Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/HtJGcoHuykg5KwvFJ3SlEVwMuCw.roa
File: HtJGcoHuykg5KwvFJ3SlEVwMuCw.roa (raw, json)
Hash identifier: EO2Inr59GbQM7VixjI+Xikoj3TZqEA26ZGPiV1GDNQQ=
Subject key identifier: 1E:D2:46:72:81:EE:CA:48:39:2B:0B:C5:27:74:A5:11:5C:0C:B8:2C
Certificate issuer: /CN=f68b2f4e668ef0a176a8bd0004e2777670833238
Certificate serial: 0F4D665A
Authority key identifier: F6:8B:2F:4E:66:8E:F0:A1:76:A8:BD:00:04:E2:77:76:70:83:32:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9osvTmaO8KF2qL0ABOJ3dnCDMjg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/HtJGcoHuykg5KwvFJ3SlEVwMuCw.roa
Signing time: Sat 01 Jan 2022 13:58:38 +0000
ROA not before: Sat 01 Jan 2022 13:58:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43995
IP address blocks: 82.151.32.0/19 maxlen: 27
45.159.44.0/22 maxlen: 22
185.77.24.0/22 maxlen: 24
2a02:e040::/29 maxlen: 64
2a0f:7180::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 256730714 (0xf4d665a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f68b2f4e668ef0a176a8bd0004e2777670833238
Validity
Not Before: Jan 1 13:58:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1ed2467281eeca48392b0bc52774a5115c0cb82c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b3:8a:6c:99:fa:9a:02:d9:d7:e8:45:0f:39:
d3:14:75:4a:d6:3d:7b:90:13:66:91:cc:37:53:d4:
a1:cd:05:ec:59:46:94:bd:10:ef:5b:87:48:e6:43:
67:01:48:c7:52:a0:24:77:48:c3:94:57:bc:40:02:
29:44:d3:af:f4:3e:5e:09:79:4e:36:8a:f2:51:b0:
f0:11:91:e7:83:14:17:aa:d4:1c:77:be:d4:66:27:
d5:4a:16:fb:fd:1c:f5:7d:5e:7a:4f:c1:c5:7b:8c:
20:e5:63:63:98:73:47:7b:6a:3d:b7:5d:0f:c9:1e:
7f:f3:da:1e:8e:68:83:85:f3:fb:16:7b:32:26:6a:
09:cf:00:21:48:8d:40:04:0d:ee:0a:3d:51:53:1e:
bc:86:29:ad:63:db:04:c9:f5:ee:c3:78:0d:a8:97:
05:c3:ee:32:8e:55:11:44:ad:ad:fa:3a:8a:2b:b1:
23:4f:36:b3:c9:b2:3c:bd:1f:5f:48:8c:71:d1:50:
95:e2:3d:37:32:b5:fa:11:3b:74:d0:ea:e3:92:2c:
fc:f9:c6:34:a6:e3:15:8c:58:a2:6c:61:1e:dc:d3:
d7:33:82:11:de:20:95:63:52:86:99:91:1f:b3:08:
20:0e:64:23:5f:de:c9:74:49:6b:34:17:10:e0:32:
53:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D2:46:72:81:EE:CA:48:39:2B:0B:C5:27:74:A5:11:5C:0C:B8:2C
X509v3 Authority Key Identifier:
keyid:F6:8B:2F:4E:66:8E:F0:A1:76:A8:BD:00:04:E2:77:76:70:83:32:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9osvTmaO8KF2qL0ABOJ3dnCDMjg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/HtJGcoHuykg5KwvFJ3SlEVwMuCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/fdc599-780b-4414-9e2a-52b0775c7cb4/1/9osvTmaO8KF2qL0ABOJ3dnCDMjg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.44.0/22
82.151.32.0/19
185.77.24.0/22
IPv6:
2a02:e040::/29
