Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/d1-Ncf1pqGQOowF7vvgMlp2kfdM.roa
File: d1-Ncf1pqGQOowF7vvgMlp2kfdM.roa (raw, json)
Hash identifier: 4rFwpj8fJ5OTSj9tq+SPpZjeAcpfK3BQYCSO57OAEHY=
Subject key identifier: 77:5F:8D:71:FD:69:A8:64:0E:A3:01:7B:BE:F8:0C:96:9D:A4:7D:D3
Certificate issuer: /CN=54f87b5a62c1ff0f522812e9add1756bc73384c5
Certificate serial: 0182399505238F240DC2C33FD16778C8C0B0
Authority key identifier: 54:F8:7B:5A:62:C1:FF:0F:52:28:12:E9:AD:D1:75:6B:C7:33:84:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VPh7WmLB_w9SKBLprdF1a8czhMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/d1-Ncf1pqGQOowF7vvgMlp2kfdM.roa
Signing time: Tue 26 Jul 2022 08:17:23 +0000
ROA not before: Tue 26 Jul 2022 08:17:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20546
IP address blocks: 185.192.168.0/24 maxlen: 24
185.192.169.0/24 maxlen: 24
93.191.164.0/24 maxlen: 24
93.191.165.0/24 maxlen: 24
93.191.166.0/24 maxlen: 24
93.191.160.0/24 maxlen: 24
93.191.161.0/24 maxlen: 24
93.191.162.0/24 maxlen: 24
93.191.163.0/24 maxlen: 24
93.191.167.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:39:95:05:23:8f:24:0d:c2:c3:3f:d1:67:78:c8:c0:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54f87b5a62c1ff0f522812e9add1756bc73384c5
Validity
Not Before: Jul 26 08:17:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=775f8d71fd69a8640ea3017bbef80c969da47dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d4:9f:b0:08:c3:b9:3f:2b:5a:e4:2a:86:68:
e4:b7:97:7f:ae:c7:6b:31:24:bd:3b:7e:c3:6d:f2:
99:67:af:84:1c:ec:b3:41:e3:0a:9e:ab:06:ad:25:
b2:6b:01:44:32:dc:8f:0b:c6:e1:3d:c0:a6:ed:a0:
c7:14:c8:0f:d8:b6:a7:e7:87:6b:dc:a1:12:4a:9a:
37:8c:f7:40:2f:16:39:a1:d5:c0:c1:bf:3c:35:ba:
04:70:5c:63:d3:4b:17:41:30:7d:61:d7:95:cf:3d:
51:a2:7a:e5:83:13:1e:ca:87:a0:62:01:7e:07:0e:
28:b7:1e:f3:34:e5:04:6a:f5:2d:d4:d9:ab:44:47:
c2:ce:92:c9:01:57:c8:9f:29:b0:a4:96:78:cc:95:
74:79:93:ab:4b:3f:c9:e0:6e:c9:93:fd:97:5e:65:
ca:db:eb:6d:89:6c:4f:4e:28:3f:c0:a0:b2:a1:73:
60:d2:ea:3f:a6:7d:fb:be:9b:12:07:eb:4b:42:01:
e5:3c:c0:fe:90:27:9d:72:a1:58:f0:4e:8f:bc:57:
ed:84:58:15:95:58:77:58:39:e2:f4:3c:78:c2:87:
32:41:bc:08:66:f3:2d:81:34:77:3e:cf:e6:6c:5c:
8c:13:4c:c2:3c:2a:fd:96:a5:c8:92:73:de:ca:fa:
16:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5F:8D:71:FD:69:A8:64:0E:A3:01:7B:BE:F8:0C:96:9D:A4:7D:D3
X509v3 Authority Key Identifier:
keyid:54:F8:7B:5A:62:C1:FF:0F:52:28:12:E9:AD:D1:75:6B:C7:33:84:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VPh7WmLB_w9SKBLprdF1a8czhMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/d1-Ncf1pqGQOowF7vvgMlp2kfdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/2cc419-8e34-41a9-b243-855418ffed41/1/VPh7WmLB_w9SKBLprdF1a8czhMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.160.0/21
