Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/DHtXBR-HcBCeE3djyF0oce5fNPA.roa
File: DHtXBR-HcBCeE3djyF0oce5fNPA.roa (raw, json)
Hash identifier: QHSla+yFpd+O5QKlAuVk0Ge1UFbi1SvNba/15VIvvL0=
Subject key identifier: 0C:7B:57:05:1F:87:70:10:9E:13:77:63:C8:5D:28:71:EE:5F:34:F0
Certificate issuer: /CN=07a6a589ee848a8052238191b98035e775122725
Certificate serial: 018476811F50245F7487521385726B59F4BF
Authority key identifier: 07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/DHtXBR-HcBCeE3djyF0oce5fNPA.roa
Signing time: Mon 14 Nov 2022 14:18:04 +0000
ROA not before: Mon 14 Nov 2022 14:18:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210218
IP address blocks: 94.240.56.0/22 maxlen: 22
77.75.58.0/23 maxlen: 23
77.75.56.0/23 maxlen: 23
87.120.177.0/24 maxlen: 24
94.156.16.0/22 maxlen: 22
91.243.184.0/22 maxlen: 22
193.46.172.0/22 maxlen: 22
45.12.248.0/22 maxlen: 22
87.120.111.0/24 maxlen: 24
194.76.204.0/22 maxlen: 22
2.59.248.0/22 maxlen: 22
195.225.120.0/22 maxlen: 22
193.36.232.0/22 maxlen: 22
193.207.0.0/24 maxlen: 24
45.8.74.0/23 maxlen: 23
2.58.138.0/23 maxlen: 23
2.58.136.0/23 maxlen: 23
193.19.200.0/22 maxlen: 22
87.120.224.0/24 maxlen: 24
193.56.248.0/22 maxlen: 22
193.58.184.0/22 maxlen: 22
80.249.124.0/22 maxlen: 22
78.40.164.0/22 maxlen: 22
78.40.160.0/22 maxlen: 22
94.156.240.0/22 maxlen: 22
87.121.66.0/23 maxlen: 23
87.120.63.0/24 maxlen: 24
91.197.196.0/22 maxlen: 22
212.24.0.0/19 maxlen: 19
193.56.16.0/22 maxlen: 22
194.147.8.0/22 maxlen: 22
178.175.184.0/22 maxlen: 22
178.175.184.0/21 maxlen: 21
95.214.124.0/23 maxlen: 23
212.22.128.0/19 maxlen: 19
95.214.126.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:81:1f:50:24:5f:74:87:52:13:85:72:6b:59:f4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a6a589ee848a8052238191b98035e775122725
Validity
Not Before: Nov 14 14:18:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0c7b57051f8770109e137763c85d2871ee5f34f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:89:9b:cd:f7:fb:fd:a2:a9:cf:7d:12:3e:4c:
cb:16:d4:d3:3f:57:28:4f:4b:93:6e:1e:44:61:a0:
55:23:1f:22:22:c2:6b:85:2b:0e:4c:09:8e:20:e4:
8d:96:9a:35:97:dc:90:a0:e3:1f:e8:fd:55:84:36:
7e:b0:e9:f1:93:fa:f3:9c:86:49:4b:9c:61:ec:ac:
e3:e8:c8:5e:7d:0b:e4:51:5b:cd:2a:6a:86:a3:2a:
62:15:bc:90:34:99:0d:e0:0b:03:0d:0b:f8:85:47:
3b:83:c1:b0:21:9c:22:77:2b:5f:7e:37:d4:89:3f:
a6:48:da:40:41:19:fc:e0:fb:29:f1:4e:7f:38:c8:
68:b7:30:3c:ef:fe:b9:ea:5c:30:f4:19:fa:44:10:
0c:83:d7:b5:8f:bb:9f:ed:a7:2d:c1:19:95:1f:09:
82:c7:77:f8:10:86:86:79:00:20:60:46:f0:33:82:
88:05:a8:d4:65:6f:cf:b1:75:60:33:1f:8b:fc:5e:
b7:99:c2:87:c6:62:b2:9a:71:b8:13:d6:dc:40:86:
57:c4:fe:60:cc:94:c2:3b:af:c8:80:47:dc:10:ee:
00:1e:c0:b2:80:d0:ae:06:4a:2f:9f:93:84:9a:5f:
98:df:77:ed:1a:5a:95:95:95:9f:ff:cf:71:45:da:
44:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:7B:57:05:1F:87:70:10:9E:13:77:63:C8:5D:28:71:EE:5F:34:F0
X509v3 Authority Key Identifier:
keyid:07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/DHtXBR-HcBCeE3djyF0oce5fNPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.136.0/22
2.59.248.0/22
