Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/7lfvNGQItlQYD-e0gvr3am1r9-s.roa
File: 7lfvNGQItlQYD-e0gvr3am1r9-s.roa (raw, json)
Hash identifier: qUj5/z7XvnxutPi/nDcS+wR2R+FeEo8H/bx7/oeH0Ec=
Subject key identifier: EE:57:EF:34:64:08:B6:54:18:0F:E7:B4:82:FA:F7:6A:6D:6B:F7:EB
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 32828EEE
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/7lfvNGQItlQYD-e0gvr3am1r9-s.roa
Signing time: Sat 01 Jan 2022 16:06:44 +0000
ROA not before: Sat 01 Jan 2022 16:06:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34783
IP address blocks: 85.118.48.0/23 maxlen: 23
85.118.60.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 847417070 (0x32828eee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jan 1 16:06:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ee57ef346408b654180fe7b482faf76a6d6bf7eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:c9:50:30:1b:f7:c0:e8:55:94:5b:6f:0b:72:
39:24:f7:cd:14:a2:e1:41:19:68:21:31:4b:49:89:
b7:08:a3:4c:e1:09:1f:9e:04:b2:f0:93:7e:84:20:
82:fd:c8:d3:ae:6e:92:0e:86:61:50:4a:fe:6c:00:
1d:b1:28:5f:d7:43:c0:ff:4d:68:db:0a:24:eb:1f:
60:68:49:a5:ea:fc:0d:96:a1:08:01:b0:68:cd:ba:
8b:f8:34:51:21:d4:46:63:37:e2:09:a9:7a:c2:9e:
67:3b:42:72:50:d0:86:ab:f2:40:c9:a1:2e:58:92:
11:cf:fd:91:4b:00:1e:6c:27:82:95:da:7c:fa:1f:
ea:58:c0:fe:e9:10:fe:07:50:83:5b:02:25:8d:15:
bb:68:b8:c2:a5:db:c0:2d:6f:2b:16:b1:71:5c:b4:
f0:42:ca:27:ea:18:04:b4:e5:f3:28:8a:14:72:e1:
ce:15:67:10:e7:53:4a:bd:71:b2:1e:2b:f8:aa:f9:
7f:df:da:c7:94:58:e9:79:3b:33:de:7b:a5:29:2f:
b5:17:ac:d2:50:19:c4:21:ca:0b:01:5c:4a:8d:c1:
75:54:85:94:27:4b:b5:e9:19:b4:93:64:c1:12:92:
f8:01:a9:14:2b:ee:fa:53:e1:c7:2a:00:53:1f:0c:
83:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:57:EF:34:64:08:B6:54:18:0F:E7:B4:82:FA:F7:6A:6D:6B:F7:EB
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/7lfvNGQItlQYD-e0gvr3am1r9-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.118.48.0/23
85.118.60.0/22
Signature Algorithm: sha256WithRSAEncryption
29:cd:82:c2:ae:63:74:31:10:9c:c4:8b:24:31:71:bb:b8:f6:
ad:02:a8:be:c7:e1:24:2a:fd:59:91:14:b2:a8:b9:06:13:1e:
33:3f:5f:47:fb:5e:9f:1c:67:b2:28:27:48:6e:b9:2e:a0:ce:
41:30:3e:9b:bd:1c:67:f7:e4:af:cd:34:a9:b0:4c:02:04:f0:
fa:88:7e:3f:57:24:f8:01:33:0a:56:ba:ac:49:ec:97:8a:03:
81:e5:4c:e9:4d:a5:ba:d1:56:3a:2d:3f:2c:84:98:33:71:1b:
d4:1b:81:65:9d:3a:9b:05:6e:bb:9b:8f:c9:0b:b1:64:fd:34:
ac:9b:99:dc:67:e8:b4:74:e9:14:a2:8f:11:7b:94:a5:52:7c:
17:2e:c9:77:9b:30:c4:13:f6:f2:a0:71:a2:32:86:9e:89:5f:
b8:53:5b:1b:08:a2:92:47:63:e5:e0:74:3e:00:63:c1:ae:c8:
c0:37:48:9d:d6:97:db:f7:35:15:63:2f:12:25:6c:6a:15:fb:
6f:33:f7:0c:d3:11:61:b5:0e:c0:68:1c:08:90:a7:70:e9:8b:
dd:1a:fa:34:00:24:2b:0f:c2:bc:6c:9d:7d:77:fc:f3:59:ac:
17:22:25:6a:a0:16:c3:e6:22:94:58:f3:ad:00:91:85:a1:64:
a7:39:65:42
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEMoKO7jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmRlMWQ5ZGNkYjI1YzFlNTMyYzVjOWI2OWRmYTc1N2UzMDYyMTBlMB4XDTIyMDEw
MTE2MDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWU1N2VmMzQ2NDA4
YjY1NDE4MGZlN2I0ODJmYWY3NmE2ZDZiZjdlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAODJUDAb98DoVZRbbwtyOST3zRSi4UEZaCExS0mJtwijTOEJ
H54EsvCTfoQggv3I065ukg6GYVBK/mwAHbEoX9dDwP9NaNsKJOsfYGhJper8DZah
CAGwaM26i/g0USHURmM34gmpesKeZztCclDQhqvyQMmhLliSEc/9kUsAHmwngpXa
fPof6ljA/ukQ/gdQg1sCJY0Vu2i4wqXbwC1vKxaxcVy08ELKJ+oYBLTl8yiKFHLh
zhVnEOdTSr1xsh4r+Kr5f9/ax5RY6Xk7M957pSkvtRes0lAZxCHKCwFcSo3BdVSF
lCdLtekZtJNkwRKS+AGpFCvu+lPhxyoAUx8Mg/0CAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTuV+80ZAi2VBgP57SC+vdqbWv36zAfBgNVHSMEGDAWgBRm3h2dzbJcHlMs
XJtp36dX4wYhDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p0NGRuYzJ5WEI1VExGeWJhZC1uVi1NR0lRNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNjBmY2ZlLTdiMmMtNDY3Mi1iYzJmLTQwNDc5ODcwOTc2ZS8x
LzdsZnZOR1FJdGxRWUQtZTBndnIzYW0xcjktcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NjBmY2ZlLTdiMmMtNDY3Mi1iYzJmLTQwNDc5ODcwOTc2ZS8xL1p0NGRuYzJ5WEI1
VExGeWJhZC1uVi1NR0lRNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAVV2MAMEAlV2PDANBgkqhkiG9w0B
AQsFAAOCAQEAKc2Cwq5jdDEQnMSLJDFxu7j2rQKovsfhJCr9WZEUsqi5BhMeMz9f
R/tenxxnsignSG65LqDOQTA+m70cZ/fkr800qbBMAgTw+oh+P1ck+AEzCla6rEns
l4oDgeVM6U2lutFWOi0/LISYM3Eb1BuBZZ06mwVuu5uPyQuxZP00rJuZ3GfotHTp
FKKPEXuUpVJ8Fy7Jd5swxBP28qBxojKGnolfuFNbGwiikkdj5eB0PgBjwa7IwDdI
ndaX2/c1FWMvEiVsahX7bzP3DNMRYbUOwGgcCJCncOmL3Rr6NAAkKw/CvGydfXf8
81msFyIlaqAWw+YilFjzrQCRhaFkpzllQg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:47 2024 by rpki-client on console-ams.rpki-client.org