Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/CmOcAPCwR9HtjXSmJJNq6TNh_XM.roa
File: CmOcAPCwR9HtjXSmJJNq6TNh_XM.roa (raw, json)
Hash identifier: afw5Ej79HBN3lvN1JvAFYjJb9z446vNRFg2V4S9fxKQ=
Subject key identifier: 0A:63:9C:00:F0:B0:47:D1:ED:8D:74:A6:24:93:6A:E9:33:61:FD:73
Certificate issuer: /CN=e71d709d8b184c5a50c9431dccaf649bc8684704
Certificate serial: 158A994A
Authority key identifier: E7:1D:70:9D:8B:18:4C:5A:50:C9:43:1D:CC:AF:64:9B:C8:68:47:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5x1wnYsYTFpQyUMdzK9km8hoRwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/CmOcAPCwR9HtjXSmJJNq6TNh_XM.roa
Signing time: Sat 01 Jan 2022 16:05:40 +0000
ROA not before: Sat 01 Jan 2022 16:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59466
IP address blocks: 185.96.164.0/22 maxlen: 22
85.187.180.0/22 maxlen: 22
85.187.190.0/24 maxlen: 24
85.187.187.0/24 maxlen: 24
85.187.188.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 361404746 (0x158a994a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e71d709d8b184c5a50c9431dccaf649bc8684704
Validity
Not Before: Jan 1 16:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0a639c00f0b047d1ed8d74a624936ae93361fd73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2b:0a:67:d8:1d:39:f2:f1:a4:25:c4:ca:f5:
89:80:93:f0:82:67:92:20:46:19:b3:d2:2a:bd:54:
6d:92:21:1a:e9:84:be:91:2f:1e:45:d6:80:ec:4b:
ba:1f:e2:6f:8f:60:0d:2d:5d:d9:ab:57:15:69:f7:
5d:d7:2c:bb:6c:0e:52:89:b5:7a:34:c5:eb:f1:ec:
c3:d4:5b:83:6c:a6:f7:28:8f:af:21:73:06:d6:9c:
c7:b6:60:f3:de:77:34:23:c6:81:de:08:35:31:ab:
b9:27:7a:5d:82:74:6e:82:0d:1d:b2:69:29:ea:af:
98:e6:b7:6a:5d:f1:de:bc:df:91:10:6d:77:c2:48:
a1:be:ed:58:d3:af:33:a3:28:e0:2d:b6:1a:93:6f:
38:f2:7d:9c:52:5d:95:17:eb:03:f4:02:85:c1:14:
ef:2c:72:af:bd:41:17:7f:d4:c6:38:be:36:98:12:
98:a5:b5:e1:c7:6f:24:09:a7:55:86:05:3b:9f:26:
6a:b9:8e:a3:c6:cc:c2:eb:a2:6c:c2:dc:a1:bc:e1:
85:78:52:6f:a7:ae:5b:7d:e1:db:cd:82:2f:bc:8b:
d5:70:24:b9:a3:b6:7b:fa:32:4c:e5:89:24:5e:f6:
b3:62:13:2c:8d:33:2a:cd:78:33:b2:77:7e:d1:72:
5d:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:63:9C:00:F0:B0:47:D1:ED:8D:74:A6:24:93:6A:E9:33:61:FD:73
X509v3 Authority Key Identifier:
keyid:E7:1D:70:9D:8B:18:4C:5A:50:C9:43:1D:CC:AF:64:9B:C8:68:47:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5x1wnYsYTFpQyUMdzK9km8hoRwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/CmOcAPCwR9HtjXSmJJNq6TNh_XM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4799f6-765f-4ad2-8c43-1c5b1012d2c3/1/5x1wnYsYTFpQyUMdzK9km8hoRwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.180.0/22
85.187.187.0-85.187.190.255
