Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/HfcSw21kHgsbsXETgSkLLy80LJY.roa
File: HfcSw21kHgsbsXETgSkLLy80LJY.roa (raw, json)
Hash identifier: JImCGp1gxfM1dZTGJRqgDkKXnrE0+RNzTjtd9vAK1Ig=
Subject key identifier: 1D:F7:12:C3:6D:64:1E:0B:1B:B1:71:13:81:29:0B:2F:2F:34:2C:96
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 089E1FC3
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/HfcSw21kHgsbsXETgSkLLy80LJY.roa
Signing time: Tue 12 Apr 2022 00:38:44 +0000
ROA not before: Tue 12 Apr 2022 00:38:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60109
IP address blocks: 37.16.100.0/22 maxlen: 22
37.16.108.0/24 maxlen: 24
37.16.109.0/24 maxlen: 24
185.57.180.0/22 maxlen: 22
2a00:4cc4::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 144580547 (0x89e1fc3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Apr 12 00:38:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1df712c36d641e0b1bb1711381290b2f2f342c96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e7:74:3a:fe:87:3c:9c:77:f3:c7:e2:9b:24:
02:bf:29:ca:07:a5:4d:1a:23:71:a9:76:57:72:3c:
b6:c1:a5:ad:92:a7:09:ee:79:75:36:e6:a0:3f:e7:
2a:f0:f0:55:b5:5c:b6:4e:2a:86:46:04:15:86:b3:
f6:5b:d0:6d:ab:83:2c:cd:5e:d0:d3:ff:e2:39:32:
2e:b4:61:64:49:49:cc:3c:98:b2:43:10:24:4d:4f:
af:2e:b3:1e:eb:46:df:c3:a9:87:b8:b0:14:d8:50:
69:3a:3d:26:f8:62:e2:3b:fc:6f:0a:12:cd:b5:36:
92:95:89:3a:70:72:8e:e4:ee:e4:76:da:ba:20:3d:
dc:97:81:10:f1:58:d6:72:b2:86:c7:83:2e:7f:1f:
ce:16:16:51:63:d8:f3:a9:d4:56:8f:91:b0:bf:a0:
76:a2:c0:68:14:e6:b6:09:51:59:09:5e:d6:4f:c9:
f5:97:4f:c3:36:a0:19:72:3d:df:7b:5c:28:f7:ad:
d4:45:f1:3b:76:98:49:19:d2:1f:55:00:ce:21:c6:
59:bd:a3:5d:14:e0:7b:66:97:6b:e4:35:93:9f:5f:
4c:fa:77:4e:23:9c:b7:8b:42:8a:ea:36:a6:02:e7:
a7:78:cb:0c:a1:18:84:98:34:4d:5a:23:17:46:8d:
1f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F7:12:C3:6D:64:1E:0B:1B:B1:71:13:81:29:0B:2F:2F:34:2C:96
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/HfcSw21kHgsbsXETgSkLLy80LJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.100.0/22
37.16.108.0/23
185.57.180.0/22
IPv6:
2a00:4cc4::/32
Signature Algorithm: sha256WithRSAEncryption
14:35:26:b1:02:60:56:57:32:03:2f:4d:23:51:aa:1e:0d:d9:
32:b0:70:0f:20:73:31:b4:d5:f1:65:e4:c3:cf:25:40:13:b3:
21:90:b5:e1:92:08:78:75:e0:67:52:95:df:83:8c:f8:0c:1c:
ec:25:79:90:1e:00:c5:10:ff:22:eb:d0:cc:f8:da:a2:4a:99:
d8:11:6f:67:26:cc:8e:0a:5b:e9:34:c6:97:2e:d1:86:2a:f2:
70:66:25:b9:55:14:20:0d:18:b1:76:ff:e1:b7:d5:fe:7b:69:
07:2d:c7:ea:66:11:c9:7a:46:cf:20:16:a6:13:3d:b7:e8:1c:
b1:93:76:36:1e:be:c7:2a:d1:d5:09:57:e4:9e:45:51:7c:68:
2f:af:97:70:5b:00:66:b0:d4:e5:6f:cd:cf:1f:87:71:28:f6:
8d:81:2a:d2:52:d2:18:1f:e6:a7:58:58:eb:d2:41:89:c3:03:
58:80:37:13:b2:07:5e:8b:39:42:46:81:63:a6:3d:af:c0:c7:
89:56:74:89:8f:85:ca:d6:56:75:90:00:a0:ce:f1:66:80:6d:
f9:67:64:34:6d:64:8f:28:c0:82:32:53:7e:65:f8:f1:88:65:
24:1e:77:ef:78:9a:cd:e2:04:d4:6c:06:fb:75:c1:3d:b7:93:
12:d2:e1:05
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIECJ4fwzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODc0ZTQ2YmY2MzZlYTYzZTVkMTIzNjJmNTUxYjgwYjI3NzE0NzgwMB4XDTIyMDQx
MjAwMzg0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWRmNzEyYzM2ZDY0
MWUwYjFiYjE3MTEzODEyOTBiMmYyZjM0MmM5NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3ndDr+hzycd/PH4pskAr8pygelTRojcal2V3I8tsGlrZKn
Ce55dTbmoD/nKvDwVbVctk4qhkYEFYaz9lvQbauDLM1e0NP/4jkyLrRhZElJzDyY
skMQJE1Pry6zHutG38Oph7iwFNhQaTo9Jvhi4jv8bwoSzbU2kpWJOnByjuTu5Hba
uiA93JeBEPFY1nKyhseDLn8fzhYWUWPY86nUVo+RsL+gdqLAaBTmtglRWQle1k/J
9ZdPwzagGXI933tcKPet1EXxO3aYSRnSH1UAziHGWb2jXRTge2aXa+Q1k59fTPp3
TiOct4tCiuo2pgLnp3jLDKEYhJg0TVojF0aNH1sCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBQd9xLDbWQeCxuxcROBKQsvLzQsljAfBgNVHSMEGDAWgBQodORr9jbqY+XR
I2L1UbgLJ3FHgDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tIVGthX1kyNm1QbDBTTmk5Vkc0Q3lkeFI0QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjgvZWRkYzA1LTQwMmQtNGRhNy05N2VmLWMxMGRhNmFhYzFiMS8x
L0hmY1N3MjFrSGdzYnNYRVRnU2tMTHk4MExKWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjgv
ZWRkYzA1LTQwMmQtNGRhNy05N2VmLWMxMGRhNmFhYzFiMS8xL0tIVGthX1kyNm1Q
bDBTTmk5Vkc0Q3lkeFI0QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAiUQZAMEASUQbAMEArk5tDANBAIA
AjAHAwUAKgBMxDANBgkqhkiG9w0BAQsFAAOCAQEAFDUmsQJgVlcyAy9NI1GqHg3Z
MrBwDyBzMbTV8WXkw88lQBOzIZC14ZIIeHXgZ1KV34OM+Awc7CV5kB4AxRD/IuvQ
zPjaokqZ2BFvZybMjgpb6TTGly7RhirycGYluVUUIA0YsXb/4bfV/ntpBy3H6mYR
yXpGzyAWphM9t+gcsZN2Nh6+xyrR1QlX5J5FUXxoL6+XcFsAZrDU5W/Nzx+HcSj2
jYEq0lLSGB/mp1hY69JBicMDWIA3E7IHXos5QkaBY6Y9r8DHiVZ0iY+FytZWdZAA
oM7xZoBt+WdkNG1kjyjAgjJTfmX48YhlJB5373iazeIE1GwG+3XBPbeTEtLhBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:31 2024 by rpki-client on console-ams.rpki-client.org