Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/HspH9XMPby3Qkr1P1d6AZLqRHqM.roa
File: HspH9XMPby3Qkr1P1d6AZLqRHqM.roa (raw, json)
Hash identifier: 2RCSbwlWdo4O1E/cMQ9q5nc2wPQxJdWXGc4RYhN9w/A=
Subject key identifier: 1E:CA:47:F5:73:0F:6F:2D:D0:92:BD:4F:D5:DE:80:64:BA:91:1E:A3
Certificate issuer: /CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Certificate serial: 0173461F
Authority key identifier: 04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/HspH9XMPby3Qkr1P1d6AZLqRHqM.roa
Signing time: Tue 22 Mar 2022 20:37:08 +0000
ROA not before: Tue 22 Mar 2022 20:37:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8257
IP address blocks: 188.112.64.0/19 maxlen: 19
188.112.64.0/18 maxlen: 18
176.61.192.0/20 maxlen: 20
176.61.192.0/18 maxlen: 18
176.61.208.0/20 maxlen: 20
188.112.96.0/19 maxlen: 19
176.61.224.0/21 maxlen: 21
178.253.128.0/18 maxlen: 18
178.253.128.0/19 maxlen: 19
185.37.240.0/22 maxlen: 22
178.253.160.0/19 maxlen: 19
85.135.128.0/17 maxlen: 20
176.61.232.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 24331807 (0x173461f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a2ae2cd094333018c41daafb474c6cfa80d07d
Validity
Not Before: Mar 22 20:37:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1eca47f5730f6f2dd092bd4fd5de8064ba911ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:71:eb:21:79:1d:e0:73:5e:62:0c:c0:bd:38:
1f:6b:1d:bf:33:0b:7b:de:de:8e:b9:9f:7f:f5:1d:
3d:9b:f1:c9:ef:b1:51:29:e3:42:af:c7:f0:d9:65:
e5:95:87:bd:ce:76:0e:61:21:2f:00:65:5b:5c:a7:
90:9b:75:fe:99:9f:8a:a7:10:9d:c0:a6:ec:69:b3:
bf:44:bf:c5:f5:a5:d4:e7:86:11:14:cf:ab:5c:a2:
6c:a2:8b:86:e0:e5:1a:c1:c8:82:85:a6:16:aa:52:
b3:96:a6:1f:a9:6e:0f:27:63:08:55:66:7c:ef:d5:
1f:ec:07:f0:75:82:3f:3f:9a:1a:e4:99:d2:f0:16:
1e:26:37:0d:a2:51:7e:15:15:11:e3:fa:55:36:58:
a0:ad:90:67:b5:f9:91:a0:c8:46:5c:4a:e5:d7:2c:
19:bf:1e:f2:b9:fd:5d:8f:ce:95:a0:37:c1:62:2a:
1c:30:36:87:7b:d8:e9:95:70:9e:dd:53:78:39:87:
db:a5:13:3b:34:0d:9c:21:d0:db:0e:9c:90:d6:0f:
af:2f:5e:27:37:38:a3:ec:6b:12:10:bb:01:c1:b9:
7b:c8:aa:38:36:91:4f:81:c1:28:d1:4c:7f:f4:0b:
fb:4d:c8:f2:1d:f5:56:d8:89:35:4d:60:96:cb:57:
de:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:CA:47:F5:73:0F:6F:2D:D0:92:BD:4F:D5:DE:80:64:BA:91:1E:A3
X509v3 Authority Key Identifier:
keyid:04:A2:AE:2C:D0:94:33:30:18:C4:1D:AA:FB:47:4C:6C:FA:80:D0:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKKuLNCUMzAYxB2q-0dMbPqA0H0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/HspH9XMPby3Qkr1P1d6AZLqRHqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/634a12-e58c-455c-8933-6e6e8d9303e9/1/BKKuLNCUMzAYxB2q-0dMbPqA0H0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.135.128.0/17
