Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1-JcOSIm_0loXcVAaVysldZrK5_E.roa
File: 1-JcOSIm_0loXcVAaVysldZrK5_E.roa (raw, json)
Hash identifier: 0WDy5gjNHala3LAbBpdVwQxYHIEz2mCSRzUgxHU1SUg=
Subject key identifier: F8:97:0E:48:89:BF:D2:5A:17:71:50:1A:57:2B:25:75:9A:CA:E7:F1
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 1AF8C7F4
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1-JcOSIm_0loXcVAaVysldZrK5_E.roa
Signing time: Sat 01 Jan 2022 13:05:40 +0000
ROA not before: Sat 01 Jan 2022 13:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12566
IP address blocks: 62.62.169.0/24 maxlen: 24
87.255.128.0/19 maxlen: 24
212.23.160.0/19 maxlen: 24
194.153.88.0/23 maxlen: 23
194.153.89.0/24 maxlen: 24
194.153.90.0/24 maxlen: 24
194.153.92.0/24 maxlen: 24
194.153.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 452511732 (0x1af8c7f4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 1 13:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f8970e4889bfd25a1771501a572b25759acae7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ee:01:01:aa:5c:a2:bb:50:39:87:52:cc:c0:
33:cf:f5:0f:18:cf:96:5f:47:21:a8:5e:03:9c:e9:
52:f2:b1:e3:93:5f:63:80:c6:26:dd:89:00:f8:43:
6c:cd:5f:94:5e:a9:99:d7:d9:cc:45:23:09:7d:9d:
d1:1e:b3:29:88:00:8b:26:e8:47:9f:4c:34:41:74:
fb:86:29:61:06:0f:e1:13:e2:46:d5:16:1b:60:53:
77:d8:96:9e:17:63:02:60:1c:13:ce:0b:5f:b3:7d:
de:9b:9a:81:41:b0:b8:9a:eb:3f:a7:f7:0c:52:bb:
b8:74:0a:88:1e:ca:fe:5c:05:37:79:ac:52:dd:0e:
54:fc:79:68:8e:b4:24:18:ef:20:af:b8:53:25:d5:
60:c5:c2:26:c9:5a:be:37:8e:67:43:bd:3b:f1:4f:
e3:1a:cf:90:3c:d0:a6:4e:5a:94:77:48:68:39:23:
3d:00:a1:37:5f:0c:fb:2e:ff:8e:09:92:15:94:27:
5a:52:04:35:fe:10:d2:55:3c:e7:80:0b:0c:e9:5b:
f3:b8:26:69:00:d9:a5:7c:68:c7:54:4c:5d:28:4f:
b6:3f:95:e5:6c:c9:6f:8f:8d:e3:5e:97:39:a5:27:
0f:4d:c8:3d:f1:b1:52:45:4b:cf:a6:7f:1d:0a:e2:
b7:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:97:0E:48:89:BF:D2:5A:17:71:50:1A:57:2B:25:75:9A:CA:E7:F1
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/1-JcOSIm_0loXcVAaVysldZrK5_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.62.169.0/24
87.255.128.0/19
194.153.88.0-194.153.90.255
194.153.92.0/24
194.153.97.0/24
212.23.160.0/19
Signature Algorithm: sha256WithRSAEncryption
9d:ef:45:a6:98:e8:b7:28:07:63:02:dd:ab:ef:d4:f9:81:75:
91:3b:40:da:db:7b:63:37:fd:1c:0c:44:f4:f4:60:db:c9:0a:
c4:47:06:d6:3e:30:bf:e8:a5:f3:11:c7:42:f1:d2:6d:0f:24:
a1:2f:2e:71:74:46:c4:5a:72:9b:71:7d:6b:02:22:90:a6:14:
26:90:59:60:52:cd:f4:59:04:bc:75:6b:45:09:71:fa:5e:3c:
d2:b2:14:2c:40:a7:e6:8e:c9:5e:57:de:c4:fe:35:a0:0a:47:
35:1a:bb:55:c6:ee:1e:51:b5:a1:91:78:ac:90:69:b7:23:0d:
b5:43:fb:2a:32:4a:ed:ef:ae:a9:cd:e4:ff:40:65:0a:28:d1:
44:44:48:26:49:77:2e:25:11:18:26:8a:cc:fd:ed:77:10:05:
a2:70:54:cd:a0:df:18:e0:86:9a:0b:de:22:52:10:ba:d6:a2:
d0:f9:78:4d:87:8e:73:23:ba:87:e0:59:17:f3:c6:21:19:10:
43:b6:da:a7:be:6e:e9:7a:37:65:f2:4b:ad:98:c9:5e:01:e5:
f2:09:d9:76:b1:66:59:55:4f:4e:9d:ef:9a:f6:e0:f2:f5:df:
11:a5:07:f4:7b:d9:c4:0d:13:b8:53:f8:74:9e:0a:d7:c8:26:
a0:e0:f8:7f
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEGvjH9DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MGVmNWZiYmZjYTdhOTNjZmVlOTY1ZWViNmJkZWU2ZmI0M2M0MDNlMB4XDTIyMDEw
MTEzMDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjg5NzBlNDg4OWJm
ZDI1YTE3NzE1MDFhNTcyYjI1NzU5YWNhZTdmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKTuAQGqXKK7UDmHUszAM8/1DxjPll9HIaheA5zpUvKx45Nf
Y4DGJt2JAPhDbM1flF6pmdfZzEUjCX2d0R6zKYgAiyboR59MNEF0+4YpYQYP4RPi
RtUWG2BTd9iWnhdjAmAcE84LX7N93puagUGwuJrrP6f3DFK7uHQKiB7K/lwFN3ms
Ut0OVPx5aI60JBjvIK+4UyXVYMXCJslavjeOZ0O9O/FP4xrPkDzQpk5alHdIaDkj
PQChN18M+y7/jgmSFZQnWlIENf4Q0lU854ALDOlb87gmaQDZpXxox1RMXShPtj+V
5WzJb4+N416XOaUnD03IPfGxUkVLz6Z/HQrit0cCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBT4lw5Iib/SWhdxUBpXKyV1msrn8TAfBgNVHSMEGDAWgBSg71+7/KepPP7p
Ze62ve5vtDxAPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29POWZ1X3lucVR6LTZXWHV0cjN1YjdROFFENC5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzIvZmU5MTVjLWJmNzAtNDYwMi04YTNjLTAyOTJiMDIwMTUwYS8x
LzEtSmNPU0ltXzBsb1hjVkFhVnlzbGRacks1X0Uucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzcy
L2ZlOTE1Yy1iZjcwLTQ2MDItOGEzYy0wMjkyYjAyMDE1MGEvMS9vTzlmdV95bnFU
ei02V1h1dHIzdWI3UThRRDQuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
RQYIKwYBBQUHAQcBAf8ENjA0MDIEAgABMCwDBAA+PqkDBAVX/4AwDAMEA8KZWAME
AMKZWgMEAMKZXAMEAMKZYQMEBdQXoDANBgkqhkiG9w0BAQsFAAOCAQEAne9Fppjo
tygHYwLdq+/U+YF1kTtA2tt7Yzf9HAxE9PRg28kKxEcG1j4wv+il8xHHQvHSbQ8k
oS8ucXRGxFpym3F9awIikKYUJpBZYFLN9FkEvHVrRQlx+l480rIULECn5o7JXlfe
xP41oApHNRq7VcbuHlG1oZF4rJBptyMNtUP7KjJK7e+uqc3k/0BlCijRRERIJkl3
LiURGCaKzP3tdxAFonBUzaDfGOCGmgveIlIQutai0Pl4TYeOcyO6h+BZF/PGIRkQ
Q7bap75u6Xo3ZfJLrZjJXgHl8gnZdrFmWVVPTp3vmvbg8vXfEaUH9HvZxA0TuFP4
dJ4K18gmoOD4fw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:34:55 2024 by rpki-client on console-fra.rpki-client.org