Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/HlQhU6ChE-h7FVeAwqwQvMeDHpE.roa
File: HlQhU6ChE-h7FVeAwqwQvMeDHpE.roa (raw, json)
Hash identifier: 5K3dv4hW/6i9xOH37+I8Jwd+AWSoVKwN0O5yKvKlpGA=
Subject key identifier: 1E:54:21:53:A0:A1:13:E8:7B:15:57:80:C2:AC:10:BC:C7:83:1E:91
Certificate issuer: /CN=07c40d70160f308642129a1b72ae5ae52db883c4
Certificate serial: 6C52C7
Authority key identifier: 07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/HlQhU6ChE-h7FVeAwqwQvMeDHpE.roa
Signing time: Sat 01 Jan 2022 00:58:31 +0000
ROA not before: Sat 01 Jan 2022 00:58:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48166
IP address blocks: 91.210.84.0/22 maxlen: 22
178.213.192.0/21 maxlen: 21
185.61.92.0/22 maxlen: 22
91.133.0.0/19 maxlen: 19
5.250.232.0/21 maxlen: 21
89.22.16.0/20 maxlen: 20
194.9.224.0/20 maxlen: 20
2a02:7760::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 7099079 (0x6c52c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07c40d70160f308642129a1b72ae5ae52db883c4
Validity
Not Before: Jan 1 00:58:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=1e542153a0a113e87b155780c2ac10bcc7831e91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b5:6a:04:9d:be:b9:4a:70:1c:d7:5e:f6:bd:
0e:bc:e2:ec:15:2c:65:6e:3d:51:f7:6b:8f:1f:1e:
89:eb:2b:ae:cc:d6:8d:71:65:ff:36:d2:03:45:7c:
e6:81:e2:48:c8:12:63:02:eb:f4:71:93:b4:8c:7f:
71:29:eb:c8:3f:46:63:68:54:ac:a1:91:8c:90:0c:
da:fa:18:6f:69:ad:43:c7:55:ad:7d:55:81:a4:75:
3f:6a:6c:7a:13:26:ba:fe:81:46:dd:33:13:15:98:
fc:e2:48:a1:5f:52:98:a2:d3:af:0c:96:0e:98:0d:
04:f7:cc:ee:40:a0:7f:95:70:66:b4:a0:2e:ea:67:
eb:63:b2:2f:e9:b4:07:52:15:24:e5:2e:98:31:42:
b6:59:25:14:5c:2c:76:93:ad:0c:41:7d:80:20:3f:
8e:8e:2b:93:6d:f7:51:08:a1:43:87:7c:be:be:7d:
e7:aa:02:76:b5:d2:e3:5c:7a:1c:21:d2:f4:22:db:
54:dd:a5:e8:dd:1d:0f:42:e7:ac:11:d5:71:08:8d:
7d:90:17:bc:6e:8e:a1:f8:80:4b:b1:f2:cb:ce:08:
61:39:84:cd:dd:dd:b6:1c:dc:c6:93:d7:9c:3d:a3:
02:bf:91:58:4c:20:d2:d9:7f:c8:40:b1:86:03:d1:
43:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:54:21:53:A0:A1:13:E8:7B:15:57:80:C2:AC:10:BC:C7:83:1E:91
X509v3 Authority Key Identifier:
keyid:07:C4:0D:70:16:0F:30:86:42:12:9A:1B:72:AE:5A:E5:2D:B8:83:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B8QNcBYPMIZCEpobcq5a5S24g8Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/HlQhU6ChE-h7FVeAwqwQvMeDHpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/e116c2-8f82-4cba-b5ae-97dcbb0086e3/1/B8QNcBYPMIZCEpobcq5a5S24g8Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.232.0/21
89.22.16.0/20
91.133.0.0/19
91.210.84.0/22
178.213.192.0/21
185.61.92.0/22
194.9.224.0/20
IPv6:
2a02:7760::/32