176.61.192.0/18
178.253.128.0/18
185.37.240.0/22
188.112.64.0/18
Signature Algorithm: sha256WithRSAEncryption
8d:e9:e9:6a:60:f9:72:6c:c2:94:fa:bd:a3:3a:62:03:e3:9c:
f4:7f:99:41:84:6d:a9:46:32:c4:09:73:09:2f:5e:1d:92:21:
cc:94:7f:bf:ae:c1:5e:d4:5e:30:32:49:0c:e1:ee:b5:4c:ba:
09:97:19:5a:32:22:9d:48:90:ac:3e:0e:e2:cf:48:03:43:56:
ee:b8:9a:77:2e:e6:7a:e4:0e:f8:d4:ec:23:82:02:c3:a2:51:
79:11:95:e3:54:fd:78:43:2c:49:4f:ee:60:76:42:2f:08:a4:
d0:04:b6:ed:4b:3e:6e:e6:7a:bb:46:88:51:de:db:a0:bf:5a:
f6:5a:fc:00:67:df:44:63:7e:96:6d:31:c2:45:5b:48:5f:9c:
46:39:a8:21:97:99:23:ef:be:a5:e9:4b:1b:47:83:f8:35:c9:
e2:9e:80:aa:44:a0:a1:d1:34:c9:ae:5e:76:00:b2:03:fb:2a:
3b:55:21:68:62:74:27:52:e7:09:c8:bb:db:4d:0c:ba:e0:ab:
4b:2f:df:a3:e3:1c:db:2e:70:51:b5:38:d5:4b:c1:a4:63:75:
ca:aa:ec:99:5a:37:81:bb:87:89:aa:07:60:b5:ed:bb:d5:54:
cf:22:02:1b:d8:0e:cf:75:6d:ee:b9:e2:68:a4:84:10:83:6e:
d0:37:dc:07
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAXNGHzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NGEyYWUyY2QwOTQzMzMwMThjNDFkYWFmYjQ3NGM2Y2ZhODBkMDdkMB4XDTIyMDMy
MjIwMzcwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVjYTQ3ZjU3MzBm
NmYyZGQwOTJiZDRmZDVkZTgwNjRiYTkxMWVhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANpx6yF5HeBzXmIMwL04H2sdvzMLe97ejrmff/UdPZvxye+x
USnjQq/H8Nll5ZWHvc52DmEhLwBlW1ynkJt1/pmfiqcQncCm7Gmzv0S/xfWl1OeG
ERTPq1yibKKLhuDlGsHIgoWmFqpSs5amH6luDydjCFVmfO/VH+wH8HWCPz+aGuSZ
0vAWHiY3DaJRfhUVEeP6VTZYoK2QZ7X5kaDIRlxK5dcsGb8e8rn9XY/OlaA3wWIq
HDA2h3vY6ZVwnt1TeDmH26UTOzQNnCHQ2w6ckNYPry9eJzc4o+xrEhC7AcG5e8iq
ODaRT4HBKNFMf/QL+03I8h31VtiJNU1glstX3j8CAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBQeykf1cw9vLdCSvU/V3oBkupEeozAfBgNVHSMEGDAWgBQEoq4s0JQzMBjE
Har7R0xs+oDQfTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JLS3VMTkNVTXpBWXhCMnEtMGRNYlBxQTBIMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmEvNjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8x
L0hzcEg5WE1QYnkzUWtyMVAxZDZBWkxxUkhxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmEv
NjM0YTEyLWU1OGMtNDU1Yy04OTMzLTZlNmU4ZDkzMDNlOS8xL0JLS3VMTkNVTXpB
WXhCMnEtMGRNYlBxQTBIMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEB1WHgAMEBrA9wAMEBrL9gAMEArkl
8AMEBrxwQDANBgkqhkiG9w0BAQsFAAOCAQEAjenpamD5cmzClPq9ozpiA+Oc9H+Z
QYRtqUYyxAlzCS9eHZIhzJR/v67BXtReMDJJDOHutUy6CZcZWjIinUiQrD4O4s9I
A0NW7riady7meuQO+NTsI4ICw6JReRGV41T9eEMsSU/uYHZCLwik0AS27Us+buZ6
u0aIUd7boL9a9lr8AGffRGN+lm0xwkVbSF+cRjmoIZeZI+++pelLG0eD+DXJ4p6A
qkSgodE0ya5edgCyA/sqO1UhaGJ0J1LnCci7200MuuCrSy/fo+Mc2y5wUbU41UvB
pGN1yqrsmVo3gbuHiaoHYLXtu9VUzyICG9gOz3Vt7rniaKSEEINu0DfcBw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:01:37 2025 by rpki-client