Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/HKD4sg7R6NAT0ffMnxzKSmcYgxA.roa
File: HKD4sg7R6NAT0ffMnxzKSmcYgxA.roa (raw, json)
Hash identifier: SZWn1hFUuEi+d/bNKfRAfKV4mL7B2yi5xelZgDEVFMM=
Subject key identifier: 1C:A0:F8:B2:0E:D1:E8:D0:13:D1:F7:CC:9F:1C:CA:4A:67:18:83:10
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 350A888F
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/HKD4sg7R6NAT0ffMnxzKSmcYgxA.roa
Signing time: Mon 30 May 2022 08:55:15 +0000
ROA not before: Mon 30 May 2022 08:55:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25160
IP address blocks: 185.28.240.0/22 maxlen: 24
185.120.204.0/22 maxlen: 22
82.163.192.0/19 maxlen: 24
158.41.64.0/18 maxlen: 18
193.221.128.0/19 maxlen: 24
165.65.0.0/16 maxlen: 16
193.0.176.0/23 maxlen: 24
206.245.208.0/20 maxlen: 20
206.245.224.0/19 maxlen: 24
5.10.144.0/20 maxlen: 24
91.238.221.0/24 maxlen: 24
185.237.48.0/22 maxlen: 24
194.8.254.0/23 maxlen: 24
2a00:e342::/32 maxlen: 32
2a00:e340:3::/48 maxlen: 48
2a00:e346::/32 maxlen: 32
2a00:e347::/32 maxlen: 32
2a00:e341::/32 maxlen: 32
2a00:e344::/32 maxlen: 32
2a00:e344:3f00::/48 maxlen: 48
2a00:e340::/32 maxlen: 32
2a00:e343::/32 maxlen: 32
2a00:e345::/32 maxlen: 32
2a00:e340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 889882767 (0x350a888f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: May 30 08:55:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ca0f8b20ed1e8d013d1f7cc9f1cca4a67188310
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:14:19:4e:1b:55:8b:a6:a2:d4:82:58:7c:dd:
c8:0b:2e:d0:b5:3b:d6:a1:dd:b5:08:99:fe:a7:29:
d4:2a:af:0e:49:d7:83:a2:9e:f5:d8:38:d8:d8:da:
3a:6d:3c:e9:ef:ff:9f:58:27:db:50:b4:60:92:20:
c6:6b:68:80:80:af:62:a3:e9:49:f4:48:ff:96:3c:
77:dd:14:c2:a6:f9:5d:85:a6:14:cb:75:9d:a1:f9:
dc:88:a7:89:12:3e:20:46:49:d6:b9:a2:11:25:69:
e7:bd:07:b0:1e:d3:1c:77:eb:71:12:46:67:3b:a9:
8b:98:3f:bd:3f:50:ba:28:d8:71:04:0d:d9:68:3c:
20:fe:39:22:16:d0:e9:4f:a7:ec:e3:ac:d2:40:63:
9d:60:18:42:9a:77:c2:34:8d:bc:ea:45:d0:a1:50:
d7:85:28:2f:2d:a6:9c:5a:82:62:0c:ff:50:ee:5f:
f7:34:77:fb:a5:aa:b7:c4:5f:22:89:4c:93:d0:36:
53:3b:db:f6:c3:8f:96:bc:61:4a:ca:1e:80:17:05:
3f:10:86:25:5a:af:ec:82:79:4f:3d:7b:b7:a2:bf:
cd:77:2d:ac:25:e3:0f:2c:87:be:8d:dc:81:6c:82:
8e:ed:da:62:cb:b0:fd:d6:22:69:7a:37:2e:5a:cb:
22:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:A0:F8:B2:0E:D1:E8:D0:13:D1:F7:CC:9F:1C:CA:4A:67:18:83:10
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/HKD4sg7R6NAT0ffMnxzKSmcYgxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
82.163.192.0/19
91.238.221.0/24
158.41.64.0/18
165.65.0.0/16
185.28.240.0/22
185.120.204.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
206.245.208.0-206.245.255.255
IPv6:
