Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/HqGBlHCcqML0b49RmMiADj_3sLM.roa
File: HqGBlHCcqML0b49RmMiADj_3sLM.roa (raw, json)
Hash identifier: jhb8DlavyOoJKxBtp3I3xAZi3tMkaWaQUAU2vxudotU=
Subject key identifier: 1E:A1:81:94:70:9C:A8:C2:F4:6F:8F:51:98:C8:80:0E:3F:F7:B0:B3
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 0185304991BC057AA5140EF453F56FCD3C19
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/HqGBlHCcqML0b49RmMiADj_3sLM.roa
Signing time: Tue 20 Dec 2022 16:06:45 +0000
ROA not before: Tue 20 Dec 2022 16:06:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43641
IP address blocks: 91.234.198.0/23 maxlen: 24
195.26.86.0/23 maxlen: 24
45.11.56.0/24 maxlen: 24
91.222.172.0/22 maxlen: 24
45.134.174.0/24 maxlen: 24
45.134.175.0/24 maxlen: 24
2a09:2dc1::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:30:49:91:bc:05:7a:a5:14:0e:f4:53:f5:6f:cd:3c:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Dec 20 16:06:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ea18194709ca8c2f46f8f5198c8800e3ff7b0b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:4e:5a:01:8c:18:c2:d4:1e:93:85:9e:3a:ce:
16:07:a0:75:27:b4:c6:12:75:f4:1f:d7:3e:14:f5:
67:73:1f:8d:4b:ec:0a:19:34:e4:68:5b:12:59:05:
59:4d:85:74:0e:59:b8:f8:a9:88:10:1a:56:a8:c9:
00:3e:a4:21:a2:b2:02:66:be:0c:73:74:23:36:79:
74:8e:35:84:95:9c:6e:1a:1d:04:96:82:67:8d:33:
a7:6d:55:ee:9f:e3:3e:fe:aa:8f:7e:a0:5e:9d:27:
57:b3:d7:8a:c1:22:bc:7d:ef:ef:53:48:43:45:c1:
53:f7:1a:e7:27:03:a5:6a:6e:f2:65:13:24:15:01:
e9:22:8a:eb:9e:35:4f:1a:8d:03:50:0f:d5:02:56:
30:cf:28:0e:bc:43:af:a6:23:6a:37:9f:70:18:1b:
36:d8:d4:1f:cd:96:7b:ac:6d:85:72:40:96:f3:88:
79:fd:65:29:19:46:fb:05:4c:c6:71:a1:7c:95:08:
dd:8e:bb:da:92:9a:cb:80:3f:7a:ab:f1:d9:01:a2:
a9:50:e8:b8:23:21:a3:ab:ab:66:97:8b:f7:a0:22:
a8:b8:9a:ae:c2:45:0d:f9:91:57:61:57:bc:25:b6:
0c:14:57:0a:c9:5e:a7:9c:f9:6b:c2:f3:8c:52:1d:
a1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:A1:81:94:70:9C:A8:C2:F4:6F:8F:51:98:C8:80:0E:3F:F7:B0:B3
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/HqGBlHCcqML0b49RmMiADj_3sLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.56.0/24
45.134.174.0/23
91.222.172.0/22
91.234.198.0/23
195.26.86.0/23
IPv6:
2a09:2dc1::/32
Signature Algorithm: sha256WithRSAEncryption
43:4b:f5:d7:3b:a4:5c:e8:58:21:74:08:d5:07:3e:1a:ae:45:
3e:47:61:4d:de:45:37:b7:6d:4a:0d:51:c2:ee:5e:04:cc:90:
0d:61:13:67:4a:67:25:df:64:23:76:d5:21:5e:2a:db:46:94:
c0:5c:ee:e6:2f:3d:ec:90:75:8c:97:32:7a:aa:15:4a:88:3d:
8a:b1:e9:1c:8d:f5:a1:de:d1:27:9f:fb:3d:98:f2:a1:60:29:
ee:76:04:a8:bd:90:af:50:f9:3c:2e:c4:a0:64:33:78:30:c7:
fc:c6:8e:80:16:03:3b:63:37:3f:06:86:6c:6b:a3:56:d7:97:
c4:31:74:13:ee:ed:df:4a:09:6b:b8:16:46:72:d2:cd:aa:b7:
ea:41:a3:31:c8:a6:c4:15:e3:aa:22:2d:91:93:ea:5c:33:69:
d3:03:6e:f9:bd:da:71:13:63:89:51:94:68:87:4a:29:2d:5a:
17:53:44:24:fc:6a:16:f0:3e:0a:90:d0:c1:b8:01:f0:d5:cb:
76:dd:85:f0:72:51:94:a1:8f:76:4d:13:ea:d5:e3:fa:e4:89:
51:7f:22:4f:89:aa:a3:4a:71:bb:c3:8b:f6:ca:67:07:eb:fc:
3b:19:48:30:ea:d7:06:f4:22:3d:02:6d:85:bc:58:c2:32:20:
fc:01:01:a0
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYUwSZG8BXqlFA70U/VvzTwZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjIxMjIwMTYwNjQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWExODE5NDcwOWNhOGMyZjQ2ZjhmNTE5OGM4ODAwZTNmZjdiMGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApk5aAYwYwtQek4WeOs4WB6B1J7TG
EnX0H9c+FPVncx+NS+wKGTTkaFsSWQVZTYV0Dlm4+KmIEBpWqMkAPqQhorICZr4M
c3QjNnl0jjWElZxuGh0EloJnjTOnbVXun+M+/qqPfqBenSdXs9eKwSK8fe/vU0hD
RcFT9xrnJwOlam7yZRMkFQHpIorrnjVPGo0DUA/VAlYwzygOvEOvpiNqN59wGBs2
2NQfzZZ7rG2FckCW84h5/WUpGUb7BUzGcaF8lQjdjrvakprLgD96q/HZAaKpUOi4
IyGjq6tml4v3oCKouJquwkUN+ZFXYVe8JbYMFFcKyV6nnPlrwvOMUh2h7wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFB6hgZRwnKjC9G+PUZjIgA4/97CzMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvSHFHQmxIQ2NxTUwwYjQ5Um1NaUFEal8zc0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALQs4AwQB
LYauAwQCW96sAwQBW+rGAwQBwxpWMA0EAgACMAcDBQAqCS3BMA0GCSqGSIb3DQEB
CwUAA4IBAQBDS/XXO6Rc6FghdAjVBz4arkU+R2FN3kU3t21KDVHC7l4EzJANYRNn
Smcl32QjdtUhXirbRpTAXO7mLz3skHWMlzJ6qhVKiD2KsekcjfWh3tEnn/s9mPKh
YCnudgSovZCvUPk8LsSgZDN4MMf8xo6AFgM7Yzc/BoZsa6NW15fEMXQT7u3fSglr
uBZGctLNqrfqQaMxyKbEFeOqIi2Rk+pcM2nTA275vdpxE2OJUZRoh0opLVoXU0Qk
/GoW8D4KkNDBuAHw1ct23YXwclGUoY92TRPq1eP65IlRfyJPiaqjSnG7w4v2ymcH
6/w7GUgw6tcG9CI9Am2FvFjCMiD8AQGg
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:53 2024 by rpki-client on console-ams.rpki-client.org