Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hHnXonpUvDq1kWjlOQPBi0NG4KY.roa
File: hHnXonpUvDq1kWjlOQPBi0NG4KY.roa (raw, json)
Hash identifier: d4R1b7a1k6avSRS6KnlrSbdy2ngSIddWCcGGq0yNR6Y=
Subject key identifier: 84:79:D7:A2:7A:54:BC:3A:B5:91:68:E5:39:03:C1:8B:43:46:E0:A6
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 042CD658
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hHnXonpUvDq1kWjlOQPBi0NG4KY.roa
Signing time: Thu 17 Mar 2022 18:01:50 +0000
ROA not before: Thu 17 Mar 2022 18:01:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200740
IP address blocks: 185.103.252.0/23 maxlen: 23
45.9.72.0/24 maxlen: 24
91.217.76.0/24 maxlen: 24
185.103.254.0/24 maxlen: 24
185.117.119.0/24 maxlen: 24
185.103.255.0/24 maxlen: 24
185.103.254.0/23 maxlen: 23
194.36.178.0/23 maxlen: 23
46.17.105.0/24 maxlen: 24
2a04:5201:4::/48 maxlen: 48
2a04:5200:68::/48 maxlen: 48
2a04:5201:6::/48 maxlen: 48
2a04:5201:2::/48 maxlen: 48
2a04:5201:7::/48 maxlen: 48
2a04:5201:8018::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 70047320 (0x42cd658)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Mar 17 18:01:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8479d7a27a54bc3ab59168e53903c18b4346e0a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:c0:d7:a5:64:64:3a:51:86:5b:7c:46:19:0b:
57:0b:df:2a:5a:f7:e3:aa:03:8c:b9:5c:f2:49:96:
49:83:30:f9:8f:24:3b:39:cb:dc:16:a4:3a:4b:96:
42:92:de:2a:de:97:7a:ab:ab:a3:65:98:a0:cb:ea:
8b:16:c9:59:7e:42:c0:77:f8:3d:66:75:e2:eb:58:
32:6a:6c:97:9b:ed:2c:6a:47:f4:c3:13:98:35:10:
1f:07:11:40:0c:40:08:ed:2c:d5:ba:58:ad:15:eb:
79:8e:cb:1c:8a:da:a8:8c:67:1b:8d:3d:a9:72:3d:
d8:2d:f1:f6:43:e0:f2:c9:1a:65:d5:f7:15:73:5a:
61:be:77:5a:20:a2:92:5d:d0:ef:0a:47:c5:ec:2e:
6e:40:a8:89:a9:6e:d3:19:40:b7:7c:a0:b2:e5:a7:
32:5d:71:90:66:fe:65:25:ee:9a:91:b2:03:84:b3:
c9:49:ee:3a:b5:9c:ab:d9:87:02:50:98:2a:6a:60:
68:79:05:b2:42:86:63:30:7f:a4:fb:ef:d9:e4:3b:
b6:d4:fe:87:15:ef:d6:a0:7f:67:6c:15:d7:1f:3b:
f6:32:37:30:39:b0:b8:f3:3e:02:3b:ef:aa:7e:cf:
15:08:0a:9f:3a:de:29:a0:2f:43:5f:c7:43:64:d5:
49:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:79:D7:A2:7A:54:BC:3A:B5:91:68:E5:39:03:C1:8B:43:46:E0:A6
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/hHnXonpUvDq1kWjlOQPBi0NG4KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.72.0/24
46.17.105.0/24
91.217.76.0/24
185.103.252.0/22
185.117.119.0/24
194.36.178.0/23
IPv6:
2a04:5200:68::/48
2a04:5201:2::/48
2a04:5201:4::/48
2a04:5201:6::/47
2a04:5201:8018::/48
Signature Algorithm: sha256WithRSAEncryption
13:7b:50:be:cd:ad:8d:84:f6:67:eb:4a:cf:b1:9c:b2:c8:f0:
1c:f0:f2:58:de:9a:4c:30:eb:1c:dd:e4:ec:f3:76:c9:5e:62:
77:c5:eb:06:f3:4f:13:ac:77:06:30:a1:c5:cd:6c:15:37:b6:
e0:b0:1e:c8:20:6d:e1:57:28:83:b5:51:e4:9f:f0:a3:17:56:
3a:94:9a:7c:bd:6c:c5:20:0a:22:97:93:b6:f8:15:c3:f4:a0:
84:ff:b0:e8:90:37:97:5c:eb:dd:df:f1:dd:24:fd:ca:79:e8:
31:2b:11:a7:2b:58:e4:5d:04:2a:c7:af:41:80:8d:c5:31:d9:
2a:6e:b0:95:fd:b7:47:e8:eb:4b:bc:9c:88:5d:ba:6c:0b:5f:
40:2d:33:f6:04:6e:4d:98:1a:97:f9:b4:b5:56:38:b9:a1:39:
4d:cf:f0:31:a5:48:19:73:b8:a2:92:2c:8a:6e:47:10:25:40:
da:98:11:eb:32:a1:39:a4:03:7d:63:95:f1:b9:3f:3e:7f:76:
12:f9:16:78:92:ad:fe:5c:b5:5e:9a:b6:67:47:eb:26:97:ad:
7c:75:9d:37:a5:10:ee:55:dd:0e:97:29:c6:21:0f:12:f7:a5:
0e:83:27:3d:57:9b:8e:4f:91:11:80:36:6a:58:b9:ea:82:3d:
40:23:90:c5
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgIEBCzWWDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NGY5NjM0NWQzZjIyZWRiMzk1ZDI0N2Y3Yjg2ZDJkNzNlNGEwMDkxMB4XDTIyMDMx
NzE4MDE1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODQ3OWQ3YTI3YTU0
YmMzYWI1OTE2OGU1MzkwM2MxOGI0MzQ2ZTBhNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOTA16VkZDpRhlt8RhkLVwvfKlr346oDjLlc8kmWSYMw+Y8k
OznL3BakOkuWQpLeKt6Xequro2WYoMvqixbJWX5CwHf4PWZ14utYMmpsl5vtLGpH
9MMTmDUQHwcRQAxACO0s1bpYrRXreY7LHIraqIxnG409qXI92C3x9kPg8skaZdX3
FXNaYb53WiCikl3Q7wpHxewubkCoialu0xlAt3ygsuWnMl1xkGb+ZSXumpGyA4Sz
yUnuOrWcq9mHAlCYKmpgaHkFskKGYzB/pPvv2eQ7ttT+hxXv1qB/Z2wV1x879jI3
MDmwuPM+Ajvvqn7PFQgKnzreKaAvQ1/HQ2TVSS0CAwEAAaOCAlwwggJYMB0GA1Ud
DgQWBBSEedeielS8OrWRaOU5A8GLQ0bgpjAfBgNVHSMEGDAWgBS0+WNF0/Iu2zld
JH97htLXPkoAkTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3RQbGpSZFB5THRzNVhTUl9lNGJTMXo1S0FKRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzUvOGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8x
L2hIblhvbnBVdkRxMWtXamxPUVBCaTBORzRLWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzUv
OGUxMjFkLTczYjMtNDM4YS04M2M0LTZmYzM0M2Q3N2NkMi8xL3RQbGpSZFB5THRz
NVhTUl9lNGJTMXo1S0FKRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBy
BggrBgEFBQcBBwEB/wRjMGEwKgQCAAEwJAMEAC0JSAMEAC4RaQMEAFvZTAMEArln
/AMEALl1dwMEAcIksjAzBAIAAjAtAwcAKgRSAABoAwcAKgRSAQACAwcAKgRSAQAE
AwcBKgRSAQAGAwcAKgRSAYAYMA0GCSqGSIb3DQEBCwUAA4IBAQATe1C+za2NhPZn
60rPsZyyyPAc8PJY3ppMMOsc3eTs83bJXmJ3xesG808TrHcGMKHFzWwVN7bgsB7I
IG3hVyiDtVHkn/CjF1Y6lJp8vWzFIAoil5O2+BXD9KCE/7DokDeXXOvd3/HdJP3K
eegxKxGnK1jkXQQqx69BgI3FMdkqbrCV/bdH6OtLvJyIXbpsC19ALTP2BG5NmBqX
+bS1Vji5oTlNz/AxpUgZc7iikiyKbkcQJUDamBHrMqE5pAN9Y5XxuT8+f3YS+RZ4
kq3+XLVemrZnR+sml618dZ03pRDuVd0OlynGIQ8S96UOgyc9V5uOT5ERgDZqWLnq
gj1AI5DF
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:29 2023 by rpki-client on console-ams.rpki-client.org