Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/HARoIyDV-bQT_bjriLDGFNIIO5I.roa
File: HARoIyDV-bQT_bjriLDGFNIIO5I.roa (raw, json)
Hash identifier: hFQNNVMVL6D+N2/fyaXfxLtX/kwr1iGJd3ZMEECNjK4=
Subject key identifier: 1C:04:68:23:20:D5:F9:B4:13:FD:B8:EB:88:B0:C6:14:D2:08:3B:92
Certificate issuer: /CN=6e8b028d18274d21a7316aea3ccce9158b54f481
Certificate serial: 35C0439D
Authority key identifier: 6E:8B:02:8D:18:27:4D:21:A7:31:6A:EA:3C:CC:E9:15:8B:54:F4:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/HARoIyDV-bQT_bjriLDGFNIIO5I.roa
Signing time: Sat 01 Jan 2022 03:59:44 +0000
ROA not before: Sat 01 Jan 2022 03:59:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198913
IP address blocks: 46.243.123.0/24 maxlen: 24
46.243.124.0/24 maxlen: 24
46.243.120.0/21 maxlen: 21
46.243.125.0/24 maxlen: 24
46.243.121.0/24 maxlen: 24
46.243.122.0/24 maxlen: 24
46.243.126.0/24 maxlen: 24
46.243.127.0/24 maxlen: 24
185.132.24.0/22 maxlen: 22
185.132.24.0/24 maxlen: 24
185.132.26.0/24 maxlen: 24
185.132.27.0/24 maxlen: 24
185.132.25.0/24 maxlen: 24
185.173.228.0/24 maxlen: 24
185.173.228.0/22 maxlen: 22
185.173.229.0/24 maxlen: 24
185.173.230.0/24 maxlen: 24
185.173.231.0/24 maxlen: 24
217.19.13.0/24 maxlen: 24
2a03:d400:228::/48 maxlen: 48
2a03:d400:123::/48 maxlen: 48
2a03:d400:126::/48 maxlen: 48
2a03:d400:26::/48 maxlen: 48
2a03:d400:121::/48 maxlen: 48
2a03:d400:125::/48 maxlen: 48
2a03:d400:25::/48 maxlen: 48
2a03:d400::/32 maxlen: 32
2a03:d400:120::/48 maxlen: 48
2a03:d400:122::/48 maxlen: 48
2a03:d400:13::/48 maxlen: 48
2a0b:6f00::/29 maxlen: 29
2a03:d400:231::/48 maxlen: 48
2a03:d400:127::/48 maxlen: 48
2a03:d400:27::/48 maxlen: 48
2a03:d400:230::/48 maxlen: 48
2a03:d400:229::/48 maxlen: 48
2a03:d400:124::/48 maxlen: 48
2a03:d400:24::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 901792669 (0x35c0439d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6e8b028d18274d21a7316aea3ccce9158b54f481
Validity
Not Before: Jan 1 03:59:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1c04682320d5f9b413fdb8eb88b0c614d2083b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:ba:44:60:1a:4f:a0:26:6c:85:4b:c3:3d:c5:
77:50:3e:e1:76:4c:73:19:5c:6b:54:f3:03:aa:e0:
55:c1:6c:12:07:cb:8e:a8:a3:24:2f:d3:32:82:8d:
e8:6c:68:e7:d0:0b:2e:b8:28:b8:b1:aa:ce:b4:72:
19:86:5b:f4:2a:e5:2e:a1:5d:57:9e:5a:ea:5f:0c:
cd:3f:2e:17:17:92:34:1f:e5:38:29:24:f1:1e:b9:
65:95:c0:12:c8:77:46:e9:d9:30:50:e4:63:88:83:
8d:18:c7:03:cd:92:2a:39:4e:a9:04:08:85:40:57:
cc:dc:04:bc:b6:5f:c1:e9:29:0e:ef:7c:d6:32:c0:
f1:63:7e:e3:f1:62:73:02:35:72:68:03:9b:36:7d:
44:16:3a:29:00:66:35:b9:6c:88:a6:e8:ce:e1:6f:
ad:2c:b2:c8:a9:6e:df:e6:11:14:0a:0f:30:1b:a1:
11:7b:b7:1f:5e:82:05:51:f8:86:b0:9f:ec:39:2d:
d1:cd:bb:ab:a3:2b:09:40:57:65:91:dc:74:c5:bb:
c1:10:7e:8e:20:27:37:f7:c7:6e:c8:fb:2e:6d:83:
86:3f:99:2f:aa:33:84:86:d2:67:43:ff:df:67:ac:
d0:a4:6e:98:65:b0:de:8d:77:ea:dc:af:cd:44:90:
b7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:04:68:23:20:D5:F9:B4:13:FD:B8:EB:88:B0:C6:14:D2:08:3B:92
X509v3 Authority Key Identifier:
keyid:6E:8B:02:8D:18:27:4D:21:A7:31:6A:EA:3C:CC:E9:15:8B:54:F4:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bosCjRgnTSGnMWrqPMzpFYtU9IE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/HARoIyDV-bQT_bjriLDGFNIIO5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/096eaf-634b-4c49-b68e-c2c61518589f/1/bosCjRgnTSGnMWrqPMzpFYtU9IE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.120.0/21
185.132.24.0/22
185.173.228.0/22
217.19.13.0/24
IPv6:
2a03:d400::/32
2a0b:6f00::/29
Signature Algorithm: sha256WithRSAEncryption
75:4a:ff:90:13:25:4a:40:8f:03:1a:68:d0:7f:f3:c1:c0:e8:
49:34:35:e4:39:63:dd:f1:af:cc:54:69:aa:da:37:7d:79:50:
ee:c0:63:9b:4c:11:f9:e5:ec:a9:da:5f:f7:d9:76:91:a0:f1:
37:9c:d0:b7:c0:c5:d6:25:ea:d9:55:f5:de:12:66:c1:2f:b8:
f8:88:35:d3:36:26:78:54:0f:56:3b:e3:15:22:27:81:dc:28:
a0:24:e4:bd:d3:b8:61:e8:0d:2e:c7:9b:f8:ab:7d:96:e9:33:
d0:cd:d4:7d:9d:55:63:36:ae:36:83:0e:53:24:1b:9d:17:89:
b2:f3:a7:c0:2c:23:9c:46:85:84:d3:c9:89:78:33:d8:90:c6:
89:32:f2:2a:df:a8:c5:7c:b1:96:cb:63:99:30:6d:8d:64:ff:
c0:44:f3:e9:67:2f:8e:a1:db:b2:b4:cb:4e:ef:be:93:30:da:
b3:a4:0c:ab:c1:6c:ab:21:fa:66:be:be:05:22:85:eb:45:03:
0a:5a:3e:77:d4:db:42:e5:ef:49:e6:8b:09:6b:08:9d:04:bb:
e1:36:7e:98:78:52:74:11:b8:17:70:bf:92:68:07:0c:c3:1e:
a8:e6:c2:1b:f0:54:c3:56:e9:1f:58:de:2e:c8:ff:76:25:d4:
0b:63:34:47
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgIENcBDnTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
ZThiMDI4ZDE4Mjc0ZDIxYTczMTZhZWEzY2NjZTkxNThiNTRmNDgxMB4XDTIyMDEw
MTAzNTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMWMwNDY4MjMyMGQ1
ZjliNDEzZmRiOGViODhiMGM2MTRkMjA4M2I5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO+6RGAaT6AmbIVLwz3Fd1A+4XZMcxlca1TzA6rgVcFsEgfL
jqijJC/TMoKN6Gxo59ALLrgouLGqzrRyGYZb9CrlLqFdV55a6l8MzT8uFxeSNB/l
OCkk8R65ZZXAEsh3RunZMFDkY4iDjRjHA82SKjlOqQQIhUBXzNwEvLZfwekpDu98
1jLA8WN+4/FicwI1cmgDmzZ9RBY6KQBmNblsiKbozuFvrSyyyKlu3+YRFAoPMBuh
EXu3H16CBVH4hrCf7Dkt0c27q6MrCUBXZZHcdMW7wRB+jiAnN/fHbsj7Lm2Dhj+Z
L6ozhIbSZ0P/32es0KRumGWw3o136tyvzUSQt6MCAwEAAaOCAjEwggItMB0GA1Ud
DgQWBBQcBGgjINX5tBP9uOuIsMYU0gg7kjAfBgNVHSMEGDAWgBRuiwKNGCdNIacx
auo8zOkVi1T0gTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2Jvc0NqUmduVFNHbk1XcnFQTXpwRll0VTlJRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmIvMDk2ZWFmLTYzNGItNGM0OS1iNjhlLWMyYzYxNTE4NTg5Zi8x
L0hBUm9JeURWLWJRVF9ianJpTERHRk5JSU81SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmIv
MDk2ZWFmLTYzNGItNGM0OS1iNjhlLWMyYzYxNTE4NTg5Zi8xL2Jvc0NqUmduVFNH
bk1XcnFQTXpwRll0VTlJRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBH
BggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEAy7zeAMEArmEGAMEArmt5AMEANkT
DTAUBAIAAjAOAwUAKgPUAAMFAyoLbwAwDQYJKoZIhvcNAQELBQADggEBAHVK/5AT
JUpAjwMaaNB/88HA6Ek0NeQ5Y93xr8xUaaraN315UO7AY5tMEfnl7KnaX/fZdpGg
8Tec0LfAxdYl6tlV9d4SZsEvuPiINdM2JnhUD1Y74xUiJ4HcKKAk5L3TuGHoDS7H
m/irfZbpM9DN1H2dVWM2rjaDDlMkG50XibLzp8AsI5xGhYTTyYl4M9iQxoky8irf
qMV8sZbLY5kwbY1k/8BE8+lnL46h27K0y07vvpMw2rOkDKvBbKsh+ma+vgUihetF
AwpaPnfU20Ll70nmiwlrCJ0Eu+E2fph4UnQRuBdwv5JoBwzDHqjmwhvwVMNW6R9Y
3i7I/3Yl1AtjNEc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:55 2024 by rpki-client on console-ams.rpki-client.org