Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/hklzGA83lBNSx3RIq7flO-DU9lE.roa
File: hklzGA83lBNSx3RIq7flO-DU9lE.roa (raw, json)
Hash identifier: IEP0/Ciz3c7jFvmKdujznDpwfITuvJOGjWveOu5Q0Cc=
Subject key identifier: 86:49:73:18:0F:37:94:13:52:C7:74:48:AB:B7:E5:3B:E0:D4:F6:51
Certificate issuer: /CN=894928a39627cd5ee5f975bd897c2d775ab29940
Certificate serial: 018268E048385B1C425FD7F909FAFA5F01A8
Authority key identifier: 89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/hklzGA83lBNSx3RIq7flO-DU9lE.roa
Signing time: Thu 04 Aug 2022 12:41:45 +0000
ROA not before: Thu 04 Aug 2022 12:41:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9183
IP address blocks: 193.108.217.0/24 maxlen: 24
185.112.176.0/22 maxlen: 24
194.39.218.0/23 maxlen: 24
139.15.0.0/16 maxlen: 24
193.141.57.0/24 maxlen: 24
2a03:cc00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:68:e0:48:38:5b:1c:42:5f:d7:f9:09:fa:fa:5f:01:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=894928a39627cd5ee5f975bd897c2d775ab29940
Validity
Not Before: Aug 4 12:41:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=864973180f37941352c77448abb7e53be0d4f651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:43:87:ed:f8:12:c4:83:7b:6e:97:63:6f:ce:
7e:92:18:76:c1:23:34:2c:0a:b1:d7:2a:c8:5a:11:
54:ed:1a:1d:60:5e:25:09:16:73:d9:3e:74:e0:97:
98:1e:27:6d:fb:ac:b6:87:cc:b2:11:1f:58:2c:6b:
a3:d6:dc:89:14:9d:0c:c1:7c:4d:c1:ba:f4:e1:72:
b2:56:ac:e4:be:de:61:ae:ca:7d:e5:be:3c:50:f3:
0e:d0:07:86:6f:e0:85:97:87:58:23:b6:f6:73:71:
cf:a4:56:93:9e:77:b0:39:67:36:b6:33:0d:9f:6a:
8b:55:41:46:e2:94:d6:27:95:77:f3:e8:b1:3a:57:
c0:43:c6:6e:3e:fe:3b:ed:5c:32:12:67:84:93:dd:
b1:94:9f:c3:b3:5c:94:4f:12:9b:cc:d1:de:a4:a4:
13:8d:83:33:c0:39:8f:f0:2d:4e:9b:a4:b8:9f:47:
3c:51:4c:58:62:cd:db:14:4c:a1:8c:c0:07:33:04:
e1:5f:a7:38:29:06:6d:8a:19:53:af:25:c5:45:55:
7d:50:e1:61:e8:7b:74:2b:6e:78:aa:e2:b4:c6:fe:
4c:a6:fb:d5:e7:82:8c:ca:7f:ab:ba:f8:0d:9e:98:
92:89:2b:84:9a:b5:5b:3e:10:2a:0c:70:75:50:da:
45:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:49:73:18:0F:37:94:13:52:C7:74:48:AB:B7:E5:3B:E0:D4:F6:51
X509v3 Authority Key Identifier:
keyid:89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/hklzGA83lBNSx3RIq7flO-DU9lE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.15.0.0/16
185.112.176.0/22
193.108.217.0/24
193.141.57.0/24
194.39.218.0/23
IPv6:
2a03:cc00::/32
Signature Algorithm: sha256WithRSAEncryption
