Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/HTOLRK2d9mGXcMJySkMqinYOv74.roa
File: HTOLRK2d9mGXcMJySkMqinYOv74.roa (raw, json)
Hash identifier: xo6EWoFUrVKyxItRov5wMAZK2cCqenIoGiR1BkYgmwA=
Subject key identifier: 1D:33:8B:44:AD:9D:F6:61:97:70:C2:72:4A:43:2A:8A:76:0E:BF:BE
Certificate issuer: /CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Certificate serial: 0807E6B2
Authority key identifier: 16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/HTOLRK2d9mGXcMJySkMqinYOv74.roa
Signing time: Sat 01 Jan 2022 07:54:54 +0000
ROA not before: Sat 01 Jan 2022 07:54:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51559
IP address blocks: 89.252.189.0/24 maxlen: 24
185.126.217.0/24 maxlen: 24
185.126.219.0/24 maxlen: 24
2a06:c400::/48 maxlen: 48
2a06:c400:b::/48 maxlen: 48
2a06:c400:6::/48 maxlen: 48
2a06:c400:1::/48 maxlen: 48
2a06:c400:4::/48 maxlen: 48
2a06:c400:f::/48 maxlen: 48
2a06:c400:a::/48 maxlen: 48
2a06:c400:5::/48 maxlen: 48
2a06:c400:8::/48 maxlen: 48
2a06:c400:3::/48 maxlen: 48
2a06:c400:e::/48 maxlen: 48
2a06:c400:9::/48 maxlen: 48
2a06:c400:c::/48 maxlen: 48
2a06:c400:7::/48 maxlen: 48
2a06:c400:2::/48 maxlen: 48
2a06:c400:d::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134735538 (0x807e6b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=168600dfac9d3d1a75e6630d697102f2f2132c48
Validity
Not Before: Jan 1 07:54:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d338b44ad9df6619770c2724a432a8a760ebfbe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f6:f9:9d:fa:28:6a:0d:2e:44:16:7e:7d:12:
e8:e1:45:9c:4f:9a:8c:09:1c:6f:dc:cf:5b:95:7e:
44:6b:a9:5e:ef:e0:60:ac:ee:3f:af:d9:9c:7b:81:
8f:12:42:46:2f:e3:01:6b:6e:b8:f0:c4:da:38:09:
b8:7a:8b:ca:00:bb:ab:24:a7:08:1c:74:20:04:53:
b0:87:bd:1a:f5:2a:90:b4:b8:25:ba:4f:46:03:ae:
4d:04:23:54:6b:49:f1:28:78:c1:a0:9b:82:0f:94:
c4:6c:55:d2:cf:5f:1d:7b:11:54:2b:a7:b8:2f:f3:
13:fe:00:a4:1f:92:40:63:3a:d7:a9:ef:49:57:f3:
95:08:ea:57:f9:48:b6:6d:be:7f:d4:ac:0f:c1:8a:
ad:67:57:78:b1:29:da:a3:a6:83:47:c2:3d:64:6b:
79:ad:a8:1c:42:e0:bb:21:51:82:3a:e4:74:e3:28:
d9:b3:16:ee:b1:e3:cd:2b:af:f9:67:57:cc:3e:e2:
3d:75:c9:c9:ec:cd:aa:18:a1:b8:91:a1:53:3a:4b:
19:79:c8:9a:15:d9:15:08:3a:33:15:05:e9:80:0f:
5f:ea:1a:ed:7d:a5:cc:0a:85:c7:de:a3:e6:3d:53:
eb:6c:57:c8:c0:e6:85:32:13:32:fb:50:0d:fe:b5:
c8:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:8B:44:AD:9D:F6:61:97:70:C2:72:4A:43:2A:8A:76:0E:BF:BE
X509v3 Authority Key Identifier:
keyid:16:86:00:DF:AC:9D:3D:1A:75:E6:63:0D:69:71:02:F2:F2:13:2C:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FoYA36ydPRp15mMNaXEC8vITLEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/HTOLRK2d9mGXcMJySkMqinYOv74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/af35c3-7f81-4829-8dba-18dbe6504bb4/1/FoYA36ydPRp15mMNaXEC8vITLEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.189.0/24
