Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/2a4bf5-40cf-447a-97e0-679cf0210d49/1/iL9tZgOcsU6FV-zHS_Uy3q68kA4.roa
File: iL9tZgOcsU6FV-zHS_Uy3q68kA4.roa (raw, json)
Hash identifier: 7hB4CRfP9u30oOHzyDAjBmCbT3A3D3i/IhrkAWLiEGA=
Subject key identifier: 88:BF:6D:66:03:9C:B1:4E:85:57:EC:C7:4B:F5:32:DE:AE:BC:90:0E
Certificate issuer: /CN=0735daa8cfe25dd12a2c26e0ffcce97636748ebd
Certificate serial: 0183E5F67CF75C12903F9514086434D38A39
Authority key identifier: 07:35:DA:A8:CF:E2:5D:D1:2A:2C:26:E0:FF:CC:E9:76:36:74:8E:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BzXaqM_iXdEqLCbg_8zpdjZ0jr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/2a4bf5-40cf-447a-97e0-679cf0210d49/1/iL9tZgOcsU6FV-zHS_Uy3q68kA4.roa
Signing time: Mon 17 Oct 2022 12:41:19 +0000
ROA not before: Mon 17 Oct 2022 12:41:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209255
IP address blocks: 92.119.54.0/24 maxlen: 24
92.119.52.0/22 maxlen: 22
2a09:b640::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:f6:7c:f7:5c:12:90:3f:95:14:08:64:34:d3:8a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0735daa8cfe25dd12a2c26e0ffcce97636748ebd
Validity
Not Before: Oct 17 12:41:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88bf6d66039cb14e8557ecc74bf532deaebc900e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:4b:61:49:44:d5:f3:bd:d0:17:93:fa:b1:0e:
22:41:a6:8e:24:c9:df:49:b6:ff:99:5f:cf:13:3f:
34:c4:aa:06:00:d5:44:46:14:64:fd:01:1a:c3:1f:
58:f3:1d:00:d1:c2:0d:72:17:2a:aa:5c:22:bf:67:
16:03:87:bf:80:ae:be:df:22:ac:08:ee:d1:36:02:
16:5a:00:4d:ed:39:e8:eb:95:f2:9a:69:a9:c3:9f:
47:dc:a8:f2:18:a6:0e:34:38:b1:14:52:26:52:28:
e7:94:4a:4f:4a:88:97:ef:f3:74:de:e6:f7:e3:40:
d0:6a:97:ba:1c:3c:b8:24:51:fe:e2:5e:16:d6:1c:
c0:9e:c8:69:10:09:7c:92:b3:9d:b7:36:a2:1b:d4:
ea:8b:aa:4a:3c:4a:bb:ae:92:7a:7a:02:e4:96:3c:
7e:4e:84:f3:41:fa:85:db:cf:f9:e1:3e:15:24:65:
be:d3:98:be:ad:b4:6e:62:07:6b:1b:0e:57:78:d2:
1e:93:dd:16:d9:91:65:3d:7c:82:73:39:2b:37:75:
74:f7:36:29:83:b3:0d:b3:4f:ac:64:e9:56:82:47:
b0:6e:b0:99:ca:67:11:00:4d:e9:04:53:9a:7d:80:
a1:76:fe:74:0b:b3:93:94:0e:e7:14:1d:4e:0b:e0:
02:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:BF:6D:66:03:9C:B1:4E:85:57:EC:C7:4B:F5:32:DE:AE:BC:90:0E
X509v3 Authority Key Identifier:
keyid:07:35:DA:A8:CF:E2:5D:D1:2A:2C:26:E0:FF:CC:E9:76:36:74:8E:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BzXaqM_iXdEqLCbg_8zpdjZ0jr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/2a4bf5-40cf-447a-97e0-679cf0210d49/1/iL9tZgOcsU6FV-zHS_Uy3q68kA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/2a4bf5-40cf-447a-97e0-679cf0210d49/1/BzXaqM_iXdEqLCbg_8zpdjZ0jr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.52.0/22
