Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/hLVm4s5rTCCHrru2D9RtV_xjkC8.roa
File: hLVm4s5rTCCHrru2D9RtV_xjkC8.roa (raw, json)
Hash identifier: J7Io3dCS0XHYEwF8C11qSWeFvqbXX7gXf+wMSKUoYps=
Subject key identifier: 84:B5:66:E2:CE:6B:4C:20:87:AE:BB:B6:0F:D4:6D:57:FC:63:90:2F
Certificate issuer: /CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Certificate serial: 272928E0
Authority key identifier: 7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/hLVm4s5rTCCHrru2D9RtV_xjkC8.roa
Signing time: Wed 27 Apr 2022 15:27:58 +0000
ROA not before: Wed 27 Apr 2022 15:27:58 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42925
IP address blocks: 37.60.44.0/22 maxlen: 22
37.60.40.0/21 maxlen: 21
37.60.40.0/22 maxlen: 22
213.151.32.0/24 maxlen: 24
213.151.32.0/19 maxlen: 19
147.236.212.0/22 maxlen: 24
213.151.48.0/20 maxlen: 20
95.86.64.0/19 maxlen: 19
164.138.112.0/21 maxlen: 21
164.138.112.0/20 maxlen: 20
164.138.120.0/21 maxlen: 21
95.86.64.0/18 maxlen: 18
185.10.64.0/22 maxlen: 22
212.76.112.0/20 maxlen: 20
31.44.128.0/20 maxlen: 22
31.44.128.0/21 maxlen: 21
31.44.136.0/21 maxlen: 21
95.86.96.0/19 maxlen: 19
212.76.96.0/19 maxlen: 19
212.76.96.0/20 maxlen: 20
2a01:6507::/32 maxlen: 32
2a01:6500::/32 maxlen: 32
2a01:6506::/32 maxlen: 32
2a01:6500:a040::/46 maxlen: 46
2a01:6505::/32 maxlen: 32
2a01:6500:a044::/46 maxlen: 46
2a01:6502::/32 maxlen: 32
2a01:6503::/32 maxlen: 32
2a01:6500::/29 maxlen: 29
2a01:6500:a050::/46 maxlen: 46
2a01:6501::/32 maxlen: 32
2a01:6504::/32 maxlen: 32
2a01:6500:3::/48 maxlen: 48
2a01:6500:a048::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 657008864 (0x272928e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ccd0cacfafa2e0d31495dd950f76af5f98ba5d7
Validity
Not Before: Apr 27 15:27:58 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=84b566e2ce6b4c2087aebbb60fd46d57fc63902f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:ed:33:1a:37:05:1e:47:eb:34:2e:d6:2f:02:
1b:f4:83:28:f1:96:03:c4:39:b3:5d:ee:97:64:32:
b9:04:44:da:57:03:69:34:b8:7c:76:a4:c6:5b:19:
af:11:d8:8a:27:80:e8:7a:45:bd:4a:10:dd:5e:5e:
07:e3:cf:c1:c1:52:0c:3b:e5:64:01:97:7e:67:47:
9b:fc:00:96:c3:d9:2d:2e:6b:3f:c6:54:7c:b8:58:
bf:9e:a9:fd:62:56:83:be:f8:fc:7f:b7:f7:1f:22:
86:aa:52:58:fa:a6:96:22:a1:fd:c4:c1:2f:ee:d4:
d6:13:59:16:a0:d0:cf:66:3a:7f:ba:df:97:35:dd:
13:d4:c2:28:3a:38:40:52:50:97:78:f5:c4:f2:d6:
f6:36:dd:15:af:27:38:23:3d:95:0d:81:79:8d:11:
e2:eb:f8:70:14:10:7d:7f:a0:d5:26:0e:11:d6:34:
42:e1:2c:ca:c9:7e:af:a9:58:39:35:93:1c:ab:f5:
27:37:f1:ea:36:8e:fd:e8:a8:f2:62:78:71:72:2b:
54:17:6f:04:e4:84:c3:b7:4d:47:26:6c:06:7c:a1:
3e:29:46:b3:a6:c7:29:b6:39:86:f2:31:27:34:c2:
99:52:4f:cf:f2:a0:44:1c:c6:a4:35:2e:eb:49:53:
84:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:B5:66:E2:CE:6B:4C:20:87:AE:BB:B6:0F:D4:6D:57:FC:63:90:2F
X509v3 Authority Key Identifier:
keyid:7C:CD:0C:AC:FA:FA:2E:0D:31:49:5D:D9:50:F7:6A:F5:F9:8B:A5:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/hLVm4s5rTCCHrru2D9RtV_xjkC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/be5dcf-cb05-461a-868e-439fc8f9b386/1/fM0MrPr6Lg0xSV3ZUPdq9fmLpdc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.128.0/20
37.60.40.0/21
95.86.64.0/18
147.236.212.0/22
164.138.112.0/20
185.10.64.0/22
212.76.96.0/19
213.151.32.0/19
IPv6:
2a01:6500::/29
Signature Algorithm: sha256WithRSAEncryption
4d:f2:bc:b1:7d:50:e8:85:64:84:c8:73:23:ca:05:8f:58:f6:
dc:69:a7:27:80:03:51:0a:1e:8d:8b:ad:69:a0:e8:69:1d:cb:
19:46:e4:c0:f4:f7:3d:2f:ff:38:b8:b6:c9:f6:52:0f:14:99:
56:1d:c9:5e:61:ac:3a:c4:8d:3e:31:c9:25:7c:8b:5e:ad:9d:
45:d0:15:96:89:93:83:d3:14:ec:46:7f:8a:f8:45:8e:4a:c2:
d2:66:6b:fa:d6:e2:93:eb:25:a4:8c:8b:a0:ca:dc:b3:46:62:
b2:3d:29:35:c8:bc:ef:35:da:b5:af:01:bf:48:1f:b8:90:6b:
f6:94:82:b4:a2:21:2f:eb:bc:11:e3:7f:db:dc:b2:d6:c3:33:
ce:be:8e:0f:6b:ee:fe:3f:85:15:16:e1:bd:a9:9d:fe:43:15:
31:78:4f:be:0c:61:61:4c:87:cc:73:d7:e6:bf:2f:f7:ae:a4:
bc:d6:6c:af:a2:03:2f:3a:5e:01:ea:f8:b8:3e:43:01:87:03:
68:d7:cc:13:2d:e3:a8:4f:6d:4b:28:98:30:dc:c9:b5:31:43:
34:55:d4:a3:06:51:a1:e8:81:db:a8:e2:a2:60:e7:c5:b3:83:
20:57:38:25:42:3e:2f:0d:28:b2:82:db:10:c5:0f:62:9f:84:
1b:45:4b:61
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEJyko4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
Y2NkMGNhY2ZhZmEyZTBkMzE0OTVkZDk1MGY3NmFmNWY5OGJhNWQ3MB4XDTIyMDQy
NzE1Mjc1OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODRiNTY2ZTJjZTZi
NGMyMDg3YWViYmI2MGZkNDZkNTdmYzYzOTAyZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ/tMxo3BR5H6zQu1i8CG/SDKPGWA8Q5s13ul2QyuQRE2lcD
aTS4fHakxlsZrxHYiieA6HpFvUoQ3V5eB+PPwcFSDDvlZAGXfmdHm/wAlsPZLS5r
P8ZUfLhYv56p/WJWg774/H+39x8ihqpSWPqmliKh/cTBL+7U1hNZFqDQz2Y6f7rf
lzXdE9TCKDo4QFJQl3j1xPLW9jbdFa8nOCM9lQ2BeY0R4uv4cBQQfX+g1SYOEdY0
QuEsysl+r6lYOTWTHKv1Jzfx6jaO/eio8mJ4cXIrVBdvBOSEw7dNRyZsBnyhPilG
s6bHKbY5hvIxJzTCmVJPz/KgRBzGpDUu60lThG0CAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBSEtWbizmtMIIeuu7YP1G1X/GOQLzAfBgNVHSMEGDAWgBR8zQys+vouDTFJ
XdlQ92r1+Yul1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZNME1yUHI2TGcweFNWM1pVUGRxOWZtTHBkYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzMvYmU1ZGNmLWNiMDUtNDYxYS04NjhlLTQzOWZjOGY5YjM4Ni8x
L2hMVm00czVyVENDSHJydTJEOVJ0Vl94amtDOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzMv
YmU1ZGNmLWNiMDUtNDYxYS04NjhlLTQzOWZjOGY5YjM4Ni8xL2ZNME1yUHI2TGcw
eFNWM1pVUGRxOWZtTHBkYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEBB8sgAMEAyU8KAMEBl9WQAMEApPs
1AMEBKSKcAMEArkKQAMEBdRMYAMEBdWXIDANBAIAAjAHAwUDKgFlADANBgkqhkiG
9w0BAQsFAAOCAQEATfK8sX1Q6IVkhMhzI8oFj1j23GmnJ4ADUQoejYutaaDoaR3L
GUbkwPT3PS//OLi2yfZSDxSZVh3JXmGsOsSNPjHJJXyLXq2dRdAVlomTg9MU7EZ/
ivhFjkrC0mZr+tbik+slpIyLoMrcs0Zisj0pNci87zXata8Bv0gfuJBr9pSCtKIh
L+u8EeN/29yy1sMzzr6OD2vu/j+FFRbhvamd/kMVMXhPvgxhYUyHzHPX5r8v966k
vNZsr6IDLzpeAer4uD5DAYcDaNfMEy3jqE9tSyiYMNzJtTFDNFXUowZRoeiB26ji
omDnxbODIFc4JUI+Lw0osoLbEMUPYp+EG0VLYQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:14:37 2025 by rpki-client