Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/HV86ehCVll4tre4gwfn5gFCqBcs.roa
File: HV86ehCVll4tre4gwfn5gFCqBcs.roa (raw, json)
Hash identifier: IAYm6DZUmLIxQ6CstMXmPiBBqHDDl96ZU86MPhCCSls=
Subject key identifier: 1D:5F:3A:7A:10:95:96:5E:2D:AD:EE:20:C1:F9:F9:80:50:AA:05:CB
Certificate issuer: /CN=1b31e73e6d3fc745f127a7ed990aa41214905e61
Certificate serial: 37F53FF4
Authority key identifier: 1B:31:E7:3E:6D:3F:C7:45:F1:27:A7:ED:99:0A:A4:12:14:90:5E:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/HV86ehCVll4tre4gwfn5gFCqBcs.roa
Signing time: Sat 01 Jan 2022 08:57:24 +0000
ROA not before: Sat 01 Jan 2022 08:57:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21230
IP address blocks: 84.43.160.0/19 maxlen: 19
84.43.192.0/21 maxlen: 21
84.43.200.0/21 maxlen: 21
84.43.208.0/21 maxlen: 21
84.43.216.0/21 maxlen: 21
84.43.224.0/21 maxlen: 21
185.221.32.0/22 maxlen: 22
84.43.232.0/21 maxlen: 21
193.110.216.0/21 maxlen: 21
84.43.128.0/19 maxlen: 19
84.43.240.0/20 maxlen: 20
2a00:82a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 938819572 (0x37f53ff4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b31e73e6d3fc745f127a7ed990aa41214905e61
Validity
Not Before: Jan 1 08:57:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d5f3a7a1095965e2dadee20c1f9f98050aa05cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:16:fd:d4:70:b8:df:df:c1:33:25:68:d1:d0:
2e:d5:60:6c:8b:12:0d:82:eb:90:82:12:fc:5e:2f:
bc:78:ad:9d:e6:47:61:01:a8:ab:da:f4:4c:ca:9b:
2c:92:1c:69:64:ba:8c:b6:04:1b:43:f6:ad:5d:62:
65:22:95:2d:3e:4a:5d:42:3b:c3:67:b3:4b:f4:24:
27:d7:ed:9a:0f:39:4d:79:fd:b3:3a:35:26:d6:14:
6d:9d:dd:89:0a:db:9d:b8:f6:13:ec:63:5e:ba:dd:
23:01:50:ff:5e:b1:11:60:bd:e8:11:10:ef:49:bc:
99:11:a5:7f:33:b3:59:79:e8:7f:af:f7:19:6b:6d:
b1:e0:bf:2d:fc:65:b0:09:31:22:07:2b:da:38:0d:
36:81:94:5b:da:39:f3:c1:82:64:a4:46:06:cd:ae:
01:4e:c5:1a:42:56:c7:11:2c:9b:e6:56:fc:b3:a8:
ca:c6:5b:ab:9e:3c:a4:89:6f:ed:40:0a:a6:9f:11:
ed:d4:75:16:b1:83:b0:08:7e:c7:cd:be:d0:39:6c:
2a:67:f2:71:65:d2:c6:55:d9:dc:e0:ad:19:1d:14:
0f:86:a9:4d:6e:6f:62:f2:d5:fe:fb:ec:36:fe:20:
3d:2f:fb:62:e7:96:a9:7a:73:c7:35:f1:a8:d0:47:
10:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:5F:3A:7A:10:95:96:5E:2D:AD:EE:20:C1:F9:F9:80:50:AA:05:CB
X509v3 Authority Key Identifier:
keyid:1B:31:E7:3E:6D:3F:C7:45:F1:27:A7:ED:99:0A:A4:12:14:90:5E:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/HV86ehCVll4tre4gwfn5gFCqBcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a1fdd6-730e-4af0-8a56-460273f16ddd/1/GzHnPm0_x0XxJ6ftmQqkEhSQXmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.43.128.0/17
185.221.32.0/22
193.110.216.0/21
