Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/hkzLfmXxi7OxiBsT_5KPwq8-3bI.roa
File: hkzLfmXxi7OxiBsT_5KPwq8-3bI.roa (raw, json)
Hash identifier: crxcoebqEBIvnCHxDbtM+xxs7+VydGASwyWuolFwvHo=
Subject key identifier: 86:4C:CB:7E:65:F1:8B:B3:B1:88:1B:13:FF:92:8F:C2:AF:3E:DD:B2
Certificate issuer: /CN=0191496469167c5b1d8920b98bd51af3fe35ade5
Certificate serial: 0A9B1177
Authority key identifier: 01:91:49:64:69:16:7C:5B:1D:89:20:B9:8B:D5:1A:F3:FE:35:AD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AZFJZGkWfFsdiSC5i9Ua8_41reU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/hkzLfmXxi7OxiBsT_5KPwq8-3bI.roa
Signing time: Sat 01 Jan 2022 08:00:54 +0000
ROA not before: Sat 01 Jan 2022 08:00:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42353
IP address blocks: 178.22.139.0/24 maxlen: 24
178.22.136.0/23 maxlen: 23
178.22.136.0/21 maxlen: 21
178.22.140.0/23 maxlen: 23
178.22.142.0/23 maxlen: 23
185.63.143.0/24 maxlen: 24
185.63.140.0/24 maxlen: 24
185.63.141.0/24 maxlen: 24
185.63.142.0/24 maxlen: 24
194.0.210.0/24 maxlen: 24
2a02:28c8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 177934711 (0xa9b1177)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0191496469167c5b1d8920b98bd51af3fe35ade5
Validity
Not Before: Jan 1 08:00:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=864ccb7e65f18bb3b1881b13ff928fc2af3eddb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7f:0e:38:75:95:f3:c6:f7:16:f2:39:10:25:
d0:c4:d7:07:e3:1c:c5:31:df:2d:ac:f3:1b:02:e2:
aa:f0:64:2e:f1:e3:5d:de:81:0c:46:cc:25:e0:a0:
a6:b2:a7:0e:47:d4:bf:7a:70:06:4f:76:e2:20:df:
94:2e:d3:b3:d8:26:a4:1c:5c:03:3b:80:ae:3b:79:
48:3b:f2:44:3e:54:0a:c9:9e:24:a8:1c:99:62:b5:
ea:99:47:c2:93:df:71:80:c4:46:e2:06:3b:50:f7:
ae:0f:69:ba:7e:6d:fd:ed:d3:84:b4:25:8b:08:21:
a1:82:ad:8b:cf:52:71:20:d7:13:50:19:1d:e2:c9:
1b:c4:3c:ae:4a:5a:97:4b:5b:9e:09:b6:84:dc:c0:
dd:a7:b6:8d:b4:38:bd:43:0b:09:fe:64:f5:2d:b6:
3f:2e:9c:89:14:31:78:2b:24:bd:20:1d:25:b3:1c:
3c:e8:e4:5e:48:40:68:11:e0:67:ae:5a:f5:2d:8a:
c4:1e:d8:07:d1:14:59:89:56:ae:d1:53:10:cb:06:
ef:6f:dd:d8:31:a3:e2:5e:1b:ab:16:83:0b:2c:a1:
a3:c0:78:1b:47:67:35:45:4f:36:fe:f8:cf:87:6b:
0f:34:62:cd:f2:29:ba:ac:e9:42:81:77:ca:05:7f:
63:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:4C:CB:7E:65:F1:8B:B3:B1:88:1B:13:FF:92:8F:C2:AF:3E:DD:B2
X509v3 Authority Key Identifier:
keyid:01:91:49:64:69:16:7C:5B:1D:89:20:B9:8B:D5:1A:F3:FE:35:AD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AZFJZGkWfFsdiSC5i9Ua8_41reU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/hkzLfmXxi7OxiBsT_5KPwq8-3bI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/1d0152-856d-4717-8219-bf2f97f1e34f/1/AZFJZGkWfFsdiSC5i9Ua8_41reU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.136.0/21
