Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/HNRlK6WpGCB_Eaj_HsQn9XpFYZA.roa
File: HNRlK6WpGCB_Eaj_HsQn9XpFYZA.roa (raw, json)
Hash identifier: ZHg8HStEaS3U2t4I3OWR9mr5C1H9ldL+lmIhqPtgIbg=
Subject key identifier: 1C:D4:65:2B:A5:A9:18:20:7F:11:A8:FF:1E:C4:27:F5:7A:45:61:90
Certificate issuer: /CN=d4e2896897a9721678e684693993a5a884903364
Certificate serial: 09C2E95C
Authority key identifier: D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/HNRlK6WpGCB_Eaj_HsQn9XpFYZA.roa
Signing time: Sat 01 Jan 2022 01:01:43 +0000
ROA not before: Sat 01 Jan 2022 01:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197922
IP address blocks: 188.214.25.0/24 maxlen: 24
93.118.32.0/22 maxlen: 22
91.236.239.0/24 maxlen: 24
185.41.152.0/22 maxlen: 22
91.236.254.0/24 maxlen: 24
91.236.255.0/24 maxlen: 24
93.115.96.0/23 maxlen: 23
91.229.20.0/24 maxlen: 24
188.213.24.0/22 maxlen: 22
188.213.28.0/22 maxlen: 22
93.113.206.0/23 maxlen: 23
89.38.238.0/23 maxlen: 23
86.105.254.0/24 maxlen: 24
86.105.255.0/24 maxlen: 24
86.107.189.0/24 maxlen: 24
86.107.190.0/24 maxlen: 24
188.213.140.0/22 maxlen: 22
185.13.36.0/24 maxlen: 24
185.13.37.0/24 maxlen: 24
185.13.38.0/24 maxlen: 24
185.13.39.0/24 maxlen: 24
86.104.252.0/23 maxlen: 23
86.105.212.0/23 maxlen: 23
2a03:75c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 163768668 (0x9c2e95c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4e2896897a9721678e684693993a5a884903364
Validity
Not Before: Jan 1 01:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1cd4652ba5a918207f11a8ff1ec427f57a456190
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:f5:d1:56:13:ca:07:5b:1f:c9:c7:bd:18:27:
bf:72:b4:3a:5e:25:66:ee:ce:88:c5:6a:0e:52:c0:
33:b1:ba:22:73:87:84:9e:e1:81:df:c1:83:7a:91:
be:50:7f:5e:02:fe:4f:0f:60:6b:77:80:12:a0:6a:
28:ae:f3:99:e0:c4:70:65:93:cd:25:53:61:44:2c:
7d:be:71:f9:73:e8:65:fb:7c:52:12:f4:1f:2c:2f:
0d:e3:7d:61:f9:c9:68:7a:40:64:43:8b:06:43:e9:
90:5a:34:66:3d:64:a6:58:e9:c7:4a:40:24:64:31:
4a:8d:f0:5e:64:c8:24:6a:62:f3:bd:5c:24:c8:ac:
80:ef:e1:05:29:29:f4:97:40:b4:5c:71:71:ce:57:
7a:76:bf:69:ed:19:3a:01:16:8c:02:ba:11:00:5a:
af:7d:39:46:d3:46:57:f3:eb:05:20:35:88:01:33:
8e:b4:5a:aa:a5:dc:ad:59:f5:0e:c5:d3:af:f2:00:
8b:cb:7f:80:a6:e9:c1:b1:3d:ac:88:b8:2b:a7:b4:
34:77:c0:04:bb:fc:7e:d8:de:fb:3b:4c:f0:b0:a8:
67:e5:4c:de:74:a1:7b:d0:d6:3e:17:50:c5:d3:ef:
0a:df:7c:1d:90:db:07:e4:da:26:16:52:f6:ae:cc:
25:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D4:65:2B:A5:A9:18:20:7F:11:A8:FF:1E:C4:27:F5:7A:45:61:90
X509v3 Authority Key Identifier:
keyid:D4:E2:89:68:97:A9:72:16:78:E6:84:69:39:93:A5:A8:84:90:33:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1OKJaJepchZ45oRpOZOlqISQM2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/HNRlK6WpGCB_Eaj_HsQn9XpFYZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/e28103-a0fb-4227-bcb1-e497d40f4e2a/1/1OKJaJepchZ45oRpOZOlqISQM2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.252.0/23
86.105.212.0/23
