Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/HDyZJTUmFL2etPTbhvSKDH7VTOw.roa
File: HDyZJTUmFL2etPTbhvSKDH7VTOw.roa (raw, json)
Hash identifier: NjgZ6VpHfMV40qOKlHG4O/Am4Sl5Ywpedz3xqM1dcKw=
Subject key identifier: 1C:3C:99:25:35:26:14:BD:9E:B4:F4:DB:86:F4:8A:0C:7E:D5:4C:EC
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 26D73594
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/HDyZJTUmFL2etPTbhvSKDH7VTOw.roa
Signing time: Thu 24 Mar 2022 12:32:48 +0000
ROA not before: Thu 24 Mar 2022 12:32:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42925
IP address blocks: 37.60.44.0/22 maxlen: 22
37.60.40.0/21 maxlen: 21
37.60.40.0/22 maxlen: 22
213.151.32.0/24 maxlen: 24
213.151.32.0/19 maxlen: 19
147.236.212.0/22 maxlen: 24
213.151.48.0/20 maxlen: 20
95.86.64.0/19 maxlen: 19
164.138.112.0/21 maxlen: 21
164.138.112.0/20 maxlen: 20
164.138.120.0/21 maxlen: 21
95.86.64.0/18 maxlen: 18
185.10.64.0/22 maxlen: 22
212.76.112.0/20 maxlen: 20
31.44.128.0/20 maxlen: 20
31.44.128.0/21 maxlen: 21
31.44.136.0/21 maxlen: 21
95.86.96.0/19 maxlen: 19
212.76.96.0/19 maxlen: 19
212.76.96.0/20 maxlen: 20
2a01:6507::/32 maxlen: 32
2a01:6500::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6500:a040::/46 maxlen: 46
2a01:6505::/32 maxlen: 32
2a01:6500:a044::/46 maxlen: 46
2a01:6502::/32 maxlen: 32
2a01:6503::/32 maxlen: 32
2a01:6500::/29 maxlen: 29
2a01:6500:a050::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6504::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a048::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 651638164 (0x26d73594)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: Mar 24 12:32:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c3c9925352614bd9eb4f4db86f48a0c7ed54cec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d0:e4:40:77:60:dd:cb:9f:01:5b:ad:be:32:
50:d0:3d:bc:e0:2a:00:65:26:ce:b7:d3:f5:e0:98:
d4:96:06:af:28:f5:b2:67:8e:dc:ac:b6:5b:db:27:
57:ef:b6:3e:39:73:1e:2d:dc:87:ad:0b:39:f5:40:
1b:50:2e:a0:6a:1b:f8:9a:c3:15:e1:50:65:82:8c:
5a:80:9f:60:2c:91:5a:99:b4:98:c5:9a:71:81:82:
37:a2:ad:ab:be:be:9e:5f:b8:aa:7c:14:25:2f:33:
0c:ab:c6:7d:d1:37:e0:28:80:d5:23:c9:86:2f:66:
db:35:a5:7e:43:4c:e8:b5:fe:3f:f4:84:6c:c0:9e:
70:89:fd:46:aa:89:78:ba:73:fa:49:e3:ec:67:e7:
05:19:c7:0b:32:b1:d6:b8:06:b7:d9:a4:76:e8:74:
77:47:4f:cb:7a:6c:ea:32:98:c4:f5:bd:85:8b:b4:
22:78:71:4f:de:e2:3e:bf:73:15:9b:e4:f0:5a:44:
56:a0:96:ad:52:dc:6f:6b:fa:a5:f3:a0:8b:70:63:
b8:56:43:c8:26:c4:06:da:fb:36:ce:7c:3b:bd:a2:
3e:c1:ed:3f:72:7b:da:8e:91:bc:c2:ce:9a:3c:8b:
8e:e1:f5:0b:94:35:bb:cf:1b:e3:c2:7e:25:eb:43:
71:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:3C:99:25:35:26:14:BD:9E:B4:F4:DB:86:F4:8A:0C:7E:D5:4C:EC
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/HDyZJTUmFL2etPTbhvSKDH7VTOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.212.0/22
