Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/hs_bvz2hZJkqSO0w1mENqXY_xY8.roa
File: hs_bvz2hZJkqSO0w1mENqXY_xY8.roa (raw, json)
Hash identifier: bJCVHpaFYsSf0ZtEG7ADhNLafiyJTV/cOhUE/+EMRl8=
Subject key identifier: 86:CF:DB:BF:3D:A1:64:99:2A:48:ED:30:D6:61:0D:A9:76:3F:C5:8F
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0525C454
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/hs_bvz2hZJkqSO0w1mENqXY_xY8.roa
Signing time: Wed 11 May 2022 11:56:02 +0000
ROA not before: Wed 11 May 2022 11:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202766
IP address blocks: 94.198.47.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
80.66.112.0/23 maxlen: 23
185.229.212.0/22 maxlen: 22
185.229.213.0/24 maxlen: 24
185.229.212.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 86361172 (0x525c454)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 11 11:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86cfdbbf3da164992a48ed30d6610da9763fc58f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:53:d9:1a:ad:8e:30:15:d2:2e:88:85:0e:55:
e0:cd:e5:2f:f3:43:62:8e:0f:b1:23:f0:c2:f0:90:
43:3a:53:2d:ed:de:58:64:98:50:86:b3:70:57:63:
1d:6a:8a:89:0a:5d:f4:74:55:98:9c:6a:10:f5:36:
14:3c:1b:25:73:88:74:df:02:67:12:ff:7a:c2:19:
8c:3a:1f:81:3c:f9:18:02:37:a0:1e:9d:a3:8e:79:
d6:69:e8:1a:c5:a8:31:bc:8d:10:a4:7b:06:eb:17:
ad:1e:88:71:3b:34:98:57:de:60:eb:92:19:39:6e:
6a:ad:cc:95:2a:11:7a:c7:15:95:bc:3d:55:a4:cd:
10:13:03:6c:02:8c:9b:b0:00:fa:68:a4:ea:d4:5d:
a0:8a:09:e2:be:17:20:68:8e:b9:fd:e4:41:78:db:
c9:41:3d:36:81:1d:6b:f8:1c:38:04:dd:57:01:ab:
e6:56:37:28:9b:06:7c:a0:33:45:9f:ae:3b:5b:64:
38:b3:9f:5e:3d:1d:2a:92:0b:e3:80:fb:cd:f0:96:
c5:32:c4:b6:e3:79:22:81:24:36:8f:a2:72:a6:fb:
26:7a:bb:0b:00:ef:8c:59:97:28:73:8a:67:80:91:
aa:47:06:f1:1a:c0:5f:74:f9:43:10:c7:ce:af:39:
7b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:CF:DB:BF:3D:A1:64:99:2A:48:ED:30:D6:61:0D:A9:76:3F:C5:8F
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/hs_bvz2hZJkqSO0w1mENqXY_xY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.112.0/23
80.66.115.0/24
89.42.70.0/24
89.44.150.0/24
94.198.46.0/23
178.19.32.0/23
178.19.44.0/24
178.19.47.0/24
185.229.212.0/22
185.242.175.0/24
Signature Algorithm: sha256WithRSAEncryption
08:ac:b2:a1:ec:d5:7b:4d:3a:3f:06:ff:4b:ba:cd:2e:a0:5a:
6b:bc:aa:3f:8a:6d:d1:7a:3f:d5:84:d5:d5:36:62:e4:1c:43:
25:6e:ee:1f:86:ae:eb:55:7e:c0:db:06:95:dd:21:4e:b5:ef:
