Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Hb4SI-xwwkroZAD5Ccfeb_qu4Sg.roa
File: Hb4SI-xwwkroZAD5Ccfeb_qu4Sg.roa (raw, json)
Hash identifier: Nk8RpnqyQaG+NsxNi+rVoTpVlSoU+jDhTOK7enxAy5w=
Subject key identifier: 1D:BE:12:23:EC:70:C2:4A:E8:64:00:F9:09:C7:DE:6F:FA:AE:E1:28
Certificate issuer: /CN=29ad8bfe07ad5d2ccb43b0d1dba6b192cb51dbea
Certificate serial: 149F57BD
Authority key identifier: 29:AD:8B:FE:07:AD:5D:2C:CB:43:B0:D1:DB:A6:B1:92:CB:51:DB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Hb4SI-xwwkroZAD5Ccfeb_qu4Sg.roa
Signing time: Sat 01 Jan 2022 15:57:02 +0000
ROA not before: Sat 01 Jan 2022 15:57:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63949
IP address blocks: 151.236.216.0/21 maxlen: 24
80.85.84.0/22 maxlen: 24
176.58.96.0/19 maxlen: 24
212.71.232.0/21 maxlen: 24
212.71.244.0/22 maxlen: 24
194.233.160.0/21 maxlen: 24
192.53.112.0/21 maxlen: 24
194.233.168.0/21 maxlen: 24
212.71.248.0/21 maxlen: 24
85.159.208.0/21 maxlen: 24
88.80.184.0/21 maxlen: 24
192.53.124.0/22 maxlen: 24
194.233.176.0/21 maxlen: 24
192.53.120.0/22 maxlen: 24
109.237.24.0/22 maxlen: 24
194.233.184.0/21 maxlen: 24
192.46.208.0/21 maxlen: 24
192.46.216.0/22 maxlen: 24
192.46.222.0/23 maxlen: 24
192.46.220.0/23 maxlen: 24
192.46.224.0/21 maxlen: 24
192.46.232.0/21 maxlen: 24
192.53.160.0/21 maxlen: 24
192.53.168.0/23 maxlen: 24
192.53.172.0/22 maxlen: 24
192.53.170.0/23 maxlen: 24
213.52.128.0/22 maxlen: 24
178.79.128.0/18 maxlen: 24
85.90.244.0/22 maxlen: 24
212.111.40.0/22 maxlen: 24
185.3.92.0/22 maxlen: 24
194.195.112.0/21 maxlen: 24
194.195.120.0/21 maxlen: 24
213.219.36.0/22 maxlen: 24
109.74.192.0/20 maxlen: 24
194.195.208.0/21 maxlen: 24
194.195.216.0/21 maxlen: 24
213.168.248.0/22 maxlen: 24
194.195.240.0/21 maxlen: 24
194.195.248.0/21 maxlen: 24
2a01:7e01::/32 maxlen: 48
2a01:7e00::/31 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 345987005 (0x149f57bd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ad8bfe07ad5d2ccb43b0d1dba6b192cb51dbea
Validity
Not Before: Jan 1 15:57:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1dbe1223ec70c24ae86400f909c7de6ffaaee128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:39:a8:f5:a6:bd:53:6a:29:5f:24:6f:7e:6e:
65:78:51:43:93:d6:b1:6c:cb:63:7e:f1:33:1e:2a:
5a:1a:2d:f9:b4:89:68:a0:2d:b4:62:c3:53:75:06:
2e:63:f5:4e:ce:90:70:00:99:48:32:0d:28:f2:0e:
47:04:bb:a6:80:4a:d6:6b:1a:78:19:db:e1:b6:9c:
03:3c:e1:aa:ce:d4:b8:cf:38:a9:42:f8:16:27:14:
43:32:df:91:bb:30:b4:f0:1b:cd:a4:de:83:dd:48:
32:15:eb:7b:2a:65:df:90:6a:9e:51:91:e4:63:bf:
37:20:80:ef:a8:a0:55:21:13:e5:ed:f4:60:6c:3e:
9b:2b:c8:47:66:75:07:28:da:dc:d8:3d:70:fb:3e:
51:a2:ad:f4:e2:14:4e:32:9b:29:53:cd:8c:4f:02:
33:78:80:0f:01:50:47:59:5e:a8:99:6d:84:78:6b:
08:15:cc:39:21:6a:63:2d:c9:d9:00:78:b8:1b:07:
70:60:44:e9:21:dc:d8:bd:01:33:8e:e2:f2:61:cc:
e2:5b:03:36:a4:8d:5f:cf:b2:59:ac:9b:30:74:03:
b0:de:06:c2:25:cd:2b:61:d8:89:40:04:d2:cd:70:
24:44:77:51:ca:c6:03:68:0b:05:71:24:04:b4:1e:
f0:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BE:12:23:EC:70:C2:4A:E8:64:00:F9:09:C7:DE:6F:FA:AE:E1:28
X509v3 Authority Key Identifier:
keyid:29:AD:8B:FE:07:AD:5D:2C:CB:43:B0:D1:DB:A6:B1:92:CB:51:DB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Hb4SI-xwwkroZAD5Ccfeb_qu4Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Ka2L_getXSzLQ7DR26axkstR2-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.84.0/22
