Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/okNtKvvzUWf59MZ_w0ge8voWu5A.roa
File: okNtKvvzUWf59MZ_w0ge8voWu5A.roa (raw, json)
Hash identifier: 3yexFNVOvgNynHROoPs6zlLtYnIlGB8fuKQgPlGl8rs=
Subject key identifier: A2:43:6D:2A:FB:F3:51:67:F9:F4:C6:7F:C3:48:1E:F2:FA:16:BB:90
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01823C2831B517422325C41E97276A017556
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/okNtKvvzUWf59MZ_w0ge8voWu5A.roa
Signing time: Tue 26 Jul 2022 20:17:23 +0000
ROA not before: Tue 26 Jul 2022 20:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61135
IP address blocks: 212.68.35.0/24 maxlen: 24
188.132.249.0/24 maxlen: 24
188.132.155.0/24 maxlen: 24
188.132.154.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
78.135.73.0/24 maxlen: 24
78.135.87.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3c:28:31:b5:17:42:23:25:c4:1e:97:27:6a:01:75:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jul 26 20:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a2436d2afbf35167f9f4c67fc3481ef2fa16bb90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:43:53:24:f3:67:6a:a7:2a:90:97:a9:2f:45:
17:35:b4:4a:89:55:d2:80:3c:fc:0e:e2:3a:68:7a:
6a:49:78:f3:28:34:34:c7:6b:85:72:fe:c1:56:0a:
93:a9:db:67:8e:47:ad:d7:47:e7:3d:2a:e5:41:3e:
4e:2c:11:84:11:1b:ae:3c:3c:49:e5:5e:dc:61:03:
5f:dc:b0:7e:26:64:04:f4:ed:b7:c3:d4:0b:ab:0d:
28:df:b1:4e:5b:6c:a6:97:f6:f5:94:81:68:45:a3:
ba:9c:25:b8:fb:f1:c5:c7:cc:86:89:b1:2a:b2:31:
3d:58:06:74:7a:a3:a4:fc:8b:de:68:e3:1b:6b:9b:
e7:45:1c:39:b3:4a:45:91:f2:a6:85:69:ef:e2:74:
bb:73:bc:f1:a1:3b:bc:07:c7:d2:cc:db:0b:af:9b:
0d:66:b5:3f:f1:fc:8f:0d:64:b5:42:88:06:a1:c2:
20:31:bf:4e:a3:1b:f2:8d:b2:57:07:46:0f:8d:f1:
fc:05:8d:fd:3d:25:3a:ab:ec:e7:48:5f:b1:8e:69:
59:00:69:6e:7f:08:45:3c:62:ab:d4:a5:8b:cd:b8:
d3:74:ac:5f:19:c7:1a:2e:d3:04:a9:4c:44:b4:33:
74:e4:c9:0f:ba:8c:4d:62:1a:36:e1:35:3a:9b:a7:
34:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:43:6D:2A:FB:F3:51:67:F9:F4:C6:7F:C3:48:1E:F2:FA:16:BB:90
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/okNtKvvzUWf59MZ_w0ge8voWu5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
78.135.86.0/23
188.132.154.0/23
188.132.189.0/24
188.132.249.0/24
212.68.35.0/24
Signature Algorithm: sha256WithRSAEncryption
50:69:dd:9b:59:b8:52:cb:6c:04:be:7a:79:f6:95:54:02:24:
e9:2d:6a:c7:3b:2c:93:e4:72:ec:ff:d0:ab:0f:c4:a4:26:2b:
fc:9e:ac:6f:b1:00:c7:97:6c:fb:9c:8a:0d:55:04:fa:33:ef:
f4:05:2f:9b:16:13:b4:2c:d4:d3:9b:72:14:97:b6:57:e6:59:
4b:87:63:83:c0:47:5f:e3:9c:a9:4e:0b:e9:a9:45:7e:ea:08:
de:e5:f9:2f:5f:d6:cd:ce:4f:c5:6d:65:74:aa:0f:64:56:86:
c3:68:6b:d8:76:b7:58:74:35:8f:ae:16:a8:d2:8c:7e:2e:b7:
82:27:29:10:02:27:57:ce:10:e2:8e:24:e3:33:28:72:4b:fa:
c6:16:8c:af:e5:e3:f4:fb:4b:50:61:d4:b9:08:ba:9d:b7:30:
7b:fe:d7:07:65:4e:16:a0:9c:88:ef:8a:e3:ea:89:87:f6:ab:
f4:1e:03:89:2b:95:91:e8:04:4c:98:ab:c4:cd:d2:c1:a6:06:
d0:7b:39:38:c1:b9:50:d9:25:24:51:49:11:bd:15:91:99:8b:
a8:87:7f:d3:0a:c4:8e:db:f9:c1:a7:a7:e0:68:15:27:10:de:
2f:fa:7d:f1:6a:9a:cd:68:1e:50:fa:c7:40:2f:ed:fd:c0:fb:
ce:a7:4c:57
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYI8KDG1F0IjJcQelydqAXVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjIwNzI2MjAxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQzNmQyYWZiZjM1MTY3ZjlmNGM2N2ZjMzQ4MWVmMmZhMTZiYjkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUNTJPNnaqcqkJepL0UXNbRKiVXS
gDz8DuI6aHpqSXjzKDQ0x2uFcv7BVgqTqdtnjket10fnPSrlQT5OLBGEERuuPDxJ
5V7cYQNf3LB+JmQE9O23w9QLqw0o37FOW2yml/b1lIFoRaO6nCW4+/HFx8yGibEq
sjE9WAZ0eqOk/IveaOMba5vnRRw5s0pFkfKmhWnv4nS7c7zxoTu8B8fSzNsLr5sN
ZrU/8fyPDWS1QogGocIgMb9OoxvyjbJXB0YPjfH8BY39PSU6q+znSF+xjmlZAGlu
fwhFPGKr1KWLzbjTdKxfGccaLtMEqUxEtDN05MkPuoxNYho24TU6m6c0WwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKJDbSr781Fn+fTGf8NIHvL6FruQMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvb2tOdEt2dnpVV2Y1OU1aX3cwZ2U4dm9XdTVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQATodJAwQB
TodWAwQBvISaAwQAvIS9AwQAvIT5AwQA1EQjMA0GCSqGSIb3DQEBCwUAA4IBAQBQ
ad2bWbhSy2wEvnp59pVUAiTpLWrHOyyT5HLs/9CrD8SkJiv8nqxvsQDHl2z7nIoN
VQT6M+/0BS+bFhO0LNTTm3IUl7ZX5llLh2ODwEdf45ypTgvpqUV+6gje5fkvX9bN
zk/FbWV0qg9kVobDaGvYdrdYdDWPrhao0ox+LreCJykQAidXzhDijiTjMyhyS/rG
Foyv5eP0+0tQYdS5CLqdtzB7/tcHZU4WoJyI74rj6omH9qv0HgOJK5WR6ARMmKvE
zdLBpgbQezk4wblQ2SUkUUkRvRWRmYuoh3/TCsSO2/nBp6fgaBUnEN4v+n3xaprN
aB5Q+sdAL+39wPvOp0xX
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:44 2024 by rpki-client on console-fra.rpki-client.org