Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/1-0jLutiYcBKqMD7aTNDaivReZ5k.roa
File: 1-0jLutiYcBKqMD7aTNDaivReZ5k.roa (raw, json)
Hash identifier: qOuDVtKLPQSrywFsB+N9/5HffIk8ymax1D4KKZTqRWw=
Subject key identifier: FB:48:CB:BA:D8:98:70:12:AA:30:3E:DA:4C:D0:DA:8A:F4:5E:67:99
Certificate issuer: /CN=cf89cb889f99212e8bf53d06e45d87abb9169506
Certificate serial: 03C0CBD8
Authority key identifier: CF:89:CB:88:9F:99:21:2E:8B:F5:3D:06:E4:5D:87:AB:B9:16:95:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/1-0jLutiYcBKqMD7aTNDaivReZ5k.roa
Signing time: Sat 01 Jan 2022 08:58:05 +0000
ROA not before: Sat 01 Jan 2022 08:58:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8779
IP address blocks: 78.152.160.0/19 maxlen: 19
185.15.4.0/23 maxlen: 23
94.230.192.0/20 maxlen: 20
46.252.208.0/20 maxlen: 20
2a00:6740::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 62966744 (0x3c0cbd8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf89cb889f99212e8bf53d06e45d87abb9169506
Validity
Not Before: Jan 1 08:58:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fb48cbbad8987012aa303eda4cd0da8af45e6799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:a4:83:69:1a:3d:56:41:1b:91:49:c3:7b:15:
23:0b:90:5c:cf:4f:26:c7:16:04:b5:cc:67:2e:bb:
c2:86:67:2e:f0:17:5c:43:89:b4:f8:7b:30:35:b7:
77:86:f0:d9:c6:08:a9:66:1c:b7:3d:9b:de:6a:47:
54:48:bb:2b:8f:55:8c:8b:42:b9:33:d5:22:d0:69:
d0:5c:87:ed:7f:fe:82:4d:a3:53:69:28:f8:b3:31:
76:d4:77:30:27:ee:57:d3:6c:00:16:11:cf:31:3d:
19:7a:f6:ba:48:61:30:94:d1:23:d8:7d:3d:70:1c:
b4:6b:30:30:5e:5d:58:f4:b2:e8:89:75:e5:02:7b:
5b:e3:cd:db:88:23:37:ef:99:c6:66:44:db:21:3c:
52:01:22:1d:1f:40:cd:75:a7:0d:cf:85:f9:3d:a8:
7c:db:56:ba:74:58:ab:9a:3d:44:02:df:fa:46:f4:
3f:33:f1:76:56:c1:dc:e5:66:22:57:64:58:52:10:
d2:9f:35:c9:2e:cc:ef:be:c0:0d:ed:99:7b:e0:ab:
05:06:5d:fe:a2:99:cb:d6:11:7a:25:19:81:2d:e3:
df:2e:f0:e7:d6:2c:e6:a2:19:ad:0d:bd:f3:c6:25:
fc:3e:90:b3:8b:c7:e9:5b:4e:bc:eb:e4:91:19:93:
78:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:48:CB:BA:D8:98:70:12:AA:30:3E:DA:4C:D0:DA:8A:F4:5E:67:99
X509v3 Authority Key Identifier:
keyid:CF:89:CB:88:9F:99:21:2E:8B:F5:3D:06:E4:5D:87:AB:B9:16:95:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/1-0jLutiYcBKqMD7aTNDaivReZ5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/0b8951-2699-44b3-9067-d9a40c4d3291/1/z4nLiJ-ZIS6L9T0G5F2Hq7kWlQY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.252.208.0/20
78.152.160.0/19
94.230.192.0/20
185.15.4.0/23
IPv6:
2a00:6740::/32
Signature Algorithm: sha256WithRSAEncryption
aa:b6:5f:bb:8f:f3:03:d2:19:15:98:54:71:4c:15:92:8b:be:
e9:f3:32:a9:aa:42:9f:e5:2c:57:d3:13:dd:af:52:a7:d7:8b:
8d:9e:81:2b:fc:b9:ff:ac:81:b5:d0:d5:61:89:3b:3d:01:52:
c4:5b:ec:b7:35:2c:ac:4f:98:b8:60:93:3a:1e:21:01:d9:d3:
c8:7e:f1:1a:5b:4a:d1:a1:28:b5:ec:14:75:6d:12:ab:05:9b:
5f:1c:df:74:d6:7b:be:16:31:72:bf:64:d7:7d:eb:40:95:d2:
e6:fa:c7:13:39:4d:c4:77:d7:1b:04:89:aa:3d:01:ce:22:7d:
92:fa:00:a3:c4:b4:42:3d:6f:0a:74:31:5c:9a:eb:e5:48:f0:
14:68:5e:e8:df:fc:ea:3a:08:d6:e4:b2:c4:0e:37:59:94:7f:
78:f2:44:a2:a4:bc:31:2c:22:bc:48:85:a7:2d:62:36:40:19:
9b:67:76:03:08:85:a1:b5:3e:df:3c:41:48:bf:ac:aa:43:34:
47:45:56:54:03:76:aa:3b:6e:67:15:8f:f7:72:46:f7:32:5d:
35:93:c2:7a:3c:7c:78:f2:2a:6e:99:a3:c4:ba:54:94:87:97:
7d:be:0b:90:51:e2:37:c2:ca:1b:68:c5:11:46:17:2f:f6:6b:
f2:85:a2:ce
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEA8DL2DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Zjg5Y2I4ODlmOTkyMTJlOGJmNTNkMDZlNDVkODdhYmI5MTY5NTA2MB4XDTIyMDEw
MTA4NTgwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmI0OGNiYmFkODk4
NzAxMmFhMzAzZWRhNGNkMGRhOGFmNDVlNjc5OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALSkg2kaPVZBG5FJw3sVIwuQXM9PJscWBLXMZy67woZnLvAX
XEOJtPh7MDW3d4bw2cYIqWYctz2b3mpHVEi7K49VjItCuTPVItBp0FyH7X/+gk2j
U2ko+LMxdtR3MCfuV9NsABYRzzE9GXr2ukhhMJTRI9h9PXActGswMF5dWPSy6Il1
5QJ7W+PN24gjN++ZxmZE2yE8UgEiHR9AzXWnDc+F+T2ofNtWunRYq5o9RALf+kb0
PzPxdlbB3OVmIldkWFIQ0p81yS7M777ADe2Ze+CrBQZd/qKZy9YReiUZgS3j3y7w
59Ys5qIZrQ2988Yl/D6Qs4vH6VtOvOvkkRmTeIUCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBT7SMu62JhwEqowPtpM0NqK9F5nmTAfBgNVHSMEGDAWgBTPicuIn5khLov1
PQbkXYeruRaVBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3o0bkxpSi1aSVM2TDlUMEc1RjJIcTdrV2xRWS5jZXIwgY4GCCsGAQUFBwELBIGB
MH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvMGI4OTUxLTI2OTktNDRiMy05MDY3LWQ5YTQwYzRkMzI5MS8x
LzEtMGpMdXRpWWNCS3FNRDdhVE5EYWl2UmVaNWsucm9hMIGBBgNVHR8EejB4MHag
dKByhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzEx
LzBiODk1MS0yNjk5LTQ0YjMtOTA2Ny1kOWE0MGM0ZDMyOTEvMS96NG5MaUotWklT
Nkw5VDBHNUYySHE3a1dsUVkuY3JsMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIw
QAYIKwYBBQUHAQcBAf8EMTAvMB4EAgABMBgDBAQu/NADBAVOmKADBARe5sADBAG5
DwQwDQQCAAIwBwMFACoAZ0AwDQYJKoZIhvcNAQELBQADggEBAKq2X7uP8wPSGRWY
VHFMFZKLvunzMqmqQp/lLFfTE92vUqfXi42egSv8uf+sgbXQ1WGJOz0BUsRb7Lc1
LKxPmLhgkzoeIQHZ08h+8RpbStGhKLXsFHVtEqsFm18c33TWe74WMXK/ZNd960CV
0ub6xxM5TcR31xsEiao9Ac4ifZL6AKPEtEI9bwp0MVya6+VI8BRoXujf/Oo6CNbk
ssQON1mUf3jyRKKkvDEsIrxIhactYjZAGZtndgMIhaG1Pt88QUi/rKpDNEdFVlQD
dqo7bmcVj/dyRvcyXTWTwno8fHjyKm6Zo8S6VJSHl32+C5BR4jfCyhtoxRFGFy/2
a/KFos4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:33 2024 by rpki-client on console-fra.rpki-client.org