Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HnKapNU7QnxUdQSIfX8iIGdBs8A.roa
File: HnKapNU7QnxUdQSIfX8iIGdBs8A.roa (raw, json)
Hash identifier: cBdRk8P77JLYjpo47Tw76hzMpdYIUaoB9vs2unvpEUs=
Subject key identifier: 1E:72:9A:A4:D5:3B:42:7C:54:75:04:88:7D:7F:22:20:67:41:B3:C0
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 01833CABCFDBC59EFCA4A37DA4C38B2C658B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HnKapNU7QnxUdQSIfX8iIGdBs8A.roa
Signing time: Wed 14 Sep 2022 15:43:56 +0000
ROA not before: Wed 14 Sep 2022 15:43:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209641
IP address blocks: 45.133.245.0/24 maxlen: 24
185.5.248.0/23 maxlen: 23
185.5.248.0/22 maxlen: 22
5.252.116.0/24 maxlen: 24
185.87.48.0/22 maxlen: 22
185.87.48.0/24 maxlen: 24
185.117.152.0/22 maxlen: 22
139.28.220.0/24 maxlen: 24
139.28.221.0/24 maxlen: 24
5.180.139.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.180.138.0/24 maxlen: 24
5.180.136.0/24 maxlen: 24
45.89.67.0/24 maxlen: 24
45.89.66.0/24 maxlen: 24
91.217.80.0/24 maxlen: 24
95.214.10.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
95.214.11.0/24 maxlen: 24
95.214.9.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
94.142.136.0/21 maxlen: 21
185.105.119.0/24 maxlen: 24
94.142.139.0/24 maxlen: 24
94.142.143.0/24 maxlen: 24
94.142.141.0/24 maxlen: 24
94.142.140.0/24 maxlen: 24
94.142.142.0/24 maxlen: 24
185.125.216.0/22 maxlen: 22
185.105.118.0/24 maxlen: 24
185.105.116.0/24 maxlen: 24
185.105.117.0/24 maxlen: 24
185.58.205.0/24 maxlen: 24
185.58.206.0/24 maxlen: 24
185.58.204.0/24 maxlen: 24
185.58.204.0/22 maxlen: 22
185.58.207.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.125.229.0/24 maxlen: 24
185.125.228.0/22 maxlen: 22
185.125.228.0/24 maxlen: 24
194.67.192.0/19 maxlen: 19
194.67.196.0/22 maxlen: 22
194.67.194.0/23 maxlen: 23
194.67.193.0/24 maxlen: 24
193.124.176.0/21 maxlen: 21
193.124.176.0/20 maxlen: 20
193.124.184.0/21 maxlen: 21
45.128.176.0/24 maxlen: 24
45.128.178.0/24 maxlen: 24
45.128.176.0/22 maxlen: 22
45.128.177.0/24 maxlen: 24
45.128.179.0/24 maxlen: 24
195.47.250.0/24 maxlen: 24
194.67.203.0/24 maxlen: 24
194.67.202.0/24 maxlen: 24
194.67.200.0/23 maxlen: 23
194.67.204.0/22 maxlen: 22
194.67.208.0/20 maxlen: 20
46.17.106.0/24 maxlen: 24
2a0a:9300:d1::/48 maxlen: 48
2a0a:9300::/48 maxlen: 48
2a0a:9301:1::/48 maxlen: 48
2a0a:9301::/48 maxlen: 48
2a0a:9300:d2::/48 maxlen: 48
2a0a:9301:2::/48 maxlen: 48
2a0a:9300:2::/48 maxlen: 48
2a0a:9302::/32 maxlen: 32
2a0a:9300:d0::/48 maxlen: 48
2a0a:9302:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:3c:ab:cf:db:c5:9e:fc:a4:a3:7d:a4:c3:8b:2c:65:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 14 15:43:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e729aa4d53b427c547504887d7f22206741b3c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:42:5c:da:5c:a9:d6:6e:0a:32:23:a6:dc:9d:
d4:07:48:16:6e:83:33:55:eb:6b:4b:b0:b1:a4:c0:
8a:2a:69:8a:f3:d8:a6:0d:a5:37:3f:1c:a0:5a:95:
94:bf:24:12:48:64:88:00:8b:5a:29:82:00:0b:05:
d3:81:39:71:a0:dc:45:b8:c7:2f:d7:07:fa:99:78:
e4:6e:3f:c9:2c:ec:51:c6:1a:da:15:a2:4e:f2:8f:
22:65:8b:8e:48:ee:77:19:1f:98:ec:10:11:37:d4:
40:5a:e0:da:4a:97:93:90:0a:08:95:61:78:99:e3:
f1:d5:0d:8f:1f:32:09:41:82:68:6c:8d:f6:5f:3a:
2c:42:c0:56:35:3e:42:54:77:73:b2:1f:f7:74:4c:
e1:df:61:8b:7b:60:61:1b:18:e8:c2:e3:0b:73:d9:
92:b2:2c:96:54:0f:4e:a1:5a:d5:69:62:9c:55:ca:
12:08:89:29:eb:f8:ae:1b:dc:5d:b9:a2:a3:84:06:
5b:2e:fd:97:c1:94:64:b4:77:71:a2:9b:a5:5d:7f:
f5:e0:5f:82:e7:f7:06:e8:b7:b3:32:9a:7e:b8:d3:
c2:22:99:fd:43:e5:49:0b:ed:bd:cf:6f:19:7d:a0:
6e:6e:6f:be:d0:36:f6:6e:55:c9:5c:cd:4d:21:73:
71:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:72:9A:A4:D5:3B:42:7C:54:75:04:88:7D:7F:22:20:67:41:B3:C0
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/HnKapNU7QnxUdQSIfX8iIGdBs8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/22
5.252.116.0/24
45.89.64.0/24
45.89.66.0/23
45.128.176.0/22
45.133.245.0/24
46.17.106.0/24
91.217.80.0/24
94.142.136.0/21
95.214.8.0/22
139.28.220.0/23
185.5.248.0/22
185.58.204.0/22
185.87.48.0/22
185.105.116.0/22
185.117.152.0/22
185.125.216.0/22
185.125.228.0/22
193.124.176.0/20
194.67.192.0/19
195.47.250.0/24
195.66.87.0/24
IPv6:
2a0a:9300::/48
2a0a:9300:2::/48
2a0a:9300:d0::-2a0a:9300:d2:ffff:ffff:ffff:ffff:ffff
2a0a:9301::-2a0a:9301:2:ffff:ffff:ffff:ffff:ffff
2a0a:9302::/32
Signature Algorithm: sha256WithRSAEncryption
53:5f:72:49:31:b8:24:5e:ea:6e:e6:26:0e:75:ef:ed:95:ed:
95:0a:82:4d:5a:eb:65:f0:e9:3f:f7:ab:52:45:17:28:79:27:
6b:e6:3d:bb:68:88:1d:b5:7b:4f:21:6b:47:53:a1:e6:85:64:
85:dc:2a:84:d8:10:77:42:53:43:cf:fc:93:67:26:77:fc:85:
83:4e:a9:ef:da:71:1c:ea:d4:f1:48:d8:59:55:4e:b5:14:53:
74:e6:d1:05:39:ac:14:14:cb:87:f0:03:e2:4f:37:cc:da:06:
4a:20:c6:17:7f:b7:64:3a:e8:28:7c:95:63:e8:77:6d:24:9f:
e9:7a:ce:e2:fd:0d:35:df:34:b4:c0:d3:6f:10:15:b6:a6:27:
29:11:68:09:89:94:93:65:a6:e6:41:3c:d6:32:0b:d3:3e:29:
cc:92:22:dd:8b:1c:37:d9:51:fb:dc:86:b0:d7:8a:ea:77:4a:
5c:d3:b1:5b:78:8a:b5:a7:4d:84:d9:a6:e0:21:55:dd:b2:ac:
41:88:15:3f:ea:44:24:33:1e:db:8a:7a:eb:76:0b:61:ab:33:
ac:d9:20:30:fe:0a:fe:6b:0c:8b:0d:24:39:12:fd:89:92:dd:
2c:82:92:fc:7f:72:36:78:68:91:7b:ef:96:ec:71:8f:25:91:
2c:a0:48:cb
-----BEGIN CERTIFICATE-----
MIIFxzCCBK+gAwIBAgISAYM8q8/bxZ78pKN9pMOLLGWLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTE0MTU0MzU2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTcyOWFhNGQ1M2I0MjdjNTQ3NTA0ODg3ZDdmMjIyMDY3NDFiM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEJc2lyp1m4KMiOm3J3UB0gWboMz
VetrS7CxpMCKKmmK89imDaU3PxygWpWUvyQSSGSIAItaKYIACwXTgTlxoNxFuMcv
1wf6mXjkbj/JLOxRxhraFaJO8o8iZYuOSO53GR+Y7BARN9RAWuDaSpeTkAoIlWF4
mePx1Q2PHzIJQYJobI32XzosQsBWNT5CVHdzsh/3dEzh32GLe2BhGxjowuMLc9mS
siyWVA9OoVrVaWKcVcoSCIkp6/iuG9xduaKjhAZbLv2XwZRktHdxopulXX/14F+C
5/cG6LezMpp+uNPCIpn9Q+VJC+29z28ZfaBubm++0Db2blXJXM1NIXNxIwIDAQAB
o4IC0zCCAs8wHQYDVR0OBBYEFB5ymqTVO0J8VHUEiH1/IiBnQbPAMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvSG5LYXBOVTdRbnhVZFFTSWZYOGlJR2RCczhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHoBggrBgEFBQcBBwEB/wSB2DCB1TCBiwQCAAEwgYQDBAIF
tIgDBAAF/HQDBAAtWUADBAEtWUIDBAItgLADBAAthfUDBAAuEWoDBABb2VADBANe
jogDBAJf1ggDBAGLHNwDBAK5BfgDBAK5OswDBAK5VzADBAK5aXQDBAK5dZgDBAK5
fdgDBAK5feQDBATBfLADBAXCQ8ADBADDL/oDBADDQlcwRQQCAAIwPwMHACoKkwAA
AAMHACoKkwAAAjASAwcEKgqTAADQAwcAKgqTAADSMBADBQAqCpMBAwcAKgqTAQAC
AwUAKgqTAjANBgkqhkiG9w0BAQsFAAOCAQEAU19ySTG4JF7qbuYmDnXv7ZXtlQqC
TVrrZfDpP/erUkUXKHkna+Y9u2iIHbV7TyFrR1Oh5oVkhdwqhNgQd0JTQ8/8k2cm
d/yFg06p79pxHOrU8UjYWVVOtRRTdObRBTmsFBTLh/AD4k83zNoGSiDGF3+3ZDro
KHyVY+h3bSSf6XrO4v0NNd80tMDTbxAVtqYnKRFoCYmUk2Wm5kE81jIL0z4pzJIi
3YscN9lR+9yGsNeK6ndKXNOxW3iKtadNhNmm4CFV3bKsQYgVP+pEJDMe24p663YL
YaszrNkgMP4K/msMiw0kORL9iZLdLIKS/H9yNnhokXvvluxxjyWRLKBIyw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:37 2023 by rpki-client on console-fra.rpki-client.org