Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/z7QU7jFgyczuaOvEUYUtLEPPe-o.roa
File: z7QU7jFgyczuaOvEUYUtLEPPe-o.roa (raw, json)
Hash identifier: w96wgd3FId6GzGYFSYCAKHvdBd1VkO0go5AkaP7bKPE=
Subject key identifier: CF:B4:14:EE:31:60:C9:CC:EE:68:EB:C4:51:85:2D:2C:43:CF:7B:EA
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 018442343FD8A831FD3A1F87400B61730F08
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/z7QU7jFgyczuaOvEUYUtLEPPe-o.roa
Signing time: Fri 04 Nov 2022 10:33:51 +0000
ROA not before: Fri 04 Nov 2022 10:33:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 30738
IP address blocks: 109.248.160.0/22 maxlen: 25
195.211.53.0/24 maxlen: 24
188.130.232.0/24 maxlen: 24
188.130.254.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
2001:1468:8000::/36 maxlen: 36
2001:1468::/32 maxlen: 33
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:34:3f:d8:a8:31:fd:3a:1f:87:40:0b:61:73:0f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Nov 4 10:33:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cfb414ee3160c9ccee68ebc451852d2c43cf7bea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:70:78:50:1f:9a:81:a6:f9:cd:23:ad:fd:3f:
8e:50:ec:87:39:18:ec:6a:40:af:8b:1e:40:83:8d:
f2:96:a1:6b:4f:b5:8d:c1:12:d0:20:ec:2e:e5:43:
33:b9:71:9b:62:68:5d:fd:dc:74:ec:d1:91:40:61:
57:7a:fa:4e:13:11:9c:b7:e4:af:3d:0d:9f:9a:c4:
75:47:d3:c6:82:ed:1b:0f:c2:d8:79:69:d1:b0:96:
f9:e4:00:ef:e2:81:c6:d5:3c:1c:fb:89:4c:59:84:
a9:d0:84:66:8c:47:a1:c2:c8:5e:a8:61:ed:45:23:
1e:c0:8f:33:db:20:55:45:be:f4:d1:1e:2d:2f:19:
c4:a7:94:7b:a3:81:44:12:2b:ee:c9:13:b5:e2:82:
62:66:3e:f7:5d:2d:42:a0:64:e3:99:df:70:df:7b:
1c:18:02:04:0e:79:d3:70:62:6f:1b:27:37:d0:ab:
08:28:e2:89:13:8c:61:99:8d:03:33:e5:32:c2:c1:
53:f8:0c:83:51:3a:c7:49:b0:ac:e2:5e:e5:d3:89:
06:c7:17:c8:15:30:09:62:65:5c:d0:9b:6b:93:9c:
23:9b:c3:c7:15:d4:54:9a:82:d7:be:8a:ae:be:ac:
79:ac:8e:94:7e:27:b7:f1:0f:a4:c5:44:a3:45:8e:
7a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B4:14:EE:31:60:C9:CC:EE:68:EB:C4:51:85:2D:2C:43:CF:7B:EA
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/z7QU7jFgyczuaOvEUYUtLEPPe-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.160.0/22
188.130.182.0/24
188.130.232.0/24
188.130.254.0/24
195.211.53.0/24
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
30:52:0a:9f:99:23:1e:a2:1a:6a:63:64:ef:0b:f0:c0:03:fa:
b6:72:b1:1b:a8:81:f6:2d:3f:85:7d:ac:d2:3a:43:c7:da:e9:
2b:3d:c9:7d:b1:be:f6:bd:a9:46:fa:e3:af:83:3f:dc:f6:e5:
78:47:50:aa:42:a1:c2:80:de:c2:17:94:b2:9b:f7:99:f8:d2:
3f:9d:34:74:b9:ca:90:e3:7f:d4:5e:bb:93:c0:fd:5a:fc:04:
aa:0d:3d:d7:1d:c4:fb:3d:7b:92:2b:79:57:e3:3e:c3:45:7d:
a2:50:fe:f4:6f:31:21:1d:d4:cf:e1:83:78:1f:05:7f:97:85:
44:9a:59:09:82:6e:a2:79:3c:53:97:cf:89:85:e0:60:32:ae:
8a:11:da:c4:aa:63:72:be:8f:e6:c3:75:6a:90:c0:59:11:e4:
7d:ab:c4:cd:3d:ff:36:52:17:ce:dc:a2:d9:bb:eb:10:2f:f5:
d8:1d:23:13:f9:28:32:5d:a1:74:f5:cd:18:95:47:76:a5:30:
4d:09:60:33:72:bb:9c:4b:01:eb:98:48:55:a3:a0:3a:db:c5:
5f:1b:e4:c7:af:07:a0:35:99:0b:a9:7d:39:ca:66:fc:d3:0e:
9f:29:ac:f6:18:3e:ea:a4:83:fe:5f:c0:5c:b5:51:83:4d:82:
f4:02:39:dd
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYRCND/YqDH9Oh+HQAthcw8IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjIxMTA0MTAzMzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmI0MTRlZTMxNjBjOWNjZWU2OGViYzQ1MTg1MmQyYzQzY2Y3YmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3B4UB+agab5zSOt/T+OUOyHORjs
akCvix5Ag43ylqFrT7WNwRLQIOwu5UMzuXGbYmhd/dx07NGRQGFXevpOExGct+Sv
PQ2fmsR1R9PGgu0bD8LYeWnRsJb55ADv4oHG1Twc+4lMWYSp0IRmjEehwsheqGHt
RSMewI8z2yBVRb700R4tLxnEp5R7o4FEEivuyRO14oJiZj73XS1CoGTjmd9w33sc
GAIEDnnTcGJvGyc30KsIKOKJE4xhmY0DM+UywsFT+AyDUTrHSbCs4l7l04kGxxfI
FTAJYmVc0Jtrk5wjm8PHFdRUmoLXvoquvqx5rI6Ufie38Q+kxUSjRY56eQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM+0FO4xYMnM7mjrxFGFLSxDz3vqMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvejdRVTdqRmd5Y3p1YU92RVVZVXRMRVBQZS1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCbfigAwQA
vIK2AwQAvILoAwQAvIL+AwQAw9M1MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEB
CwUAA4IBAQAwUgqfmSMeohpqY2TvC/DAA/q2crEbqIH2LT+FfazSOkPH2ukrPcl9
sb72valG+uOvgz/c9uV4R1CqQqHCgN7CF5Sym/eZ+NI/nTR0ucqQ43/UXruTwP1a
/ASqDT3XHcT7PXuSK3lX4z7DRX2iUP70bzEhHdTP4YN4HwV/l4VEmlkJgm6ieTxT
l8+JheBgMq6KEdrEqmNyvo/mw3VqkMBZEeR9q8TNPf82UhfO3KLZu+sQL/XYHSMT
+SgyXaF09c0YlUd2pTBNCWAzcrucSwHrmEhVo6A628VfG+THrwegNZkLqX05ymb8
0w6fKaz2GD7qpIP+X8BctVGDTYL0Ajnd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:57 2024 by rpki-client on console-fra.rpki-client.org