Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/HCJpumoRJPQIsu6uPdF4lgbDBQ0.roa
File: HCJpumoRJPQIsu6uPdF4lgbDBQ0.roa (raw, json)
Hash identifier: wWcTn3RmiQp1HbjzIwZ+GwvpH8YdNXaL768tqyFeHAg=
Subject key identifier: 1C:22:69:BA:6A:11:24:F4:08:B2:EE:AE:3D:D1:78:96:06:C3:05:0D
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 37E832EA
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/HCJpumoRJPQIsu6uPdF4lgbDBQ0.roa
Signing time: Sun 02 Jan 2022 08:03:51 +0000
ROA not before: Sun 02 Jan 2022 08:03:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51440
IP address blocks: 46.253.85.0/24 maxlen: 24
46.253.84.0/24 maxlen: 24
46.253.83.0/24 maxlen: 24
46.253.82.0/24 maxlen: 24
46.253.81.0/24 maxlen: 24
46.253.80.0/21 maxlen: 21
46.253.80.0/24 maxlen: 24
46.253.86.0/24 maxlen: 24
46.253.87.0/24 maxlen: 24
185.71.141.0/24 maxlen: 24
185.71.140.0/24 maxlen: 24
185.71.143.0/24 maxlen: 24
185.71.142.0/24 maxlen: 24
185.21.123.0/24 maxlen: 24
185.21.122.0/24 maxlen: 24
185.21.121.0/24 maxlen: 24
185.21.120.0/22 maxlen: 22
185.21.120.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 937964266 (0x37e832ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Jan 2 08:03:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c2269ba6a1124f408b2eeae3dd1789606c3050d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:22:5e:72:aa:e8:48:6d:8b:71:25:8f:12:67:
a9:82:c7:be:e1:0b:9a:2d:5e:18:cd:51:4d:c7:32:
2d:67:0a:8c:65:d7:f7:36:42:33:92:93:81:e0:bb:
0c:24:b8:f8:e5:9e:e1:1a:af:f8:52:57:4a:46:c3:
11:84:f1:ff:bd:43:1e:69:a4:52:b6:ce:30:ce:2b:
a4:fd:68:4d:4a:08:30:e1:08:0f:84:22:c5:84:55:
dd:48:e6:94:b6:ff:49:8d:44:4a:07:a7:e2:18:60:
40:89:96:68:05:4d:1a:37:d3:8f:95:2a:d3:5a:e1:
7a:93:f7:b8:ad:50:38:7c:e9:92:a2:cc:13:99:84:
21:f9:aa:b4:c3:bb:b7:7e:3d:26:fc:b2:8a:3a:69:
d1:30:68:78:eb:b6:dd:11:5a:da:bc:ad:41:36:2e:
b2:69:af:3e:1c:71:10:d4:8b:7f:68:ce:0e:28:d9:
a5:b7:8e:3e:61:fc:16:35:a1:0b:d0:51:b8:bb:8e:
f2:25:36:29:0a:8c:78:20:bb:52:6f:fe:58:71:f0:
ad:41:f4:a9:0c:95:5d:54:93:60:d7:a7:a9:84:62:
9f:2a:17:9c:50:ed:4d:71:bb:35:64:1d:5a:27:b2:
56:be:34:e0:22:5e:3b:ab:0d:82:60:3c:64:6d:af:
25:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:22:69:BA:6A:11:24:F4:08:B2:EE:AE:3D:D1:78:96:06:C3:05:0D
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/HCJpumoRJPQIsu6uPdF4lgbDBQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.80.0/21
185.21.120.0/22
185.71.140.0/22
Signature Algorithm: sha256WithRSAEncryption
cc:38:e2:fd:a0:aa:0d:3a:79:3a:75:f4:d2:77:6f:70:8e:2d:
