Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hkfy6ECtqE_BRD_tfFLTpaI6GdE.roa
File: hkfy6ECtqE_BRD_tfFLTpaI6GdE.roa (raw, json)
Hash identifier: QP5zYv5VuUAU2HemnOdcAupmOJFfjFeKJMW2uo2Fv14=
Subject key identifier: 86:47:F2:E8:40:AD:A8:4F:C1:44:3F:ED:7C:52:D3:A5:A2:3A:19:D1
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 07A7B1C8
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hkfy6ECtqE_BRD_tfFLTpaI6GdE.roa
Signing time: Sat 01 Jan 2022 16:06:00 +0000
ROA not before: Sat 01 Jan 2022 16:06:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 45.88.160.0/22 maxlen: 24
45.83.148.0/22 maxlen: 24
45.88.168.0/22 maxlen: 24
2.56.172.0/22 maxlen: 24
2.56.176.0/22 maxlen: 24
194.33.36.0/22 maxlen: 24
185.149.20.0/22 maxlen: 24
45.83.140.0/22 maxlen: 24
185.156.108.0/22 maxlen: 24
45.92.124.0/22 maxlen: 24
185.166.152.0/22 maxlen: 24
185.166.160.0/22 maxlen: 24
185.161.69.0/24 maxlen: 24
185.161.70.0/23 maxlen: 24
92.119.40.0/22 maxlen: 24
45.128.72.0/22 maxlen: 24
45.15.124.0/22 maxlen: 24
45.86.64.0/22 maxlen: 24
45.15.128.0/22 maxlen: 24
45.86.76.0/22 maxlen: 24
45.86.72.0/22 maxlen: 24
45.92.160.0/22 maxlen: 24
45.89.96.0/22 maxlen: 24
45.92.192.0/22 maxlen: 24
45.89.100.0/22 maxlen: 24
45.12.108.0/22 maxlen: 24
45.12.112.0/22 maxlen: 24
45.9.16.0/22 maxlen: 24
45.12.128.0/22 maxlen: 24
45.12.136.0/22 maxlen: 24
194.76.136.0/22 maxlen: 24
45.83.84.0/22 maxlen: 24
45.82.244.0/22 maxlen: 24
185.153.180.0/22 maxlen: 24
45.82.248.0/22 maxlen: 24
45.89.196.0/22 maxlen: 24
213.59.112.0/20 maxlen: 24
45.15.176.0/22 maxlen: 24
171.22.116.0/22 maxlen: 24
45.15.184.0/22 maxlen: 24
31.12.92.0/22 maxlen: 24
171.22.120.0/22 maxlen: 24
2a09:b440::/48 maxlen: 48
2a09:96c0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 128430536 (0x7a7b1c8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 1 16:06:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8647f2e840ada84fc1443fed7c52d3a5a23a19d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:3e:38:4f:8d:af:d7:15:39:93:59:f2:c8:fb:
41:d4:34:06:2f:66:14:62:8c:10:ed:f0:8a:bd:a5:
4a:d0:df:d0:a1:e8:ba:9e:17:4c:67:47:9f:4b:c2:
68:85:df:86:84:40:9a:85:6b:7f:dd:ce:31:a9:26:
11:dc:71:9a:67:59:8e:67:a5:fa:da:ea:fd:0b:b0:
49:04:e2:87:c1:b5:da:e6:5b:3c:06:d1:a5:0c:5f:
46:b5:10:86:5c:dd:a2:01:d0:f1:06:d1:48:bd:ca:
51:d6:2d:bf:c0:53:4a:6d:fa:5a:fa:03:b8:68:84:
5f:d9:57:22:00:cf:8b:19:6e:b4:81:79:6e:24:e4:
ad:81:1a:9f:82:fa:2e:9e:69:ff:e8:ea:62:f3:2b:
be:39:21:05:c1:5b:b0:e9:3e:12:78:1f:28:4e:60:
a8:a2:01:7c:f7:3e:c1:cf:df:3f:ac:bf:2e:c4:81:
56:58:00:bc:6d:55:a4:8c:93:0a:ef:9d:76:2b:e1:
43:4a:f4:80:04:c2:f0:ce:a5:e6:34:cd:0f:be:b2:
76:04:2e:f6:2e:13:d1:f0:97:a6:70:fd:9c:f4:4f:
39:a6:e9:38:3d:dd:f5:c1:38:71:bc:7a:9d:e0:e6:
2a:2c:ee:0c:10:77:92:2e:a2:9e:aa:68:3c:d1:3d:
b8:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:47:F2:E8:40:AD:A8:4F:C1:44:3F:ED:7C:52:D3:A5:A2:3A:19:D1
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/hkfy6ECtqE_BRD_tfFLTpaI6GdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.172.0-2.56.179.255
31.12.92.0/22
45.9.16.0/22
45.12.108.0-45.12.115.255
45.12.128.0/22
45.12.136.0/22
45.15.124.0-45.15.131.255
45.15.176.0/22
45.15.184.0/22
45.82.244.0-45.82.251.255
45.83.84.0/22
45.83.140.0/22
45.83.148.0/22
45.86.64.0/22
45.86.72.0/21
45.88.160.0/22