IPv6:
2a09:b640::/29
Signature Algorithm: sha256WithRSAEncryption
50:fc:47:2f:f8:cb:3a:6d:f1:1f:22:38:1b:62:51:2a:e0:7f:
c0:1d:57:ee:f1:47:b4:b4:29:ea:9b:b2:0f:4f:30:66:17:e4:
eb:4e:93:4c:7b:2f:6e:de:e3:50:4a:bb:f4:a7:aa:0a:e3:d6:
05:77:4d:44:eb:4e:26:93:dc:74:bd:b5:54:0a:20:e7:df:59:
15:9e:7e:e3:77:8b:64:2b:7b:32:b8:8f:34:8a:7f:81:d2:e3:
47:ac:48:95:cb:3e:9b:37:77:6e:23:f6:d2:7c:89:1d:3e:68:
45:eb:22:48:da:c4:23:f0:ce:1f:77:7c:c3:37:2c:3e:60:7f:
ec:2b:a1:55:d2:f5:1d:09:34:e5:c2:21:ea:26:ec:15:88:ee:
69:a1:5b:18:70:a8:1f:c5:59:b1:68:9e:b9:a9:57:be:3d:6e:
8d:da:a3:6b:ce:8f:b8:d6:b5:4c:37:5d:65:c2:d6:a1:5f:49:
38:bd:07:1e:37:89:d3:0d:b8:79:8d:d1:ee:2d:a8:e6:b7:c5:
d4:c7:b1:20:30:5c:87:46:0c:b2:f9:9b:39:22:c4:24:d0:1c:
74:32:1f:9b:df:29:97:89:c5:20:41:97:76:c3:61:ba:5e:a3:
46:f7:3e:9d:8b:ed:0e:8a:18:12:b0:0b:ee:0b:e9:71:bf:01:
47:2a:ba:2b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPl9nz3XBKQP5UUCGQ004o5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3MzVkYWE4Y2ZlMjVkZDEyYTJjMjZlMGZmY2NlOTc2MzY3
NDhlYmQwHhcNMjIxMDE3MTI0MTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGJmNmQ2NjAzOWNiMTRlODU1N2VjYzc0YmY1MzJkZWFlYmM5MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEthSUTV873QF5P6sQ4iQaaOJMnf
Sbb/mV/PEz80xKoGANVERhRk/QEawx9Y8x0A0cINchcqqlwiv2cWA4e/gK6+3yKs
CO7RNgIWWgBN7Tno65Xymmmpw59H3KjyGKYONDixFFImUijnlEpPSoiX7/N03ub3
40DQape6HDy4JFH+4l4W1hzAnshpEAl8krOdtzaiG9Tqi6pKPEq7rpJ6egLkljx+
ToTzQfqF28/54T4VJGW+05i+rbRuYgdrGw5XeNIek90W2ZFlPXyCczkrN3V09zYp
g7MNs0+sZOlWgkewbrCZymcRAE3pBFOafYChdv50C7OTlA7nFB1OC+ACEQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIi/bWYDnLFOhVfsx0v1Mt6uvJAOMB8GA1UdIwQY
MBaAFAc12qjP4l3RKiwm4P/M6XY2dI69MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnpYYXFNX2lYZEVxTENiZ184enBkalowanIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8yYTRiZjUtNDBjZi00NDdhLTk3ZTAt
Njc5Y2YwMjEwZDQ5LzEvaUw5dFpnT2NzVTZGVi16SFNfVXkzcTY4a0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8yYTRiZjUtNDBjZi00NDdhLTk3ZTAtNjc5Y2YwMjEwZDQ5
LzEvQnpYYXFNX2lYZEVxTENiZ184enBkalowanIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXHc0MA0E
AgACMAcDBQMqCbZAMA0GCSqGSIb3DQEBCwUAA4IBAQBQ/Ecv+Ms6bfEfIjgbYlEq
4H/AHVfu8Ue0tCnqm7IPTzBmF+TrTpNMey9u3uNQSrv0p6oK49YFd01E604mk9x0
vbVUCiDn31kVnn7jd4tkK3syuI80in+B0uNHrEiVyz6bN3duI/bSfIkdPmhF6yJI
2sQj8M4fd3zDNyw+YH/sK6FV0vUdCTTlwiHqJuwViO5poVsYcKgfxVmxaJ65qVe+
PW6N2qNrzo+41rVMN11lwtahX0k4vQceN4nTDbh5jdHuLajmt8XUx7EgMFyHRgyy
+Zs5IsQk0Bx0Mh+b3ymXicUgQZd2w2G6XqNG9z6di+0OihgSsAvuC+lxvwFHKror
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:29 2024 by rpki-client on console-fra.rpki-client.org