ba:b1:6c:ba:33:aa:5f:9d:4f:1f:b3:35:25:e1:d6:9e:20:5f:
e6:e2:2b:41:3f:bf:ec:f2:32:60:f9:90:18:b9:3d:51:78:ec:
00:b5:6d:29:25:5a:60:85:03:95:3e:6e:93:b6:a2:93:00:44:
5d:9f:60:22:33:d8:fe:ac:fe:c6:55:c1:22:61:f0:97:69:e6:
f3:6e:66:d2:1b:17:43:44:8e:06:45:4b:b3:0d:f8:a4:d1:ca:
b7:82:5b:2e:11:d4:bc:38:d3:72:e5:de:98:e1:ac:f9:03:f3:
a8:86:5f:ff:90:3b:16:68:a5:7c:4a:73:22:6a:08:10:bb:a6:
e0:c6:0a:66:3b:30:a1:ba:f8:26:df:be:53:da:00:0d:63:0f:
09:8a:15:d2:7b:68:82:73:a3:ff:07:ae:3e:b3:cf:73:52:23:
a4:af:de:39:80:b1:f2:aa:e4:f9:ee:4b:91:ee:c3:de:87:f4:
b1:63:7c:a1:a0:4c:5f:51:fd:3e:4c:08:cd:c0:d9:86:1a:21:
91:3e:c0:db
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgIEBSXEVDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTM0YzQ5ZmNmYThhNDUwNDFkOTVlZDRkOGQ0ZmM2OWM3MjdhNDY3MB4XDTIyMDUx
MTExNTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZjZmRiYmYzZGEx
NjQ5OTJhNDhlZDMwZDY2MTBkYTk3NjNmYzU4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOZT2RqtjjAV0i6IhQ5V4M3lL/NDYo4PsSPwwvCQQzpTLe3e
WGSYUIazcFdjHWqKiQpd9HRVmJxqEPU2FDwbJXOIdN8CZxL/esIZjDofgTz5GAI3
oB6do4551mnoGsWoMbyNEKR7BusXrR6IcTs0mFfeYOuSGTluaq3MlSoRescVlbw9
VaTNEBMDbAKMm7AA+mik6tRdoIoJ4r4XIGiOuf3kQXjbyUE9NoEda/gcOATdVwGr
5lY3KJsGfKAzRZ+uO1tkOLOfXj0dKpIL44D7zfCWxTLEtuN5IoEkNo+icqb7Jnq7
CwDvjFmXKHOKZ4CRqkcG8RrAX3T5QxDHzq85e6MCAwEAAaOCAj8wggI7MB0GA1Ud
DgQWBBSGz9u/PaFkmSpI7TDWYQ2pdj/FjzAfBgNVHSMEGDAWgBQFNMSfz6ikUEHZ
XtTY1PxpxyekZzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JUVEVuOC1vcEZCQjJWN1UyTlQ4YWNjbnBHYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvMGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8x
L2hzX2J2ejJoWkprcVNPMHcxbUVOcVhZX3hZOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
MGNjYmRhLWQ2ZjEtNDUyNy04MTA2LWNkN2UwNmNiYjUzMS8xL0JUVEVuOC1vcEZC
QjJWN1UyTlQ4YWNjbnBHYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBV
BggrBgEFBQcBBwEB/wRGMEQwQgQCAAEwPAMEAVBCcAMEAFBCcwMEAFkqRgMEAFks
lgMEAV7GLgMEAbITIAMEALITLAMEALITLwMEArnl1AMEALnyrzANBgkqhkiG9w0B
AQsFAAOCAQEACKyyoezVe006Pwb/S7rNLqBaa7yqP4pt0Xo/1YTV1TZi5BxDJW7u
H4au61V+wNsGld0hTrXvurFsujOqX51PH7M1JeHWniBf5uIrQT+/7PIyYPmQGLk9
UXjsALVtKSVaYIUDlT5uk7aikwBEXZ9gIjPY/qz+xlXBImHwl2nm825m0hsXQ0SO
BkVLsw34pNHKt4JbLhHUvDjTcuXemOGs+QPzqIZf/5A7FmilfEpzImoIELum4MYK
Zjswobr4Jt++U9oADWMPCYoV0ntognOj/weuPrPPc1IjpK/eOYCx8qrk+e5Lke7D
3of0sWN8oaBMX1H9PkwIzcDZhhohkT7A2w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:35 2023 by rpki-client on console-ams.rpki-client.org