Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/HZzq68nc59O4a2fPv4ab1Vqha68.roa
File: HZzq68nc59O4a2fPv4ab1Vqha68.roa (raw, json)
Hash identifier: DRpZzooPmrPdezl91PQ1UFodBTM0XfJPyCAx1ZA+Xak=
Subject key identifier: 1D:9C:EA:EB:C9:DC:E7:D3:B8:6B:67:CF:BF:86:9B:D5:5A:A1:6B:AF
Certificate issuer: /CN=5d4fccc994e94131dc11bfc95c64585b345e01f5
Certificate serial: 387A3B0F
Authority key identifier: 5D:4F:CC:C9:94:E9:41:31:DC:11:BF:C9:5C:64:58:5B:34:5E:01:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/HZzq68nc59O4a2fPv4ab1Vqha68.roa
Signing time: Sat 01 Jan 2022 09:55:16 +0000
ROA not before: Sat 01 Jan 2022 09:55:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31424
IP address blocks: 185.83.60.0/22 maxlen: 22
77.245.16.0/20 maxlen: 20
217.147.208.0/20 maxlen: 20
185.22.104.0/22 maxlen: 22
2001:4168::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947534607 (0x387a3b0f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d4fccc994e94131dc11bfc95c64585b345e01f5
Validity
Not Before: Jan 1 09:55:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1d9ceaebc9dce7d3b86b67cfbf869bd55aa16baf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:c5:b6:bc:61:a0:f7:19:37:c8:39:c5:bb:58:
7e:57:3c:ee:6c:1f:15:d0:36:09:34:88:e6:a2:9b:
fd:79:da:ef:7a:37:b3:ac:45:d8:b8:8c:ea:b0:a2:
5c:4d:fd:b5:63:25:6b:db:57:2c:b2:ce:a3:08:8d:
b5:5c:a2:97:af:82:9f:25:32:45:45:e9:df:46:31:
b8:aa:f1:d1:85:41:49:ff:c2:2c:67:15:9c:0c:93:
f3:82:2d:d3:f4:4c:80:9e:e9:dc:b6:a7:c7:10:19:
33:e1:65:92:08:73:7d:26:90:6f:f3:9c:bb:69:93:
9b:fe:84:8f:aa:1c:ef:33:8a:d2:2d:f9:d2:b0:f3:
69:24:c3:32:38:55:bc:53:30:66:14:42:f6:88:6c:
6e:43:cc:59:46:47:39:fc:96:c6:f9:28:51:04:f1:
82:e5:5d:29:20:b1:0f:50:f1:84:87:d1:03:99:d6:
cb:b7:4c:da:fc:52:11:23:a6:53:66:eb:61:5c:aa:
9c:b6:96:63:ab:30:42:1a:46:ab:e4:8c:3d:37:2d:
ae:c9:8d:84:40:b7:49:65:b2:a1:fb:2b:39:35:fc:
fc:9d:90:4e:cd:cd:35:8e:5e:29:f2:2d:ff:57:0a:
e8:f2:05:31:1a:1f:25:11:a1:31:27:9f:ab:e1:c8:
bc:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9C:EA:EB:C9:DC:E7:D3:B8:6B:67:CF:BF:86:9B:D5:5A:A1:6B:AF
X509v3 Authority Key Identifier:
keyid:5D:4F:CC:C9:94:E9:41:31:DC:11:BF:C9:5C:64:58:5B:34:5E:01:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XU_MyZTpQTHcEb_JXGRYWzReAfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/HZzq68nc59O4a2fPv4ab1Vqha68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/4f955b-2ba5-4fc4-83f5-02dae131246f/1/XU_MyZTpQTHcEb_JXGRYWzReAfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.16.0/20
185.22.104.0/22
185.83.60.0/22
217.147.208.0/20
IPv6:
2001:4168::/32
