Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/hqmbTatr339puPDU6243B-69-Hg.roa
File: hqmbTatr339puPDU6243B-69-Hg.roa (raw, json)
Hash identifier: kVo/y+L9r17d2wnSHubz1P+JRkNj154roGD4XKCxk1g=
Subject key identifier: 86:A9:9B:4D:AB:6B:DF:7F:69:B8:F0:D4:EB:6E:37:07:EE:BD:F8:78
Certificate issuer: /CN=21351865b767dd7b9c22314bfc8055bd57db0065
Certificate serial: 0A1A4FF3
Authority key identifier: 21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/hqmbTatr339puPDU6243B-69-Hg.roa
Signing time: Sat 01 Jan 2022 06:03:48 +0000
ROA not before: Sat 01 Jan 2022 06:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197328
IP address blocks: 185.220.58.0/23 maxlen: 23
185.220.56.0/24 maxlen: 24
194.107.229.0/24 maxlen: 24
194.110.1.0/24 maxlen: 24
194.110.19.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169496563 (0xa1a4ff3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21351865b767dd7b9c22314bfc8055bd57db0065
Validity
Not Before: Jan 1 06:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=86a99b4dab6bdf7f69b8f0d4eb6e3707eebdf878
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1f:66:72:7b:17:15:9c:b8:f9:10:a1:bd:f9:
03:ab:61:0a:13:03:cb:6d:7c:a2:35:4f:1b:2f:ed:
08:ce:f9:56:f6:c7:92:b8:e4:5f:33:38:e9:29:ed:
10:5b:77:54:57:bb:65:b1:2f:4e:0f:72:df:df:88:
37:9c:ac:cf:20:7e:b7:e6:50:df:7e:08:67:8a:8e:
50:d3:2f:b1:cb:17:37:35:8a:d8:81:9c:dd:2e:1a:
0d:40:b1:ae:74:f7:b7:e9:9c:a6:87:e6:e7:7b:5c:
f3:31:6b:39:2b:0a:1e:f5:71:02:57:af:e5:b9:b4:
11:e0:5e:6a:86:f7:4e:80:9b:66:5b:0f:b0:a5:64:
3c:0a:0a:2a:90:5f:d6:9a:ec:5e:17:5a:36:33:e0:
58:80:e1:79:f2:aa:81:53:f7:34:ea:bd:ee:75:14:
de:9d:1b:9b:6d:60:05:ef:ed:5e:9b:23:10:d2:71:
ca:dc:4f:b1:2c:61:09:a0:28:34:9d:12:f9:05:dc:
19:f4:b2:0d:04:5c:3c:9f:af:cb:c1:17:6d:f6:95:
e2:3f:d3:83:0f:2d:44:97:1c:b2:8c:77:9f:c8:19:
69:57:f4:fa:16:67:83:a7:e9:d9:1b:2c:2f:7b:58:
c7:ab:13:7e:28:97:b5:a8:a9:99:56:f2:a1:53:44:
45:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A9:9B:4D:AB:6B:DF:7F:69:B8:F0:D4:EB:6E:37:07:EE:BD:F8:78
X509v3 Authority Key Identifier:
keyid:21:35:18:65:B7:67:DD:7B:9C:22:31:4B:FC:80:55:BD:57:DB:00:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITUYZbdn3XucIjFL_IBVvVfbAGU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/hqmbTatr339puPDU6243B-69-Hg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e52b07-f2a4-47c1-9460-1e4e0400844b/1/ITUYZbdn3XucIjFL_IBVvVfbAGU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.220.56.0/24
185.220.58.0/23
194.107.229.0/24
194.110.1.0/24
