Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/HCKJ1Tm3INPt5GafwWXI0rI9t4c.roa
File: HCKJ1Tm3INPt5GafwWXI0rI9t4c.roa (raw, json)
Hash identifier: 9SrmyAmGfMIfpdGQO0XHwpfECfG5i1xEb7mCenB01Go=
Subject key identifier: 1C:22:89:D5:39:B7:20:D3:ED:E4:66:9F:C1:65:C8:D2:B2:3D:B7:87
Certificate issuer: /CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Certificate serial: 0182AAC024098AB7DD47A2D5CE6129E55FD6
Authority key identifier: F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/HCKJ1Tm3INPt5GafwWXI0rI9t4c.roa
Signing time: Wed 17 Aug 2022 07:41:35 +0000
ROA not before: Wed 17 Aug 2022 07:41:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202468
IP address blocks: 37.152.176.0/20 maxlen: 24
37.152.184.0/24 maxlen: 24
185.206.92.0/22 maxlen: 22
185.231.180.0/22 maxlen: 22
185.228.238.0/24 maxlen: 24
185.228.239.0/24 maxlen: 24
185.228.236.0/24 maxlen: 24
185.228.236.0/22 maxlen: 22
185.228.237.0/24 maxlen: 24
185.97.116.0/22 maxlen: 22
188.121.120.0/21 maxlen: 24
185.239.104.0/24 maxlen: 24
185.239.105.0/24 maxlen: 24
185.220.224.0/24 maxlen: 24
185.220.224.0/22 maxlen: 22
185.220.225.0/24 maxlen: 24
185.220.226.0/24 maxlen: 24
185.239.106.0/23 maxlen: 23
185.220.227.0/24 maxlen: 24
37.32.24.0/22 maxlen: 22
193.176.240.0/22 maxlen: 24
37.32.20.0/22 maxlen: 22
37.32.28.0/22 maxlen: 24
193.176.242.0/23 maxlen: 23
188.121.96.0/19 maxlen: 24
94.101.176.0/20 maxlen: 24
94.101.184.0/21 maxlen: 24
94.101.180.0/23 maxlen: 23
94.101.180.0/24 maxlen: 24
94.101.182.0/24 maxlen: 24
185.143.232.0/22 maxlen: 24
185.226.116.0/22 maxlen: 22
2a0c:a7c0:1::/48 maxlen: 48
2a0c:a7c0:3::/48 maxlen: 48
2a0c:a7c0::/48 maxlen: 48
2a07:3900::/29 maxlen: 29
2a0c:a7c0:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:aa:c0:24:09:8a:b7:dd:47:a2:d5:ce:61:29:e5:5f:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5c371f3a34abf1957d1895df8063f4d6207ec02
Validity
Not Before: Aug 17 07:41:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c2289d539b720d3ede4669fc165c8d2b23db787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:42:5d:66:a2:58:34:18:4a:ee:33:cc:0e:40:
36:ec:13:38:cb:80:b7:75:f6:85:0a:de:25:ab:24:
b6:1d:d6:4d:44:a7:5e:33:c0:d2:d4:f8:8e:8b:72:
70:75:7f:31:f1:a2:91:5f:b8:b4:e9:ff:b6:57:28:
37:07:b3:7f:78:3a:02:0a:be:a3:78:36:b7:f8:58:
57:fb:4c:eb:17:d0:3f:79:4c:14:4f:1a:b6:f4:11:
e3:f2:bf:21:fa:13:4b:03:cd:60:b6:2d:f7:0c:5a:
83:e9:93:49:00:a8:ed:dc:91:86:17:36:d5:a0:f6:
b2:7b:4c:1c:05:6e:69:44:8b:33:b9:53:fd:f7:6e:
40:51:b8:8e:6b:83:80:34:ef:55:30:12:39:2e:bb:
60:1a:fa:1a:b1:14:69:40:71:19:e7:68:1c:3a:72:
98:d7:44:24:18:b4:af:60:5c:88:a2:e3:b2:dc:c2:
44:c2:c8:39:0a:99:e3:50:3f:3b:d6:e4:db:6c:59:
55:36:71:63:9f:1f:99:d5:93:ed:e5:98:9f:dd:91:
d7:27:27:3f:ed:b3:70:c0:2c:b6:e8:43:f4:a2:42:
28:f3:43:83:fd:6a:33:73:03:86:9b:4b:b3:22:61:
19:a5:a0:f2:53:53:03:7a:10:7f:b0:98:62:55:87:
29:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:22:89:D5:39:B7:20:D3:ED:E4:66:9F:C1:65:C8:D2:B2:3D:B7:87
X509v3 Authority Key Identifier:
keyid:F5:C3:71:F3:A3:4A:BF:19:57:D1:89:5D:F8:06:3F:4D:62:07:EC:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9cNx86NKvxlX0Yld-AY_TWIH7AI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/HCKJ1Tm3INPt5GafwWXI0rI9t4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/5b0cd9-e279-46aa-81da-1bb17a8b26fe/1/9cNx86NKvxlX0Yld-AY_TWIH7AI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.20.0-37.32.31.255
37.152.176.0/20
94.101.176.0/20
185.97.116.0/22
185.143.232.0/22
185.206.92.0/22
185.220.224.0/22
185.226.116.0/22
185.228.236.0/22
185.231.180.0/22
185.239.104.0/22
188.121.96.0/19
193.176.240.0/22
IPv6:
2a07:3900::/29
2a0c:a7c0::/46
Signature Algorithm: sha256WithRSAEncryption
3e:40:7c:7a:26:c3:81:23:18:9a:38:60:ec:fc:aa:30:73:1a:
1f:b7:9f:87:dd:59:ab:14:55:fe:c5:f5:1a:3b:b5:2b:35:49:
67:92:00:99:5f:40:c8:e2:67:b4:7c:ee:dd:2a:d1:9b:07:8a:
f7:c9:68:99:ad:44:81:3a:52:dd:89:67:a6:4b:08:21:f1:76:
66:32:50:39:6a:15:e1:dc:82:55:3b:65:23:d9:f2:09:ce:d2:
e7:b5:c9:94:bd:f7:98:42:90:fd:c2:89:a5:b3:d6:19:3e:97:
9c:03:6c:9d:c5:e1:b9:d4:1a:39:5b:c1:0c:b9:35:15:08:61:
3f:f5:55:d2:62:97:a9:d9:0b:fb:40:5f:5c:cd:44:41:b4:cf:
4b:e6:8e:42:c1:08:7b:e8:72:53:5f:4b:f5:15:eb:28:36:6f:
c9:70:b9:c0:a7:8c:cf:07:0a:c5:74:28:44:a2:00:b9:7d:d4:
44:69:21:a8:3d:7f:17:00:d6:60:fe:e7:6f:86:80:24:83:df:
b2:db:19:15:03:39:d2:45:38:e0:4e:11:6a:19:2a:d4:4c:a1:
78:73:88:b1:30:b3:9e:75:cc:41:e7:72:83:4d:eb:fc:b4:e2:
8e:54:a4:54:58:fc:30:8f:e3:a3:37:af:26:51:50:81:82:bc:
07:95:48:c6
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAYKqwCQJirfdR6LVzmEp5V/WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1YzM3MWYzYTM0YWJmMTk1N2QxODk1ZGY4MDYzZjRkNjIw
N2VjMDIwHhcNMjIwODE3MDc0MTM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzIyODlkNTM5YjcyMGQzZWRlNDY2OWZjMTY1YzhkMmIyM2RiNzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEJdZqJYNBhK7jPMDkA27BM4y4C3
dfaFCt4lqyS2HdZNRKdeM8DS1PiOi3JwdX8x8aKRX7i06f+2Vyg3B7N/eDoCCr6j
eDa3+FhX+0zrF9A/eUwUTxq29BHj8r8h+hNLA81gti33DFqD6ZNJAKjt3JGGFzbV
oPaye0wcBW5pRIszuVP9925AUbiOa4OANO9VMBI5LrtgGvoasRRpQHEZ52gcOnKY
10QkGLSvYFyIouOy3MJEwsg5CpnjUD871uTbbFlVNnFjnx+Z1ZPt5Zif3ZHXJyc/
7bNwwCy26EP0okIo80OD/WozcwOGm0uzImEZpaDyU1MDehB/sJhiVYcpLQIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFBwiidU5tyDT7eRmn8FlyNKyPbeHMB8GA1UdIwQY
MBaAFPXDcfOjSr8ZV9GJXfgGP01iB+wCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEt
MWJiMTdhOGIyNmZlLzEvSENLSjFUbTNJTlB0NUdhZndXWEkwckk5dDRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS81YjBjZDktZTI3OS00NmFhLTgxZGEtMWJiMTdhOGIyNmZl
LzEvOWNOeDg2Tkt2eGxYMFlsZC1BWV9UV0lIN0FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXAQCAAEwVjAMAwQCJSAU
AwQFJSAAAwQEJZiwAwQEXmWwAwQCuWF0AwQCuY/oAwQCuc5cAwQCudzgAwQCueJ0
AwQCueTsAwQCuee0AwQCue9oAwQFvHlgAwQCwbDwMBYEAgACMBADBQMqBzkAAwcC
KgynwAAAMA0GCSqGSIb3DQEBCwUAA4IBAQA+QHx6JsOBIxiaOGDs/Kowcxoft5+H
3VmrFFX+xfUaO7UrNUlnkgCZX0DI4me0fO7dKtGbB4r3yWiZrUSBOlLdiWemSwgh
8XZmMlA5ahXh3IJVO2Uj2fIJztLntcmUvfeYQpD9womls9YZPpecA2ydxeG51Bo5
W8EMuTUVCGE/9VXSYpep2Qv7QF9czURBtM9L5o5CwQh76HJTX0v1FesoNm/JcLnA
p4zPBwrFdChEogC5fdREaSGoPX8XANZg/udvhoAkg9+y2xkVAznSRTjgThFqGSrU
TKF4c4ixMLOedcxB53KDTev8tOKOVKRUWPwwj+OjN68mUVCBgrwHlUjG
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:25 2023 by rpki-client on console-ams.rpki-client.org