Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Ho2NXouf1K09dN49P_7MotnJK4A.roa
File: Ho2NXouf1K09dN49P_7MotnJK4A.roa (raw, json)
Hash identifier: kb7RsaeFHjXaLT+Ezo6/4mtZPI9g8vQRLxadQDzjSCg=
Subject key identifier: 1E:8D:8D:5E:8B:9F:D4:AD:3D:74:DE:3D:3F:FE:CC:A2:D9:C9:2B:80
Certificate issuer: /CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Certificate serial: 0184F2B46950D28584788BD0FA9D020F37A6
Authority key identifier: B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Ho2NXouf1K09dN49P_7MotnJK4A.roa
Signing time: Thu 08 Dec 2022 17:07:00 +0000
ROA not before: Thu 08 Dec 2022 17:07:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56485
IP address blocks: 194.113.32.0/24 maxlen: 24
185.252.24.0/22 maxlen: 22
176.114.0.0/22 maxlen: 22
176.114.4.0/22 maxlen: 22
45.154.116.0/22 maxlen: 22
176.114.8.0/22 maxlen: 22
176.114.12.0/22 maxlen: 22
194.113.58.0/24 maxlen: 24
91.234.32.0/22 maxlen: 22
185.166.216.0/22 maxlen: 22
88.218.188.0/22 maxlen: 22
194.110.248.0/24 maxlen: 24
194.110.254.0/24 maxlen: 24
185.230.88.0/22 maxlen: 22
91.223.180.0/24 maxlen: 24
2a0f:c100::/29 maxlen: 29
2a0c:f00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:f2:b4:69:50:d2:85:84:78:8b:d0:fa:9d:02:0f:37:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7f646de414072fc1ab76b1b2c9e08b9bd21a843
Validity
Not Before: Dec 8 17:07:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e8d8d5e8b9fd4ad3d74de3d3ffecca2d9c92b80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:be:49:f0:da:6c:14:f0:12:9f:66:4a:42:e4:
fa:09:6b:71:a4:78:2e:95:68:b0:05:4e:f3:c8:67:
d5:05:98:d9:21:41:f9:a7:47:2e:11:04:89:ce:3c:
70:a7:5e:44:24:62:0b:d7:0c:6d:f2:21:61:72:df:
60:07:fe:fd:63:0b:95:d9:e3:e9:89:75:9b:b9:ac:
2c:b4:31:54:4e:70:e8:da:1f:33:6a:c1:1f:c2:be:
7f:7b:60:63:48:29:af:d9:15:ee:d0:7f:83:a2:6b:
56:65:77:e4:24:ed:8e:02:a1:8a:b6:c2:91:82:5e:
97:fa:01:9b:32:cb:10:fa:93:1f:74:3b:1e:bb:a8:
22:96:07:ce:12:32:73:1d:34:d5:c1:bf:11:39:6e:
77:de:95:08:f2:00:99:fc:7d:5b:7a:be:af:b0:2b:
9a:cb:48:3a:53:9f:06:e2:dd:c8:44:2a:a2:12:36:
15:6a:49:bd:81:de:1a:eb:d6:8b:aa:8b:e4:ed:2a:
7b:c0:d4:22:ce:a8:99:77:59:c1:da:4d:f9:53:98:
0a:55:70:71:07:ff:40:2d:cc:c6:18:e0:ce:97:26:
59:13:e5:39:8e:47:13:c5:2e:d2:78:ae:ee:aa:03:
b4:1c:5e:ad:bd:c5:e1:c2:29:f9:75:9c:81:59:19:
e7:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:8D:8D:5E:8B:9F:D4:AD:3D:74:DE:3D:3F:FE:CC:A2:D9:C9:2B:80
X509v3 Authority Key Identifier:
keyid:B7:F6:46:DE:41:40:72:FC:1A:B7:6B:1B:2C:9E:08:B9:BD:21:A8:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/Ho2NXouf1K09dN49P_7MotnJK4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/e2f9ff-c460-40a2-a357-77ef87a73e13/1/t_ZG3kFAcvwat2sbLJ4Iub0hqEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.116.0/22
88.218.188.0/22
