Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/hi5iHU56LK7WLIb8t-x1LDx5g20.roa
File: hi5iHU56LK7WLIb8t-x1LDx5g20.roa (raw, json)
Hash identifier: ij3vcc3cONXHmQc8c7gjOi+eM4gfjfZYAoQol4liqvo=
Subject key identifier: 86:2E:62:1D:4E:7A:2C:AE:D6:2C:86:FC:B7:EC:75:2C:3C:79:83:6D
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 44D0E3AE
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/hi5iHU56LK7WLIb8t-x1LDx5g20.roa
Signing time: Sat 01 Jan 2022 14:06:48 +0000
ROA not before: Sat 01 Jan 2022 14:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28878
IP address blocks: 80.246.192.0/20 maxlen: 20
80.246.194.0/24 maxlen: 24
217.21.240.0/20 maxlen: 20
37.17.208.0/20 maxlen: 20
171.33.128.0/21 maxlen: 21
81.30.32.0/20 maxlen: 20
78.108.128.0/20 maxlen: 20
176.74.224.0/19 maxlen: 19
80.255.240.0/20 maxlen: 20
185.15.248.0/22 maxlen: 22
217.149.128.0/20 maxlen: 20
81.21.136.0/21 maxlen: 21
31.223.160.0/20 maxlen: 20
85.10.160.0/19 maxlen: 24
2001:4cb8::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1154540462 (0x44d0e3ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Jan 1 14:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=862e621d4e7a2caed62c86fcb7ec752c3c79836d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:82:e4:e0:b0:69:37:ea:75:2e:f3:3d:65:79:
cb:39:07:65:23:3a:85:92:83:1a:7a:f4:17:00:61:
4b:1e:31:ed:07:a3:ae:20:56:92:24:fb:84:f1:7d:
e5:c3:94:1e:1e:68:05:8b:11:39:c0:a0:3c:4f:a6:
a7:96:20:e3:e6:12:6c:0c:82:d4:a4:90:d8:b4:42:
ae:45:fa:d6:32:45:c6:73:a1:c1:64:0e:9e:8c:3b:
03:d6:bc:4d:99:79:21:60:8b:d5:0f:2d:1f:58:a0:
44:51:80:07:49:90:1b:f1:57:4e:f7:a0:69:6b:1e:
21:9c:18:80:be:82:cf:ec:f5:c1:ec:0c:de:37:80:
8f:3a:46:b5:55:54:4a:c3:36:53:95:34:98:7a:93:
08:16:37:13:35:94:30:36:da:66:72:2a:ac:35:19:
97:17:fc:ef:ab:b2:2e:24:1d:91:d8:10:78:dd:b9:
d6:ae:71:2c:5e:6e:a2:75:49:6f:14:16:d0:fe:4b:
56:a4:be:2a:ca:88:59:5c:97:3e:fd:9f:89:30:ff:
ec:1e:6d:5d:89:ed:81:09:18:8b:7f:c7:88:ff:73:
6b:b4:61:00:f8:dd:4b:1a:f4:c1:a8:00:f6:e6:a0:
65:f8:80:4b:eb:0d:75:c6:cf:a5:92:e4:7c:ea:ae:
86:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:2E:62:1D:4E:7A:2C:AE:D6:2C:86:FC:B7:EC:75:2C:3C:79:83:6D
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/hi5iHU56LK7WLIb8t-x1LDx5g20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.223.160.0/20
37.17.208.0/20
78.108.128.0/20
80.246.192.0/20
80.255.240.0/20
81.21.136.0/21
81.30.32.0/20
85.10.160.0/19
171.33.128.0/21
176.74.224.0/19
185.15.248.0/22
217.21.240.0/20
217.149.128.0/20
IPv6:
2001:4cb8::/29
Signature Algorithm: sha256WithRSAEncryption
4c:d7:f2:0a:ff:a9:26:62:68:1c:6b:f9:fc:6e:c3:0c:a7:e1:
f2:6f:11:7f:34:2f:04:c1:44:a8:6b:dd:95:f3:27:d5:11:d7:
de:fc:a5:11:5d:ae:cf:5e:54:92:00:82:a3:bd:0b:45:da:50:
5f:8f:0f:88:d8:d6:56:89:7f:3f:31:a7:7a:a4:87:83:39:d9:
1f:85:b8:12:a6:cf:a3:06:aa:43:45:bc:84:7b:66:59:5a:4f:
8e:9d:eb:58:72:64:af:f6:8f:51:b6:45:c7:83:a2:64:4f:23:
e2:4e:e1:94:97:e6:d9:97:cb:a2:92:56:1c:bf:95:1e:e2:41:
91:b7:f2:86:69:43:46:fc:5f:aa:fb:5b:75:b1:3e:23:f7:a1:
db:95:da:4c:dd:e5:56:bd:b5:e4:fb:2c:e6:41:2c:e4:87:70:
1b:61:df:41:3a:e2:0e:e3:88:7a:4d:2e:9a:9d:d2:ff:ea:15:
55:90:9f:2d:2d:ee:44:81:84:ed:82:c0:42:9e:1d:a6:86:6f:
1e:94:92:01:7f:b2:1c:e6:0e:8c:c8:fa:32:c2:34:94:61:e9:
6b:81:f9:29:af:e8:17:64:9d:d9:4c:54:58:0e:66:dc:6a:76:
3a:0a:c8:0b:99:f2:41:86:59:fb:13:97:3c:d4:ab:51:47:58:
8d:7c:a3:0b
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgIERNDjrjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NTEzNjljY2JmODZiMWU4NGUxYWViNDZlNmQzMzZkMzlmNzUyYWU3MB4XDTIyMDEw
MTE0MDY0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODYyZTYyMWQ0ZTdh
MmNhZWQ2MmM4NmZjYjdlYzc1MmMzYzc5ODM2ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANOC5OCwaTfqdS7zPWV5yzkHZSM6hZKDGnr0FwBhSx4x7Qej
riBWkiT7hPF95cOUHh5oBYsROcCgPE+mp5Yg4+YSbAyC1KSQ2LRCrkX61jJFxnOh
wWQOnow7A9a8TZl5IWCL1Q8tH1igRFGAB0mQG/FXTvegaWseIZwYgL6Cz+z1wewM
3jeAjzpGtVVUSsM2U5U0mHqTCBY3EzWUMDbaZnIqrDUZlxf876uyLiQdkdgQeN25
1q5xLF5uonVJbxQW0P5LVqS+KsqIWVyXPv2fiTD/7B5tXYntgQkYi3/HiP9za7Rh
APjdSxr0wagA9uagZfiAS+sNdcbPpZLkfOquhpsCAwEAAaOCAmAwggJcMB0GA1Ud
DgQWBBSGLmIdTnosrtYshvy37HUsPHmDbTAfBgNVHSMEGDAWgBT1E2nMv4ax6E4a
60bm0zbTn3Uq5zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzlSTnB6TC1Hc2VoT0d1dEc1dE0yMDU5MUt1Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTIvMmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8x
L2hpNWlIVTU2TEs3V0xJYjh0LXgxTER4NWcyMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTIv
MmQ1YmRmLTUyNjUtNDliOC04YWZlLTJiOTIwYmRlMzk5MC8xLzlSTnB6TC1Hc2Vo
T0d1dEc1dE0yMDU5MUt1Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB2
BggrBgEFBQcBBwEB/wRnMGUwVAQCAAEwTgMEBB/foAMEBCUR0AMEBE5sgAMEBFD2
wAMEBFD/8AMEA1EViAMEBFEeIAMEBVUKoAMEA6shgAMEBbBK4AMEArkP+AMEBNkV
8AMEBNmVgDANBAIAAjAHAwUDIAFMuDANBgkqhkiG9w0BAQsFAAOCAQEATNfyCv+p
JmJoHGv5/G7DDKfh8m8RfzQvBMFEqGvdlfMn1RHX3vylEV2uz15UkgCCo70LRdpQ
X48PiNjWVol/PzGneqSHgznZH4W4EqbPowaqQ0W8hHtmWVpPjp3rWHJkr/aPUbZF
x4OiZE8j4k7hlJfm2ZfLopJWHL+VHuJBkbfyhmlDRvxfqvtbdbE+I/eh25XaTN3l
Vr215Pss5kEs5IdwG2HfQTriDuOIek0ump3S/+oVVZCfLS3uRIGE7YLAQp4dpoZv
HpSSAX+yHOYOjMj6MsI0lGHpa4H5Ka/oF2Sd2UxUWA5m3Gp2OgrIC5nyQYZZ+xOX
PNSrUUdYjXyjCw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:04 2024 by rpki-client on console-ams.rpki-client.org