Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/z4YM_YVGHD2t40nBR_MFO4c1DIw.roa
File: z4YM_YVGHD2t40nBR_MFO4c1DIw.roa (raw, json)
Hash identifier: /+rgWibMUCuVrzdUtE0RxgbiEZ/3279UIzAv4KeGXyA=
Subject key identifier: CF:86:0C:FD:85:46:1C:3D:AD:E3:49:C1:47:F3:05:3B:87:35:0C:8C
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018335DE6EECB7AF22B1E2EB4015F9BF0F3E
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/z4YM_YVGHD2t40nBR_MFO4c1DIw.roa
Signing time: Tue 13 Sep 2022 08:01:53 +0000
ROA not before: Tue 13 Sep 2022 08:01:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 58202
IP address blocks: 62.60.148.0/22 maxlen: 24
62.60.146.0/23 maxlen: 24
62.60.156.0/22 maxlen: 22
213.176.24.0/21 maxlen: 24
62.60.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:35:de:6e:ec:b7:af:22:b1:e2:eb:40:15:f9:bf:0f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Sep 13 08:01:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cf860cfd85461c3dade349c147f3053b87350c8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:f0:42:85:df:40:6b:60:98:2f:77:e1:b5:f3:
64:75:19:44:6c:02:a4:87:b6:68:39:89:64:c2:43:
a7:62:e2:bc:42:2a:72:bf:73:33:70:4c:4a:77:50:
3a:aa:97:b2:1e:05:f2:22:58:1c:f8:18:dc:32:a9:
f4:36:96:9a:6a:da:c8:84:d2:ab:8e:f7:1e:ef:07:
4c:b6:1c:19:41:bb:dd:78:c5:29:78:1b:f5:90:d2:
3c:54:cf:e4:01:71:86:05:8c:58:87:7d:4c:16:80:
2b:93:7d:44:52:b4:55:06:36:15:c1:00:66:73:f4:
2f:0a:c0:83:92:b2:96:c6:4f:31:a3:85:65:23:13:
28:d7:82:4f:fe:c9:bd:21:85:6a:31:69:2b:a3:15:
9d:68:ad:e9:be:99:30:37:57:d0:41:72:52:76:68:
f2:62:48:ee:2d:de:20:d9:f2:8f:3f:0d:3b:74:96:
00:ee:2a:6d:ca:78:85:6f:ba:9e:15:79:5a:7f:9a:
b9:a5:60:da:14:51:c1:0e:d7:36:f3:b9:ab:93:d6:
40:9d:5a:67:9e:5a:1c:8e:59:7f:f6:be:64:43:f3:
28:4c:33:24:e4:3f:0c:67:cd:43:c3:71:8e:73:72:
ab:be:88:f7:14:14:1d:79:02:b1:91:09:07:d2:3a:
2e:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:86:0C:FD:85:46:1C:3D:AD:E3:49:C1:47:F3:05:3B:87:35:0C:8C
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/z4YM_YVGHD2t40nBR_MFO4c1DIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.146.0-62.60.151.255
62.60.156.0/22
62.60.212.0/22
213.176.24.0/21
Signature Algorithm: sha256WithRSAEncryption
35:8e:04:3c:bb:d7:df:98:78:9e:9a:59:77:74:f6:8f:34:8f:
ed:d6:80:8a:5f:4d:0d:8b:4f:56:2e:c1:4c:37:16:59:c2:7a:
7a:73:42:8f:0e:1b:1b:e8:bd:84:5c:f6:f0:6f:06:83:a1:a5:
0c:94:a8:36:ee:10:9c:33:24:a9:07:4f:c0:60:ef:05:e5:bc:
a7:4d:12:0c:8b:1d:59:09:3e:ca:91:2e:fb:0b:f1:84:c0:5b:
0e:18:0d:9e:26:f7:1c:8f:5e:69:37:05:52:f4:65:1d:86:15:
00:8b:c5:30:7b:59:3b:d9:c4:26:14:3f:cb:5c:bb:9a:a6:25:
bf:1f:02:b1:e1:0b:3a:92:26:18:82:7c:c1:d7:1d:bb:8d:2b:
34:bc:ce:3a:1a:b2:73:bb:85:44:9b:f2:aa:89:8e:37:6a:3b:
5e:13:0f:10:7c:17:d3:99:1c:19:09:ee:2a:78:d5:d4:79:a1:
b6:f9:78:08:1e:c2:ab:11:65:7f:3a:c6:c9:16:1e:c6:53:ce:
f3:31:6b:4c:47:cc:c8:50:90:c7:59:69:74:17:39:b2:4d:8f:
6a:08:3b:f7:c7:23:dc:97:01:ab:30:90:e7:23:2a:e9:2c:07:
25:d4:5b:2e:8f:ff:90:e5:ae:da:4c:fb:4b:bb:66:54:c4:84:
4d:25:55:09
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYM13m7st68iseLrQBX5vw8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIwOTEzMDgwMTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjg2MGNmZDg1NDYxYzNkYWRlMzQ5YzE0N2YzMDUzYjg3MzUwYzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlvBChd9Aa2CYL3fhtfNkdRlEbAKk
h7ZoOYlkwkOnYuK8Qipyv3MzcExKd1A6qpeyHgXyIlgc+BjcMqn0NpaaatrIhNKr
jvce7wdMthwZQbvdeMUpeBv1kNI8VM/kAXGGBYxYh31MFoArk31EUrRVBjYVwQBm
c/QvCsCDkrKWxk8xo4VlIxMo14JP/sm9IYVqMWkroxWdaK3pvpkwN1fQQXJSdmjy
YkjuLd4g2fKPPw07dJYA7iptyniFb7qeFXlaf5q5pWDaFFHBDtc287mrk9ZAnVpn
nlocjll/9r5kQ/MoTDMk5D8MZ81Dw3GOc3Krvoj3FBQdeQKxkQkH0jouBQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFM+GDP2FRhw9reNJwUfzBTuHNQyMMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvejRZTV9ZVkdIRDJ0NDBuQlJfTUZPNGMxREl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAE+PJID
BAM+PJADBAI+PJwDBAI+PNQDBAPVsBgwDQYJKoZIhvcNAQELBQADggEBADWOBDy7
19+YeJ6aWXd09o80j+3WgIpfTQ2LT1YuwUw3FlnCenpzQo8OGxvovYRc9vBvBoOh
pQyUqDbuEJwzJKkHT8Bg7wXlvKdNEgyLHVkJPsqRLvsL8YTAWw4YDZ4m9xyPXmk3
BVL0ZR2GFQCLxTB7WTvZxCYUP8tcu5qmJb8fArHhCzqSJhiCfMHXHbuNKzS8zjoa
snO7hUSb8qqJjjdqO14TDxB8F9OZHBkJ7ip41dR5obb5eAgewqsRZX86xskWHsZT
zvMxa0xHzMhQkMdZaXQXObJNj2oIO/fHI9yXAaswkOcjKuksByXUWy6P/5DlrtpM
+0u7ZlTEhE0lVQk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:39 2024 by rpki-client on console-fra.rpki-client.org