86.105.254.0/23
86.107.189.0-86.107.190.255
89.38.238.0/23
91.229.20.0/24
91.236.239.0/24
91.236.254.0/23
93.113.206.0/23
93.115.96.0/23
93.118.32.0/22
185.13.36.0/22
185.41.152.0/22
188.213.24.0/21
188.213.140.0/22
188.214.25.0/24
IPv6:
2a03:75c0::/32
Signature Algorithm: sha256WithRSAEncryption
02:6f:1d:5c:9a:f0:a0:4d:64:b4:c9:87:46:e0:a6:29:fd:68:
c2:c9:83:17:53:2b:45:2a:c6:0f:04:db:00:92:c1:57:c5:f3:
d0:b6:4b:f0:1d:80:f8:cf:bb:81:a1:55:c2:18:69:d8:85:62:
51:ad:c6:bc:36:a1:20:13:5c:86:f6:dc:c7:0a:56:68:d4:92:
cc:1f:3a:1e:4f:dc:23:05:8c:bd:02:86:8e:61:3c:51:18:9a:
a2:d8:0d:e0:35:59:86:70:2b:9f:08:f4:ba:bc:43:a8:82:c3:
af:62:59:84:e9:10:02:1b:f5:9d:a9:b7:45:44:99:d3:b0:6e:
f7:48:b0:99:0b:cc:50:87:c0:cb:b7:96:3b:84:71:2f:01:b7:
e3:36:86:e3:83:db:b1:3b:63:3f:73:fd:c0:f4:f4:c4:4d:96:
ca:56:0c:57:e4:a6:dd:2b:6c:80:a6:e0:89:36:37:a0:52:55:
4e:09:8b:0f:45:56:67:0c:5a:e6:32:f0:06:38:ab:21:1a:dd:
f1:63:62:28:11:38:a3:ce:ed:b3:4f:f1:d2:83:3e:fd:16:5d:
79:3d:07:ce:59:5f:47:6c:81:9b:c5:aa:ee:38:ca:46:d3:59:
be:72:8b:a4:33:42:a9:f6:30:17:35:84:53:e8:39:68:ff:d3:
28:18:ad:19
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIECcLpXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NGUyODk2ODk3YTk3MjE2NzhlNjg0NjkzOTkzYTVhODg0OTAzMzY0MB4XDTIyMDEw
MTAxMDE0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWNkNDY1MmJhNWE5
MTgyMDdmMTFhOGZmMWVjNDI3ZjU3YTQ1NjE5MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOv10VYTygdbH8nHvRgnv3K0Ol4lZu7OiMVqDlLAM7G6InOH
hJ7hgd/Bg3qRvlB/XgL+Tw9ga3eAEqBqKK7zmeDEcGWTzSVTYUQsfb5x+XPoZft8
UhL0HywvDeN9YfnJaHpAZEOLBkPpkFo0Zj1kpljpx0pAJGQxSo3wXmTIJGpi871c
JMisgO/hBSkp9JdAtFxxcc5Xena/ae0ZOgEWjAK6EQBar305RtNGV/PrBSA1iAEz
jrRaqqXcrVn1DsXTr/IAi8t/gKbpwbE9rIi4K6e0NHfABLv8ftje+ztM8LCoZ+VM
3nShe9DWPhdQxdPvCt98HZDbB+TaJhZS9q7MJdcCAwEAAaOCAnwwggJ4MB0GA1Ud
DgQWBBQc1GUrpakYIH8RqP8exCf1ekVhkDAfBgNVHSMEGDAWgBTU4olol6lyFnjm
hGk5k6WohJAzZDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFPS0phSmVwY2haNDVvUnBPWk9scUlTUU0yUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTgvZTI4MTAzLWEwZmItNDIyNy1iY2IxLWU0OTdkNDBmNGUyYS8x
L0hOUmxLNldwR0NCX0Vhal9Ic1FuOVhwRllaQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTgv
ZTI4MTAzLWEwZmItNDIyNy1iY2IxLWU0OTdkNDBmNGUyYS8xLzFPS0phSmVwY2ha
NDVvUnBPWk9scUlTUU0yUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kQYIKwYBBQUHAQcBAf8EgYEwfzBuBAIAATBoAwQBVmj8AwQBVmnUAwQBVmn+MAwD
BABWa70DBABWa74DBAFZJu4DBABb5RQDBABb7O8DBAFb7P4DBAFdcc4DBAFdc2AD
BAJddiADBAK5DSQDBAK5KZgDBAO81RgDBAK81YwDBAC81hkwDQQCAAIwBwMFACoD
dcAwDQYJKoZIhvcNAQELBQADggEBAAJvHVya8KBNZLTJh0bgpin9aMLJgxdTK0Uq
xg8E2wCSwVfF89C2S/AdgPjPu4GhVcIYadiFYlGtxrw2oSATXIb23McKVmjUkswf
Oh5P3CMFjL0Cho5hPFEYmqLYDeA1WYZwK58I9Lq8Q6iCw69iWYTpEAIb9Z2pt0VE
mdOwbvdIsJkLzFCHwMu3ljuEcS8Bt+M2huOD27E7Yz9z/cD09MRNlspWDFfkpt0r
bICm4Ik2N6BSVU4Jiw9FVmcMWuYy8AY4qyEa3fFjYigROKPO7bNP8dKDPv0WXXk9
B85ZX0dsgZvFqu44ykbTWb5yi6QzQqn2MBc1hFPoOWj/0ygYrRk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-ams.rpki-client.org