+vsEWxPh
L0M2F+Pkocr5hwYMPhKwSJN4cyucwi/3uR3h5q8w8An8upTQ6CLJy15BhVtYhJFN
hqu3R7xGje08ju0/ARGMBSqvHxzaYIaCwQ5CXqueb80GoviZop7gLO4Tyu0hScAN
gAeADjx6uz1//RVG4ziJ/S/5Ald1rQTb1ng4PNTc0nrocLtFopQ8f8addBwkkGAW
BoeJkw0BfXCCpeInKuXRKT9i+WTZLevOTEm6djsCAwEAAaOCAg4wggIKMB0GA1Ud
DgQWBBSE8tO68ghZUd/XpEFTbel22uxIjTAfBgNVHSMEGDAWgBTXZvxvG44rYE9/
tzwp/V1omg6oHTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEyYjhieHVPSzJCUGY3YzhLZjFkYUpvT3FCMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvZjM4MjlhLTk1MjctNDQ0Yi1iZDcyLTNlZjNmZDk2OTk1Ny8x
L2hQTFR1dklJV1ZIZjE2UkJVMjNwZHRyc1NJMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
ZjM4MjlhLTk1MjctNDQ0Yi1iZDcyLTNlZjNmZDk2OTk1Ny8xLzEyYjhieHVPSzJC
UGY3YzhLZjFkYUpvT3FCMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAk
BggrBgEFBQcBBwEB/wQVMBMwEQQCAAEwCwMEA15/UAMDAJdZMA0GCSqGSIb3DQEB
CwUAA4IBAQC8jT5tGKVwYNe4/1BFLWU3MCeiGMv/Af+iXN+UVtHSaI4YEeYvFFaL
M0+0f05v1EJA75sHGEkqCg3fw+HLGxVfuQvQxRZhfvGfmuwPPekNrgIPHbydUwpe
VfYFYxZrv6NR5Eu2Bsc0JppliqcoPIz5e9Z1Tl7Ww2p2iTcSlvJUvlWkIZ5L6XrX
UuZQMuPy91+AiiDHN3VFLroJMVS71TaHzsWbB70Y2vY2c0zRe8jBiargor2/JS6G
NRkOWH7tS71OAez6bBYTmtByUgcdSiHFlwhEf7pt3OO2kcGJXooETZlJ+PoZha8M
/41JU1jK9Ui3GpRJt/pj8Rg4xjesa5cA
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:20 2025 by rpki-client