Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/vEFhULlyda_0y4w5D28oFuM-zx8.roa
File: vEFhULlyda_0y4w5D28oFuM-zx8.roa (raw, json)
Hash identifier: VfibXgCHnkoI3g0c3N+6FbAaDBEhOzYABJ9GzWGv3UU=
Subject key identifier: BC:41:61:50:B9:72:75:AF:F4:CB:8C:39:0F:6F:28:16:E3:3E:CF:1F
Certificate issuer: /CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Certificate serial: 0183A7CA911D3652C1098EEF3CEC71418A11
Authority key identifier: 7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/vEFhULlyda_0y4w5D28oFuM-zx8.roa
Signing time: Wed 05 Oct 2022 10:56:53 +0000
ROA not before: Wed 05 Oct 2022 10:56:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60703
IP address blocks: 185.26.220.0/24 maxlen: 24
185.26.222.0/24 maxlen: 24
185.26.221.0/24 maxlen: 24
2a04:3a00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a7:ca:91:1d:36:52:c1:09:8e:ef:3c:ec:71:41:8a:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c2380d764a9611dfe2fbc0ce0cc40496ec1e83e
Validity
Not Before: Oct 5 10:56:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc416150b97275aff4cb8c390f6f2816e33ecf1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:08:a3:a2:1f:f5:8b:43:f4:4b:5b:58:25:
a0:22:b0:75:03:ac:90:d4:c1:19:3f:1c:bd:6c:16:
82:6a:4e:f4:4f:49:10:7b:5b:a3:76:56:0c:ed:dc:
32:e7:0e:4a:f9:e1:7e:1b:8f:e5:49:d4:4d:fd:c7:
4c:2d:8f:c4:68:92:f0:1e:e3:30:01:76:35:77:b3:
fb:07:df:cd:3b:1e:4a:fd:52:20:8e:04:0e:df:d0:
1b:f1:45:d6:57:91:9e:1d:07:ee:27:5c:0d:5a:20:
12:7e:30:f0:52:a9:e5:b3:9f:67:4e:13:63:fb:17:
51:ad:72:08:76:52:fa:2e:12:58:ea:07:e1:1c:35:
0f:c9:8c:b1:c0:6c:a1:e3:e3:2f:3f:0a:d2:47:30:
82:c7:46:c2:50:94:dc:e9:18:0d:e8:ee:81:28:6a:
3f:38:2d:ec:8b:07:4a:38:a5:18:cb:7e:29:c8:cf:
29:aa:f8:92:51:4e:99:ba:d9:b1:32:76:62:bd:f3:
6e:e5:1c:82:34:78:8f:16:6f:75:9b:fc:6f:05:db:
5f:ea:ab:dc:6d:8f:4c:e0:88:51:da:0a:f5:0c:ac:
63:49:a0:06:27:b1:d5:3d:c5:43:57:1e:42:e4:c3:
94:9b:c1:ee:65:26:44:b9:37:77:5b:d4:a3:d0:83:
de:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:41:61:50:B9:72:75:AF:F4:CB:8C:39:0F:6F:28:16:E3:3E:CF:1F
X509v3 Authority Key Identifier:
keyid:7C:23:80:D7:64:A9:61:1D:FE:2F:BC:0C:E0:CC:40:49:6E:C1:E8:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fCOA12SpYR3-L7wM4MxASW7B6D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/vEFhULlyda_0y4w5D28oFuM-zx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/85fa84-5d99-4aa8-8753-5d8ca63681ad/1/fCOA12SpYR3-L7wM4MxASW7B6D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.26.220.0-185.26.222.255
IPv6:
2a04:3a00::/29
Signature Algorithm: sha256WithRSAEncryption
bc:5f:2a:58:76:e4:fd:10:5a:0c:a1:25:0a:66:02:fa:ee:63:
2d:45:46:93:27:a2:09:46:02:da:5d:ff:c3:d1:20:a2:cb:86:
08:3e:3f:24:e8:ec:f1:b7:21:44:5d:28:78:99:ed:e4:8b:8b:
ec:27:12:3a:2d:fc:f8:07:8e:cb:7c:f3:f5:a6:af:cb:ef:19:
51:8b:6c:76:e4:d9:69:21:dd:c4:6d:68:57:f1:ea:0e:59:2d:
44:5c:11:20:77:d4:99:ac:7f:59:89:9b:e3:2f:e7:97:3d:da:
5b:c9:14:4d:f2:8d:60:a8:fb:46:f9:e1:7c:1c:7e:ad:8a:b0:
06:b4:b7:77:ff:29:4d:f6:b7:13:cb:55:55:c2:f8:c9:eb:c9:
d7:96:55:a8:0c:c1:da:9b:36:6a:e4:e4:62:ab:5a:82:b9:e7:
bd:53:15:25:20:2c:ee:a0:93:9f:77:c8:82:2f:0c:39:7f:d1:
6c:7e:31:2c:c2:7a:32:0e:40:1a:f7:e1:ea:26:a9:29:69:f3:
27:f3:44:36:73:18:74:61:62:35:fe:22:92:e9:4a:d8:3a:12:
28:74:0e:04:6f:dc:c3:28:58:db:c7:77:ca:d3:77:74:77:55:
38:54:ef:ed:8b:ee:91:5d:6a:d8:9c:ca:df:62:f5:db:f4:3a:
ea:6b:31:47
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYOnypEdNlLBCY7vPOxxQYoRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMjM4MGQ3NjRhOTYxMWRmZTJmYmMwY2UwY2M0MDQ5NmVj
MWU4M2UwHhcNMjIxMDA1MTA1NjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzQxNjE1MGI5NzI3NWFmZjRjYjhjMzkwZjZmMjgxNmUzM2VjZjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrIIo6If9YtD9EtbWCWgIrB1A6yQ
1MEZPxy9bBaCak70T0kQe1ujdlYM7dwy5w5K+eF+G4/lSdRN/cdMLY/EaJLwHuMw
AXY1d7P7B9/NOx5K/VIgjgQO39Ab8UXWV5GeHQfuJ1wNWiASfjDwUqnls59nThNj
+xdRrXIIdlL6LhJY6gfhHDUPyYyxwGyh4+MvPwrSRzCCx0bCUJTc6RgN6O6BKGo/
OC3siwdKOKUYy34pyM8pqviSUU6ZutmxMnZivfNu5RyCNHiPFm91m/xvBdtf6qvc
bY9M4IhR2gr1DKxjSaAGJ7HVPcVDVx5C5MOUm8HuZSZEuTd3W9Sj0IPeaQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFLxBYVC5cnWv9MuMOQ9vKBbjPs8fMB8GA1UdIwQY
MBaAFHwjgNdkqWEd/i+8DODMQEluweg+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMt
NWQ4Y2E2MzY4MWFkLzEvdkVGaFVMbHlkYV8weTR3NUQyOG9GdU0teng4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy84NWZhODQtNWQ5OS00YWE4LTg3NTMtNWQ4Y2E2MzY4MWFk
LzEvZkNPQTEyU3BZUjMtTDd3TTRNeEFTVzdCNkQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5GtwD
BAC5Gt4wDQQCAAIwBwMFAyoEOgAwDQYJKoZIhvcNAQELBQADggEBALxfKlh25P0Q
WgyhJQpmAvruYy1FRpMnoglGAtpd/8PRIKLLhgg+PyTo7PG3IURdKHiZ7eSLi+wn
Ejot/PgHjst88/Wmr8vvGVGLbHbk2Wkh3cRtaFfx6g5ZLURcESB31Jmsf1mJm+Mv
55c92lvJFE3yjWCo+0b54Xwcfq2KsAa0t3f/KU32txPLVVXC+MnrydeWVagMwdqb
Nmrk5GKrWoK5571TFSUgLO6gk593yIIvDDl/0Wx+MSzCejIOQBr34eomqSlp8yfz
RDZzGHRhYjX+IpLpStg6Eih0DgRv3MMoWNvHd8rTd3R3VThU7+2L7pFdaticyt9i
9dv0OuprMUc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:15 2024 by rpki-client on console-fra.rpki-client.org