Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/hErawZnTTTLNjG_II8pAH2UclMk.roa
File: hErawZnTTTLNjG_II8pAH2UclMk.roa (raw, json)
Hash identifier: M21C0AuilzTJDJvfZpYS0tuEZz0KeMJx/LZnhkHOxjY=
Subject key identifier: 84:4A:DA:C1:99:D3:4D:32:CD:8C:6F:C8:23:CA:40:1F:65:1C:94:C9
Certificate issuer: /CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Certificate serial: 068659FA
Authority key identifier: 88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/hErawZnTTTLNjG_II8pAH2UclMk.roa
Signing time: Tue 01 Mar 2022 15:59:37 +0000
ROA not before: Tue 01 Mar 2022 15:59:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202486
IP address blocks: 194.76.221.0/24 maxlen: 24
194.76.220.0/24 maxlen: 24
194.76.220.0/23 maxlen: 24
194.76.237.0/24 maxlen: 24
194.76.236.0/23 maxlen: 24
194.76.236.0/24 maxlen: 24
5.183.183.0/24 maxlen: 24
5.183.182.0/24 maxlen: 24
193.161.212.0/24 maxlen: 24
5.183.180.0/24 maxlen: 24
193.161.213.0/24 maxlen: 24
5.183.181.0/24 maxlen: 24
193.161.214.0/24 maxlen: 24
193.161.215.0/24 maxlen: 24
92.118.93.0/24 maxlen: 24
92.118.92.0/24 maxlen: 24
92.118.95.0/24 maxlen: 24
92.118.94.0/24 maxlen: 24
2a0c:a0c1::/32 maxlen: 32
2a0c:a0c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109468154 (0x68659fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=884bf80e72f50f09bf563493ebdb11a34bba312d
Validity
Not Before: Mar 1 15:59:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=844adac199d34d32cd8c6fc823ca401f651c94c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:ad:a2:f8:bb:f1:e6:36:8f:ea:4f:b6:4f:6e:
22:31:4a:7c:61:1e:c1:b1:f3:7e:9a:8a:f9:0b:c1:
10:91:3a:c0:da:8e:3f:33:de:2e:f9:a4:f6:c4:e0:
73:33:9b:ec:35:32:d2:88:d4:f1:3d:7d:1a:38:e0:
3a:33:3a:29:86:87:24:4a:4f:62:5e:38:d1:73:5d:
25:25:99:45:d8:b1:aa:4c:65:e8:c9:f5:0d:67:db:
15:6b:8b:c2:3f:fe:76:16:73:69:3c:fe:1c:fb:43:
4a:91:9c:47:d6:30:0c:ab:4d:69:b5:98:0e:f5:ec:
99:0f:0e:1a:7a:e1:2d:fe:05:9f:45:10:55:f8:26:
99:e2:4b:f9:6b:fa:01:3d:67:af:ea:22:63:52:1f:
6e:6c:38:d8:9e:cf:38:13:2b:06:da:80:a5:f4:e6:
a5:02:ae:c1:59:f3:14:2c:a1:ac:6e:91:1e:93:1e:
98:e7:f7:09:34:2f:a0:ba:5d:ad:92:2c:1e:5f:39:
08:8e:c0:72:11:c6:ab:00:b6:7e:b1:d5:07:a1:a6:
7b:f1:98:2d:8f:09:54:87:1a:73:5a:ac:85:9d:fd:
4c:04:10:1b:aa:44:71:cc:4b:ce:c7:90:c8:39:53:
53:aa:95:6e:b5:eb:ef:17:cb:6d:67:99:46:34:f6:
8a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:4A:DA:C1:99:D3:4D:32:CD:8C:6F:C8:23:CA:40:1F:65:1C:94:C9
X509v3 Authority Key Identifier:
keyid:88:4B:F8:0E:72:F5:0F:09:BF:56:34:93:EB:DB:11:A3:4B:BA:31:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iEv4DnL1Dwm_VjST69sRo0u6MS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/hErawZnTTTLNjG_II8pAH2UclMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/b12e4d-8a1a-4010-9a8b-36f9847ac35b/1/iEv4DnL1Dwm_VjST69sRo0u6MS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.180.0/22
