Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/Ost693-JzlZnNf9iFgR9bpUuXn8.roa
File: Ost693-JzlZnNf9iFgR9bpUuXn8.roa (raw, json)
Hash identifier: cnng1oqKtMEWR+TbqqZH3wEskjPtLJR0m9yQhMmxWoQ=
Subject key identifier: 3A:CB:7A:F7:7F:89:CE:56:67:35:FF:62:16:04:7D:6E:95:2E:5E:7F
Certificate issuer: /CN=af121cd6e11da095f856d79deec469d0c6358494
Certificate serial: 0257FC80
Authority key identifier: AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/Ost693-JzlZnNf9iFgR9bpUuXn8.roa
Signing time: Sat 01 Jan 2022 08:04:31 +0000
ROA not before: Sat 01 Jan 2022 08:04:31 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 55293
IP address blocks: 185.62.136.0/22 maxlen: 24
185.141.188.0/22 maxlen: 24
185.160.66.0/23 maxlen: 24
185.160.65.0/24 maxlen: 24
185.148.128.0/22 maxlen: 24
185.149.112.0/22 maxlen: 24
185.52.148.0/22 maxlen: 24
185.146.20.0/22 maxlen: 24
185.143.44.0/22 maxlen: 24
185.168.108.0/22 maxlen: 24
185.133.20.0/22 maxlen: 24
185.132.4.0/22 maxlen: 24
185.166.145.0/24 maxlen: 24
185.166.146.0/23 maxlen: 24
185.148.44.0/22 maxlen: 24
185.146.28.0/22 maxlen: 24
185.151.48.0/22 maxlen: 24
85.187.128.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 39320704 (0x257fc80)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af121cd6e11da095f856d79deec469d0c6358494
Validity
Not Before: Jan 1 08:04:31 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3acb7af77f89ce566735ff6216047d6e952e5e7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:38:13:af:fc:df:35:04:4f:c7:11:dc:ec:64:
17:7d:76:83:39:45:86:2e:d1:2c:a1:3d:57:56:a7:
5e:44:bd:29:54:bb:19:1f:f5:6c:ae:e1:5d:44:fd:
eb:36:48:79:b2:9b:96:40:b7:e3:86:2d:77:14:15:
50:e9:2e:d5:b5:88:bd:62:c2:77:18:f9:c7:b3:1b:
f5:aa:da:a0:60:cd:88:4f:e2:f2:9c:37:6c:57:c5:
7c:b0:a3:79:53:23:1f:9f:bb:f0:90:b2:76:ee:6e:
3f:8d:01:3e:e2:76:fc:07:4f:c0:ca:4a:8c:54:f1:
08:65:91:cf:5e:f2:10:f1:ca:fd:35:b4:3b:cc:4e:
13:c4:05:7a:ab:26:b6:d6:19:5a:e4:97:7f:b4:67:
73:25:c3:3f:02:cc:a2:5f:0c:c8:71:a4:ac:f2:1e:
4b:76:c9:59:ca:d4:80:09:13:00:6f:fc:22:f0:7e:
c6:f7:b8:6c:3a:01:cb:72:1e:9b:76:17:42:2d:35:
40:f6:ff:3b:7f:d6:0a:59:12:f1:43:3e:76:87:59:
86:9c:99:b2:58:2f:19:5e:e2:a6:84:39:ea:ec:a3:
d6:89:95:e0:c9:cd:1e:0d:0e:8a:70:a5:e1:f1:2f:
c8:c6:42:86:6e:f4:4e:4b:ae:2b:39:9b:20:4e:f4:
11:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:CB:7A:F7:7F:89:CE:56:67:35:FF:62:16:04:7D:6E:95:2E:5E:7F
X509v3 Authority Key Identifier:
keyid:AF:12:1C:D6:E1:1D:A0:95:F8:56:D7:9D:EE:C4:69:D0:C6:35:84:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rxIc1uEdoJX4Vted7sRp0MY1hJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/Ost693-JzlZnNf9iFgR9bpUuXn8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/fd6069-4179-45be-b82a-af3f794ae607/1/rxIc1uEdoJX4Vted7sRp0MY1hJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.187.128.0/19
185.52.148.0/22
185.62.136.0/22
185.132.4.0/22
185.133.20.0/22
185.141.188.0/22
185.143.44.0/22
