Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Hk2yYnGlCG8xJwjjJFBzoqpBxn8.roa
File: Hk2yYnGlCG8xJwjjJFBzoqpBxn8.roa (raw, json)
Hash identifier: tXUXEa0+183PPsII5qNoSWbotE6QTVfNR1EOx3sKcqc=
Subject key identifier: 1E:4D:B2:62:71:A5:08:6F:31:27:08:E3:24:50:73:A2:AA:41:C6:7F
Certificate issuer: /CN=e8d062a969d2142bb8506a571180b45bd0fab934
Certificate serial: 08306294
Authority key identifier: E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Hk2yYnGlCG8xJwjjJFBzoqpBxn8.roa
Signing time: Mon 21 Mar 2022 16:05:55 +0000
ROA not before: Mon 21 Mar 2022 16:05:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24663
IP address blocks: 178.23.224.0/21 maxlen: 21
178.23.224.0/22 maxlen: 22
178.23.228.0/22 maxlen: 22
37.200.124.0/22 maxlen: 22
45.150.205.0/24 maxlen: 24
37.200.120.0/22 maxlen: 22
37.200.120.0/21 maxlen: 21
45.150.204.0/23 maxlen: 23
45.150.204.0/24 maxlen: 24
45.150.207.0/24 maxlen: 24
94.127.216.0/22 maxlen: 22
94.127.216.0/21 maxlen: 21
94.127.220.0/22 maxlen: 22
80.250.224.0/21 maxlen: 21
80.250.224.0/20 maxlen: 20
80.250.232.0/21 maxlen: 21
185.30.230.0/23 maxlen: 23
185.30.228.0/22 maxlen: 22
185.30.228.0/23 maxlen: 23
2a03:8080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 137388692 (0x8306294)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8d062a969d2142bb8506a571180b45bd0fab934
Validity
Not Before: Mar 21 16:05:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e4db26271a5086f312708e3245073a2aa41c67f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:2d:81:1a:06:c3:8c:bb:14:3d:65:79:9e:de:
4a:5c:b0:14:e8:55:2c:85:f5:e1:d8:e0:8a:b1:d4:
9f:3a:01:7c:47:0a:43:30:c0:ed:72:38:43:f1:d7:
f9:a4:a7:aa:cc:0b:26:bc:a5:6c:7f:93:7e:43:b3:
1a:4b:59:22:32:22:13:d1:a4:cc:1f:99:c1:5e:2d:
82:27:ab:e1:c1:55:84:c0:f5:bd:8b:2b:50:12:30:
73:a7:8a:86:a6:54:70:42:22:d7:c5:de:fd:72:08:
fe:22:b7:17:af:d9:74:fc:ac:cf:c8:16:f9:39:f8:
44:ce:83:d6:b5:8a:d9:e5:55:0e:47:35:ba:cd:02:
87:b0:53:c3:ed:83:75:74:46:6b:13:92:fe:b7:fb:
3e:5b:0e:d1:7d:b1:d9:69:cd:32:5d:f6:49:6e:65:
43:d5:e5:4c:91:83:ef:a9:a3:81:ff:c1:4f:e4:68:
3f:8b:fe:2a:49:d9:61:b6:2d:19:01:2a:2d:c1:74:
2f:e5:8a:2c:bd:40:c7:c7:fb:e5:5b:e5:61:81:b5:
7f:35:14:2d:7f:24:ee:e5:52:74:94:85:8f:d5:b5:
d7:e5:a4:c2:bd:2b:c9:8b:66:d9:b1:65:e0:49:ab:
a5:30:42:ff:57:fa:e1:c1:ac:60:cb:63:a4:e1:92:
e9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:4D:B2:62:71:A5:08:6F:31:27:08:E3:24:50:73:A2:AA:41:C6:7F
X509v3 Authority Key Identifier:
keyid:E8:D0:62:A9:69:D2:14:2B:B8:50:6A:57:11:80:B4:5B:D0:FA:B9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/Hk2yYnGlCG8xJwjjJFBzoqpBxn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/a9916a-13bf-4770-8e44-58b6a5784ab7/1/6NBiqWnSFCu4UGpXEYC0W9D6uTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.200.120.0/21