Signature Algorithm: sha256WithRSAEncryption
73:ed:f6:cc:bd:11:9c:8e:69:b5:61:83:de:c9:5d:a4:32:9f:
83:26:e9:98:63:60:08:aa:0e:4f:9d:7a:41:5f:14:26:c4:98:
0c:52:e5:0a:2a:13:20:bc:09:58:35:0e:55:79:c4:3a:2e:57:
18:c9:03:76:a2:51:9e:d7:c2:bf:05:13:54:2e:73:31:1c:f1:
6b:2a:c8:fc:98:9f:f7:a2:ff:a4:e6:81:10:3b:3c:6b:46:34:
bb:46:97:8f:8b:52:d6:42:56:7f:1a:fd:cd:e0:80:4c:db:a0:
6a:54:6e:9c:c3:8b:07:9e:64:5b:2b:33:2f:48:7f:1e:44:c7:
44:24:c6:96:d5:4f:0f:a7:34:b0:5c:3e:f5:ed:ac:f6:2f:8f:
c4:57:88:7a:a9:bf:8a:63:7c:8a:cf:36:b8:19:65:87:b6:2d:
e5:70:3b:85:4a:ef:40:b8:9a:6d:2a:f1:a8:18:ac:e8:f9:08:
25:75:9a:47:11:ab:8b:6a:ff:cd:ef:4d:6c:45:a8:ad:d7:92:
f0:ea:62:33:ed:c0:2f:af:ae:f6:eb:36:39:13:f5:ba:9e:7b:
ae:29:7b:e3:f1:c1:e9:c1:b7:32:59:a9:9c:84:19:b4:b3:59:
1c:36:30:6c:7f:ca:f7:dd:c3:56:b5:d8:05:41:a8:39:94:f1:
d5:b6:02:ae
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIDbFLHMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDA3
YzQwZDcwMTYwZjMwODY0MjEyOWExYjcyYWU1YWU1MmRiODgzYzQwHhcNMjIwMTAx
MDA1ODMxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygxZTU0MjE1M2EwYTEx
M2U4N2IxNTU3ODBjMmFjMTBiY2M3ODMxZTkxMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAlbVqBJ2+uUpwHNde9r0OvOLsFSxlbj1R92uPHx6J6yuuzNaN
cWX/NtIDRXzmgeJIyBJjAuv0cZO0jH9xKevIP0ZjaFSsoZGMkAza+hhvaa1Dx1Wt
fVWBpHU/amx6Eya6/oFG3TMTFZj84kihX1KYotOvDJYOmA0E98zuQKB/lXBmtKAu
6mfrY7Iv6bQHUhUk5S6YMUK2WSUUXCx2k60MQX2AID+OjiuTbfdRCKFDh3y+vn3n
qgJ2tdLjXHocIdL0IttU3aXo3R0PQuesEdVxCI19kBe8bo6h+IBLsfLLzghhOYTN
3d22HNzGk9ecPaMCv5FYTCDS2X/IQLGGA9FDKQIDAQABo4ICPDCCAjgwHQYDVR0O
BBYEFB5UIVOgoRPoexVXgMKsELzHgx6RMB8GA1UdIwQYMBaAFAfEDXAWDzCGQhKa
G3KuWuUtuIPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
QjhRTmNCWVBNSVpDRXBvYmNxNWE1UzI0ZzhRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Mi9lMTE2YzItOGY4Mi00Y2JhLWI1YWUtOTdkY2JiMDA4NmUzLzEv
SGxRaFU2Q2hFLWg3RlZlQXdxd1F2TWVESHBFLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9l
MTE2YzItOGY4Mi00Y2JhLWI1YWUtOTdkY2JiMDA4NmUzLzEvQjhRTmNCWVBNSVpD
RXBvYmNxNWE1UzI0ZzhRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMFIG
CCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBfroAwQEWRYQAwQFW4UAAwQCW9JU
AwQDstXAAwQCuT1cAwQEwgngMA0EAgACMAcDBQAqAndgMA0GCSqGSIb3DQEBCwUA
A4IBAQBz7fbMvRGcjmm1YYPeyV2kMp+DJumYY2AIqg5PnXpBXxQmxJgMUuUKKhMg
vAlYNQ5VecQ6LlcYyQN2olGe18K/BRNULnMxHPFrKsj8mJ/3ov+k5oEQOzxrRjS7
RpePi1LWQlZ/Gv3N4IBM26BqVG6cw4sHnmRbKzMvSH8eRMdEJMaW1U8PpzSwXD71
7az2L4/EV4h6qb+KY3yKzza4GWWHti3lcDuFSu9AuJptKvGoGKzo+QgldZpHEauL
av/N701sRait15Lw6mIz7cAvr6726zY5E/W6nnuuKXvj8cHpwbcyWamchBm0s1kc
NjBsf8r33cNWtdgFQag5lPHVtgKu
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:24 2023 by rpki-client on console.sobornost.net