IPv6:
2a00:82a0::/32
Signature Algorithm: sha256WithRSAEncryption
3e:16:d3:67:f1:20:88:f0:26:40:71:bf:91:2f:df:35:27:f6:
b6:c0:88:8c:3e:64:64:fb:45:ce:5a:6e:1a:21:c2:f4:87:49:
b0:ec:b3:a7:98:75:b7:eb:2d:fa:e8:cf:1d:c9:2d:05:8b:bb:
a4:ae:93:84:aa:64:f7:24:dc:d6:44:5c:32:2c:ad:63:14:66:
c5:f8:87:6e:2d:4a:d2:ab:27:a8:85:86:ef:b1:be:b7:d3:90:
12:7f:0c:45:f2:cc:b6:85:6f:25:6f:10:30:15:bc:78:92:4c:
14:3a:5b:8f:e7:3f:dc:3b:6d:d6:1c:08:12:e1:0e:c4:ed:6b:
43:0f:0c:19:2e:1e:e0:1a:e1:92:05:1e:e2:a3:86:a5:be:c4:
fc:64:3c:14:7e:27:ed:f1:c8:55:17:2a:87:17:43:b7:cd:ba:
40:3e:85:8b:aa:73:fd:69:1c:0f:b4:a2:ba:36:f6:08:e4:a2:
ff:f4:c1:5b:a1:58:d9:25:a1:26:11:bc:33:b4:17:c7:5a:57:
0b:8a:ae:a1:d2:cb:68:3b:e9:85:24:4f:ec:0a:54:80:57:c4:
6c:5b:4d:e9:67:84:44:da:b3:59:93:18:7e:87:b0:ee:9e:0d:
29:04:bd:f3:af:ef:8b:6f:ef:f4:73:c4:5c:49:bc:6d:f6:08:
9e:7f:e7:2e
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEN/U/9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
YjMxZTczZTZkM2ZjNzQ1ZjEyN2E3ZWQ5OTBhYTQxMjE0OTA1ZTYxMB4XDTIyMDEw
MTA4NTcyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ1ZjNhN2ExMDk1
OTY1ZTJkYWRlZTIwYzFmOWY5ODA1MGFhMDVjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKIW/dRwuN/fwTMlaNHQLtVgbIsSDYLrkIIS/F4vvHitneZH
YQGoq9r0TMqbLJIcaWS6jLYEG0P2rV1iZSKVLT5KXUI7w2ezS/QkJ9ftmg85TXn9
szo1JtYUbZ3diQrbnbj2E+xjXrrdIwFQ/16xEWC96BEQ70m8mRGlfzOzWXnof6/3
GWttseC/LfxlsAkxIgcr2jgNNoGUW9o588GCZKRGBs2uAU7FGkJWxxEsm+ZW/LOo
ysZbq548pIlv7UAKpp8R7dR1FrGDsAh+x82+0DlsKmfycWXSxlXZ3OCtGR0UD4ap
TW5vYvLV/vvsNv4gPS/7YueWqXpzxzXxqNBHEKMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQdXzp6EJWWXi2t7iDB+fmAUKoFyzAfBgNVHSMEGDAWgBQbMec+bT/HRfEn
p+2ZCqQSFJBeYTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0d6SG5QbTBfeDBYeEo2ZnRtUXFrRWhTUVhtRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWQvYTFmZGQ2LTczMGUtNGFmMC04YTU2LTQ2MDI3M2YxNmRkZC8x
L0hWODZlaENWbGw0dHJlNGd3Zm41Z0ZDcUJjcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWQv
YTFmZGQ2LTczMGUtNGFmMC04YTU2LTQ2MDI3M2YxNmRkZC8xL0d6SG5QbTBfeDBY
eEo2ZnRtUXFrRWhTUVhtRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEB1QrgAMEArndIAMEA8Fu2DANBAIA
AjAHAwUAKgCCoDANBgkqhkiG9w0BAQsFAAOCAQEAPhbTZ/EgiPAmQHG/kS/fNSf2
tsCIjD5kZPtFzlpuGiHC9IdJsOyzp5h1t+st+ujPHcktBYu7pK6ThKpk9yTc1kRc
MiytYxRmxfiHbi1K0qsnqIWG77G+t9OQEn8MRfLMtoVvJW8QMBW8eJJMFDpbj+c/
3Dtt1hwIEuEOxO1rQw8MGS4e4BrhkgUe4qOGpb7E/GQ8FH4n7fHIVRcqhxdDt826
QD6Fi6pz/WkcD7Siujb2COSi//TBW6FY2SWhJhG8M7QXx1pXC4quodLLaDvphSRP
7ApUgFfEbFtN6WeERNqzWZMYfoew7p4NKQS986/vi2/v9HPEXEm8bfYInn/nLg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:46 2023 by rpki-client on console-ams.rpki-client.org