45.150.204.0/23
45.150.207.0/24
80.250.224.0/20
94.127.216.0/21
178.23.224.0/21
185.30.228.0/22
IPv6:
2a03:8080::/32
Signature Algorithm: sha256WithRSAEncryption
6b:66:a7:ea:02:7e:c4:67:32:d1:b2:0f:6b:19:49:c3:be:96:
12:ff:2b:7a:98:3b:b6:c9:bc:3e:de:5d:96:17:75:f4:c0:cc:
1e:fb:bc:88:b9:69:d2:67:d7:cc:7f:1e:b6:f3:8e:da:74:60:
de:07:a9:56:e8:80:01:5a:70:b2:18:c0:28:15:bd:3b:0a:98:
31:fc:15:d2:1d:4a:ae:7f:02:81:c9:29:aa:f8:84:0c:62:50:
fa:bd:de:d5:03:df:86:f8:cc:b8:d6:df:76:7a:80:d6:a0:12:
9b:c4:04:fc:fd:b0:51:ef:31:8e:cd:d6:60:49:15:84:1f:53:
e9:73:23:c5:74:38:31:05:83:79:03:ad:5f:29:b0:e5:e0:1c:
e4:82:08:4a:19:a5:0c:dc:7a:00:eb:cb:d3:7b:40:c3:c1:a1:
d5:83:0c:2d:fd:e7:07:80:ad:88:18:50:21:99:fd:2d:a9:0b:
7f:52:7f:45:5b:08:8a:e7:e6:27:5a:01:08:ce:62:af:94:75:
dc:85:e5:fe:82:86:f2:1f:b2:0c:ab:1b:7d:93:8c:94:a2:43:
1c:9a:7f:93:3c:8f:f9:9a:26:ee:43:57:0b:9c:03:1e:9d:1d:
b1:02:eb:5b:61:5e:af:32:28:17:38:ba:84:06:bb:b4:c7:fb:
d8:33:92:28
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIECDBilDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
OGQwNjJhOTY5ZDIxNDJiYjg1MDZhNTcxMTgwYjQ1YmQwZmFiOTM0MB4XDTIyMDMy
MTE2MDU1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWU0ZGIyNjI3MWE1
MDg2ZjMxMjcwOGUzMjQ1MDczYTJhYTQxYzY3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQtgRoGw4y7FD1leZ7eSlywFOhVLIX14djgirHUnzoBfEcK
QzDA7XI4Q/HX+aSnqswLJrylbH+TfkOzGktZIjIiE9GkzB+ZwV4tgier4cFVhMD1
vYsrUBIwc6eKhqZUcEIi18Xe/XII/iK3F6/ZdPysz8gW+Tn4RM6D1rWK2eVVDkc1
us0Ch7BTw+2DdXRGaxOS/rf7PlsO0X2x2WnNMl32SW5lQ9XlTJGD76mjgf/BT+Ro
P4v+KknZYbYtGQEqLcF0L+WKLL1Ax8f75VvlYYG1fzUULX8k7uVSdJSFj9W11+Wk
wr0ryYtm2bFl4EmrpTBC/1f64cGsYMtjpOGS6W0CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBQeTbJicaUIbzEnCOMkUHOiqkHGfzAfBgNVHSMEGDAWgBTo0GKpadIUK7hQ
alcRgLRb0Pq5NDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZOQmlxV25TRkN1NFVHcFhFWUMwVzlENnVUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTQvYTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8x
L0hrMnlZbkdsQ0c4eEp3ampKRkJ6b3FwQnhuOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTQv
YTk5MTZhLTEzYmYtNDc3MC04ZTQ0LTU4YjZhNTc4NGFiNy8xLzZOQmlxV25TRkN1
NFVHcFhFWUMwVzlENnVUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAyXIeAMEAS2WzAMEAC2WzwMEBFD6
4AMEA15/2AMEA7IX4AMEArke5DANBAIAAjAHAwUAKgOAgDANBgkqhkiG9w0BAQsF
AAOCAQEAa2an6gJ+xGcy0bIPaxlJw76WEv8repg7tsm8Pt5dlhd19MDMHvu8iLlp
0mfXzH8etvOO2nRg3gepVuiAAVpwshjAKBW9OwqYMfwV0h1Krn8CgckpqviEDGJQ
+r3e1QPfhvjMuNbfdnqA1qASm8QE/P2wUe8xjs3WYEkVhB9T6XMjxXQ4MQWDeQOt
Xymw5eAc5IIIShmlDNx6AOvL03tAw8Gh1YMMLf3nB4CtiBhQIZn9LakLf1J/RVsI
iufmJ1oBCM5ir5R13IXl/oKG8h+yDKsbfZOMlKJDHJp/kzyP+Zom7kNXC5wDHp0d
sQLrW2FerzIoFzi6hAa7tMf72DOSKA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:04 2024 by rpki-client on console-fra.rpki-client.org