194.110.19.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:72:b7:2c:2a:f0:a4:d5:c2:a1:f3:d9:a5:68:c4:17:dc:e8:
bd:a0:90:45:e0:88:de:97:2e:de:77:29:fa:36:2e:a8:22:5b:
82:a8:07:4a:db:4d:80:ca:0d:de:f7:ae:68:8e:3a:aa:f7:af:
5e:3c:ef:30:6b:67:26:f7:20:c6:7c:aa:d2:56:d5:8e:a3:92:
33:2c:a7:da:d6:f1:1c:dd:d8:1c:6c:73:64:b3:36:10:ec:16:
21:f6:eb:28:5d:fe:3a:4e:33:20:90:1d:f8:ed:62:d9:9c:90:
52:f5:e7:3d:fc:6c:e6:de:e1:24:2e:20:58:a0:e6:0d:1b:dd:
bb:5d:3b:42:8e:00:fa:39:98:89:29:1a:10:84:a6:33:80:e8:
8f:11:eb:b2:d5:1a:8f:64:8e:d7:22:66:1a:56:73:75:8b:de:
34:0e:26:0b:01:0f:85:eb:a2:96:d2:35:08:a4:01:0a:95:5f:
6c:c8:43:25:80:7b:ae:42:33:37:79:53:1a:bf:5d:a0:87:5f:
ac:1b:8b:f5:e4:f0:c1:9b:39:36:bd:a4:db:bc:77:bf:4b:65:
10:e2:d6:00:a2:98:40:4b:77:13:c4:f2:10:a9:b1:63:2f:47:
67:78:3f:94:b2:74:7a:68:e1:1e:e3:f4:42:15:1b:d0:52:3f:
6f:66:4f:12
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEChpP8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1MTg2NWI3NjdkZDdiOWMyMjMxNGJmYzgwNTViZDU3ZGIwMDY1MB4XDTIyMDEw
MTA2MDM0OFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODZhOTliNGRhYjZi
ZGY3ZjY5YjhmMGQ0ZWI2ZTM3MDdlZWJkZjg3ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALcfZnJ7FxWcuPkQob35A6thChMDy218ojVPGy/tCM75VvbH
krjkXzM46SntEFt3VFe7ZbEvTg9y39+IN5yszyB+t+ZQ334IZ4qOUNMvscsXNzWK
2IGc3S4aDUCxrnT3t+mcpofm53tc8zFrOSsKHvVxAlev5bm0EeBeaob3ToCbZlsP
sKVkPAoKKpBf1prsXhdaNjPgWIDhefKqgVP3NOq97nUU3p0bm21gBe/tXpsjENJx
ytxPsSxhCaAoNJ0S+QXcGfSyDQRcPJ+vy8EXbfaV4j/Tgw8tRJccsox3n8gZaVf0
+hZng6fp2RssL3tYx6sTfiiXtaipmVbyoVNERUMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSGqZtNq2vff2m48NTrbjcH7r34eDAfBgNVHSMEGDAWgBQhNRhlt2fde5wi
MUv8gFW9V9sAZTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUVVlaYmRuM1h1Y0lqRkxfSUJWdlZmYkFHVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvZTUyYjA3LWYyYTQtNDdjMS05NDYwLTFlNGUwNDAwODQ0Yi8x
L2hxbWJUYXRyMzM5cHVQRFU2MjQzQi02OS1IZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
ZTUyYjA3LWYyYTQtNDdjMS05NDYwLTFlNGUwNDAwODQ0Yi8xL0lUVVlaYmRuM1h1
Y0lqRkxfSUJWdlZmYkFHVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEALncOAMEAbncOgMEAMJr5QMEAMJu
AQMEAMJuEzANBgkqhkiG9w0BAQsFAAOCAQEA03K3LCrwpNXCofPZpWjEF9zovaCQ
ReCI3pcu3ncp+jYuqCJbgqgHSttNgMoN3veuaI46qvevXjzvMGtnJvcgxnyq0lbV
jqOSMyyn2tbxHN3YHGxzZLM2EOwWIfbrKF3+Ok4zIJAd+O1i2ZyQUvXnPfxs5t7h
JC4gWKDmDRvdu107Qo4A+jmYiSkaEISmM4DojxHrstUaj2SO1yJmGlZzdYveNA4m
CwEPheuiltI1CKQBCpVfbMhDJYB7rkIzN3lTGr9doIdfrBuL9eTwwZs5Nr2k27x3
v0tlEOLWAKKYQEt3E8TyEKmxYy9HZ3g/lLJ0emjhHuP0QhUb0FI/b2ZPEg==
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:40:40 2023 by rpki-client on console.sobornost.net