2a0f:7180::/29
Signature Algorithm: sha256WithRSAEncryption
93:23:f6:41:e5:ba:95:35:f4:3f:f1:0f:b3:9e:e0:87:8b:fa:
47:55:f9:59:3a:b5:0d:24:f8:6b:1b:12:63:e9:dd:67:6d:a9:
16:21:7d:c8:f7:e6:d2:2e:15:fc:94:fc:33:09:9e:85:85:eb:
1b:5c:dc:57:43:4d:f2:b8:6e:f2:38:94:ed:73:6b:ea:8d:11:
9e:cd:ca:1b:06:96:58:b9:fc:dc:60:31:94:0e:72:ae:94:0e:
c7:f9:0f:2d:d6:01:df:72:7e:7c:29:42:b0:14:0a:94:aa:49:
d6:08:22:d9:cb:19:60:f0:3a:4b:ba:f8:72:13:be:af:7b:f9:
23:df:f6:aa:03:af:d1:a2:99:1f:67:b1:f6:43:ce:ca:87:9f:
28:cf:53:6e:6c:d5:62:5a:a3:ef:e7:a5:c5:7b:09:cd:41:24:
00:7f:95:27:df:7d:0f:a4:a9:31:66:b8:f8:27:bb:79:c4:68:
19:d9:02:07:1b:79:48:3e:d6:63:78:77:41:cb:5f:37:f0:d1:
76:43:84:9b:2b:30:1f:68:bc:58:8c:6f:07:1a:6e:8f:ae:d0:
2b:bd:d3:47:db:aa:0a:74:8c:98:4f:2c:82:2d:be:da:8b:c1:
16:61:73:49:ab:af:8f:d5:a0:f0:a1:ee:4c:84:cc:3e:5e:ee:
c5:d9:cd:d8
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIED01mWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
NjhiMmY0ZTY2OGVmMGExNzZhOGJkMDAwNGUyNzc3NjcwODMzMjM4MB4XDTIyMDEw
MTEzNTgzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWVkMjQ2NzI4MWVl
Y2E0ODM5MmIwYmM1Mjc3NGE1MTE1YzBjYjgyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM6zimyZ+poC2dfoRQ850xR1StY9e5ATZpHMN1PUoc0F7FlG
lL0Q71uHSOZDZwFIx1KgJHdIw5RXvEACKUTTr/Q+Xgl5TjaK8lGw8BGR54MUF6rU
HHe+1GYn1UoW+/0c9X1eek/BxXuMIOVjY5hzR3tqPbddD8kef/PaHo5og4Xz+xZ7
MiZqCc8AIUiNQAQN7go9UVMevIYprWPbBMn17sN4DaiXBcPuMo5VEUStrfo6iiux
I082s8myPL0fX0iMcdFQleI9NzK1+hE7dNDq45Is/PnGNKbjFYxYomxhHtzT1zOC
Ed4glWNShpmRH7MIIA5kI1/eyXRJazQXEOAyU5sCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBQe0kZyge7KSDkrC8UndKURXAy4LDAfBgNVHSMEGDAWgBT2iy9OZo7woXao
vQAE4nd2cIMyODAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
Lzlvc3ZUbWFPOEtGMnFMMEFCT0ozZG5DRE1qZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWMvZmRjNTk5LTc4MGItNDQxNC05ZTJhLTUyYjA3NzVjN2NiNC8x
L0h0Skdjb0h1eWtnNUt3dkZKM1NsRVZ3TXVDdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWMv
ZmRjNTk5LTc4MGItNDQxNC05ZTJhLTUyYjA3NzVjN2NiNC8xLzlvc3ZUbWFPOEtG
MnFMMEFCT0ozZG5DRE1qZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAi2fLAMEBVKXIAMEArlNGDAUBAIA
AjAOAwUDKgLgQAMFAyoPcYAwDQYJKoZIhvcNAQELBQADggEBAJMj9kHlupU19D/x
D7Oe4IeL+kdV+Vk6tQ0k+GsbEmPp3WdtqRYhfcj35tIuFfyU/DMJnoWF6xtc3FdD
TfK4bvI4lO1za+qNEZ7NyhsGlli5/NxgMZQOcq6UDsf5Dy3WAd9yfnwpQrAUCpSq
SdYIItnLGWDwOku6+HITvq97+SPf9qoDr9GimR9nsfZDzsqHnyjPU25s1WJao+/n
pcV7Cc1BJAB/lSfffQ+kqTFmuPgnu3nEaBnZAgcbeUg+1mN4d0HLXzfw0XZDhJsr
MB9ovFiMbwcabo+u0Cu900fbqgp0jJhPLIItvtqLwRZhc0mrr4/VoPCh7kyEzD5e
7sXZzdg=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:02 2023 by rpki-client on console-fra.rpki-client.org