Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/HKp7TJSRRLoE0woI-PLxn4yV9m4.roa
File: HKp7TJSRRLoE0woI-PLxn4yV9m4.roa (raw, json)
Hash identifier: 4VFZTRKHZIfYrW0FmwJjavOwsNv5X3vc2JPSaO4FbwY=
Subject key identifier: 1C:AA:7B:4C:94:91:44:BA:04:D3:0A:08:F8:F2:F1:9F:8C:95:F6:6E
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 3A7E92D8
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/HKp7TJSRRLoE0woI-PLxn4yV9m4.roa
Signing time: Wed 01 Jun 2022 07:28:03 +0000
ROA not before: Wed 01 Jun 2022 07:28:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.16.73.0/24 maxlen: 24
212.80.0.0/19 maxlen: 24
185.24.148.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 981373656 (0x3a7e92d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jun 1 07:28:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1caa7b4c949144ba04d30a08f8f2f19f8c95f66e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:dc:33:54:57:f2:93:9b:5c:c5:a7:22:3d:65:
b6:74:93:5a:88:0e:15:7a:9c:1c:33:b0:d0:c4:39:
68:7d:28:e2:59:18:12:bc:bd:46:5c:d6:9b:23:99:
94:25:b4:57:5c:9d:c4:6f:4d:4d:25:f5:70:be:77:
1c:b7:83:c0:6b:7d:7f:fd:62:ac:a4:24:68:e9:12:
e9:79:0f:a4:6f:f4:be:db:5d:4b:07:3e:dc:6c:2a:
9c:03:95:64:c7:81:c4:92:35:b3:28:4b:f5:13:b1:
bb:69:7e:83:46:79:c3:09:5d:dc:28:5b:ab:ac:e8:
b1:65:1c:c9:70:6e:6d:00:58:4e:72:40:f5:66:70:
a0:7a:c8:e6:5a:8a:0f:92:0c:ed:a0:95:d9:d8:ab:
1c:e5:8e:7b:88:19:b3:48:e4:da:af:7e:8e:89:e0:
fb:f4:69:99:f6:a6:cc:cc:18:c5:0a:89:0c:26:40:
87:ff:05:d8:0f:fc:82:d5:f4:1a:87:f1:bd:93:f5:
c9:bd:ce:6b:b5:bf:53:e0:b8:4a:60:13:47:45:f7:
f3:fe:6a:be:13:f6:1c:63:cb:9a:d1:c7:65:52:0c:
5c:12:1e:b3:8e:10:59:8f:51:68:65:3b:cb:e8:b4:
fc:df:ab:6d:28:34:45:39:13:9b:86:a8:19:13:52:
e6:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:AA:7B:4C:94:91:44:BA:04:D3:0A:08:F8:F2:F1:9F:8C:95:F6:6E
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/HKp7TJSRRLoE0woI-PLxn4yV9m4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
185.24.148.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
85:b9:9f:82:f8:f8:d8:ae:dd:05:91:18:6d:9e:e1:b4:54:06:
1e:23:0d:1e:bf:21:ec:5a:e9:af:69:fd:09:cf:0a:06:67:88:
f6:dd:21:7d:6a:8a:35:6e:31:16:b2:5c:60:b4:d7:73:7e:27:
0f:04:56:71:99:08:af:3e:1c:47:11:c2:54:ec:4a:d9:5b:f9:
99:21:27:27:25:cb:04:ff:26:be:80:85:30:95:09:c0:c0:75:
81:f9:1f:19:de:ca:89:57:18:34:03:64:67:9f:28:fd:6a:f6:
0d:0b:2c:1e:84:e1:6d:6f:e6:fd:59:bf:2e:ce:f7:9f:cf:a6:
a3:96:54:ac:02:67:9d:ed:68:b8:5a:2d:c0:19:50:14:32:c0:
c8:1a:e6:be:d3:71:7d:17:13:4a:d5:c2:62:51:3e:d8:98:f9:
8c:36:9c:4b:36:72:fc:5a:41:33:79:c6:ff:9d:49:92:0d:c4:
2d:b4:d3:e3:14:96:6f:6c:a0:a6:96:09:88:a7:af:73:af:88:
88:aa:a0:66:94:88:77:1a:83:91:64:18:96:8d:e1:8a:d2:42:
4f:08:db:59:bd:33:84:1a:ce:65:3a:42:ce:ca:46:8f:b3:04:
6c:d8:a2:de:10:c7:64:5f:20:ef:af:16:b9:45:59:d2:d7:4e:
47:ca:6b:de
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEOn6S2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDYw
MTA3MjgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNhYTdiNGM5NDkx
NDRiYTA0ZDMwYTA4ZjhmMmYxOWY4Yzk1ZjY2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJvcM1RX8pObXMWnIj1ltnSTWogOFXqcHDOw0MQ5aH0o4lkY
Ery9RlzWmyOZlCW0V1ydxG9NTSX1cL53HLeDwGt9f/1irKQkaOkS6XkPpG/0vttd
Swc+3GwqnAOVZMeBxJI1syhL9ROxu2l+g0Z5wwld3Chbq6zosWUcyXBubQBYTnJA
9WZwoHrI5lqKD5IM7aCV2dirHOWOe4gZs0jk2q9+jong+/RpmfamzMwYxQqJDCZA
h/8F2A/8gtX0GofxvZP1yb3Oa7W/U+C4SmATR0X38/5qvhP2HGPLmtHHZVIMXBIe
s44QWY9RaGU7y+i0/N+rbSg0RTkTm4aoGRNS5p0CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQcqntMlJFEugTTCgj48vGfjJX2bjAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
L0hLcDdUSlNSUkxvRTB3b0ktUEx4bjR5VjltNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAC4mgQMEAC4mgwMEAC4mjAMEALkY
lAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
hbmfgvj42K7dBZEYbZ7htFQGHiMNHr8h7Frpr2n9Cc8KBmeI9t0hfWqKNW4xFrJc
YLTXc34nDwRWcZkIrz4cRxHCVOxK2Vv5mSEnJyXLBP8mvoCFMJUJwMB1gfkfGd7K
iVcYNANkZ58o/Wr2DQssHoThbW/m/Vm/Ls73n8+mo5ZUrAJnne1ouFotwBlQFDLA
yBrmvtNxfRcTStXCYlE+2Jj5jDacSzZy/FpBM3nG/51Jkg3ELbTT4xSWb2ygppYJ
iKevc6+IiKqgZpSIdxqDkWQYlo3hitJCTwjbWb0zhBrOZTpCzspGj7MEbNii3hDH
ZF8g768WuUVZ0tdOR8pr3g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:06 2024 by rpki-client on console-ams.rpki-client.org