Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/hyHUx4648Eif_AGuzjXD9DctjyA.roa
File: hyHUx4648Eif_AGuzjXD9DctjyA.roa (raw, json)
Hash identifier: gDmsM+xNwqAsO5cKwZY2vGeKg98c8s5uPqmOsg8M6dg=
Subject key identifier: 87:21:D4:C7:8E:B8:F0:48:9F:FC:01:AE:CE:35:C3:F4:37:2D:8F:20
Certificate issuer: /CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Certificate serial: 018476FF75780CC357BE1C65510B80D9AC74
Authority key identifier: D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/hyHUx4648Eif_AGuzjXD9DctjyA.roa
Signing time: Mon 14 Nov 2022 16:36:03 +0000
ROA not before: Mon 14 Nov 2022 16:36:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15580
IP address blocks: 194.127.64.0/24 maxlen: 24
194.127.67.0/24 maxlen: 24
194.127.65.0/24 maxlen: 24
194.127.66.0/24 maxlen: 24
194.127.74.0/24 maxlen: 24
194.127.75.0/24 maxlen: 24
194.127.72.0/24 maxlen: 24
194.127.73.0/24 maxlen: 24
194.127.76.0/24 maxlen: 24
194.127.80.0/20 maxlen: 20
194.127.81.0/24 maxlen: 24
194.127.88.0/24 maxlen: 24
194.127.89.0/24 maxlen: 24
194.127.9.224/27 maxlen: 27
193.194.10.0/23 maxlen: 23
193.194.10.0/24 maxlen: 24
193.194.11.0/24 maxlen: 24
193.194.6.0/23 maxlen: 23
193.194.12.0/22 maxlen: 22
194.127.4.0/24 maxlen: 24
194.127.3.0/24 maxlen: 24
194.127.1.0/24 maxlen: 24
194.127.2.0/24 maxlen: 24
194.127.0.0/18 maxlen: 18
194.127.0.0/24 maxlen: 24
194.127.5.0/24 maxlen: 24
194.127.9.0/24 maxlen: 24
194.127.11.0/24 maxlen: 24
194.127.10.0/24 maxlen: 24
194.127.17.0/24 maxlen: 24
194.127.12.0/24 maxlen: 24
194.127.15.0/24 maxlen: 24
194.127.13.0/24 maxlen: 24
194.127.14.0/24 maxlen: 24
194.127.24.0/23 maxlen: 23
194.127.19.0/24 maxlen: 24
194.127.22.0/24 maxlen: 24
194.127.23.0/24 maxlen: 24
194.127.20.0/24 maxlen: 24
194.127.21.0/24 maxlen: 24
194.127.31.0/24 maxlen: 24
194.127.26.0/24 maxlen: 24
194.127.26.0/23 maxlen: 23
194.127.29.0/24 maxlen: 24
194.127.27.0/24 maxlen: 24
194.127.28.0/24 maxlen: 24
194.127.9.64/27 maxlen: 27
193.58.222.0/24 maxlen: 24
193.58.222.0/23 maxlen: 23
193.58.223.0/24 maxlen: 24
2a01:6f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:76:ff:75:78:0c:c3:57:be:1c:65:51:0b:80:d9:ac:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d31dd1a514d3a7e3dfdb8bfb75d7d24ed98d479f
Validity
Not Before: Nov 14 16:36:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8721d4c78eb8f0489ffc01aece35c3f4372d8f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c2:23:4b:32:ca:4d:3e:35:a5:30:34:b2:ae:
dd:11:96:83:0c:be:c6:59:aa:a5:d6:f3:e4:34:86:
b4:e9:5e:b5:4b:31:72:5c:0e:2e:f3:83:ec:25:9f:
9d:2b:cc:34:c2:40:f8:e9:c7:b5:8f:3f:b0:c2:8c:
74:4f:83:51:c8:8b:0a:27:a7:a3:11:0d:0b:9a:d6:
f0:8c:e2:e3:fa:19:83:e2:a0:4f:79:f3:9d:7b:dd:
d5:1e:d7:93:8a:25:8a:13:72:d2:ed:67:e4:e0:5c:
e5:d1:1e:b4:12:ba:7d:26:3e:6e:e4:69:0b:b8:07:
fe:49:05:58:51:0a:ae:98:97:ff:d2:c0:34:40:cd:
2d:27:26:e5:27:50:22:7c:ca:74:38:54:06:19:a7:
aa:06:37:ed:c0:e1:42:7e:0a:46:34:0b:25:8c:bc:
9c:31:98:e6:da:5a:c5:08:28:6c:0f:54:3f:d8:f2:
87:03:ec:55:7c:c0:f0:2e:ed:db:ec:1c:4b:7e:7e:
0c:9c:df:d1:e5:17:6a:33:4a:c4:6d:55:68:5d:cd:
95:39:5c:5c:fd:58:50:bf:06:fc:21:c9:b2:5c:27:
3e:45:31:f9:57:62:0c:c3:35:e5:8c:e7:1c:c3:53:
63:df:b2:cb:c6:2b:d7:45:d4:50:70:5e:f8:de:41:
