Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/zg6Jasmvyr4jSQHG2P_BgaP7LCg.roa
File: zg6Jasmvyr4jSQHG2P_BgaP7LCg.roa (raw, json)
Hash identifier: c2VP9w26pGT1PIdIxu0mjtkuGHJ2VJpTAGrHanFyNTs=
Subject key identifier: CE:0E:89:6A:C9:AF:CA:BE:23:49:01:C6:D8:FF:C1:81:A3:FB:2C:28
Certificate issuer: /CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Certificate serial: 01831D8C0EA47B39A033B7DA65CBD210E2DA
Authority key identifier: 96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/zg6Jasmvyr4jSQHG2P_BgaP7LCg.roa
Signing time: Thu 08 Sep 2022 14:41:01 +0000
ROA not before: Thu 08 Sep 2022 14:41:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40975
IP address blocks: 86.107.192.0/24 maxlen: 24
185.84.64.0/23 maxlen: 23
185.84.66.0/24 maxlen: 24
89.35.6.0/23 maxlen: 23
217.19.14.0/23 maxlen: 23
86.104.254.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1d:8c:0e:a4:7b:39:a0:33:b7:da:65:cb:d2:10:e2:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=962ae3463938b26f83b76f0c4df81dfabb15a4eb
Validity
Not Before: Sep 8 14:41:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ce0e896ac9afcabe234901c6d8ffc181a3fb2c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:cc:43:8e:53:2d:60:cf:17:df:75:d4:f6:e6:
5e:0f:fd:ba:f0:54:3e:21:07:5f:a4:d6:a4:cf:a7:
c0:76:5a:c0:31:44:c1:a9:40:ea:5e:06:f4:ad:39:
a6:f8:45:66:36:3c:34:7a:a7:bc:76:df:1d:84:ad:
48:14:94:6f:3a:e0:c1:45:d1:c4:74:51:7a:71:16:
cd:3c:0a:78:36:5e:36:57:4f:bd:db:86:d6:87:ec:
e6:2f:c3:86:8c:e2:3d:c8:ff:5a:1d:66:0f:b4:b0:
f3:28:b4:13:c4:00:3b:8c:66:a6:6c:20:ac:9f:84:
00:ec:b1:4a:0c:9c:58:ff:b9:5a:61:33:c8:8d:e8:
98:79:bc:05:25:24:e5:97:ce:8d:c7:72:a3:38:ca:
50:36:76:bf:aa:11:d9:10:69:c5:62:a5:16:db:b3:
42:97:d5:5e:5c:c9:5e:2d:87:49:68:f9:12:29:a8:
a1:b8:6e:dc:18:c0:3b:e8:c0:54:0f:a7:1d:1d:8b:
bd:3b:65:42:04:c0:6f:d2:f7:75:64:bf:72:eb:8b:
36:8a:ab:7d:35:3e:0d:c2:83:da:ad:20:64:d1:36:
49:90:fb:24:4c:44:bc:08:67:96:22:4f:ef:ff:5d:
49:93:e0:64:a3:16:1b:99:f5:7b:a2:43:b6:0b:28:
ec:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:0E:89:6A:C9:AF:CA:BE:23:49:01:C6:D8:FF:C1:81:A3:FB:2C:28
X509v3 Authority Key Identifier:
keyid:96:2A:E3:46:39:38:B2:6F:83:B7:6F:0C:4D:F8:1D:FA:BB:15:A4:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lirjRjk4sm-Dt28MTfgd-rsVpOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/zg6Jasmvyr4jSQHG2P_BgaP7LCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/bb0fc3-d5f9-4bf5-9683-9edf0d17fb91/1/lirjRjk4sm-Dt28MTfgd-rsVpOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.254.0/23
86.107.192.0/24