185.96.164.0/22
Signature Algorithm: sha256WithRSAEncryption
11:c8:a9:c7:8b:70:f6:64:05:a2:31:ff:ac:28:79:6f:5e:b6:
48:2f:f9:5d:ec:87:91:d3:e5:ed:ef:8c:40:cf:e3:5e:a5:79:
d3:72:38:16:6f:1e:39:18:6e:3c:38:fc:e2:2f:7a:d7:22:9f:
01:b0:06:7c:74:4a:08:32:b7:17:07:5d:f0:ca:1e:13:46:68:
62:1e:b8:65:98:d2:e9:69:a8:27:42:47:27:d1:f7:31:ea:c3:
3a:40:f8:92:2b:5c:28:e1:1b:42:e1:2a:06:33:11:5a:16:61:
3d:a2:8e:83:19:a6:da:5c:0e:ec:9e:12:b7:6c:fd:d0:d7:cb:
94:7b:27:c7:28:d3:b3:28:ea:c7:0f:96:f6:f6:51:43:ef:3a:
40:2f:99:57:3f:3f:f6:18:55:15:4a:40:83:d9:c7:4f:b1:77:
93:84:93:57:13:f1:c2:8c:4a:a9:92:49:4d:cc:c1:f3:9c:13:
1a:ec:16:b9:40:d3:a1:90:3f:41:c3:74:d7:09:ba:a7:be:31:
3c:57:01:22:64:73:8b:32:f1:19:b9:e8:c0:e1:fa:34:0d:7f:
2b:0d:6e:c6:3b:23:f9:1f:e7:57:f0:c4:9d:6a:f0:cc:c4:eb:
bf:e3:55:bc:58:b4:a6:a3:03:91:78:a8:52:25:40:95:fc:6d:
25:39:3d:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEFYqZSjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NzFkNzA5ZDhiMTg0YzVhNTBjOTQzMWRjY2FmNjQ5YmM4Njg0NzA0MB4XDTIyMDEw
MTE2MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGE2MzljMDBmMGIw
NDdkMWVkOGQ3NGE2MjQ5MzZhZTkzMzYxZmQ3MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALwrCmfYHTny8aQlxMr1iYCT8IJnkiBGGbPSKr1UbZIhGumE
vpEvHkXWgOxLuh/ib49gDS1d2atXFWn3Xdcsu2wOUom1ejTF6/Hsw9Rbg2ym9yiP
ryFzBtacx7Zg8953NCPGgd4INTGruSd6XYJ0boINHbJpKeqvmOa3al3x3rzfkRBt
d8JIob7tWNOvM6Mo4C22GpNvOPJ9nFJdlRfrA/QChcEU7yxyr71BF3/Uxji+NpgS
mKW14cdvJAmnVYYFO58marmOo8bMwuuibMLcobzhhXhSb6euW33h282CL7yL1XAk
uaO2e/oyTOWJJF72s2ITLI0zKs14M7J3ftFyXZUCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBQKY5wA8LBH0e2NdKYkk2rpM2H9czAfBgNVHSMEGDAWgBTnHXCdixhMWlDJ
Qx3Mr2SbyGhHBDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzV4MXduWXNZVEZwUXlVTWR6SzlrbThob1J3US5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDUvNDc5OWY2LTc2NWYtNGFkMi04YzQzLTFjNWIxMDEyZDJjMy8x
L0NtT2NBUEN3UjlIdGpYU21KSk5xNlROaF9YTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDUv
NDc5OWY2LTc2NWYtNGFkMi04YzQzLTFjNWIxMDEyZDJjMy8xLzV4MXduWXNZVEZw
UXlVTWR6SzlrbThob1J3US5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGgMEAlW7tDAMAwQAVbu7AwQAVbu+AwQC
uWCkMA0GCSqGSIb3DQEBCwUAA4IBAQARyKnHi3D2ZAWiMf+sKHlvXrZIL/ld7IeR
0+Xt74xAz+NepXnTcjgWbx45GG48OPziL3rXIp8BsAZ8dEoIMrcXB13wyh4TRmhi
HrhlmNLpaagnQkcn0fcx6sM6QPiSK1wo4RtC4SoGMxFaFmE9oo6DGabaXA7snhK3
bP3Q18uUeyfHKNOzKOrHD5b29lFD7zpAL5lXPz/2GFUVSkCD2cdPsXeThJNXE/HC
jEqpkklNzMHznBMa7Ba5QNOhkD9Bw3TXCbqnvjE8VwEiZHOLMvEZuejA4fo0DX8r
DW7GOyP5H+dX8MSdavDMxOu/41W8WLSmowOReKhSJUCV/G0lOT19
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:17:34 2024 by rpki-client on console-fra.rpki-client.org