Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/hhOzDxQNQfwKX4dSyE76HOEPwEw.roa
File: hhOzDxQNQfwKX4dSyE76HOEPwEw.roa (raw, json)
Hash identifier: HhIqk41GAk7vzfmkaqEq9eYy1qzPyGl7wiBmM04hEC0=
Subject key identifier: 86:13:B3:0F:14:0D:41:FC:0A:5F:87:52:C8:4E:FA:1C:E1:0F:C0:4C
Certificate issuer: /CN=0191496469167c5b1d8920b98bd51af3fe35ade5
Certificate serial: 0C272A80
Authority key identifier: 01:91:49:64:69:16:7C:5B:1D:89:20:B9:8B:D5:1A:F3:FE:35:AD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZFJZGkWfFsdiSC5i9Ua8_41reU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/hhOzDxQNQfwKX4dSyE76HOEPwEw.roa
Signing time: Thu 23 Jun 2022 12:42:56 +0000
ROA not before: Thu 23 Jun 2022 12:42:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42353
IP address blocks: 185.63.140.0/24 maxlen: 24
185.63.141.0/24 maxlen: 24
185.63.142.0/24 maxlen: 24
185.63.143.0/24 maxlen: 24
178.22.136.0/24 maxlen: 24
178.22.137.0/24 maxlen: 24
178.22.139.0/24 maxlen: 24
178.22.136.0/23 maxlen: 23
178.22.136.0/21 maxlen: 21
178.22.143.0/24 maxlen: 24
178.22.140.0/23 maxlen: 23
178.22.142.0/23 maxlen: 23
194.0.210.0/24 maxlen: 24
2a02:28c8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203893376 (0xc272a80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0191496469167c5b1d8920b98bd51af3fe35ade5
Validity
Not Before: Jun 23 12:42:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8613b30f140d41fc0a5f8752c84efa1ce10fc04c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:92:d8:ce:b7:4a:81:41:dc:a5:d3:4a:3f:38:
fd:6f:f8:65:8d:03:eb:00:65:de:15:8e:19:7a:89:
e4:2c:f2:3f:50:d4:c7:40:5d:fd:c5:6d:5b:c1:ee:
ea:aa:eb:9c:ae:9c:c2:eb:69:fb:c9:3f:f6:b8:48:
18:4b:63:fd:c9:57:d2:e9:b9:81:8c:6e:3b:52:e8:
82:79:c1:a0:31:32:33:92:4d:81:7e:e5:02:fa:9a:
65:12:9d:c0:67:12:2a:e7:d2:1e:02:19:e5:25:a7:
76:ad:ec:9e:39:3a:87:fc:52:f6:5d:a0:a5:43:ab:
14:4d:64:ab:52:14:70:5c:14:26:2d:a7:63:a0:5c:
bb:70:c6:6a:63:91:f8:c1:17:b5:67:26:7c:e5:ec:
7c:58:5b:ae:fc:f0:41:a6:d3:3b:12:53:9a:fc:ac:
67:7b:81:83:1c:f2:65:dc:29:49:0e:69:98:7b:a6:
60:38:8c:f5:ba:63:c8:a4:af:f1:4e:72:d5:b5:aa:
04:77:9c:17:c7:40:1e:56:ed:10:9e:b4:1c:fd:06:
e8:a8:7e:c0:fb:19:7a:8c:e1:33:1b:1a:bc:19:bd:
b2:5a:4b:e3:a0:df:60:0b:dd:c4:43:ee:44:fc:dd:
36:16:64:81:63:e1:20:0d:ae:1d:cd:4f:93:a9:77:
b9:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:13:B3:0F:14:0D:41:FC:0A:5F:87:52:C8:4E:FA:1C:E1:0F:C0:4C
X509v3 Authority Key Identifier:
keyid:01:91:49:64:69:16:7C:5B:1D:89:20:B9:8B:D5:1A:F3:FE:35:AD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZFJZGkWfFsdiSC5i9Ua8_41reU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/hhOzDxQNQfwKX4dSyE76HOEPwEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/AZFJZGkWfFsdiSC5i9Ua8_41reU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.136.0/21
