Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/v5-sROu3dHlRJ6JZsLcBBpJL8P8.roa
File: v5-sROu3dHlRJ6JZsLcBBpJL8P8.roa (raw, json)
Hash identifier: oSupc9dy8YqygpBoQchgr67vNHreYqHApaEZxjHkWU0=
Subject key identifier: BF:9F:AC:44:EB:B7:74:79:51:27:A2:59:B0:B7:01:06:92:4B:F0:FF
Certificate issuer: /CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Certificate serial: 018234122FE37BA926CC10FFBB96C2BD729E
Authority key identifier: 07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/v5-sROu3dHlRJ6JZsLcBBpJL8P8.roa
Signing time: Mon 25 Jul 2022 06:36:23 +0000
ROA not before: Mon 25 Jul 2022 06:36:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208091
IP address blocks: 193.37.69.0/24 maxlen: 24
80.66.88.0/24 maxlen: 24
87.251.67.0/24 maxlen: 24
87.251.75.0/24 maxlen: 24
80.66.76.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:34:12:2f:e3:7b:a9:26:cc:10:ff:bb:96:c2:bd:72:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=073b4c1248c4bcf22b0577dfca9b14d9063c28c0
Validity
Not Before: Jul 25 06:36:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf9fac44ebb774795127a259b0b70106924bf0ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:5a:6c:17:76:e5:b1:26:fd:10:25:37:7e:dc:
f6:9d:9c:38:35:6d:6b:6a:45:fd:66:33:08:38:56:
a0:89:7b:39:33:54:de:1f:e7:e5:4e:88:20:01:13:
73:16:5d:e8:55:e6:a4:78:8a:8f:b5:4e:3b:49:67:
0e:f7:ec:dc:95:ac:09:5d:61:aa:92:f3:a9:83:93:
4b:fb:35:9f:f0:9c:7e:67:79:40:5a:ac:e5:8f:68:
dc:bd:b0:e3:05:57:70:64:3e:c4:d6:19:dc:5f:c6:
11:81:7b:72:94:2c:e2:6b:49:c8:0a:8c:6d:49:1d:
f8:72:cd:a6:14:f6:38:9d:aa:47:ed:70:d2:3d:62:
33:a4:86:4b:41:f6:f3:66:50:7e:eb:0e:53:08:cf:
6e:8b:a5:cf:3f:24:47:5a:80:36:69:27:49:d8:bf:
87:8f:6d:fe:cd:39:fb:49:bc:77:f8:e4:5f:ef:db:
ee:59:ff:dc:45:9b:9d:bb:ca:d1:09:f5:74:4b:c4:
6c:81:9b:ec:63:45:da:32:62:25:1b:f5:fe:cb:7f:
35:fe:28:e6:b8:c2:27:b5:99:4a:36:55:fc:53:30:
b6:95:be:28:98:3c:a4:1c:37:0e:9e:c7:29:ab:79:
4e:3c:54:36:bf:df:8a:7d:54:8e:3a:dd:41:a3:b1:
90:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:9F:AC:44:EB:B7:74:79:51:27:A2:59:B0:B7:01:06:92:4B:F0:FF
X509v3 Authority Key Identifier:
keyid:07:3B:4C:12:48:C4:BC:F2:2B:05:77:DF:CA:9B:14:D9:06:3C:28:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BztMEkjEvPIrBXffypsU2QY8KMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/v5-sROu3dHlRJ6JZsLcBBpJL8P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/63dbe5-5aa3-4f19-8da4-a8d361ce64aa/1/BztMEkjEvPIrBXffypsU2QY8KMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.66.76.0/24
80.66.88.0/24
