Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/49wiBqWgU35VBYjSEuJ1UsSoYug.roa
File: 49wiBqWgU35VBYjSEuJ1UsSoYug.roa (raw, json)
Hash identifier: f9NRnlIwPt8atBlFUmtNOMJOLqa/sMfQMZYWoNehFoA=
Subject key identifier: E3:DC:22:06:A5:A0:53:7E:55:05:88:D2:12:E2:75:52:C4:A8:62:E8
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0181F738498746457245682EA4B6B3D7EACC
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/49wiBqWgU35VBYjSEuJ1UsSoYug.roa
Signing time: Wed 13 Jul 2022 11:01:10 +0000
ROA not before: Wed 13 Jul 2022 11:01:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61135
IP address blocks: 212.68.35.0/24 maxlen: 24
188.132.155.0/24 maxlen: 24
188.132.154.0/24 maxlen: 24
78.135.87.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f7:38:49:87:46:45:72:45:68:2e:a4:b6:b3:d7:ea:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jul 13 11:01:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e3dc2206a5a0537e550588d212e27552c4a862e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:21:85:75:71:07:aa:ef:10:5c:71:ca:26:9b:
92:22:df:de:8d:56:53:29:d6:8d:1e:21:07:20:4a:
62:08:35:1a:8a:75:55:05:52:d3:94:1f:0a:9c:83:
64:ed:8a:84:29:1d:3a:ef:c3:99:94:b6:58:40:86:
3f:8a:9d:0c:24:17:82:97:9c:12:e4:92:7c:5c:71:
05:10:6e:c6:3d:92:1e:43:80:ab:15:27:d5:24:46:
20:49:3e:45:32:28:2a:52:0b:99:8e:ba:be:3c:f2:
c6:2e:19:0a:1a:3e:32:1e:14:04:3c:35:1f:35:6b:
c8:e4:42:d7:64:4b:78:54:4c:19:06:d1:de:80:50:
e9:bc:b9:0c:cc:ba:35:f2:95:5a:1e:ab:6f:da:94:
59:19:c1:fe:8a:50:13:42:f3:ef:77:ac:bb:f5:7d:
13:8b:ba:ef:73:ac:3a:65:a6:97:c8:71:e2:e9:79:
5a:e2:e0:ba:05:64:9f:3c:c6:1a:70:1b:52:c4:1a:
07:ba:52:ad:dc:82:d8:c0:e3:b9:79:a0:15:af:43:
69:f6:02:da:cf:f4:d0:ec:09:dd:c2:11:eb:83:38:
47:e2:e4:67:09:d8:af:94:86:c2:85:62:aa:b4:66:
12:8e:cd:d0:83:ca:48:38:ab:f4:26:aa:2a:a9:91:
7c:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:DC:22:06:A5:A0:53:7E:55:05:88:D2:12:E2:75:52:C4:A8:62:E8
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/49wiBqWgU35VBYjSEuJ1UsSoYug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.86.0/23
188.132.154.0/23
212.68.35.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:c8:25:da:d5:1a:b2:a0:2d:90:fb:2c:76:06:e6:34:40:84:
59:63:df:a1:ca:20:da:07:63:d3:f6:3b:be:62:50:9e:1a:96:
a4:07:a5:e7:49:56:b4:19:a8:68:23:22:d9:4c:21:69:08:14:
2a:9e:d9:c3:a0:47:2a:54:f9:25:c2:37:69:8a:b1:c4:7e:77:
83:0d:d2:5c:5b:63:76:17:67:e6:fa:cb:45:81:50:fe:19:b4:
8b:e5:8e:3a:0e:cb:ae:ee:cf:17:05:4d:72:1b:7b:6d:99:8c:
77:cd:a0:67:6c:0e:fd:95:28:f3:61:bb:a2:a1:72:b2:87:1f:
d1:63:a2:71:2c:29:ef:75:1f:c8:4c:a7:c8:85:93:1d:59:87:
eb:05:8d:03:65:fc:4f:f0:be:04:34:5a:7a:35:02:25:4d:04:
e1:d8:ba:9f:7e:90:76:42:df:a8:a3:c5:2f:53:62:34:d3:ea:
bc:f4:27:50:91:83:b9:a9:ea:35:ee:ce:4b:36:1a:75:3b:92:
65:a0:a2:a4:dd:19:3f:57:8b:a0:ac:05:1d:c5:46:96:09:0f:
b7:fb:79:51:4b:3f:3d:d3:5c:26:ec:81:64:25:0f:df:98:d1:
97:66:54:f4:89:10:3e:ea:da:85:f6:6c:be:f6:b3:8d:fc:91:
5a:91:42:de
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYH3OEmHRkVyRWgupLaz1+rMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjIwNzEzMTEwMTEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2RjMjIwNmE1YTA1MzdlNTUwNTg4ZDIxMmUyNzU1MmM0YTg2MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhSGFdXEHqu8QXHHKJpuSIt/ejVZT
KdaNHiEHIEpiCDUainVVBVLTlB8KnINk7YqEKR0678OZlLZYQIY/ip0MJBeCl5wS
5JJ8XHEFEG7GPZIeQ4CrFSfVJEYgST5FMigqUguZjrq+PPLGLhkKGj4yHhQEPDUf
NWvI5ELXZEt4VEwZBtHegFDpvLkMzLo18pVaHqtv2pRZGcH+ilATQvPvd6y79X0T
i7rvc6w6ZaaXyHHi6Xla4uC6BWSfPMYacBtSxBoHulKt3ILYwOO5eaAVr0Np9gLa
z/TQ7AndwhHrgzhH4uRnCdivlIbChWKqtGYSjs3Qg8pIOKv0JqoqqZF8ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOPcIgaloFN+VQWI0hLidVLEqGLoMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvNDl3aUJxV2dVMzVWQllqU0V1SjFVc1NvWXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBTodWAwQB
vISaAwQA1EQjMA0GCSqGSIb3DQEBCwUAA4IBAQB7yCXa1RqyoC2Q+yx2BuY0QIRZ
Y9+hyiDaB2PT9ju+YlCeGpakB6XnSVa0GahoIyLZTCFpCBQqntnDoEcqVPklwjdp
irHEfneDDdJcW2N2F2fm+stFgVD+GbSL5Y46Dsuu7s8XBU1yG3ttmYx3zaBnbA79
lSjzYbuioXKyhx/RY6JxLCnvdR/ITKfIhZMdWYfrBY0DZfxP8L4ENFp6NQIlTQTh
2LqffpB2Qt+oo8UvU2I00+q89CdQkYO5qeo17s5LNhp1O5JloKKk3Rk/V4ugrAUd
xUaWCQ+3+3lRSz8901wm7IFkJQ/fmNGXZlT0iRA+6tqF9my+9rON/JFakULe
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:43 2024 by rpki-client on console-fra.rpki-client.org