91.223.180.0/24
91.234.32.0/22
176.114.0.0/20
185.166.216.0/22
185.230.88.0/22
185.252.24.0/22
194.110.248.0/24
194.110.254.0/24
194.113.32.0/24
194.113.58.0/24
IPv6:
2a0c:f00::/29
2a0f:c100::/29
Signature Algorithm: sha256WithRSAEncryption
30:5c:4e:14:85:be:bc:8c:30:2c:9a:c5:c8:a8:4b:61:ff:a8:
cb:45:76:eb:1a:d6:10:c0:c9:43:ee:b0:ec:38:1a:23:37:1f:
49:ff:fa:8a:d6:20:7e:78:18:2b:41:90:a8:7c:13:b2:48:34:
81:7d:d5:de:46:e2:b2:27:38:bf:d8:dd:0c:e9:3a:90:26:3d:
71:dc:e2:45:2b:7a:64:32:8a:5e:ec:f8:06:85:01:51:99:d3:
f7:77:b4:cf:e6:ca:9a:bf:f2:19:16:f7:b3:06:e3:a7:95:36:
6f:03:36:67:7e:ae:1e:9b:f9:b2:56:70:ca:4e:0a:11:00:cf:
35:40:fa:3c:dd:42:8f:cf:85:38:72:9f:14:f4:2d:43:6f:27:
a0:d6:6e:d5:0c:9e:05:c3:ea:8d:93:f7:cb:a2:68:45:b2:bf:
c8:4c:49:b0:1e:07:4a:8e:50:d6:e6:7a:62:60:13:6a:f8:4b:
20:b9:83:23:a3:85:69:a7:07:c7:74:7b:7b:62:e0:4f:fa:8b:
f6:9a:e9:1c:d9:5f:65:8e:70:a2:ca:41:8f:41:29:c5:2a:bf:
8f:0f:39:38:64:36:b1:05:56:13:85:6a:b7:37:1a:61:30:ce:
dd:19:7e:f6:33:4a:da:60:88:a7:b8:f5:92:cf:94:3a:23:be:
ae:aa:03:1e
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYTytGlQ0oWEeIvQ+p0CDzemMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3ZjY0NmRlNDE0MDcyZmMxYWI3NmIxYjJjOWUwOGI5YmQy
MWE4NDMwHhcNMjIxMjA4MTcwNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZThkOGQ1ZThiOWZkNGFkM2Q3NGRlM2QzZmZlY2NhMmQ5YzkyYjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmr5J8NpsFPASn2ZKQuT6CWtxpHgu
lWiwBU7zyGfVBZjZIUH5p0cuEQSJzjxwp15EJGIL1wxt8iFhct9gB/79YwuV2ePp
iXWbuawstDFUTnDo2h8zasEfwr5/e2BjSCmv2RXu0H+DomtWZXfkJO2OAqGKtsKR
gl6X+gGbMssQ+pMfdDseu6gilgfOEjJzHTTVwb8ROW533pUI8gCZ/H1ber6vsCua
y0g6U58G4t3IRCqiEjYVakm9gd4a69aLqovk7Sp7wNQizqiZd1nB2k35U5gKVXBx
B/9ALczGGODOlyZZE+U5jkcTxS7SeK7uqgO0HF6tvcXhwin5dZyBWRnn/QIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFB6NjV6Ln9StPXTePT/+zKLZySuAMB8GA1UdIwQY
MBaAFLf2Rt5BQHL8GrdrGyyeCLm9IahDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTct
NzdlZjg3YTczZTEzLzEvSG8yTlhvdWYxSzA5ZE40OVBfN01vdG5KSzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9lMmY5ZmYtYzQ2MC00MGEyLWEzNTctNzdlZjg3YTczZTEz
LzEvdF9aRzNrRkFjdndhdDJzYkxKNEl1YjBocUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQCLZp0AwQC
WNq8AwQAW9+0AwQCW+ogAwQEsHIAAwQCuabYAwQCueZYAwQCufwYAwQAwm74AwQA
wm7+AwQAwnEgAwQAwnE6MBQEAgACMA4DBQMqDA8AAwUDKg/BADANBgkqhkiG9w0B
AQsFAAOCAQEAMFxOFIW+vIwwLJrFyKhLYf+oy0V26xrWEMDJQ+6w7DgaIzcfSf/6
itYgfngYK0GQqHwTskg0gX3V3kbisic4v9jdDOk6kCY9cdziRSt6ZDKKXuz4BoUB
UZnT93e0z+bKmr/yGRb3swbjp5U2bwM2Z36uHpv5slZwyk4KEQDPNUD6PN1Cj8+F
OHKfFPQtQ28noNZu1QyeBcPqjZP3y6JoRbK/yExJsB4HSo5Q1uZ6YmATavhLILmD
I6OFaacHx3R7e2LgT/qL9prpHNlfZY5wospBj0EpxSq/jw85OGQ2sQVWE4Vqtzca
YTDO3Rl+9jNK2mCIp7j1ks+UOiO+rqoDHg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:30:34 2024 by rpki-client on console-fra.rpki-client.org