Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0lha8uGVfC5BvSf7NNVu7c3aZoY.roa
File: 0lha8uGVfC5BvSf7NNVu7c3aZoY.roa (raw, json)
Hash identifier: QJ0oVOa4YtY4/QeVSe6XGqj04QKai8jGT4ovmyO8OZM=
Subject key identifier: D2:58:5A:F2:E1:95:7C:2E:41:BD:27:FB:34:D5:6E:ED:CD:DA:66:86
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1D52482A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0lha8uGVfC5BvSf7NNVu7c3aZoY.roa
Signing time: Sat 04 Jun 2022 10:04:20 +0000
ROA not before: Sat 04 Jun 2022 10:04:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 109.72.122.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.202.0/24 maxlen: 24
93.185.214.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 491931690 (0x1d52482a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 4 10:04:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2585af2e1957c2e41bd27fb34d56eedcdda6686
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:15:b5:e4:52:3a:62:e7:aa:b8:aa:9d:20:8d:
0f:4f:00:37:93:6b:01:9e:66:49:5d:cb:c7:fe:29:
b2:a6:91:24:67:96:f8:2a:90:e2:cd:a5:43:62:32:
f6:b3:0c:2b:d0:83:93:7a:7d:84:fe:6b:e6:5b:bb:
83:db:42:aa:31:91:86:3a:1d:a3:61:20:5f:b1:17:
6e:c2:8f:8b:1f:cc:3a:db:a6:d4:15:dc:74:85:67:
44:f5:20:4a:7b:60:40:10:e3:fb:96:10:4c:e1:3e:
3b:fa:70:55:38:43:e2:3e:15:67:e1:e8:ac:e6:20:
84:65:26:4a:8e:d9:d7:28:1e:21:25:97:60:b0:b9:
cb:0a:00:62:b4:99:02:fb:35:86:20:5e:4d:1b:e2:
07:1c:95:2b:5f:04:8f:57:39:6e:df:da:c9:a2:30:
de:78:ba:8e:ea:16:84:72:1b:59:c3:c0:49:d1:db:
7b:0e:be:4f:a0:50:dc:0d:58:66:f1:45:94:99:bc:
89:a8:b4:f2:a8:03:e7:e5:d9:df:40:b1:8e:f5:39:
29:ec:af:14:0c:aa:84:28:e2:68:01:90:bf:c5:56:
05:d3:03:31:c2:5e:f4:88:b4:07:1a:30:2b:e5:63:
d8:fd:f5:d5:b1:40:d4:4f:4d:9a:3c:4e:98:83:2f:
db:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:58:5A:F2:E1:95:7C:2E:41:BD:27:FB:34:D5:6E:ED:CD:DA:66:86
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/0lha8uGVfC5BvSf7NNVu7c3aZoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.214.0/24
109.72.122.0/24
185.30.200.0-185.30.202.255
Signature Algorithm: sha256WithRSAEncryption
5d:f9:33:be:b8:5a:99:ab:62:b3:7b:a2:d8:9e:6f:39:8e:94:
d2:62:21:f6:61:87:c3:53:6b:ef:63:9b:25:ac:bc:d7:cb:c0:
9d:e3:c3:4f:04:2f:72:48:c9:11:8c:c9:96:c7:04:75:53:a7:
99:1d:5a:54:5b:18:a8:87:95:6a:56:89:6f:2f:95:ae:7f:c8:
f2:35:e5:b9:7e:13:7a:54:7b:a6:a4:2c:02:6c:49:56:b3:5d:
1a:ee:da:4a:a9:24:6f:70:6f:eb:8f:89:65:ca:74:fe:ce:c7:
8e:58:83:f9:81:57:1d:c5:ff:09:92:45:2b:a8:12:a1:4d:8d:
b6:d2:f2:1e:4b:93:82:df:8f:99:f3:33:41:4f:6a:bf:a4:3f:
b0:4f:c8:07:f4:01:10:a0:3d:9d:26:4a:79:c5:4b:eb:70:e0:
77:9d:b4:f5:fc:83:e7:34:32:91:d0:80:10:5c:e5:97:50:65:
b4:de:db:f0:06:38:de:f0:6d:ca:fe:b2:a3:f5:23:1c:a4:25:
b8:13:85:14:3e:49:f8:65:81:44:9d:ae:aa:c0:8b:f5:65:e8:
5b:7e:5b:26:a5:24:ab:2b:95:f2:01:31:95:2c:37:ff:e8:31:
de:76:f7:27:8a:ab:ea:87:16:e0:37:69:3b:db:cb:85:98:d7:
11:ec:c6:71
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEHVJIKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDYw
NDEwMDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDI1ODVhZjJlMTk1
N2MyZTQxYmQyN2ZiMzRkNTZlZWRjZGRhNjY4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8VteRSOmLnqriqnSCND08AN5NrAZ5mSV3Lx/4psqaRJGeW
+CqQ4s2lQ2Iy9rMMK9CDk3p9hP5r5lu7g9tCqjGRhjodo2EgX7EXbsKPix/MOtum
1BXcdIVnRPUgSntgQBDj+5YQTOE+O/pwVThD4j4VZ+HorOYghGUmSo7Z1ygeISWX
YLC5ywoAYrSZAvs1hiBeTRviBxyVK18Ej1c5bt/ayaIw3ni6juoWhHIbWcPASdHb
ew6+T6BQ3A1YZvFFlJm8iai08qgD5+XZ30CxjvU5KeyvFAyqhCjiaAGQv8VWBdMD
McJe9Ii0BxowK+Vj2P311bFA1E9NmjxOmIMv29MCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTSWFry4ZV8LkG9J/s01W7tzdpmhjAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
LzBsaGE4dUdWZkM1QnZTZjdOTlZ1N2MzYVpvWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAF251gMEAG1IejAMAwQDuR7IAwQA
uR7KMA0GCSqGSIb3DQEBCwUAA4IBAQBd+TO+uFqZq2Kze6LYnm85jpTSYiH2YYfD
U2vvY5slrLzXy8Cd48NPBC9ySMkRjMmWxwR1U6eZHVpUWxioh5VqVolvL5Wuf8jy
NeW5fhN6VHumpCwCbElWs10a7tpKqSRvcG/rj4llynT+zseOWIP5gVcdxf8JkkUr
qBKhTY220vIeS5OC34+Z8zNBT2q/pD+wT8gH9AEQoD2dJkp5xUvrcOB3nbT1/IPn
NDKR0IAQXOWXUGW03tvwBjje8G3K/rKj9SMcpCW4E4UUPkn4ZYFEna6qwIv1Zehb
flsmpSSrK5XyATGVLDf/6DHedvcniqvqhxbgN2k728uFmNcR7MZx
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:14 2024 by rpki-client on console-fra.rpki-client.org