185.192.168.0/23
Signature Algorithm: sha256WithRSAEncryption
31:09:2e:77:aa:40:7f:f2:52:68:55:15:c8:78:d6:01:e8:bb:
ed:d9:11:71:99:4a:4e:fa:c6:48:2a:b0:12:d7:ad:de:cf:e2:
e7:10:92:ff:aa:2b:5b:af:5e:cf:95:30:72:7a:23:37:3c:26:
a0:69:30:d8:b5:19:3e:d3:7c:d8:8b:95:f3:46:aa:16:e8:f6:
0e:7b:c2:25:22:bf:79:56:5c:6f:87:fc:a3:0f:86:84:80:1c:
8c:4c:66:eb:67:ef:99:d4:f3:8c:71:ff:a1:5f:3b:ce:03:f5:
dc:d9:71:a3:47:83:da:10:27:af:a5:e5:a7:29:ce:53:58:89:
9d:58:8b:21:6d:2f:fb:1e:b3:4e:9d:b9:88:1b:cf:e3:0d:0e:
ca:aa:55:de:e2:d1:b8:b9:98:09:e4:58:74:55:d8:7b:f0:5e:
b9:eb:b9:16:7d:c2:9c:d8:42:d8:36:c8:1b:a8:c6:f2:2b:3b:
b6:56:17:24:66:a0:70:07:eb:36:05:93:80:3c:47:f3:da:9b:
6b:33:41:8a:9e:6d:91:b9:39:ba:b4:75:49:fd:2b:b1:1e:0d:
a6:a5:c3:7b:31:80:97:c5:17:e1:68:f9:d0:57:81:21:6e:36:
58:40:11:91:06:47:0e:80:46:8b:d1:9b:9b:3a:67:7f:58:cf:
14:1e:35:ab
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYI5lQUjjyQNwsM/0Wd4yMCwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Zjg3YjVhNjJjMWZmMGY1MjI4MTJlOWFkZDE3NTZiYzcz
Mzg0YzUwHhcNMjIwNzI2MDgxNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzVmOGQ3MWZkNjlhODY0MGVhMzAxN2JiZWY4MGM5NjlkYTQ3ZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNSfsAjDuT8rWuQqhmjkt5d/rsdr
MSS9O37DbfKZZ6+EHOyzQeMKnqsGrSWyawFEMtyPC8bhPcCm7aDHFMgP2Lan54dr
3KESSpo3jPdALxY5odXAwb88NboEcFxj00sXQTB9YdeVzz1RonrlgxMeyoegYgF+
Bw4otx7zNOUEavUt1NmrREfCzpLJAVfInymwpJZ4zJV0eZOrSz/J4G7Jk/2XXmXK
2+ttiWxPTig/wKCyoXNg0uo/pn37vpsSB+tLQgHlPMD+kCedcqFY8E6PvFfthFgV
lVh3WDni9Dx4wocyQbwIZvMtgTR3Ps/mbFyME0zCPCr9lqXIknPeyvoW4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHdfjXH9aahkDqMBe774DJadpH3TMB8GA1UdIwQY
MBaAFFT4e1piwf8PUigS6a3RdWvHM4TFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlBoN1dtTEJfdzlTS0JMcHJkRjFhOGN6aE1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8yY2M0MTktOGUzNC00MWE5LWIyNDMt
ODU1NDE4ZmZlZDQxLzEvZDEtTmNmMXBxR1FPb3dGN3Z2Z01scDJrZmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8yY2M0MTktOGUzNC00MWE5LWIyNDMtODU1NDE4ZmZlZDQx
LzEvVlBoN1dtTEJfdzlTS0JMcHJkRjFhOGN6aE1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXb+gAwQB
ucCoMA0GCSqGSIb3DQEBCwUAA4IBAQAxCS53qkB/8lJoVRXIeNYB6Lvt2RFxmUpO
+sZIKrAS163ez+LnEJL/qitbr17PlTByeiM3PCagaTDYtRk+03zYi5XzRqoW6PYO
e8IlIr95Vlxvh/yjD4aEgByMTGbrZ++Z1POMcf+hXzvOA/Xc2XGjR4PaECevpeWn
Kc5TWImdWIshbS/7HrNOnbmIG8/jDQ7KqlXe4tG4uZgJ5Fh0Vdh78F6567kWfcKc
2ELYNsgbqMbyKzu2VhckZqBwB+s2BZOAPEfz2ptrM0GKnm2RuTm6tHVJ/SuxHg2m
pcN7MYCXxRfhaPnQV4EhbjZYQBGRBkcOgEaL0ZubOmd/WM8UHjWr
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:28:52 2024 by rpki-client on console-fra.rpki-client.org