92.118.92.0/22
193.161.212.0/22
194.76.220.0/23
194.76.236.0/23
IPv6:
2a0c:a0c0::/31
Signature Algorithm: sha256WithRSAEncryption
25:1a:cb:19:00:c2:48:b3:f0:5a:c2:0e:90:69:54:18:c1:1e:
c6:bf:b0:d1:4e:4c:0b:0b:c4:e1:b8:c3:b5:e3:a1:86:b2:e1:
7f:3b:8c:57:60:9c:c2:3d:49:a1:76:2d:c8:20:98:71:09:81:
e1:65:05:98:e5:d9:09:80:b8:eb:1d:b6:4b:67:06:46:98:a8:
f3:a3:71:b3:7c:38:23:52:7e:c0:e7:62:ec:d0:ea:e4:66:ca:
1a:41:30:f5:37:5d:7f:08:a3:31:af:54:d3:50:09:b7:f1:db:
58:e4:d5:47:ca:26:5c:67:a7:4b:c1:66:c0:b3:a9:ba:29:7c:
ca:44:f8:20:c2:7f:63:fe:c6:91:d9:39:8a:d6:42:ac:8a:c0:
25:ee:ff:cc:4f:d6:dc:28:a6:ff:b7:82:3a:18:13:32:61:7e:
01:fb:61:b9:ae:05:0e:16:84:d8:b7:00:a8:85:e9:78:3c:d5:
41:8e:d3:b2:f7:76:71:b9:f3:67:07:ca:85:80:a6:54:4e:17:
66:bf:80:b7:c6:c5:d3:8f:d3:b6:b6:ab:88:26:e1:f4:09:e9:
8b:dc:dc:6e:3c:23:aa:29:a4:49:cd:da:04:1b:13:2a:d8:ec:
9f:f7:09:e2:a5:22:b5:d3:81:7e:fc:27:01:ce:e1:4a:93:21:
14:24:7e:97
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEBoZZ+jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ODRiZjgwZTcyZjUwZjA5YmY1NjM0OTNlYmRiMTFhMzRiYmEzMTJkMB4XDTIyMDMw
MTE1NTkzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ0YWRhYzE5OWQz
NGQzMmNkOGM2ZmM4MjNjYTQwMWY2NTFjOTRjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI6tovi78eY2j+pPtk9uIjFKfGEewbHzfpqK+QvBEJE6wNqO
PzPeLvmk9sTgczOb7DUy0ojU8T19GjjgOjM6KYaHJEpPYl440XNdJSWZRdixqkxl
6Mn1DWfbFWuLwj/+dhZzaTz+HPtDSpGcR9YwDKtNabWYDvXsmQ8OGnrhLf4Fn0UQ
VfgmmeJL+Wv6AT1nr+oiY1Ifbmw42J7POBMrBtqApfTmpQKuwVnzFCyhrG6RHpMe
mOf3CTQvoLpdrZIsHl85CI7AchHGqwC2frHVB6Gme/GYLY8JVIcac1qshZ39TAQQ
G6pEccxLzseQyDlTU6qVbrXr7xfLbWeZRjT2iiECAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBSEStrBmdNNMs2Mb8gjykAfZRyUyTAfBgNVHSMEGDAWgBSIS/gOcvUPCb9W
NJPr2xGjS7oxLTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lFdjREbkwxRHdtX1ZqU1Q2OXNSbzB1Nk1TMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYmYvYjEyZTRkLThhMWEtNDAxMC05YThiLTM2Zjk4NDdhYzM1Yi8x
L2hFcmF3Wm5UVFRMTmpHX0lJOHBBSDJVY2xNay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYmYv
YjEyZTRkLThhMWEtNDAxMC05YThiLTM2Zjk4NDdhYzM1Yi8xL2lFdjREbkwxRHdt
X1ZqU1Q2OXNSbzB1Nk1TMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAgW3tAMEAlx2XAMEAsGh1AMEAcJM
3AMEAcJM7DANBAIAAjAHAwUBKgygwDANBgkqhkiG9w0BAQsFAAOCAQEAJRrLGQDC
SLPwWsIOkGlUGMEexr+w0U5MCwvE4bjDteOhhrLhfzuMV2Ccwj1JoXYtyCCYcQmB
4WUFmOXZCYC46x22S2cGRpio86Nxs3w4I1J+wOdi7NDq5GbKGkEw9TddfwijMa9U
01AJt/HbWOTVR8omXGenS8FmwLOpuil8ykT4IMJ/Y/7Gkdk5itZCrIrAJe7/zE/W
3Cim/7eCOhgTMmF+Afthua4FDhaE2LcAqIXpeDzVQY7Tsvd2cbnzZwfKhYCmVE4X
Zr+At8bF04/TtrariCbh9Anpi9zcbjwjqimkSc3aBBsTKtjsn/cJ4qUitdOBfvwn
Ac7hSpMhFCR+lw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:14 2024 by rpki-client on console-fra.rpki-client.org