89.35.6.0/23
185.84.64.0-185.84.66.255
217.19.14.0/23
Signature Algorithm: sha256WithRSAEncryption
72:16:70:73:12:c0:f4:78:99:b3:e7:b4:58:5a:42:e1:e6:b2:
ad:a5:66:46:7e:13:22:e9:4b:f4:1e:8b:ca:35:84:19:f7:0e:
f6:d9:5c:82:fb:32:98:be:a4:5b:ab:62:ab:16:64:c4:79:e8:
1d:1f:13:13:52:f4:a6:9f:8f:d7:35:7f:14:e7:10:32:d1:a2:
72:43:16:f7:18:71:1b:a5:35:7f:2d:fd:ad:95:ac:cd:52:fa:
2f:b0:a7:b4:99:c1:59:f7:31:e0:c6:96:08:3e:f5:fe:71:08:
66:0f:6c:a7:e1:c3:ba:1d:f0:9b:65:95:63:c7:68:a6:a0:c0:
d8:f0:51:63:fb:9e:78:32:c0:d7:eb:62:3b:02:73:fd:09:41:
47:23:a0:54:fc:64:d5:4e:1f:e2:bf:8e:11:ef:64:ba:dd:fa:
7a:1b:30:4c:1e:0c:77:fb:38:5a:95:bc:7a:f3:a7:49:ec:d3:
08:21:c5:20:72:b8:d1:98:24:1a:28:a5:71:8b:40:45:ab:ea:
59:4c:14:b6:30:3d:30:f0:2f:80:0a:db:0c:0f:44:99:a5:10:
a4:4b:33:54:57:3d:9e:03:4b:85:b8:6c:c5:d6:a6:e8:08:ac:
46:d8:61:14:37:56:09:e7:d4:0d:2d:2d:f5:86:a1:72:b6:7f:
79:f4:4c:9c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYMdjA6kezmgM7faZcvSEOLaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2MmFlMzQ2MzkzOGIyNmY4M2I3NmYwYzRkZjgxZGZhYmIx
NWE0ZWIwHhcNMjIwOTA4MTQ0MTAxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTBlODk2YWM5YWZjYWJlMjM0OTAxYzZkOGZmYzE4MWEzZmIyYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh8xDjlMtYM8X33XU9uZeD/268FQ+
IQdfpNakz6fAdlrAMUTBqUDqXgb0rTmm+EVmNjw0eqe8dt8dhK1IFJRvOuDBRdHE
dFF6cRbNPAp4Nl42V0+924bWh+zmL8OGjOI9yP9aHWYPtLDzKLQTxAA7jGambCCs
n4QA7LFKDJxY/7laYTPIjeiYebwFJSTll86Nx3KjOMpQNna/qhHZEGnFYqUW27NC
l9VeXMleLYdJaPkSKaihuG7cGMA76MBUD6cdHYu9O2VCBMBv0vd1ZL9y64s2iqt9
NT4NwoParSBk0TZJkPskTES8CGeWIk/v/11Jk+BkoxYbmfV7okO2CyjsCwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFM4OiWrJr8q+I0kBxtj/wYGj+ywoMB8GA1UdIwQY
MBaAFJYq40Y5OLJvg7dvDE34Hfq7FaTrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMt
OWVkZjBkMTdmYjkxLzEvemc2SmFzbXZ5cjRqU1FIRzJQX0JnYVA3TENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iYjBmYzMtZDVmOS00YmY1LTk2ODMtOWVkZjBkMTdmYjkx
LzEvbGlyalJqazRzbS1EdDI4TVRmZ2QtcnNWcE9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBVmj+AwQA
VmvAAwQBWSMGMAwDBAa5VEADBAC5VEIDBAHZEw4wDQYJKoZIhvcNAQELBQADggEB
AHIWcHMSwPR4mbPntFhaQuHmsq2lZkZ+EyLpS/Qei8o1hBn3DvbZXIL7Mpi+pFur
YqsWZMR56B0fExNS9Kafj9c1fxTnEDLRonJDFvcYcRulNX8t/a2VrM1S+i+wp7SZ
wVn3MeDGlgg+9f5xCGYPbKfhw7od8JtllWPHaKagwNjwUWP7nngywNfrYjsCc/0J
QUcjoFT8ZNVOH+K/jhHvZLrd+nobMEweDHf7OFqVvHrzp0ns0wghxSByuNGYJBoo
pXGLQEWr6llMFLYwPTDwL4AK2wwPRJmlEKRLM1RXPZ4DS4W4bMXWpugIrEbYYRQ3
Vgnn1A0tLfWGoXK2f3n0TJw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:41 2024 by rpki-client on console-fra.rpki-client.org