Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/_ol-RSZ7L7SzcTbackAA6aDMRxI.roa
File: _ol-RSZ7L7SzcTbackAA6aDMRxI.roa (raw, json)
Hash identifier: 85IaiU2gv8BqvDIgYGDbvn4ZomETUiQVOzmWZg+/Pcs=
Subject key identifier: FE:89:7E:45:26:7B:2F:B4:B3:71:36:DA:72:40:00:E9:A0:CC:47:12
Certificate issuer: /CN=cb5799d8d05f4a020011dca8031762bea012255d
Certificate serial: 01836585C1D830398B69A027DAD76A33F1EC
Authority key identifier: CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/_ol-RSZ7L7SzcTbackAA6aDMRxI.roa
Signing time: Thu 22 Sep 2022 14:06:48 +0000
ROA not before: Thu 22 Sep 2022 14:06:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49685
IP address blocks: 193.148.20.0/22 maxlen: 24
45.86.176.0/22 maxlen: 24
185.54.180.0/22 maxlen: 24
93.90.64.0/22 maxlen: 24
157.97.112.0/21 maxlen: 24
2a02:4660::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:85:c1:d8:30:39:8b:69:a0:27:da:d7:6a:33:f1:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb5799d8d05f4a020011dca8031762bea012255d
Validity
Not Before: Sep 22 14:06:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fe897e45267b2fb4b37136da724000e9a0cc4712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:19:03:d1:cc:65:07:92:e3:2a:36:db:01:42:
4c:83:8a:3a:8d:a1:6b:78:05:47:3b:95:03:10:df:
3e:92:50:20:af:9e:e2:72:63:d3:b5:78:d3:9a:ac:
be:ff:5a:7a:99:fe:fe:6f:a4:a5:ad:64:5b:fb:2e:
a6:28:02:f6:c4:88:e2:aa:b5:ea:78:d3:04:b4:29:
f7:00:56:a4:95:98:e4:d6:e6:19:21:f0:59:c6:5f:
5d:ab:22:bf:6a:3b:bf:8e:b8:df:90:0e:f7:a8:c5:
9c:5f:9b:cc:a2:2e:7a:ca:99:b9:ad:46:f5:a5:ae:
18:ba:0c:ee:9f:b5:af:1c:10:f4:84:cf:60:bf:9f:
20:23:6c:89:2d:38:a4:c9:16:07:1a:3b:35:b9:0a:
66:1d:bc:d3:f6:5d:74:94:be:b6:cb:3f:37:92:84:
3d:4b:b4:a3:fe:9e:24:ac:57:9a:77:52:58:35:44:
19:cf:c1:88:db:7a:85:05:68:f4:de:1c:14:a6:4b:
23:73:cd:f4:9d:8c:bb:3d:20:3f:d4:46:c0:1a:42:
75:57:70:cc:7e:8c:f3:58:e5:1e:b2:ef:dd:44:50:
7b:ff:1d:9d:ac:56:d6:58:09:88:3e:a9:e3:0f:d4:
a4:97:df:01:ff:bd:3e:1e:20:c9:9a:e4:5f:79:0d:
17:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:89:7E:45:26:7B:2F:B4:B3:71:36:DA:72:40:00:E9:A0:CC:47:12
X509v3 Authority Key Identifier:
keyid:CB:57:99:D8:D0:5F:4A:02:00:11:DC:A8:03:17:62:BE:A0:12:25:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y1eZ2NBfSgIAEdyoAxdivqASJV0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/_ol-RSZ7L7SzcTbackAA6aDMRxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c78020-fa32-4988-9e14-5c602fde963b/1/y1eZ2NBfSgIAEdyoAxdivqASJV0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.176.0/22
93.90.64.0/22
157.97.112.0/21
