Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/HOilK9MyxaBhn4xzekQHmFPsDu8.roa
File: HOilK9MyxaBhn4xzekQHmFPsDu8.roa (raw, json)
Hash identifier: ubYifoXdljgo9l0TsIPjgUcJUXk8o09Uag6JT2ebBTQ=
Subject key identifier: 1C:E8:A5:2B:D3:32:C5:A0:61:9F:8C:73:7A:44:07:98:53:EC:0E:EF
Certificate issuer: /CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Certificate serial: 04811453
Authority key identifier: 54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/HOilK9MyxaBhn4xzekQHmFPsDu8.roa
Signing time: Mon 07 Feb 2022 13:41:35 +0000
ROA not before: Mon 07 Feb 2022 13:41:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212772
IP address blocks: 185.113.28.0/22 maxlen: 24
94.140.14.0/23 maxlen: 24
45.156.136.0/22 maxlen: 24
92.255.56.0/24 maxlen: 24
217.72.12.0/22 maxlen: 24
46.243.228.0/22 maxlen: 24
92.255.68.0/22 maxlen: 24
92.255.84.0/24 maxlen: 24
2a10:50c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 75568211 (0x4811453)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Validity
Not Before: Feb 7 13:41:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ce8a52bd332c5a0619f8c737a44079853ec0eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:aa:7e:4c:35:ae:72:7c:97:cc:3a:6c:a4:b8:
cc:16:f4:c4:61:fb:89:3b:a8:c4:36:29:13:e7:de:
01:dd:21:4b:6a:65:a0:44:69:0e:29:e7:c6:39:0c:
cc:6f:b8:ff:c6:f3:04:d2:d5:d5:57:c6:8a:8c:69:
c2:4c:66:a3:58:f1:ef:b6:32:d2:af:66:43:2d:ff:
0c:00:40:79:f5:cd:52:e3:a3:a8:34:a0:58:de:37:
b1:cb:6a:3e:31:90:99:31:82:3e:ac:18:c2:b8:60:
1a:ee:ca:c4:e3:4d:8c:fa:16:7e:5e:02:35:97:00:
3e:87:c6:d7:a0:ac:96:42:2d:5d:d8:76:64:e1:a2:
de:25:ff:73:bd:8c:a6:58:9a:ea:88:8b:20:c0:05:
2a:48:bb:c7:0c:1d:11:cf:37:cb:47:b2:b0:6c:b2:
e7:17:55:06:55:58:07:6d:ca:b7:3b:3e:00:97:22:
c7:9d:10:1a:9a:6f:f3:15:fd:75:cd:22:e8:e9:ce:
07:7a:3b:4c:9c:05:f5:0d:06:ff:51:86:e8:6d:32:
29:c0:59:53:1f:60:e5:37:1b:15:29:7a:17:87:0c:
76:20:e1:2c:75:11:fa:f2:15:79:4c:53:d7:7b:de:
b8:a8:73:a6:dd:10:cb:32:78:ce:64:6d:ad:0c:9d:
59:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:E8:A5:2B:D3:32:C5:A0:61:9F:8C:73:7A:44:07:98:53:EC:0E:EF
X509v3 Authority Key Identifier:
keyid:54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/HOilK9MyxaBhn4xzekQHmFPsDu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.136.0/22
46.243.228.0/22
92.255.56.0/24
92.255.68.0/22
92.255.84.0/24
94.140.14.0/23
185.113.28.0/22
217.72.12.0/22
IPv6:
2a10:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
0c:1f:05:8b:7f:64:1c:ad:ed:94:b2:cc:dc:e9:61:3b:49:c8:
61:ef:32:61:cf:a3:a3:8d:19:9f:92:eb:86:cb:2a:18:8a:03:
85:4f:8b:ad:18:20:98:82:bc:91:62:38:20:93:cd:1e:55:1c:
55:0f:cb:c9:45:08:0e:49:9c:bb:d2:8a:24:d5:b1:04:93:3a:
2b:60:26:f9:1f:5f:10:41:83:e3:76:10:da:48:7e:80:2a:7b:
d5:73:f6:c8:c2:9a:b2:9a:7c:29:39:bf:30:9b:16:f6:db:f6:
b8:e6:d8:e0:ef:43:ab:c5:31:0a:91:5c:88:0b:e5:bd:26:89:
20:11:14:15:75:c7:63:3d:68:d5:4d:df:2c:ae:bd:f9:ec:85:
3d:87:11:43:6f:ba:cd:82:90:0c:79:26:6e:37:7a:8d:c3:61:
80:f4:59:39:58:66:d5:c6:13:5d:b1:eb:c8:4b:d8:37:44:bd:
24:2a:46:ee:1a:f8:96:04:3e:09:34:58:9d:23:b0:2a:6c:e5:
e0:4e:41:5b:37:04:bf:f3:0b:5b:73:6e:8f:55:e2:45:9d:b6:
5f:20:36:be:4c:47:59:38:74:b0:31:f5:64:b0:81:a4:b2:fe:
f1:18:fa:9d:3c:bd:f2:bb:6d:8c:69:49:61:dc:44:91:c8:06:
22:2c:ae:e6
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgIEBIEUUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NDc5MWRkZTJjOWJkZWEzNjZjZTdlYzZjNWE4MDBjNWRhNjMzNDU0MB4XDTIyMDIw
NzEzNDEzNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNlOGE1MmJkMzMy
YzVhMDYxOWY4YzczN2E0NDA3OTg1M2VjMGVlZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeqfkw1rnJ8l8w6bKS4zBb0xGH7iTuoxDYpE+feAd0hS2pl
oERpDinnxjkMzG+4/8bzBNLV1VfGioxpwkxmo1jx77Yy0q9mQy3/DABAefXNUuOj
qDSgWN43sctqPjGQmTGCPqwYwrhgGu7KxONNjPoWfl4CNZcAPofG16CslkItXdh2
ZOGi3iX/c72Mplia6oiLIMAFKki7xwwdEc83y0eysGyy5xdVBlVYB23Ktzs+AJci
x50QGppv8xX9dc0i6OnOB3o7TJwF9Q0G/1GG6G0yKcBZUx9g5TcbFSl6F4cMdiDh
LHUR+vIVeUxT13veuKhzpt0QyzJ4zmRtrQydWWMCAwEAAaOCAkIwggI+MB0GA1Ud
DgQWBBQc6KUr0zLFoGGfjHN6RAeYU+wO7zAfBgNVHSMEGDAWgBRUeR3eLJveo2bO
fsbFqADF2mM0VDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZIa2QzaXliM3FObXpuN0d4YWdBeGRwak5GUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvMTdlNTY3LTllNDQtNDQ0YS1hYzY0LTE4YjM0YmVhOWIwNi8x
L0hPaWxLOU15eGFCaG40eHpla1FIbUZQc0R1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
MTdlNTY3LTllNDQtNDQ0YS1hYzY0LTE4YjM0YmVhOWIwNi8xL1ZIa2QzaXliM3FO
bXpuN0d4YWdBeGRwak5GUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBY
BggrBgEFBQcBBwEB/wRJMEcwNgQCAAEwMAMEAi2ciAMEAi7z5AMEAFz/OAMEAlz/
RAMEAFz/VAMEAV6MDgMEArlxHAMEAtlIDDANBAIAAjAHAwUAKhBQwDANBgkqhkiG
9w0BAQsFAAOCAQEADB8Fi39kHK3tlLLM3OlhO0nIYe8yYc+jo40Zn5LrhssqGIoD
hU+LrRggmIK8kWI4IJPNHlUcVQ/LyUUIDkmcu9KKJNWxBJM6K2Am+R9fEEGD43YQ
2kh+gCp71XP2yMKaspp8KTm/MJsW9tv2uObY4O9Dq8UxCpFciAvlvSaJIBEUFXXH
Yz1o1U3fLK69+eyFPYcRQ2+6zYKQDHkmbjd6jcNhgPRZOVhm1cYTXbHryEvYN0S9
JCpG7hr4lgQ+CTRYnSOwKmzl4E5BWzcEv/MLW3Nuj1XiRZ22XyA2vkxHWTh0sDH1
ZLCBpLL+8Rj6nTy98rttjGlJYdxEkcgGIiyu5g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:28 2024 by rpki-client on console-ams.rpki-client.org