185.63.140.0/22
194.0.210.0/24
IPv6:
2a02:28c8::/32
Signature Algorithm: sha256WithRSAEncryption
a9:99:e9:7f:1b:c5:38:9f:8a:64:5f:21:c8:f4:c5:d4:80:95:
d7:5f:44:b8:4c:20:22:2d:0f:92:0d:c0:af:1f:b2:7d:b2:49:
b0:dc:3e:e0:ac:80:09:53:b1:2e:87:f4:ab:20:63:f5:b3:9d:
64:6c:5f:cc:40:e8:93:a5:6f:77:7c:d0:82:3d:a3:5c:9e:35:
bf:ba:89:0a:7c:e5:40:07:4a:bd:bb:83:70:3f:18:a8:24:23:
40:51:31:40:d4:b4:d8:2d:83:0e:df:a6:ee:ec:a7:76:fb:f7:
98:93:98:37:75:ed:b9:00:8e:45:ca:17:39:72:14:45:d2:b8:
b3:cb:d8:f0:7c:eb:76:9f:2e:8c:6f:50:8d:35:24:8f:89:f1:
5c:52:7f:85:7c:52:09:f0:13:42:3c:af:68:a1:f8:e0:31:cb:
61:37:4b:9e:94:51:0d:df:90:88:5b:4c:68:e5:46:1b:32:09:
b8:b1:a6:c1:51:67:fa:1e:13:df:80:ff:8f:97:fa:0d:fc:c7:
6b:1e:24:c0:d0:57:14:8e:85:15:eb:74:93:fd:ac:a6:0c:0e:
0a:58:48:ba:22:32:03:fe:d1:96:62:c5:7a:e3:46:8d:85:55:
e1:33:ea:ea:1e:01:02:61:96:d0:82:63:20:c1:e2:31:80:cd:
07:ea:48:9d
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECpsRdzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTkxNDk2NDY5MTY3YzViMWQ4OTIwYjk4YmQ1MWFmM2ZlMzVhZGU1MB4XDTIyMDEw
MTA4MDA1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY0Y2NiN2U2NWYx
OGJiM2IxODgxYjEzZmY5MjhmYzJhZjNlZGRiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKx/Djh1lfPG9xbyORAl0MTXB+McxTHfLazzGwLiqvBkLvHj
Xd6BDEbMJeCgprKnDkfUv3pwBk924iDflC7Ts9gmpBxcAzuArjt5SDvyRD5UCsme
JKgcmWK16plHwpPfcYDERuIGO1D3rg9pun5t/e3ThLQliwghoYKti89ScSDXE1AZ
HeLJG8Q8rkpal0tbngm2hNzA3ae2jbQ4vUMLCf5k9S22Py6ciRQxeCskvSAdJbMc
POjkXkhAaBHgZ65a9S2KxB7YB9EUWYlWrtFTEMsG72/d2DGj4l4bqxaDCyyho8B4
G0dnNUVPNv74z4drDzRizfIpuqzpQoF3ygV/Y+cCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBSGTMt+ZfGLs7GIGxP/ko/Crz7dsjAfBgNVHSMEGDAWgBQBkUlkaRZ8Wx2J
ILmL1Rrz/jWt5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FaRkpaR2tXZkZzZGlTQzVpOVVhOF80MXJlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvMWQwMTUyLTg1NmQtNDcxNy04MjE5LWJmMmY5N2YxZTM0Zi8x
L2hrekxmbVh4aTdPeGlCc1RfNUtQd3E4LTNiSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
MWQwMTUyLTg1NmQtNDcxNy04MjE5LWJmMmY5N2YxZTM0Zi8xL0FaRkpaR2tXZkZz
ZGlTQzVpOVVhOF80MXJlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEA7IWiAMEArk/jAMEAMIA0jANBAIA
AjAHAwUAKgIoyDANBgkqhkiG9w0BAQsFAAOCAQEAqZnpfxvFOJ+KZF8hyPTF1ICV
119EuEwgIi0Pkg3Arx+yfbJJsNw+4KyACVOxLof0qyBj9bOdZGxfzEDok6Vvd3zQ
gj2jXJ41v7qJCnzlQAdKvbuDcD8YqCQjQFExQNS02C2DDt+m7uyndvv3mJOYN3Xt
uQCORcoXOXIURdK4s8vY8Hzrdp8ujG9QjTUkj4nxXFJ/hXxSCfATQjyvaKH44DHL
YTdLnpRRDd+QiFtMaOVGGzIJuLGmwVFn+h4T34D/j5f6DfzHax4kwNBXFI6FFet0
k/2spgwOClhIuiIyA/7RlmLFeuNGjYVV4TPq6h4BAmGW0IJjIMHiMYDNB+pInQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:25 2023 by rpki-client on console-ams.rpki-client.org