Signature Algorithm: sha256WithRSAEncryption
b0:b8:12:6e:93:e9:b5:c8:4e:b3:d6:47:1d:6b:a4:7c:0b:72:
6b:83:3e:03:b7:ff:58:20:73:62:2f:42:1b:f8:7f:67:e4:00:
94:3b:38:d7:87:a4:f7:e3:89:db:b6:c9:c0:02:26:12:92:f3:
aa:32:b9:b7:f1:01:10:2f:48:5b:62:2a:ac:d0:b1:bf:33:d2:
6d:78:8c:95:ca:91:11:c0:26:29:f8:b5:97:0a:bb:0a:85:3c:
1e:74:a9:71:b0:06:a8:4e:31:5a:80:35:c0:ee:ce:82:6c:7b:
88:35:5c:0e:ed:a2:44:47:76:45:0a:4c:17:f8:25:48:8c:08:
21:c2:13:20:03:b9:3d:66:03:e0:60:29:95:01:1c:a4:31:6c:
54:77:06:a8:03:e2:91:f4:e7:81:6f:27:89:f1:80:47:36:a0:
e2:ad:5f:c9:fd:f0:7c:d6:2f:e8:91:66:93:c7:75:1d:52:35:
1b:ba:b9:93:50:c7:85:c0:02:ae:f1:c5:c0:2f:84:a2:a4:dc:
37:dc:9f:35:fb:13:f3:8b:c4:83:77:a8:9a:eb:6a:2e:11:63:
9c:d5:81:13:d5:52:a6:00:a9:59:91:d0:31:af:09:d3:72:27:
f2:38:08:75:fe:fb:c6:d3:84:1f:24:22:3c:d2:ba:84:da:03:
d1:53:ca:d7
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEOHo7DzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZDRmY2NjOTk0ZTk0MTMxZGMxMWJmYzk1YzY0NTg1YjM0NWUwMWY1MB4XDTIyMDEw
MTA5NTUxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWQ5Y2VhZWJjOWRj
ZTdkM2I4NmI2N2NmYmY4NjliZDU1YWExNmJhZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIrFtrxhoPcZN8g5xbtYflc87mwfFdA2CTSI5qKb/Xna73o3
s6xF2LiM6rCiXE39tWMla9tXLLLOowiNtVyil6+CnyUyRUXp30YxuKrx0YVBSf/C
LGcVnAyT84It0/RMgJ7p3LanxxAZM+FlkghzfSaQb/Ocu2mTm/6Ej6oc7zOK0i35
0rDzaSTDMjhVvFMwZhRC9ohsbkPMWUZHOfyWxvkoUQTxguVdKSCxD1DxhIfRA5nW
y7dM2vxSESOmU2brYVyqnLaWY6swQhpGq+SMPTctrsmNhEC3SWWyofsrOTX8/J2Q
Ts3NNY5eKfIt/1cK6PIFMRofJRGhMSefq+HIvK8CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBQdnOrrydzn07hrZ8+/hpvVWqFrrzAfBgNVHSMEGDAWgBRdT8zJlOlBMdwR
v8lcZFhbNF4B9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hVX015WlRwUVRIY0ViX0pYR1JZV3pSZUFmVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvNGY5NTViLTJiYTUtNGZjNC04M2Y1LTAyZGFlMTMxMjQ2Zi8x
L0haenE2OG5jNTlPNGEyZlB2NGFiMVZxaGE2OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
NGY5NTViLTJiYTUtNGZjNC04M2Y1LTAyZGFlMTMxMjQ2Zi8xL1hVX015WlRwUVRI
Y0ViX0pYR1JZV3pSZUFmVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBE31EAMEArkWaAMEArlTPAMEBNmT
0DANBAIAAjAHAwUAIAFBaDANBgkqhkiG9w0BAQsFAAOCAQEAsLgSbpPptchOs9ZH
HWukfAtya4M+A7f/WCBzYi9CG/h/Z+QAlDs414ek9+OJ27bJwAImEpLzqjK5t/EB
EC9IW2IqrNCxvzPSbXiMlcqREcAmKfi1lwq7CoU8HnSpcbAGqE4xWoA1wO7Ogmx7
iDVcDu2iREd2RQpMF/glSIwIIcITIAO5PWYD4GAplQEcpDFsVHcGqAPikfTngW8n
ifGARzag4q1fyf3wfNYv6JFmk8d1HVI1G7q5k1DHhcACrvHFwC+EoqTcN9yfNfsT
84vEg3eomutqLhFjnNWBE9VSpgCpWZHQMa8J03In8jgIdf77xtOEHyQiPNK6hNoD
0VPK1w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:49:37 2024 by rpki-client on console-ams.rpki-client.org