185.146.20.0/22
185.146.28.0/22
185.148.44.0/22
185.148.128.0/22
185.149.112.0/22
185.151.48.0/22
185.160.65.0-185.160.67.255
185.166.145.0-185.166.147.255
185.168.108.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:85:23:e0:df:c8:00:1b:08:4e:40:a5:d3:4e:e2:b3:b0:d4:
f1:3e:55:9f:5b:2e:bb:02:cb:33:de:c3:f9:85:c6:c2:18:76:
1f:23:49:e3:77:f7:e0:7c:00:fa:eb:60:45:b8:e4:26:73:c1:
f1:e0:ff:e6:ce:fc:30:d2:28:45:3d:6b:bb:70:ae:21:9d:50:
e9:42:34:57:5a:ee:2d:4d:64:99:d2:f7:6c:6d:b9:f2:da:69:
3f:10:58:ed:8a:87:06:70:80:7e:cf:79:71:9b:5c:87:fd:06:
bd:2c:bb:76:18:a7:ca:64:28:cb:8f:4b:b3:2e:33:e3:1c:7b:
e4:98:cc:db:eb:bc:f9:c6:88:65:96:57:4a:4a:bc:45:8e:7d:
f5:b3:74:0f:dd:af:06:3a:bf:50:43:3f:f8:b5:3f:05:48:08:
b1:93:c0:49:74:92:d6:4c:c5:12:5e:79:cb:20:bd:77:7c:dc:
33:bd:67:ac:89:18:2d:b1:de:5c:c2:0b:cd:f3:40:a9:6c:99:
26:c1:62:39:fb:06:79:e3:d5:cd:50:17:71:02:eb:4b:0a:b2:
d8:63:02:70:a0:d2:b9:79:ac:8c:55:47:23:00:dc:34:4e:f5:
75:07:4a:16:08:9b:60:e9:25:d6:f4:9c:ad:38:90:e9:df:3c:
ac:8b:e6:a7
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgIEAlf8gDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ZjEyMWNkNmUxMWRhMDk1Zjg1NmQ3OWRlZWM0NjlkMGM2MzU4NDk0MB4XDTIyMDEw
MTA4MDQzMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2FjYjdhZjc3Zjg5
Y2U1NjY3MzVmZjYyMTYwNDdkNmU5NTJlNWU3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJQ4E6/83zUET8cR3OxkF312gzlFhi7RLKE9V1anXkS9KVS7
GR/1bK7hXUT96zZIebKblkC344YtdxQVUOku1bWIvWLCdxj5x7Mb9araoGDNiE/i
8pw3bFfFfLCjeVMjH5+78JCydu5uP40BPuJ2/AdPwMpKjFTxCGWRz17yEPHK/TW0
O8xOE8QFeqsmttYZWuSXf7RncyXDPwLMol8MyHGkrPIeS3bJWcrUgAkTAG/8IvB+
xve4bDoBy3Iem3YXQi01QPb/O3/WClkS8UM+dodZhpyZslgvGV7ipoQ56uyj1omV
4MnNHg0OinCl4fEvyMZChm70TkuuKzmbIE70EeUCAwEAAaOCAnQwggJwMB0GA1Ud
DgQWBBQ6y3r3f4nOVmc1/2IWBH1ulS5efzAfBgNVHSMEGDAWgBSvEhzW4R2glfhW
153uxGnQxjWElDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3J4SWMxdUVkb0pYNFZ0ZWQ3c1JwME1ZMWhKUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvZmQ2MDY5LTQxNzktNDViZS1iODJhLWFmM2Y3OTRhZTYwNy8x
L09zdDY5My1Kemxabk5mOWlGZ1I5YnBVdVhuOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
ZmQ2MDY5LTQxNzktNDViZS1iODJhLWFmM2Y3OTRhZTYwNy8xL3J4SWMxdUVkb0pY
NFZ0ZWQ3c1JwME1ZMWhKUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
iQYIKwYBBQUHAQcBAf8EejB4MHYEAgABMHADBAVVu4ADBAK5NJQDBAK5PogDBAK5
hAQDBAK5hRQDBAK5jbwDBAK5jywDBAK5khQDBAK5khwDBAK5lCwDBAK5lIADBAK5
lXADBAK5lzAwDAMEALmgQQMEArmgQDAMAwQAuaaRAwQCuaaQAwQCuahsMA0GCSqG
SIb3DQEBCwUAA4IBAQBqhSPg38gAGwhOQKXTTuKzsNTxPlWfWy67Assz3sP5hcbC
GHYfI0njd/fgfAD662BFuOQmc8Hx4P/mzvww0ihFPWu7cK4hnVDpQjRXWu4tTWSZ
0vdsbbny2mk/EFjtiocGcIB+z3lxm1yH/Qa9LLt2GKfKZCjLj0uzLjPjHHvkmMzb
67z5xohllldKSrxFjn31s3QP3a8GOr9QQz/4tT8FSAixk8BJdJLWTMUSXnnLIL13
fNwzvWesiRgtsd5cwgvN80CpbJkmwWI5+wZ549XNUBdxAutLCrLYYwJwoNK5eayM
VUcjANw0TvV1B0oWCJtg6SXW9JytOJDp3zysi+an
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:06 2024 by rpki-client on console-fra.rpki-client.org