Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/i4RAlvOxgDFlv2X1rf_7uNhHvh8.roa
File: i4RAlvOxgDFlv2X1rf_7uNhHvh8.roa (raw, json)
Hash identifier: lRWYrI4BDfiH6FHSxZLOzURG/wS+xafMBxT3vxyuKEs=
Subject key identifier: 8B:84:40:96:F3:B1:80:31:65:BF:65:F5:AD:FF:FB:B8:D8:47:BE:1F
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0184EA8D0120DFD0D2659C45732C2E7DABD0
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/i4RAlvOxgDFlv2X1rf_7uNhHvh8.roa
Signing time: Wed 07 Dec 2022 03:07:00 +0000
ROA not before: Wed 07 Dec 2022 03:07:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48737
IP address blocks: 93.188.132.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
163.171.215.0/24 maxlen: 24
163.171.216.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ea:8d:01:20:df:d0:d2:65:9c:45:73:2c:2e:7d:ab:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Dec 7 03:07:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8b844096f3b1803165bf65f5adfffbb8d847be1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:4b:2a:e4:6a:63:eb:b7:7b:ea:e9:3e:62:e6:
9b:3a:38:c1:8b:b3:0f:10:1d:0d:e2:f4:b0:1c:15:
85:19:ee:f2:ae:f4:69:35:fb:af:e0:15:3e:f9:89:
d9:26:46:8f:24:17:5c:ae:04:96:ca:5a:14:9e:4e:
2f:55:ba:af:e1:80:23:a2:66:75:72:eb:27:24:31:
d1:aa:4a:2d:a4:4d:a0:dc:0d:83:75:4a:e9:8e:66:
3a:1a:8f:5c:57:a3:fa:48:74:4a:b2:11:c2:7c:76:
45:95:98:ab:11:5b:6f:d8:d6:65:8f:b4:d9:98:43:
e7:79:92:07:c8:c6:58:63:0a:f5:8b:bd:31:fd:f3:
e7:7a:94:2e:29:3e:ce:d8:49:d9:5d:7f:32:f2:59:
41:f7:11:4e:fb:1f:25:2d:d8:5c:5b:ef:62:a1:ce:
da:10:d8:8b:f4:1a:3d:5a:d8:9c:8d:8f:d3:73:e8:
69:61:a9:4a:1f:ac:00:a8:84:71:aa:f3:3d:2c:07:
cc:7d:67:9f:c4:59:50:d3:17:33:2a:49:b4:83:ce:
2b:92:bb:82:a5:70:08:32:25:66:db:0d:a5:54:82:
92:fc:e3:60:b6:b3:26:b8:70:04:34:ff:a8:be:4e:
37:72:60:2c:70:51:f8:a3:25:32:91:33:ee:b0:d9:
af:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:84:40:96:F3:B1:80:31:65:BF:65:F5:AD:FF:FB:B8:D8:47:BE:1F
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/i4RAlvOxgDFlv2X1rf_7uNhHvh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.188.132.0/24
93.188.135.0/24
163.171.215.0-163.171.216.255
163.171.231.0/24
163.171.252.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:54:f0:8f:90:eb:ad:30:90:ff:4c:ce:82:d2:aa:48:3e:5f:
55:91:43:23:56:f6:0c:5f:fe:78:c9:51:f3:4f:54:e3:39:03:
4c:17:99:7a:82:1c:bc:d2:5d:b9:59:9d:bc:fc:57:77:ba:42:
48:59:e1:06:5a:a6:67:54:46:c9:35:ca:17:45:e1:83:c8:6b:
42:29:31:45:54:9d:c9:2b:17:d8:34:a5:34:77:93:23:77:12:
cd:3a:8a:1f:a4:75:dd:9a:37:9f:fe:44:ce:b5:a0:36:cb:64:
11:ee:66:7f:81:41:f5:ec:e9:b9:47:80:99:ce:33:d7:de:8e:
50:28:d6:f7:20:c3:44:c8:e7:2a:71:60:83:71:dd:14:dc:60:
c0:80:4a:91:f5:f4:6d:9d:db:1a:33:86:20:61:1f:8f:71:c3:
81:ee:dd:52:fd:cf:9c:30:d6:81:58:d9:56:7e:3d:60:7a:14:
2f:69:94:7f:14:44:b5:a1:af:12:49:17:1c:39:e4:cb:4b:5d:
c9:81:c6:e4:a9:52:ba:b5:45:80:06:27:9e:df:7c:d4:e3:04:
ab:23:3b:b2:b0:5f:d8:5c:1c:37:ba:68:89:93:d3:2a:eb:ae:
a3:55:42:32:39:f6:62:e2:e5:c7:c4:09:c0:d5:2e:8e:2e:8e:
c8:36:31:e9
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYTqjQEg39DSZZxFcywufavQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjIxMjA3MDMwNzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Yjg0NDA5NmYzYjE4MDMxNjViZjY1ZjVhZGZmZmJiOGQ4NDdiZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlksq5Gpj67d76uk+YuabOjjBi7MP
EB0N4vSwHBWFGe7yrvRpNfuv4BU++YnZJkaPJBdcrgSWyloUnk4vVbqv4YAjomZ1
cusnJDHRqkotpE2g3A2DdUrpjmY6Go9cV6P6SHRKshHCfHZFlZirEVtv2NZlj7TZ
mEPneZIHyMZYYwr1i70x/fPnepQuKT7O2EnZXX8y8llB9xFO+x8lLdhcW+9ioc7a
ENiL9Bo9WticjY/Tc+hpYalKH6wAqIRxqvM9LAfMfWefxFlQ0xczKkm0g84rkruC
pXAIMiVm2w2lVIKS/ONgtrMmuHAENP+ovk43cmAscFH4oyUykTPusNmv/wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIuEQJbzsYAxZb9l9a3/+7jYR74fMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvaTRSQWx2T3hnREZsdjJYMXJmXzd1TmhIdmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAXbyEAwQA
XbyHMAwDBACjq9cDBACjq9gDBACjq+cDBACjq/wwDQYJKoZIhvcNAQELBQADggEB
AJ5U8I+Q660wkP9MzoLSqkg+X1WRQyNW9gxf/njJUfNPVOM5A0wXmXqCHLzSXblZ
nbz8V3e6QkhZ4QZapmdURsk1yhdF4YPIa0IpMUVUnckrF9g0pTR3kyN3Es06ih+k
dd2aN5/+RM61oDbLZBHuZn+BQfXs6blHgJnOM9fejlAo1vcgw0TI5ypxYINx3RTc
YMCASpH19G2d2xozhiBhH49xw4Hu3VL9z5ww1oFY2VZ+PWB6FC9plH8URLWhrxJJ
Fxw55MtLXcmBxuSpUrq1RYAGJ57ffNTjBKsjO7KwX9hcHDe6aImT0yrrrqNVQjI5
9mLi5cfECcDVLo4ujsg2Mek=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:49 2024 by rpki-client on console-fra.rpki-client.org