Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HHAHq8ksvoMRcCDA0n0DcVvpeo8.roa
File: HHAHq8ksvoMRcCDA0n0DcVvpeo8.roa (raw, json)
Hash identifier: 8rZBipmK7o4MsSpERKPBhT9X5EI2GXMwDi/tAKj/rTw=
Subject key identifier: 1C:70:07:AB:C9:2C:BE:83:11:70:20:C0:D2:7D:03:71:5B:E9:7A:8F
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 044F20E1
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HHAHq8ksvoMRcCDA0n0DcVvpeo8.roa
Signing time: Wed 23 Mar 2022 10:00:23 +0000
ROA not before: Wed 23 Mar 2022 10:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207569
IP address blocks: 139.28.221.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
5.180.138.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.180.139.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
2a0a:9300:1::/48 maxlen: 48
2a0a:9300:aaaa::/48 maxlen: 48
2a0a:9300::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72294625 (0x44f20e1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 23 10:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c7007abc92cbe83117020c0d27d03715be97a8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:55:27:2d:76:54:12:c9:72:7d:00:c8:8d:28:
cd:32:8c:55:76:c7:61:17:80:d7:21:b7:99:19:e2:
c6:35:7a:46:46:56:fc:ec:9a:44:e9:3c:cf:31:5e:
fa:8c:7e:84:b7:45:44:90:2c:34:ae:e8:17:ef:29:
0d:b6:9a:0d:fc:31:e4:47:f4:8f:23:c5:c3:62:3a:
35:fc:27:c6:e0:1f:c9:15:13:ce:bf:dd:56:31:53:
40:1d:0d:ef:23:2c:c9:af:82:8b:d1:a3:f9:d4:74:
9f:cd:7f:fa:87:34:00:c0:d8:e6:9e:d9:b5:2c:2d:
4f:0e:d9:9c:a9:16:95:88:12:35:c3:f4:be:5a:ed:
9e:6b:c6:f0:bd:f0:56:73:b3:7d:a7:10:ef:bf:25:
42:34:a6:19:8f:50:7e:f2:fb:5a:61:2c:33:b7:65:
2a:f0:a0:f7:ef:e8:f6:ab:fe:f3:bc:b0:bf:86:ab:
43:64:7b:fc:0d:a8:ad:bf:84:6a:21:38:58:fa:bd:
51:fe:b9:c2:16:a8:9a:84:2a:b9:41:15:11:9e:f6:
4f:86:38:50:88:69:5d:65:e5:af:c7:91:ac:17:55:
66:60:a1:61:49:36:4d:79:43:bf:50:f4:17:6c:20:
27:3d:5d:d9:44:ee:f3:b1:12:84:2d:f6:f9:95:d5:
15:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:70:07:AB:C9:2C:BE:83:11:70:20:C0:D2:7D:03:71:5B:E9:7A:8F
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HHAHq8ksvoMRcCDA0n0DcVvpeo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/24
45.89.64.0/24
45.133.245.0/24
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.221.0/24
185.17.2.0/24
185.94.167.0/24
185.188.181.0/24
194.53.54.0/24
IPv6:
2a0a:9300::/32
Signature Algorithm: sha256WithRSAEncryption
0d:a7:07:fc:52:c1:20:13:62:88:b8:55:6a:6c:99:bf:f8:d6:
e8:4e:7d:51:91:a8:56:04:fa:61:8a:20:32:94:ba:3f:ca:c0:
e6:b3:e4:91:8d:95:b1:66:a5:3e:cf:77:2c:2e:8c:de:7b:8d:
e4:68:b1:96:9e:f6:4f:b5:d5:12:91:4e:db:f2:78:4f:73:c2:
08:e0:a8:5d:52:16:d4:c0:d9:51:cd:a2:23:c0:89:69:fb:01:
39:8a:02:6e:5e:2e:77:cf:7e:54:5f:6d:9f:b8:7e:49:8c:4f:
56:0b:94:11:70:39:7f:d6:a9:0d:7b:20:af:db:1f:23:cd:43:
8c:11:5b:19:81:2d:be:a5:bd:87:03:49:83:5f:86:86:c6:a6:
bd:c7:4b:f2:cc:bb:99:21:b3:3e:f9:9c:f9:86:e5:fe:8f:a7:
1d:75:52:67:45:72:f0:f5:62:51:b6:cf:1e:af:ea:c8:d5:dd:
3b:8c:5a:77:d7:40:33:6e:2f:ff:c8:04:42:35:34:55:a0:d6:
73:47:e2:37:15:0e:62:f6:ca:5e:4e:66:c0:0f:19:41:d1:a8:
43:1d:7a:6f:fb:b0:13:07:60:68:86:a2:1d:5b:37:12:33:09:
bb:3b:68:1a:cc:86:90:4c:c2:91:1c:81:fe:0e:34:03:7d:5a:
f9:92:19:f7
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIEBE8g4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMy
MzEwMDAyM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM3MDA3YWJjOTJj
YmU4MzExNzAyMGMwZDI3ZDAzNzE1YmU5N2E4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJpVJy12VBLJcn0AyI0ozTKMVXbHYReA1yG3mRnixjV6RkZW
/OyaROk8zzFe+ox+hLdFRJAsNK7oF+8pDbaaDfwx5Ef0jyPFw2I6NfwnxuAfyRUT
zr/dVjFTQB0N7yMsya+Ci9Gj+dR0n81/+oc0AMDY5p7ZtSwtTw7ZnKkWlYgSNcP0
vlrtnmvG8L3wVnOzfacQ778lQjSmGY9QfvL7WmEsM7dlKvCg9+/o9qv+87ywv4ar
Q2R7/A2orb+EaiE4WPq9Uf65whaomoQquUEVEZ72T4Y4UIhpXWXlr8eRrBdVZmCh
YUk2TXlDv1D0F2wgJz1d2UTu87EShC32+ZXVFaUCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBQccAerySy+gxFwIMDSfQNxW+l6jzAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L0hIQUhxOGtzdm9NUmNDREEwbjBEY1Z2cGVvOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wTgQCAAEwSAMEAgW0iAMEAAX8dAMEAC1ZQAMEAC2F
9QMEAC4RagMEAFXRAAMEAF/WCAMEAIsc3QMEALkRAgMEALlepwMEALm8tQMEAMI1
NjANBAIAAjAHAwUAKgqTADANBgkqhkiG9w0BAQsFAAOCAQEADacH/FLBIBNiiLhV
amyZv/jW6E59UZGoVgT6YYogMpS6P8rA5rPkkY2VsWalPs93LC6M3nuN5Gixlp72
T7XVEpFO2/J4T3PCCOCoXVIW1MDZUc2iI8CJafsBOYoCbl4ud89+VF9tn7h+SYxP
VguUEXA5f9apDXsgr9sfI81DjBFbGYEtvqW9hwNJg1+GhsamvcdL8sy7mSGzPvmc
+Ybl/o+nHXVSZ0Vy8PViUbbPHq/qyNXdO4xad9dAM24v/8gEQjU0VaDWc0fiNxUO
YvbKXk5mwA8ZQdGoQx16b/uwEwdgaIaiHVs3EjMJuztoGsyGkEzCkRyB/g40A31a
+ZIZ9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:09 2024 by rpki-client on console-ams.rpki-client.org