87.251.67.0/24
87.251.75.0/24
193.37.69.0/24
Signature Algorithm: sha256WithRSAEncryption
43:ba:87:08:32:9d:85:ad:8e:e6:93:1d:dc:5e:79:db:7e:4c:
b1:97:ec:05:a0:73:e6:3d:2f:1f:74:04:da:40:8d:ed:30:4b:
81:bf:82:7d:a9:c2:22:ee:00:21:e7:31:d4:47:98:4b:7e:2a:
f4:ce:2e:5a:68:fc:72:9e:ca:9d:06:c6:33:8a:b6:ba:ce:3a:
4d:d5:0a:c0:3d:14:fc:38:af:cb:f9:6f:f9:fa:b3:5b:18:8a:
3d:9e:24:cc:9f:1b:c1:45:8c:1c:8c:02:3f:c1:aa:ac:d6:0f:
cf:1c:ee:0e:c8:ae:b9:7d:94:c6:8c:49:9a:b8:8f:cf:75:55:
cd:1a:9c:71:22:02:ca:85:2b:5e:1c:ec:0a:22:73:e3:c5:a3:
b0:fd:35:4e:f6:f9:d2:76:b9:33:eb:bb:e1:12:54:cf:00:e1:
e9:78:29:6b:94:e9:fb:5c:1a:8f:a5:25:79:07:43:9e:e4:56:
07:fb:40:26:9a:fe:dd:f2:1e:4f:72:1c:4b:f1:a4:cf:7a:47:
55:e7:7d:35:6b:39:06:89:09:a2:aa:e5:d7:2a:ba:3d:d9:08:
61:40:2f:f9:63:1b:fd:16:aa:f5:07:56:03:43:6a:b6:9e:85:
33:4e:c3:e6:da:7b:71:ea:a6:0e:c6:b3:59:ec:26:e1:6b:bf:
1b:84:f9:43
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYI0Ei/je6kmzBD/u5bCvXKeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3M2I0YzEyNDhjNGJjZjIyYjA1NzdkZmNhOWIxNGQ5MDYz
YzI4YzAwHhcNMjIwNzI1MDYzNjIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjlmYWM0NGViYjc3NDc5NTEyN2EyNTliMGI3MDEwNjkyNGJmMGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgFpsF3blsSb9ECU3ftz2nZw4NW1r
akX9ZjMIOFagiXs5M1TeH+flToggARNzFl3oVeakeIqPtU47SWcO9+zclawJXWGq
kvOpg5NL+zWf8Jx+Z3lAWqzlj2jcvbDjBVdwZD7E1hncX8YRgXtylCzia0nICoxt
SR34cs2mFPY4napH7XDSPWIzpIZLQfbzZlB+6w5TCM9ui6XPPyRHWoA2aSdJ2L+H
j23+zTn7Sbx3+ORf79vuWf/cRZudu8rRCfV0S8RsgZvsY0XaMmIlG/X+y381/ijm
uMIntZlKNlX8UzC2lb4omDykHDcOnscpq3lOPFQ2v9+KfVSOOt1Bo7GQhQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFL+frETrt3R5USeiWbC3AQaSS/D/MB8GA1UdIwQY
MBaAFAc7TBJIxLzyKwV338qbFNkGPCjAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQt
YThkMzYxY2U2NGFhLzEvdjUtc1JPdTNkSGxSSjZKWnNMY0JCcEpMOFA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy82M2RiZTUtNWFhMy00ZjE5LThkYTQtYThkMzYxY2U2NGFh
LzEvQnp0TUVrakV2UElyQlhmZnlwc1UyUVk4S01BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUEJMAwQA
UEJYAwQAV/tDAwQAV/tLAwQAwSVFMA0GCSqGSIb3DQEBCwUAA4IBAQBDuocIMp2F
rY7mkx3cXnnbfkyxl+wFoHPmPS8fdATaQI3tMEuBv4J9qcIi7gAh5zHUR5hLfir0
zi5aaPxynsqdBsYzira6zjpN1QrAPRT8OK/L+W/5+rNbGIo9niTMnxvBRYwcjAI/
waqs1g/PHO4OyK65fZTGjEmauI/PdVXNGpxxIgLKhSteHOwKInPjxaOw/TVO9vnS
drkz67vhElTPAOHpeClrlOn7XBqPpSV5B0Oe5FYH+0Ammv7d8h5PchxL8aTPekdV
5301azkGiQmiquXXKro92QhhQC/5Yxv9Fqr1B1YDQ2q2noUzTsPm2ntx6qYOxrNZ
7Cbha78bhPlD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:38 2024 by rpki-client on console-fra.rpki-client.org