db:b1:b7:28:38:fe:43:6a:0b:06:35:0a:20:c5:6c:4c:ed:c5:
86:65:18:eb:24:71:85:cc:7a:28:8e:bf:a4:dd:f3:75:65:fa:
6b:66:ff:bc:b2:49:9c:e5:12:c3:6b:70:35:f3:50:9b:85:46:
c5:25:78:6d:4f:68:b5:e8:82:e6:ed:aa:a1:17:80:d8:3f:02:
dc:cc:5c:ff:93:a5:07:93:68:90:3a:d1:5a:24:ea:75:21:05:
ba:1c:24:77:e7:73:12:a7:6f:a8:0c:04:fe:46:1f:5b:ed:56:
f7:b3:0c:e2:73:49:85:b3:ae:da:a8:3c:58:ce:90:59:f8:20:
0c:cc:bb:a2:cf:be:b4:3b:0c:6e:dd:54:c3:bd:e8:c7:2e:dd:
ad:7d:df:db:b8:f2:46:c4:5a:cd:3e:81:2b:82:01:f5:f7:60:
0e:26:7f:c4:e3:64:10:1d:11:ec:44:44:25:aa:06:26:61:a1:
e6:8e:0d:66:bc:e7:40:cc:af:2d:ec:6e:74:c2:35:fe:7f:91:
56:29:fa:d3:aa:8c:57:81:54:30:4c:68:ee:f2:68:8d:1d:ed:
b4:1b:d8:e4:f4:a1:01:ff:1b:f3:52:a0:ed:73:39:e9:0d:64:
6a:5c:01:24
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEN+gy6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZDk3YzdjYTA1YmNjM2Q2YTJhZDFiYTIzNWJlZDhmZWFiNjk0NTUwMB4XDTIyMDEw
MjA4MDM1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMyMjY5YmE2YTEx
MjRmNDA4YjJlZWFlM2RkMTc4OTYwNmMzMDUwZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKoiXnKq6Ehti3EljxJnqYLHvuELmi1eGM1RTccyLWcKjGXX
9zZCM5KTgeC7DCS4+OWe4Rqv+FJXSkbDEYTx/71DHmmkUrbOMM4rpP1oTUoIMOEI
D4QixYRV3UjmlLb/SY1ESgen4hhgQImWaAVNGjfTj5Uq01rhepP3uK1QOHzpkqLM
E5mEIfmqtMO7t349Jvyyijpp0TBoeOu23RFa2rytQTYusmmvPhxxENSLf2jODijZ
pbeOPmH8FjWhC9BRuLuO8iU2KQqMeCC7Um/+WHHwrUH0qQyVXVSTYNenqYRinyoX
nFDtTXG7NWQdWieyVr404CJeO6sNgmA8ZG2vJd8CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQcImm6ahEk9Aiy7q490XiWBsMFDTAfBgNVHSMEGDAWgBTdl8fKBbzD1qKt
G6I1vtj+q2lFUDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNaZkh5Z1c4dzlhaXJSdWlOYjdZX3F0cFJWQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzUvZTMyYTlhLTgzZTAtNGZiOS1hYzcxLTRkNGIxNjE0NGQ2OC8x
L0hDSnB1bW9SSlBRSXN1NnVQZEY0bGdiREJRMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzUv
ZTMyYTlhLTgzZTAtNGZiOS1hYzcxLTRkNGIxNjE0NGQ2OC8xLzNaZkh5Z1c4dzlh
aXJSdWlOYjdZX3F0cFJWQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAy79UAMEArkVeAMEArlHjDANBgkq
hkiG9w0BAQsFAAOCAQEAzDji/aCqDTp5OnX00ndvcI4t27G3KDj+Q2oLBjUKIMVs
TO3FhmUY6yRxhcx6KI6/pN3zdWX6a2b/vLJJnOUSw2twNfNQm4VGxSV4bU9oteiC
5u2qoReA2D8C3Mxc/5OlB5NokDrRWiTqdSEFuhwkd+dzEqdvqAwE/kYfW+1W97MM
4nNJhbOu2qg8WM6QWfggDMy7os++tDsMbt1Uw73oxy7drX3f27jyRsRazT6BK4IB
9fdgDiZ/xONkEB0R7EREJaoGJmGh5o4NZrznQMyvLexudMI1/n+RVin606qMV4FU
MExo7vJojR3ttBvY5PShAf8b81Kg7XM56Q1kalwBJA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:03 2023 by rpki-client on console-fra.rpki-client.org