Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/HF7l5ziT-6rGPYxrRQIm0UidvRA.roa
File: HF7l5ziT-6rGPYxrRQIm0UidvRA.roa (raw, json)
Hash identifier: aAJ3Ipkw9F/IEDJ6KPQFiUIgpm5WU0SrCUB7aEVHlP8=
Subject key identifier: 1C:5E:E5:E7:38:93:FB:AA:C6:3D:8C:6B:45:02:26:D1:48:9D:BD:10
Certificate issuer: /CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Certificate serial: 0A195439
Authority key identifier: BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/HF7l5ziT-6rGPYxrRQIm0UidvRA.roa
Signing time: Sat 01 Jan 2022 16:02:31 +0000
ROA not before: Sat 01 Jan 2022 16:02:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60522
IP address blocks: 217.61.192.0/20 maxlen: 20
185.29.216.0/22 maxlen: 22
86.111.152.0/21 maxlen: 21
195.192.216.0/21 maxlen: 21
185.205.124.0/22 maxlen: 22
134.255.192.0/22 maxlen: 22
2a00:ab60::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169432121 (0xa195439)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be48cc35488bd9e6f312b20fc76a10272f0cdeda
Validity
Not Before: Jan 1 16:02:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c5ee5e73893fbaac63d8c6b450226d1489dbd10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:63:d2:ae:6c:18:67:41:26:7e:ec:e9:f4:c9:
53:77:d0:a6:aa:2a:79:91:57:99:45:34:b6:87:19:
01:02:2d:7d:f0:95:a2:05:97:f3:2e:7b:55:aa:4f:
0a:bb:c9:96:94:d5:68:ff:e7:e9:75:ad:cb:c1:af:
d1:84:b1:34:56:f7:8c:75:20:e5:89:cc:b5:17:c5:
d6:75:e2:7e:1b:83:40:52:a7:42:71:02:d0:9f:62:
f4:91:0f:f4:0b:75:eb:7a:73:c7:dc:82:ef:e2:78:
f4:22:a0:27:4f:a1:c5:02:b0:8d:4d:67:19:a6:17:
74:4d:c6:e9:5c:20:b2:0b:5b:64:7d:e5:e0:c5:0b:
6e:2a:f9:04:fd:69:7b:aa:ed:c3:aa:75:e5:9f:73:
de:55:6e:5c:01:2c:af:cd:64:40:e3:9a:27:90:b1:
30:82:03:6c:cf:ac:d2:46:0a:1e:d0:dd:3a:19:87:
ba:c5:19:35:1e:37:39:97:bb:e7:0f:2d:48:75:aa:
ed:e7:49:6f:a9:f8:5c:bb:b9:58:2f:65:31:45:6f:
67:a2:5c:25:1e:59:99:15:82:4c:78:18:d2:b2:7a:
7d:9b:5b:54:5f:8b:c1:ad:9d:f2:9b:e0:19:42:76:
2e:34:c4:3a:47:9f:90:9d:61:48:31:71:2c:c9:2a:
da:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5E:E5:E7:38:93:FB:AA:C6:3D:8C:6B:45:02:26:D1:48:9D:BD:10
X509v3 Authority Key Identifier:
keyid:BE:48:CC:35:48:8B:D9:E6:F3:12:B2:0F:C7:6A:10:27:2F:0C:DE:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vkjMNUiL2ebzErIPx2oQJy8M3to.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/HF7l5ziT-6rGPYxrRQIm0UidvRA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/d26971-b7a8-4ede-8bb4-49bc43660c97/1/vkjMNUiL2ebzErIPx2oQJy8M3to.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.111.152.0/21
134.255.192.0/22
185.29.216.0/22
185.205.124.0/22
195.192.216.0/21
217.61.192.0/20
IPv6:
2a00:ab60::/29