185.63.140.0/22
194.0.210.0/24
IPv6:
2a02:28c8::/32
Signature Algorithm: sha256WithRSAEncryption
c8:6e:24:ce:2d:d2:4d:a8:f4:6f:d1:20:8e:66:90:73:d7:6b:
62:06:01:47:a7:75:60:ed:c7:ce:1b:76:65:31:e0:2f:97:f6:
ad:32:0c:80:15:59:e6:8f:4a:43:c8:e1:15:0f:50:61:a4:a3:
6d:46:3b:d9:46:c2:72:19:6e:ba:a9:e7:71:78:6f:cd:e1:8d:
92:0b:c1:45:fe:1a:91:d6:11:c7:d4:45:37:5c:2f:1a:b5:a8:
9c:f3:7b:3c:1f:3d:e4:d7:95:ab:a4:8e:15:17:1a:36:93:ec:
e7:f6:c9:9b:32:b1:ef:57:f2:b9:d9:04:bc:18:e7:ce:69:84:
fe:0f:6b:bc:55:4f:45:e2:82:dc:f9:d5:08:c3:c8:d5:52:19:
ff:0f:8b:50:48:fa:7a:16:eb:2c:78:91:44:e7:a9:40:ca:0d:
13:1c:d4:38:63:63:48:40:d4:0f:f2:e9:96:79:86:de:ad:bf:
3b:01:00:a7:e1:a5:c5:52:c4:ea:f4:29:b0:62:cf:ad:c0:86:
db:3d:96:b8:a2:e1:0d:59:c1:a3:6d:f3:26:72:ef:bd:30:5d:
bd:f0:d1:46:7e:a3:4c:a8:27:75:fa:72:7b:62:70:61:ac:df:
59:b0:cf:26:53:94:f1:41:29:23:b8:f4:4b:27:d4:6e:47:4c:
bb:37:d7:09
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIEDCcqgDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTkxNDk2NDY5MTY3YzViMWQ4OTIwYjk4YmQ1MWFmM2ZlMzVhZGU1MB4XDTIyMDYy
MzEyNDI1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYxM2IzMGYxNDBk
NDFmYzBhNWY4NzUyYzg0ZWZhMWNlMTBmYzA0YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALWS2M63SoFB3KXTSj84/W/4ZY0D6wBl3hWOGXqJ5CzyP1DU
x0Bd/cVtW8Hu6qrrnK6cwutp+8k/9rhIGEtj/clX0um5gYxuO1LognnBoDEyM5JN
gX7lAvqaZRKdwGcSKufSHgIZ5SWndq3snjk6h/xS9l2gpUOrFE1kq1IUcFwUJi2n
Y6Bcu3DGamOR+MEXtWcmfOXsfFhbrvzwQabTOxJTmvysZ3uBgxzyZdwpSQ5pmHum
YDiM9bpjyKSv8U5y1bWqBHecF8dAHlbtEJ60HP0G6Kh+wPsZeozhMxsavBm9slpL
46DfYAvdxEPuRPzdNhZkgWPhIA2uHc1Pk6l3ubMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSGE7MPFA1B/Apfh1LITvoc4Q/ATDAfBgNVHSMEGDAWgBQBkUlkaRZ8Wx2J
ILmL1Rrz/jWt5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FaRkpaR2tXZkZzZGlTQzVpOVVhOF80MXJlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvMWQwMTUyLTg1NmQtNDcxNy04MjE5LWJmMmY5N2YxZTM0Zi8x
L2hoT3pEeFFOUWZ3S1g0ZFN5RTc2SE9FUHdFdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
MWQwMTUyLTg1NmQtNDcxNy04MjE5LWJmMmY5N2YxZTM0Zi8xL0FaRkpaR2tXZkZz
ZGlTQzVpOVVhOF80MXJlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA7IWiAMEArk/jAMEAMIA0jANBAIA
AjAHAwUAKgIoyDANBgkqhkiG9w0BAQsFAAOCAQEAyG4kzi3STaj0b9EgjmaQc9dr
YgYBR6d1YO3Hzht2ZTHgL5f2rTIMgBVZ5o9KQ8jhFQ9QYaSjbUY72UbCchluuqnn
cXhvzeGNkgvBRf4akdYRx9RFN1wvGrWonPN7PB895NeVq6SOFRcaNpPs5/bJmzKx
71fyudkEvBjnzmmE/g9rvFVPReKC3PnVCMPI1VIZ/w+LUEj6ehbrLHiRROepQMoN
ExzUOGNjSEDUD/LplnmG3q2/OwEAp+GlxVLE6vQpsGLPrcCG2z2WuKLhDVnBo23z
JnLvvTBdvfDRRn6jTKgndfpye2JwYazfWbDPJlOU8UEpI7j0SyfUbkdMuzfXCQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:25 2023 by rpki-client on console-ams.rpki-client.org