45.8.74.0/23
45.12.248.0/22
77.75.56.0/22
78.40.160.0/21
80.249.124.0/22
87.120.63.0/24
87.120.111.0/24
87.120.177.0/24
87.120.224.0/24
87.121.66.0/23
91.197.196.0/22
91.243.184.0/22
94.156.16.0/22
94.156.240.0/22
94.240.56.0/22
95.214.124.0/22
178.175.184.0/21
193.19.200.0/22
193.36.232.0/22
193.46.172.0/22
193.56.16.0/22
193.56.248.0/22
193.58.184.0/22
193.207.0.0/24
194.76.204.0/22
194.147.8.0/22
195.225.120.0/22
212.22.128.0/19
212.24.0.0/19
Signature Algorithm: sha256WithRSAEncryption
80:9b:7e:46:05:9f:cd:07:ac:f7:55:55:98:43:f0:c2:de:7e:
c6:5a:70:95:1e:5d:08:84:10:9b:bc:5c:10:73:74:a6:72:1f:
6c:d3:3a:5d:4a:c4:d4:79:27:94:d2:58:ef:87:d6:2a:1c:0e:
01:50:2d:57:98:e9:40:25:8a:2a:e1:e6:30:3b:49:1e:59:50:
38:a4:a3:e1:dd:4d:48:49:7b:2a:3a:37:9c:d2:d2:31:e4:0f:
2d:0e:62:1c:be:08:b2:a8:06:70:ea:f8:1f:50:9d:4a:62:3f:
c6:54:72:0c:7f:e5:cc:8e:0a:00:19:90:fe:ff:db:12:0c:7b:
c6:fa:ab:5e:e9:4d:0a:b5:ea:9e:3d:53:17:79:c8:e1:ae:e0:
6b:24:97:f1:a6:6d:d8:b4:7a:15:23:e2:cf:c3:22:c4:95:8f:
57:28:e2:52:20:49:e4:5d:02:93:06:67:41:9e:cd:2e:ca:96:
0a:6a:d8:be:76:15:1a:62:8a:22:30:cd:60:15:c7:98:51:69:
dd:4d:86:7a:6e:33:a2:60:aa:ff:83:e0:03:2b:cd:6b:e4:8e:
9f:d7:65:34:67:7c:8f:d2:32:01:13:b4:9c:d9:a9:82:05:cf:
cb:a2:3c:a8:d2:cc:09:39:b3:92:47:e9:2a:98:c6:8a:f2:5c:
9f:cd:02:e9
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAYR2gR9QJF90h1IThXJrWfS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTZhNTg5ZWU4NDhhODA1MjIzODE5MWI5ODAzNWU3NzUx
MjI3MjUwHhcNMjIxMTE0MTQxODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzdiNTcwNTFmODc3MDEwOWUxMzc3NjNjODVkMjg3MWVlNWYzNGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Ymbzff7/aKpz30SPkzLFtTTP1co
T0uTbh5EYaBVIx8iIsJrhSsOTAmOIOSNlpo1l9yQoOMf6P1VhDZ+sOnxk/rznIZJ
S5xh7Kzj6MhefQvkUVvNKmqGoypiFbyQNJkN4AsDDQv4hUc7g8GwIZwidytffjfU
iT+mSNpAQRn84Psp8U5/OMhotzA87/656lww9Bn6RBAMg9e1j7uf7actwRmVHwmC
x3f4EIaGeQAgYEbwM4KIBajUZW/PsXVgMx+L/F63mcKHxmKymnG4E9bcQIZXxP5g
zJTCO6/IgEfcEO4AHsCygNCuBkovn5OEml+Y33ftGlqVlZWf/89xRdpE9QIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFAx7VwUfh3AQnhN3Y8hdKHHuXzTwMB8GA1UdIwQY
MBaAFAempYnuhIqAUiOBkbmANed1EiclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDct
MjBmYmM5MDY0OTRiLzEvREh0WEJSLUhjQkNlRTNkanlGMG9jZTVmTlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDctMjBmYmM5MDY0OTRi
LzEvQjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBAIC
OogDBAICO/gDBAEtCEoDBAItDPgDBAJNSzgDBANOKKADBAJQ+XwDBABXeD8DBABX
eG8DBABXeLEDBABXeOADBAFXeUIDBAJbxcQDBAJb87gDBAJenBADBAJenPADBAJe
8DgDBAJf1nwDBAOyr7gDBALBE8gDBALBJOgDBALBLqwDBALBOBADBALBOPgDBALB
OrgDBADBzwADBALCTMwDBALCkwgDBALD4XgDBAXUFoADBAXUGAAwDQYJKoZIhvcN
AQELBQADggEBAICbfkYFn80HrPdVVZhD8MLefsZacJUeXQiEEJu8XBBzdKZyH2zT
Ol1KxNR5J5TSWO+H1iocDgFQLVeY6UAliirh5jA7SR5ZUDiko+HdTUhJeyo6N5zS
0jHkDy0OYhy+CLKoBnDq+B9QnUpiP8ZUcgx/5cyOCgAZkP7/2xIMe8b6q17pTQq1
6p49Uxd5yOGu4Gskl/Gmbdi0ehUj4s/DIsSVj1co4lIgSeRdApMGZ0GezS7Klgpq
2L52FRpiiiIwzWAVx5hRad1NhnpuM6Jgqv+D4AMrzWvkjp/XZTRnfI/SMgETtJzZ
qYIFz8uiPKjSzAk5s5JH6SqYxoryXJ/NAuk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:23 2023 by rpki-client on console-ams.rpki-client.org