Signature Algorithm: sha256WithRSAEncryption
41:a5:79:f8:96:29:49:f6:ca:a4:d1:50:02:f2:a4:10:a7:18:
bb:83:f4:27:c0:4f:b2:9e:12:90:2d:3a:ac:90:fa:00:7a:7b:
00:2d:0c:e5:3c:70:da:77:3b:c5:d0:46:0c:60:bd:0f:f2:2e:
c8:2e:b6:18:32:ff:76:99:bd:14:df:d1:79:02:49:fa:61:29:
01:86:29:75:e8:ae:18:56:1f:31:87:30:6e:94:8e:d3:6d:5e:
f1:cb:9f:f8:fe:41:0d:e1:08:b1:87:60:7f:a6:76:03:99:c6:
ec:19:7f:f7:44:08:cf:cf:9d:09:60:93:fc:c5:da:31:d4:ad:
76:0b:cb:40:58:79:d8:87:1d:c8:96:11:55:61:20:f3:a5:c8:
be:49:9c:93:7d:d0:b4:4d:84:95:ac:87:22:fc:26:ae:5d:25:
8f:cb:37:c7:3a:fa:a5:30:16:8a:91:b7:ea:1e:1f:6b:b2:ff:
ba:38:fb:68:77:ac:e6:1c:27:d3:2b:bd:f4:7b:c7:25:32:6a:
2e:6d:f8:d0:96:b3:c4:12:8f:44:34:44:3b:7b:77:21:37:12:
fa:aa:80:c1:33:b3:36:9f:8b:a1:0c:a0:c4:0c:c9:a7:e2:e6:
38:06:d9:cb:32:11:de:dd:c4:71:c5:db:78:ad:fd:bd:35:96:
4b:94:ff:f2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEChlUOTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTQ4Y2MzNTQ4OGJkOWU2ZjMxMmIyMGZjNzZhMTAyNzJmMGNkZWRhMB4XDTIyMDEw
MTE2MDIzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWM1ZWU1ZTczODkz
ZmJhYWM2M2Q4YzZiNDUwMjI2ZDE0ODlkYmQxMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVj0q5sGGdBJn7s6fTJU3fQpqoqeZFXmUU0tocZAQItffCV
ogWX8y57VapPCrvJlpTVaP/n6XWty8Gv0YSxNFb3jHUg5YnMtRfF1nXifhuDQFKn
QnEC0J9i9JEP9At163pzx9yC7+J49CKgJ0+hxQKwjU1nGaYXdE3G6VwgsgtbZH3l
4MULbir5BP1pe6rtw6p15Z9z3lVuXAEsr81kQOOaJ5CxMIIDbM+s0kYKHtDdOhmH
usUZNR43OZe75w8tSHWq7edJb6n4XLu5WC9lMUVvZ6JcJR5ZmRWCTHgY0rJ6fZtb
VF+Lwa2d8pvgGUJ2LjTEOkefkJ1hSDFxLMkq2g0CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBQcXuXnOJP7qsY9jGtFAibRSJ29EDAfBgNVHSMEGDAWgBS+SMw1SIvZ5vMS
sg/HahAnLwze2jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Zrak1OVWlMMmViekVySVB4Mm9RSnk4TTN0by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDcvZDI2OTcxLWI3YTgtNGVkZS04YmI0LTQ5YmM0MzY2MGM5Ny8x
L0hGN2w1emlULTZyR1BZeHJSUUltMFVpZHZSQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDcv
ZDI2OTcxLWI3YTgtNGVkZS04YmI0LTQ5YmM0MzY2MGM5Ny8xL3Zrak1OVWlMMmVi
ekVySVB4Mm9RSnk4TTN0by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEA1ZvmAMEAob/wAMEArkd2AMEArnN
fAMEA8PA2AMEBNk9wDANBAIAAjAHAwUDKgCrYDANBgkqhkiG9w0BAQsFAAOCAQEA
QaV5+JYpSfbKpNFQAvKkEKcYu4P0J8BPsp4SkC06rJD6AHp7AC0M5Txw2nc7xdBG
DGC9D/IuyC62GDL/dpm9FN/ReQJJ+mEpAYYpdeiuGFYfMYcwbpSO021e8cuf+P5B
DeEIsYdgf6Z2A5nG7Bl/90QIz8+dCWCT/MXaMdStdgvLQFh52IcdyJYRVWEg86XI
vkmck33QtE2ElayHIvwmrl0lj8s3xzr6pTAWipG36h4fa7L/ujj7aHes5hwn0yu9
9HvHJTJqLm340JazxBKPRDREO3t3ITcS+qqAwTOzNp+LoQygxAzJp+LmOAbZyzIR
3t3EccXbeK39vTWWS5T/8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:42 2024 by rpki-client on console-fra.rpki-client.org