2a00:e340::/29
Signature Algorithm: sha256WithRSAEncryption
b8:35:ff:77:5a:80:bd:a9:31:e2:b7:30:e2:48:cb:46:7b:98:
21:18:86:ba:50:94:3a:bc:b4:74:a0:27:8c:c6:93:1b:f7:55:
08:33:0e:3d:cc:24:4d:04:1a:58:a3:69:fe:65:96:d9:c3:8f:
ec:f2:4d:b0:76:33:0c:23:6f:61:b8:db:57:b2:8e:12:bc:94:
08:b4:3e:5b:d2:4d:61:6a:01:74:06:ac:02:12:f4:87:f9:2e:
c3:cd:c7:32:38:4c:2b:e8:0c:f1:d6:61:a7:44:6c:88:8b:44:
10:8d:e9:06:38:bf:27:60:c1:d2:35:8a:a8:f9:17:38:e6:05:
4c:96:89:9b:d5:9e:8a:9a:9c:99:bd:cf:ce:8e:5b:98:d7:d9:
63:20:f6:8c:a3:eb:20:b4:89:d2:5e:ff:7b:33:e2:fb:62:4e:
3e:1e:38:41:8d:72:4f:e1:2c:85:44:43:8a:ae:0c:d0:7d:66:
4d:fa:d6:99:d2:92:a1:e9:1f:7f:a0:fd:b1:e4:79:8e:51:3d:
d1:4f:c6:5b:9e:67:ae:06:52:f3:2a:98:f0:75:de:97:3b:7f:
5b:6c:fb:44:51:06:86:ce:bf:f5:f1:ea:17:83:2f:c7:6c:90:
f7:aa:56:41:7d:ed:2d:75:2e:60:72:76:d0:15:bd:4b:ef:ae:
24:82:c4:11
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIENQqIjzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWU4NDNhODVkZDY2NGU5ZGMwMzEwODkyYmQ3ZGQ5Y2U1MjU5MWM3MB4XDTIyMDUz
MDA4NTUxNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNhMGY4YjIwZWQx
ZThkMDEzZDFmN2NjOWYxY2NhNGE2NzE4ODMxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN4UGU4bVYumotSCWHzdyAsu0LU71qHdtQiZ/qcp1CqvDknX
g6Ke9dg42NjaOm086e//n1gn21C0YJIgxmtogICvYqPpSfRI/5Y8d90Uwqb5XYWm
FMt1naH53IiniRI+IEZJ1rmiESVp570HsB7THHfrcRJGZzupi5g/vT9QuijYcQQN
2Wg8IP45IhbQ6U+n7OOs0kBjnWAYQpp3wjSNvOpF0KFQ14UoLy2mnFqCYgz/UO5f
9zR3+6Wqt8RfIolMk9A2Uzvb9sOPlrxhSsoegBcFPxCGJVqv7IJ5Tz17t6K/zXct
rCXjDyyHvo3cgWyCju3aYsuw/dYiaXo3LlrLIqECAwEAAaOCAmAwggJcMB0GA1Ud
DgQWBBQcoPiyDtHo0BPR98yfHMpKZxiDEDAfBgNVHSMEGDAWgBRO6EOoXdZk6dwD
EIkr192c5SWRxzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1R1aERxRjNXWk9uY0F4Q0pLOWZkbk9VbGtjYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGQvYWRhZDIwLWM1MTItNGZiMC1hMTI3LTQ4Y2Y0MTJiMzg3Yi8x
L0hLRDRzZzdSNk5BVDBmZk1ueHpLU21jWWd4QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGQv
YWRhZDIwLWM1MTItNGZiMC1hMTI3LTQ4Y2Y0MTJiMzg3Yi8xL1R1aERxRjNXWk9u
Y0F4Q0pLOWZkbk9VbGtjYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB2
BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTgMEBAUKkAMEBVKjwAMEAFvu3QMEBp4p
QAMDAKVBAwQCuRzwAwQCuXjMAwQCue0wAwQBwQCwAwQFwd2AAwQBwgj+MAsDBATO
9dADAwHO9DANBAIAAjAHAwUDKgDjQDANBgkqhkiG9w0BAQsFAAOCAQEAuDX/d1qA
vakx4rcw4kjLRnuYIRiGulCUOry0dKAnjMaTG/dVCDMOPcwkTQQaWKNp/mWW2cOP
7PJNsHYzDCNvYbjbV7KOEryUCLQ+W9JNYWoBdAasAhL0h/kuw83HMjhMK+gM8dZh
p0RsiItEEI3pBji/J2DB0jWKqPkXOOYFTJaJm9Weipqcmb3Pzo5bmNfZYyD2jKPr
ILSJ0l7/ezPi+2JOPh44QY1yT+EshURDiq4M0H1mTfrWmdKSoekff6D9seR5jlE9
0U/GW55nrgZS8yqY8HXelzt/W2z7RFEGhs6/9fHqF4Mvx2yQ96pWQX3tLXUuYHJ2
0BW9S++uJILEEQ==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:26:46 2025 by rpki-client