185.54.180.0/22
193.148.20.0/22
IPv6:
2a02:4660::/32
Signature Algorithm: sha256WithRSAEncryption
47:53:4b:26:f3:28:76:d9:9e:a1:33:8d:53:2b:7b:dc:b2:d8:
0b:f1:e4:f9:02:9f:16:a0:9b:dc:a0:e7:32:39:53:df:6f:88:
bc:cc:02:b1:c9:e3:76:ed:13:16:16:ad:5a:39:67:60:1e:a8:
03:85:60:43:04:b5:25:73:82:c7:07:28:ff:c2:50:29:a1:b6:
18:a2:fe:c2:fa:22:86:58:f6:ad:d6:6d:c6:da:6c:13:a0:7f:
6f:39:37:1b:a0:b8:e5:bd:a8:35:50:c6:41:2b:a9:3a:af:0f:
5b:0a:32:78:68:5f:c4:8f:b4:de:80:92:fe:04:92:f9:b7:78:
1c:f8:82:72:4a:c5:5f:1d:a0:2d:8f:e7:28:6e:73:f9:0f:3f:
ca:55:9a:1a:da:47:b7:47:ab:3b:70:31:c5:0b:a7:c0:61:89:
c1:59:40:af:7e:d7:1c:91:aa:5e:3a:be:14:74:66:6a:eb:5b:
45:99:c1:d7:32:c9:d6:1a:70:3b:a3:21:82:b9:44:19:75:af:
87:12:9a:94:7e:b6:3a:0c:16:fd:a6:e2:ce:68:f1:d2:41:86:
71:26:ac:74:d4:64:ab:dd:39:1e:04:77:01:ea:16:b5:cb:37:
cd:72:ea:63:e2:4e:74:0e:b5:d9:ba:ee:64:37:25:c7:49:e6:
6a:fb:26:07
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYNlhcHYMDmLaaAn2tdqM/HsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNTc5OWQ4ZDA1ZjRhMDIwMDExZGNhODAzMTc2MmJlYTAx
MjI1NWQwHhcNMjIwOTIyMTQwNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg5N2U0NTI2N2IyZmI0YjM3MTM2ZGE3MjQwMDBlOWEwY2M0NzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRkD0cxlB5LjKjbbAUJMg4o6jaFr
eAVHO5UDEN8+klAgr57icmPTtXjTmqy+/1p6mf7+b6SlrWRb+y6mKAL2xIjiqrXq
eNMEtCn3AFaklZjk1uYZIfBZxl9dqyK/aju/jrjfkA73qMWcX5vMoi56ypm5rUb1
pa4Yugzun7WvHBD0hM9gv58gI2yJLTikyRYHGjs1uQpmHbzT9l10lL62yz83koQ9
S7Sj/p4krFead1JYNUQZz8GI23qFBWj03hwUpksjc830nYy7PSA/1EbAGkJ1V3DM
fozzWOUesu/dRFB7/x2drFbWWAmIPqnjD9Skl98B/70+HiDJmuRfeQ0X0QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP6JfkUmey+0s3E22nJAAOmgzEcSMB8GA1UdIwQY
MBaAFMtXmdjQX0oCABHcqAMXYr6gEiVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQt
NWM2MDJmZGU5NjNiLzEvX29sLVJTWjdMN1N6Y1RiYWNrQUE2YURNUnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9jNzgwMjAtZmEzMi00OTg4LTllMTQtNWM2MDJmZGU5NjNi
LzEveTFlWjJOQmZTZ0lBRWR5b0F4ZGl2cUFTSlYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLVawAwQC
XVpAAwQDnWFwAwQCuTa0AwQCwZQUMA0EAgACMAcDBQAqAkZgMA0GCSqGSIb3DQEB
CwUAA4IBAQBHU0sm8yh22Z6hM41TK3vcstgL8eT5Ap8WoJvcoOcyOVPfb4i8zAKx
yeN27RMWFq1aOWdgHqgDhWBDBLUlc4LHByj/wlApobYYov7C+iKGWPat1m3G2mwT
oH9vOTcboLjlvag1UMZBK6k6rw9bCjJ4aF/Ej7TegJL+BJL5t3gc+IJySsVfHaAt
j+cobnP5Dz/KVZoa2ke3R6s7cDHFC6fAYYnBWUCvftcckapeOr4UdGZq61tFmcHX
MsnWGnA7oyGCuUQZda+HEpqUfrY6DBb9puLOaPHSQYZxJqx01GSr3TkeBHcB6ha1
yzfNcupj4k50DrXZuu5kNyXHSeZq+yYH
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:13 2024 by rpki-client on console-fra.rpki-client.org