185.126.217.0/24
185.126.219.0/24
IPv6:
2a06:c400::/44
Signature Algorithm: sha256WithRSAEncryption
8a:ad:45:8d:ff:7d:e9:55:f5:6f:9c:09:96:72:86:96:c8:44:
9e:85:ba:14:44:46:16:8c:47:6f:77:1e:16:e7:9f:52:dc:f8:
a6:a2:35:40:00:0a:cb:14:fb:42:28:d8:93:59:57:3b:5f:64:
74:a3:97:8a:91:b8:05:2d:84:83:10:b0:ff:0d:7f:5c:8c:a2:
28:b5:56:0e:c7:53:a2:3d:f2:09:aa:94:ff:bb:9d:d4:6b:a6:
8a:5d:42:c9:ed:5a:40:4d:ec:a7:83:a1:ec:24:71:25:c1:30:
2d:5d:72:37:a9:af:81:6c:22:5e:ed:08:84:e4:35:8d:c3:e8:
8a:4a:40:05:a4:84:2b:d1:73:99:1e:53:98:f5:6e:cd:4f:b8:
f8:4e:9c:70:0d:24:dd:c9:0e:26:7f:2d:21:40:d7:72:be:fe:
11:60:28:6e:e2:02:a3:49:1f:2f:2f:3b:bb:59:e4:d0:04:30:
d3:a6:6d:6c:39:44:2c:ae:19:78:51:84:89:35:8c:fd:ec:77:
f4:d8:0e:d8:24:57:e2:14:45:5d:60:59:f5:e2:9b:a6:d7:54:
cc:2a:20:0c:8c:02:38:b8:9e:04:a1:90:b4:dd:8c:18:92:eb:
a3:52:2e:9c:fb:a8:a9:78:7b:5e:c7:dc:17:b6:1a:ca:85:a3:
a0:eb:f4:5e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIECAfmsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Njg2MDBkZmFjOWQzZDFhNzVlNjYzMGQ2OTcxMDJmMmYyMTMyYzQ4MB4XDTIyMDEw
MTA3NTQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQzMzhiNDRhZDlk
ZjY2MTk3NzBjMjcyNGE0MzJhOGE3NjBlYmZiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMr2+Z36KGoNLkQWfn0S6OFFnE+ajAkcb9zPW5V+RGupXu/g
YKzuP6/ZnHuBjxJCRi/jAWtuuPDE2jgJuHqLygC7qySnCBx0IARTsIe9GvUqkLS4
JbpPRgOuTQQjVGtJ8Sh4waCbgg+UxGxV0s9fHXsRVCunuC/zE/4ApB+SQGM616nv
SVfzlQjqV/lItm2+f9SsD8GKrWdXeLEp2qOmg0fCPWRrea2oHELguyFRgjrkdOMo
2bMW7rHjzSuv+WdXzD7iPXXJyezNqhihuJGhUzpLGXnImhXZFQg6MxUF6YAPX+oa
7X2lzAqFx96j5j1T62xXyMDmhTITMvtQDf61yAkCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBQdM4tErZ32YZdwwnJKQyqKdg6/vjAfBgNVHSMEGDAWgBQWhgDfrJ09GnXm
Yw1pcQLy8hMsSDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZvWUEzNnlkUFJwMTVtTU5hWEVDOHZJVExFZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvYWYzNWMzLTdmODEtNDgyOS04ZGJhLTE4ZGJlNjUwNGJiNC8x
L0hUT0xSSzJkOW1HWGNNSnlTa01xaW5ZT3Y3NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
YWYzNWMzLTdmODEtNDgyOS04ZGJhLTE4ZGJlNjUwNGJiNC8xL0ZvWUEzNnlkUFJw
MTVtTU5hWEVDOHZJVExFZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEAFn8vQMEALl+2QMEALl+2zAPBAIA
AjAJAwcEKgbEAAAAMA0GCSqGSIb3DQEBCwUAA4IBAQCKrUWN/33pVfVvnAmWcoaW
yESehboUREYWjEdvdx4W559S3PimojVAAArLFPtCKNiTWVc7X2R0o5eKkbgFLYSD
ELD/DX9cjKIotVYOx1OiPfIJqpT/u53Ua6aKXULJ7VpATeyng6HsJHElwTAtXXI3
qa+BbCJe7QiE5DWNw+iKSkAFpIQr0XOZHlOY9W7NT7j4TpxwDSTdyQ4mfy0hQNdy
vv4RYChu4gKjSR8vLzu7WeTQBDDTpm1sOUQsrhl4UYSJNYz97Hf02A7YJFfiFEVd
YFn14pum11TMKiAMjAI4uJ4EoZC03YwYkuujUi6c+6ipeHtex9wXthrKhaOg6/Re
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:33 2023 by rpki-client on console-ams.rpki-client.org