45.88.168.0/22
45.89.96.0/21
45.89.196.0/22
45.92.124.0/22
45.92.160.0/22
45.92.192.0/22
45.128.72.0/22
92.119.40.0/22
171.22.116.0-171.22.123.255
185.149.20.0/22
185.153.180.0/22
185.156.108.0/22
185.161.69.0-185.161.71.255
185.166.152.0/22
185.166.160.0/22
194.33.36.0/22
194.76.136.0/22
213.59.112.0/20
IPv6:
2a09:96c0::/29
2a09:b440::/48
Signature Algorithm: sha256WithRSAEncryption
21:e8:a2:23:0b:60:67:62:4b:e7:59:fc:6b:85:8b:8f:b9:12:
b9:31:74:ed:f6:9c:73:c6:34:3c:75:de:a7:b9:78:7d:e2:53:
2e:15:31:09:fb:a1:e1:e2:2f:84:29:fb:19:ae:0c:83:8d:3d:
37:42:4b:d4:c1:7c:36:e9:57:a9:51:16:70:b6:4d:a4:f5:25:
b5:07:36:07:17:22:21:fb:eb:00:f0:ea:a3:0c:9e:f0:b5:87:
73:11:aa:e6:3d:e9:33:33:7b:20:c6:78:67:90:18:66:85:3f:
c8:1a:bf:77:65:49:6c:3d:c1:2a:2b:38:97:89:cf:8b:9e:a4:
17:c1:16:66:bd:69:9e:5c:a6:b6:e8:6e:fb:7a:fe:85:ef:0f:
51:bb:2f:ff:62:67:39:fc:40:48:cd:53:e5:10:e7:d7:aa:97:
c7:54:d5:9a:6a:06:2b:00:f5:4f:85:5b:17:3b:d8:af:50:c2:
48:e1:b0:a9:a6:12:ea:44:3f:8d:0f:43:4e:40:72:c7:fd:aa:
8a:96:e0:fe:73:22:17:2c:9f:b3:aa:10:3c:41:b5:39:72:da:
71:59:5a:77:ec:6b:77:1d:1d:db:df:60:c4:71:5b:f5:47:ab:
6d:ff:df:89:01:19:94:f2:c1:d8:80:f9:e4:f8:d4:0f:c6:2c:
84:25:55:0b
-----BEGIN CERTIFICATE-----
MIIGBjCCBO6gAwIBAgIEB6exyDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MmZkYjY3NjU0ZGY2MTg0ZTdkNjBjNDE1MGVhOTUzM2MyY2Y5NzA0MB4XDTIyMDEw
MTE2MDYwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODY0N2YyZTg0MGFk
YTg0ZmMxNDQzZmVkN2M1MmQzYTVhMjNhMTlkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALQ+OE+Nr9cVOZNZ8sj7QdQ0Bi9mFGKMEO3wir2lStDf0KHo
up4XTGdHn0vCaIXfhoRAmoVrf93OMakmEdxxmmdZjmel+trq/QuwSQTih8G12uZb
PAbRpQxfRrUQhlzdogHQ8QbRSL3KUdYtv8BTSm36WvoDuGiEX9lXIgDPixlutIF5
biTkrYEan4L6Lp5p/+jqYvMrvjkhBcFbsOk+EngfKE5gqKIBfPc+wc/fP6y/LsSB
VlgAvG1VpIyTCu+ddivhQ0r0gATC8M6l5jTND76ydgQu9i4T0fCXpnD9nPRPOabp
OD3d9cE4cbx6neDmKizuDBB3ki6inqpoPNE9uE8CAwEAAaOCAyAwggMcMB0GA1Ud
DgQWBBSGR/LoQK2oT8FEP+18UtOlojoZ0TAfBgNVHSMEGDAWgBRi/bZ2VN9hhOfW
DEFQ6pUzws+XBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1l2MjJkbFRmWVlUbjFneEJVT3FWTThMUGx3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjIvNzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRkZi8x
L2hrZnk2RUN0cUVfQlJEX3RmRkxUcGFJNkdkRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjIv
NzA0MDcxLThkYzAtNGVkNi05NDU3LWU4NjEyMWM1OTRkZi8xL1l2MjJkbFRmWVlU
bjFneEJVT3FWTThMUGx3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ATQGCCsGAQUFBwEHAQH/BIIBIzCCAR8wggEDBAIAATCB/DAMAwQCAjisAwQCAjiw
AwQCHwxcAwQCLQkQMAwDBAItDGwDBAItDHADBAItDIADBAItDIgwDAMEAi0PfAME
Ai0PgAMEAi0PsAMEAi0PuDAMAwQCLVL0AwQCLVL4AwQCLVNUAwQCLVOMAwQCLVOU
AwQCLVZAAwQDLVZIAwQCLVigAwQCLVioAwQDLVlgAwQCLVnEAwQCLVx8AwQCLVyg
AwQCLVzAAwQCLYBIAwQCXHcoMAwDBAKrFnQDBAKrFngDBAK5lRQDBAK5mbQDBAK5
nGwwDAMEALmhRQMEA7mhQAMEArmmmAMEArmmoAMEAsIhJAMEAsJMiAMEBNU7cDAW
BAIAAjAQAwUDKgmWwAMHACoJtEAAADANBgkqhkiG9w0BAQsFAAOCAQEAIeiiIwtg
Z2JL51n8a4WLj7kSuTF07facc8Y0PHXep7l4feJTLhUxCfuh4eIvhCn7Ga4Mg409
N0JL1MF8NulXqVEWcLZNpPUltQc2BxciIfvrAPDqowye8LWHcxGq5j3pMzN7IMZ4
Z5AYZoU/yBq/d2VJbD3BKis4l4nPi56kF8EWZr1pnlymtuhu+3r+he8PUbsv/2Jn
OfxASM1T5RDn16qXx1TVmmoGKwD1T4VbFzvYr1DCSOGwqaYS6kQ/jQ9DTkByx/2q
ipbg/nMiFyyfs6oQPEG1OXLacVlad+xrdx0d299gxHFb9Uerbf/fiQEZlPLB2ID5
5PjUD8YshCVVCw==
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:41:28 2025 by rpki-client