22:58:61:65:40:7e:cd:22:f8:d4:20:cc:5e:2d:dd:df:d6:c9:
1a:8f:db:ee:d9:52:85:b5:f6:d5:63:21:d6:b6:09:ad:91:57:
08:a7:c5:a6:b2:9c:90:21:47:8d:77:ae:3e:c5:7d:08:16:86:
71:bd:64:13:a9:51:39:3d:3f:c9:3b:87:1b:4f:82:ba:55:45:
65:cb:cd:6e:45:5c:2e:07:73:4e:6b:a9:d9:52:bf:e0:ce:f5:
ed:98:6c:85:c8:e7:f2:2a:f2:3f:88:48:de:a9:b3:e7:02:0e:
a7:35:22:2c:48:f6:28:1e:29:10:76:b7:ca:9e:4b:5c:f0:07:
9f:9b:bf:dd:50:79:15:7e:30:07:18:ef:1a:f8:41:f4:30:28:
c6:09:f8:a3:43:cf:56:30:ee:36:53:cb:d0:d1:23:68:db:89:
7d:21:29:22:f8:c5:2d:99:fc:c8:22:04:95:3c:e2:74:b2:03:
df:c9:46:90:42:4e:31:c7:9c:a7:9f:a0:28:14:61:7b:3b:29:
24:b4:26:9b:9d:65:cb:cb:b0:3b:b7:ff:ac:00:a5:bc:cc:1f:
70:60:ba:bf:38:b7:02:ed:7c:29:3b:e5:13:2a:cf:f8:44:d5:
99:85:32:c8:70:86:ea:00:d2:72:93:63:cf:5a:07:6e:bb:ba:
c5:c6:1b:21
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYJo4Eg4WxxCX9f5Cfr6XwGoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NDkyOGEzOTYyN2NkNWVlNWY5NzViZDg5N2MyZDc3NWFi
Mjk5NDAwHhcNMjIwODA0MTI0MTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjQ5NzMxODBmMzc5NDEzNTJjNzc0NDhhYmI3ZTUzYmUwZDRmNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUOH7fgSxIN7bpdjb85+khh2wSM0
LAqx1yrIWhFU7RodYF4lCRZz2T504JeYHidt+6y2h8yyER9YLGuj1tyJFJ0MwXxN
wbr04XKyVqzkvt5hrsp95b48UPMO0AeGb+CFl4dYI7b2c3HPpFaTnnewOWc2tjMN
n2qLVUFG4pTWJ5V38+ixOlfAQ8ZuPv477VwyEmeEk92xlJ/Ds1yUTxKbzNHepKQT
jYMzwDmP8C1Om6S4n0c8UUxYYs3bFEyhjMAHMwThX6c4KQZtihlTryXFRVV9UOFh
6Ht0K254quK0xv5MpvvV54KMyn+ruvgNnpiSiSuEmrVbPhAqDHB1UNpFuQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIZJcxgPN5QTUsd0SKu35Tvg1PZRMB8GA1UdIwQY
MBaAFIlJKKOWJ81e5fl1vYl8LXdasplAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEt
MTU5M2Q0MDQ1Y2JjLzEvaGtsekdBODNsQk5TeDNSSXE3ZmxPLURVOWxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEtMTU5M2Q0MDQ1Y2Jj
LzEvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAiw8DBAK5
cLADBADBbNkDBADBjTkDBAHCJ9owDQQCAAIwBwMFACoDzAAwDQYJKoZIhvcNAQEL
BQADggEBACJYYWVAfs0i+NQgzF4t3d/WyRqP2+7ZUoW19tVjIda2Ca2RVwinxaay
nJAhR413rj7FfQgWhnG9ZBOpUTk9P8k7hxtPgrpVRWXLzW5FXC4Hc05rqdlSv+DO
9e2YbIXI5/Iq8j+ISN6ps+cCDqc1IixI9igeKRB2t8qeS1zwB5+bv91QeRV+MAcY
7xr4QfQwKMYJ+KNDz1Yw7jZTy9DRI2jbiX0hKSL4xS2Z/MgiBJU84nSyA9/JRpBC
TjHHnKefoCgUYXs7KSS0JpudZcvLsDu3/6wApbzMH3Bgur84twLtfCk75RMqz/hE
1ZmFMshwhuoA0nKTY89aB267usXGGyE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:05 2024 by rpki-client on console-ams.rpki-client.org