164.138.112.0/20
185.10.64.0/22
212.76.96.0/19
213.151.32.0/19
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
95:f8:89:2a:10:1c:49:36:a4:f9:36:53:46:9b:31:85:95:a9:
c3:bc:83:ae:2a:95:ae:f4:fe:2f:34:06:98:50:e2:e3:81:67:
ce:1f:b2:32:7d:74:d0:98:c2:70:85:60:72:32:c2:b7:21:96:
64:dc:4b:e8:ca:7c:3d:73:70:34:2b:19:18:76:41:36:2c:a0:
29:b0:83:05:68:ba:53:68:c6:45:7e:91:4e:67:55:8d:81:f9:
9e:89:8f:6c:77:ca:74:53:f7:04:0d:fa:19:a5:97:12:89:9c:
6e:b3:60:1c:53:ab:70:d4:02:42:83:99:8c:c4:f9:68:da:b9:
a2:35:34:2f:5f:ea:89:dc:15:95:e8:dd:2e:51:63:8e:7b:4f:
8a:61:ef:31:a1:05:c5:fb:aa:45:1a:67:86:7b:9a:6b:06:c5:
c8:06:e3:62:b5:42:e7:3d:80:d9:36:88:35:8e:ea:f1:54:8b:
66:92:8b:4e:b4:7a:3c:9d:f5:ce:02:83:7b:16:6d:a5:47:17:
67:70:dd:6a:42:df:4d:98:b9:1a:43:59:de:d9:0f:17:54:e0:
52:5e:cb:b3:49:c7:bf:d3:9d:41:68:9a:29:f5:63:c5:64:28:
7f:b1:61:53:e8:40:74:f6:60:df:da:8f:43:39:8f:04:e6:9b:
0b:4b:79:e9
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEJtc1lDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2NkMGNhY2ZhZmEyZTBkMzE0OTVkZDk1MGY3NmFmNWY5OGJhNWQ3MB4XDTIyMDMy
NDEyMzI0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMzYzk5MjUzNTI2
MTRiZDllYjRmNGRiODZmNDhhMGM3ZWQ1NGNlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjQ5EB3YN3LnwFbrb4yUNA9vOAqAGUmzrfT9eCY1JYGryj1
smeO3Ky2W9snV++2PjlzHi3ch60LOfVAG1AuoGob+JrDFeFQZYKMWoCfYCyRWpm0
mMWacYGCN6Ktq76+nl+4qnwUJS8zDKvGfdE34CiA1SPJhi9m2zWlfkNM6LX+P/SE
bMCecIn9RqqJeLpz+knj7GfnBRnHCzKx1rgGt9mkduh0d0dPy3ps6jKYxPW9hYu0
InhxT97iPr9zFZvk8FpEVqCWrVLcb2v6pfOgi3BjuFZDyCbEBtr7Ns58O72iPsHt
P3J72o6RvMLOmjyLjuH1C5Q1u88b48J+JetDcdcCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBQcPJklNSYUvZ609NuG9IoMftVM7DAfBgNVHSMEGDAWgBR8zQys+vouDTFJ
XdlQ92r1+Yul1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZNME1yUHI2TGcweFNWM1pVUGRxOWZtTHBkYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvYmU1ZGNmLWNiMDUtNDYxYS04NjhlLTQzOWZjOGY5YjM4Ni8x
L0hEeVpKVFVtRkwyZXRQVGJodlNLREg3VlRPdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
YmU1ZGNmLWNiMDUtNDYxYS04NjhlLTQzOWZjOGY5YjM4Ni8xL2ZNME1yUHI2TGcw
eFNWM1pVUGRxOWZtTHBkYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBB8sgAMEAyU8KAMEBl9WQAMEApPs
1AMEBKSKcAMEArkKQAMEBdRMYAMEBdWXIDANBAIAAjAHAwUDKgFlADANBgkqhkiG
9w0BAQsFAAOCAQEAlfiJKhAcSTak+TZTRpsxhZWpw7yDriqVrvT+LzQGmFDi44Fn
zh+yMn100JjCcIVgcjLCtyGWZNxL6Mp8PXNwNCsZGHZBNiygKbCDBWi6U2jGRX6R
TmdVjYH5nomPbHfKdFP3BA36GaWXEomcbrNgHFOrcNQCQoOZjMT5aNq5ojU0L1/q
idwVlejdLlFjjntPimHvMaEFxfuqRRpnhnuaawbFyAbjYrVC5z2A2TaINY7q8VSL
ZpKLTrR6PJ31zgKDexZtpUcXZ3DdakLfTZi5GkNZ3tkPF1TgUl7Ls0nHv9OdQWia
KfVjxWQof7FhU+hAdPZg39qPQzmPBOabC0t56Q==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:00 2024 by rpki-client on console-fra.rpki-client.org