85.90.244.0/22
85.159.208.0/21
88.80.184.0/21
109.74.192.0/20
109.237.24.0/22
151.236.216.0/21
176.58.96.0/19
178.79.128.0/18
185.3.92.0/22
192.46.208.0-192.46.239.255
192.53.112.0/20
192.53.160.0/20
194.195.112.0/20
194.195.208.0/20
194.195.240.0/20
194.233.160.0/19
212.71.232.0/21
212.71.244.0-212.71.255.255
212.111.40.0/22
213.52.128.0/22
213.168.248.0/22
213.219.36.0/22
IPv6:
2a01:7e00::/31
Signature Algorithm: sha256WithRSAEncryption
08:46:f8:48:7c:ed:56:f3:e7:7d:6d:19:49:44:b3:17:87:3a:
c5:52:45:56:78:2c:0c:7f:c5:8a:63:f7:73:6b:b3:70:ed:72:
6d:cc:c8:db:7a:d6:c5:f3:eb:c8:d4:a0:e5:4e:21:65:a0:f9:
98:a2:83:b9:db:2e:09:14:eb:7e:e7:03:b3:68:08:08:c6:d4:
34:4c:27:bd:37:97:c1:2a:cf:b9:3d:3b:e5:63:90:0b:1c:bc:
1b:66:aa:86:32:bf:b0:28:c9:fc:67:45:d1:84:86:0a:7b:2b:
2f:95:d4:f4:02:19:71:ce:49:87:29:39:5c:71:2b:a7:a0:6f:
3d:7c:c9:55:56:99:3e:75:cb:22:ed:f8:da:1f:ac:99:f6:8c:
e3:d0:c8:4f:c1:78:5b:6f:75:48:fc:b0:c0:59:0b:80:7b:ca:
05:31:0d:82:6b:5a:6a:c4:72:3a:6e:4e:4d:73:21:2b:f2:9f:
b8:d9:4a:4a:0e:ed:45:27:6c:65:e3:89:bd:b2:53:fd:2e:ba:
09:ea:4a:8f:96:81:8f:f1:35:23:b2:ca:10:cf:c2:c3:ae:d5:
56:31:15:4c:ce:ec:18:ca:fb:a3:5b:08:eb:07:e6:11:de:25:
e5:49:f0:31:24:6f:3b:01:e6:b0:9a:b2:b2:9f:27:29:9c:1d:
22:0a:ed:ca
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgIEFJ9XvTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OWFkOGJmZTA3YWQ1ZDJjY2I0M2IwZDFkYmE2YjE5MmNiNTFkYmVhMB4XDTIyMDEw
MTE1NTcwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRiZTEyMjNlYzcw
YzI0YWU4NjQwMGY5MDljN2RlNmZmYWFlZTEyODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKM5qPWmvVNqKV8kb35uZXhRQ5PWsWzLY37xMx4qWhot+bSJ
aKAttGLDU3UGLmP1Ts6QcACZSDINKPIORwS7poBK1msaeBnb4bacAzzhqs7UuM84
qUL4FicUQzLfkbswtPAbzaTeg91IMhXreypl35BqnlGR5GO/NyCA76igVSET5e30
YGw+myvIR2Z1Byja3Ng9cPs+UaKt9OIUTjKbKVPNjE8CM3iADwFQR1leqJlthHhr
CBXMOSFqYy3J2QB4uBsHcGBE6SHc2L0BM47i8mHM4lsDNqSNX8+yWaybMHQDsN4G
wiXNK2HYiUAE0s1wJER3UcrGA2gLBXEkBLQe8DsCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBQdvhIj7HDCSuhkAPkJx95v+q7hKDAfBgNVHSMEGDAWgBQprYv+B61dLMtD
sNHbprGSy1Hb6jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0thMkxfZ2V0WFN6TFE3RFIyNmF4a3N0UjItby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODMvMjM1ZDI2LTcwOTQtNGZlYi05Y2E5LTM3ODQ5OTM5OGYxOC8x
L0hiNFNJLXh3d2tyb1pBRDVDY2ZlYl9xdTRTZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODMv
MjM1ZDI2LTcwOTQtNGZlYi05Y2E5LTM3ODQ5OTM5OGYxOC8xL0thMkxfZ2V0WFN6
TFE3RFIyNmF4a3N0UjItby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xQYIKwYBBQUHAQcBAf8EgbUwgbIwgaAEAgABMIGZAwQCUFVUAwQCVVr0AwQDVZ/Q
AwQDWFC4AwQEbUrAAwQCbe0YAwQDl+zYAwQFsDpgAwQGsk+AAwQCuQNcMAwDBATA
LtADBATALuADBATANXADBATANaADBATCw3ADBATCw9ADBATCw/ADBAXC6aADBAPU
R+gwCwMEAtRH9AMDA9RAAwQC1G8oAwQC1TSAAwQC1aj4AwQC1dskMA0EAgACMAcD
BQEqAX4AMA0GCSqGSIb3DQEBCwUAA4IBAQAIRvhIfO1W8+d9bRlJRLMXhzrFUkVW
eCwMf8WKY/dza7Nw7XJtzMjbetbF8+vI1KDlTiFloPmYooO52y4JFOt+5wOzaAgI
xtQ0TCe9N5fBKs+5PTvlY5ALHLwbZqqGMr+wKMn8Z0XRhIYKeysvldT0AhlxzkmH
KTlccSunoG89fMlVVpk+dcsi7fjaH6yZ9ozj0MhPwXhbb3VI/LDAWQuAe8oFMQ2C
a1pqxHI6bk5NcyEr8p+42UpKDu1FJ2xl44m9slP9LroJ6kqPloGP8TUjssoQz8LD
rtVWMRVMzuwYyvujWwjrB+YR3iXlSfAxJG87AeawmrKynycpnB0iCu3K
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:22 2023 by rpki-client on console-ams.rpki-client.org