ff:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:21:D4:C7:8E:B8:F0:48:9F:FC:01:AE:CE:35:C3:F4:37:2D:8F:20
X509v3 Authority Key Identifier:
keyid:D3:1D:D1:A5:14:D3:A7:E3:DF:DB:8B:FB:75:D7:D2:4E:D9:8D:47:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0x3RpRTTp-Pf24v7ddfSTtmNR58.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/hyHUx4648Eif_AGuzjXD9DctjyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/f2478f-c503-42c2-94b2-b166ae2ef287/1/0x3RpRTTp-Pf24v7ddfSTtmNR58.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.222.0/23
193.194.6.0/23
193.194.10.0-193.194.15.255
194.127.0.0-194.127.67.255
194.127.72.0-194.127.76.255
194.127.80.0/20
IPv6:
2a01:6f8::/32
Signature Algorithm: sha256WithRSAEncryption
90:b7:04:e6:12:fe:82:fe:77:b1:4d:48:f1:36:89:96:8a:96:
93:28:0b:a4:56:1a:2a:e0:5f:ea:71:54:93:e3:83:93:4c:b8:
65:51:3e:dc:63:a3:d1:9f:f1:09:54:3b:f4:b9:9b:3c:92:6f:
a1:4a:e6:79:3f:7e:ef:b9:29:2a:83:dc:e4:86:52:eb:cc:ba:
1a:88:b9:9e:00:34:a8:05:6a:11:a5:da:4b:46:78:97:23:a8:
a0:c4:a4:75:3c:c8:cf:42:f4:67:f8:6e:84:f1:91:7d:1c:fa:
e6:ac:93:ff:a3:7d:cf:02:70:4d:e4:d9:20:4a:fe:d1:35:1b:
be:2b:40:aa:15:84:aa:9a:51:7f:db:1d:ab:a1:a7:15:84:57:
e7:16:95:ab:4d:38:36:3c:39:33:96:ee:18:bf:18:74:9f:79:
db:7f:bf:d4:63:a8:fd:5a:12:27:b7:a8:ad:f9:b9:49:a4:cc:
f0:aa:d6:f0:44:42:a4:13:dd:76:f3:81:9e:3b:d1:9a:72:2b:
f5:ca:81:2b:19:73:e6:01:c8:31:83:41:92:b6:16:cd:fb:91:
93:ca:39:03:4a:42:7f:4c:2d:d5:ad:d3:a3:4f:d4:dd:e3:0c:
8f:b1:fb:9d:a1:47:d8:56:4e:43:0d:1c:d6:72:1b:dc:a1:ee:
fe:da:d5:19
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAYR2/3V4DMNXvhxlUQuA2ax0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMWRkMWE1MTRkM2E3ZTNkZmRiOGJmYjc1ZDdkMjRlZDk4
ZDQ3OWYwHhcNMjIxMTE0MTYzNjAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzIxZDRjNzhlYjhmMDQ4OWZmYzAxYWVjZTM1YzNmNDM3MmQ4ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8IjSzLKTT41pTA0sq7dEZaDDL7G
Waql1vPkNIa06V61SzFyXA4u84PsJZ+dK8w0wkD46ce1jz+wwox0T4NRyIsKJ6ej
EQ0LmtbwjOLj+hmD4qBPefOde93VHteTiiWKE3LS7Wfk4Fzl0R60Erp9Jj5u5GkL
uAf+SQVYUQqumJf/0sA0QM0tJyblJ1AifMp0OFQGGaeqBjftwOFCfgpGNAsljLyc
MZjm2lrFCChsD1Q/2PKHA+xVfMDwLu3b7BxLfn4MnN/R5RdqM0rEbVVoXc2VOVxc
/VhQvwb8IcmyXCc+RTH5V2IMwzXljOccw1Nj37LLxivXRdRQcF743kH/QwIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFIch1MeOuPBIn/wBrs41w/Q3LY8gMB8GA1UdIwQY
MBaAFNMd0aUU06fj39uL+3XX0k7ZjUefMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjIt
YjE2NmFlMmVmMjg3LzEvaHlIVXg0NjQ4RWlmX0FHdXpqWEQ5RGN0anlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9mMjQ3OGYtYzUwMy00MmMyLTk0YjItYjE2NmFlMmVmMjg3
LzEvMHgzUnBSVFRwLVBmMjR2N2RkZlNUdG1OUjU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBBBAIAATA7AwQBwTreAwQB
wcIGMAwDBAHBwgoDBATBwgAwCwMDAMJ/AwQCwn9AMAwDBAPCf0gDBADCf0wDBATC
f1AwDQQCAAIwBwMFACoBBvgwDQYJKoZIhvcNAQELBQADggEBAJC3BOYS/oL+d7FN
SPE2iZaKlpMoC6RWGirgX+pxVJPjg5NMuGVRPtxjo9Gf8QlUO/S5mzySb6FK5nk/
fu+5KSqD3OSGUuvMuhqIuZ4ANKgFahGl2ktGeJcjqKDEpHU8yM9C9Gf4boTxkX0c
+uask/+jfc8CcE3k2SBK/tE1G74rQKoVhKqaUX/bHauhpxWEV+cWlatNODY8OTOW
7hi/GHSfedt/v9RjqP1aEie3qK35uUmkzPCq1vBEQqQT3XbzgZ470ZpyK/XKgSsZ
c+YByDGDQZK2Fs37kZPKOQNKQn9MLdWt06NP1N3jDI+x+52hR9hWTkMNHNZyG9yh
7v7a1Rk=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:09 2023 by rpki-client on console-fra.rpki-client.org