Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/CGzxg-XbSXbT2k9EqnfZqgig7j4.roa
File: CGzxg-XbSXbT2k9EqnfZqgig7j4.roa (raw, json)
Hash identifier: wxcdxXZqKqrkWuHkhvj2CJBCpF+H/OFqbpRpaitjNDM=
Subject key identifier: 08:6C:F1:83:E5:DB:49:76:D3:DA:4F:44:AA:77:D9:AA:08:A0:EE:3E
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 1AB3B03E
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/CGzxg-XbSXbT2k9EqnfZqgig7j4.roa
Signing time: Sat 01 Jan 2022 16:03:06 +0000
ROA not before: Sat 01 Jan 2022 16:03:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48678
IP address blocks: 85.153.136.0/24 maxlen: 24
85.153.142.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 447983678 (0x1ab3b03e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 1 16:03:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=086cf183e5db4976d3da4f44aa77d9aa08a0ee3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:87:5d:35:f0:75:e6:2d:5c:07:1d:d0:3a:e3:
5c:7f:8d:eb:22:71:33:3a:ef:5b:15:eb:ae:50:99:
e9:f0:77:3d:63:28:2a:22:3d:f1:51:d7:91:99:56:
17:d8:0e:87:9d:43:e5:1c:4b:05:f7:7d:c3:17:c8:
e7:f0:0c:34:35:9f:6b:57:ff:22:77:60:ec:f1:ea:
13:9d:b4:6b:39:2d:f4:46:00:9a:d1:28:80:0f:0c:
6d:6d:f8:2b:33:d4:27:08:ae:f3:a8:20:be:df:29:
87:9d:85:a4:21:41:e0:72:de:0c:aa:fd:33:81:38:
b7:72:00:8c:d0:f4:74:b4:9f:11:d0:69:ce:0d:5e:
c9:87:e2:2e:e6:9d:c8:7c:5b:f3:6f:d9:a5:56:75:
85:35:0b:52:33:f6:ac:1c:8c:43:b8:3c:72:06:9e:
27:e0:d8:1c:0a:40:f3:89:98:4b:70:b8:7f:50:6a:
ab:59:2a:e0:72:a6:ac:a2:c0:fa:fa:ba:bb:2b:e0:
88:dc:e3:47:5e:4a:6c:97:42:ef:76:db:17:b4:33:
89:48:22:4a:91:4a:8b:cf:8c:f2:9e:83:aa:14:b7:
46:f6:16:51:08:0c:0d:c4:be:64:4a:f7:f5:74:98:
b7:ab:fd:59:3c:c8:2b:e9:bf:23:d8:b5:d2:c0:2b:
d5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:6C:F1:83:E5:DB:49:76:D3:DA:4F:44:AA:77:D9:AA:08:A0:EE:3E
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/CGzxg-XbSXbT2k9EqnfZqgig7j4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.153.136.0/24
85.153.142.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:05:66:3a:87:26:63:0d:92:41:2a:0e:08:ef:33:a9:76:be:
ac:57:fe:dc:43:d7:0c:5a:ac:c6:af:27:af:b5:85:d3:73:23:
89:3c:e0:b7:1b:c2:1f:0c:ea:75:1f:32:86:46:cd:80:b1:b1:
fb:fb:6f:65:0d:f2:04:36:7f:c7:b7:71:e8:f7:bb:1b:0f:af:
61:69:ce:4f:73:dd:00:e8:f4:16:ac:fe:24:cc:c7:38:3b:dc:
99:4f:5b:7e:87:d2:25:6e:ff:f3:04:f2:1d:ad:c3:0a:76:d2:
5f:f2:08:2e:74:58:90:85:35:94:70:e1:67:d2:54:72:77:1c:
37:8f:26:c7:6e:7f:4f:95:0d:2f:8e:5f:e1:00:81:3e:2c:f9:
9c:6d:d6:f2:57:c5:0b:1d:97:f7:ae:f3:27:d9:d3:70:6d:36:
0c:b6:11:ae:1a:ac:1d:be:01:48:cd:14:9c:54:b5:1a:c5:57:
69:a5:38:e5:6c:7b:b0:15:9a:39:ba:46:b2:42:9e:4a:74:47:
f4:6b:c9:3f:c1:e6:32:5f:fd:f0:a5:30:eb:8a:b4:ac:4e:85:
39:51:ea:d1:ed:c9:b4:87:f9:e4:05:d4:45:b2:11:5a:26:3d:
cf:44:0d:3b:1b:d9:cc:20:d5:dc:13:73:8c:27:68:33:fd:65:
31:2f:46:7d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEGrOwPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZDU5YzQzMjNmNzY3Y2U0ZmZjODVkYWFkMjA4YjkwYzA0ZmJkM2U5MB4XDTIyMDEw
MTE2MDMwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg2Y2YxODNlNWRi
NDk3NmQzZGE0ZjQ0YWE3N2Q5YWEwOGEwZWUzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIqHXTXwdeYtXAcd0DrjXH+N6yJxMzrvWxXrrlCZ6fB3PWMo
KiI98VHXkZlWF9gOh51D5RxLBfd9wxfI5/AMNDWfa1f/Indg7PHqE520azkt9EYA
mtEogA8MbW34KzPUJwiu86ggvt8ph52FpCFB4HLeDKr9M4E4t3IAjND0dLSfEdBp
zg1eyYfiLuadyHxb82/ZpVZ1hTULUjP2rByMQ7g8cgaeJ+DYHApA84mYS3C4f1Bq
q1kq4HKmrKLA+vq6uyvgiNzjR15KbJdC73bbF7QziUgiSpFKi8+M8p6DqhS3RvYW
UQgMDcS+ZEr39XSYt6v9WTzIK+m/I9i10sAr1TUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBQIbPGD5dtJdtPaT0Sqd9mqCKDuPjAfBgNVHSMEGDAWgBSNWcQyP3Z85P/I
XarSCLkMBPvT6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pWbkVNajkyZk9UX3lGMnEwZ2k1REFUNzAtay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjYvZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8x
L0NHenhnLVhiU1hiVDJrOUVxbmZacWdpZzdqNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjYv
ZjA5ZWNmLWU4MDUtNDE1OC1iMzE1LWYyYmU5ZjZjNjY0Yy8xL2pWbkVNajkyZk9U
X3lGMnEwZ2k1REFUNzAtay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFWZiAMEAFWZjjANBgkqhkiG9w0B
AQsFAAOCAQEAPAVmOocmYw2SQSoOCO8zqXa+rFf+3EPXDFqsxq8nr7WF03MjiTzg
txvCHwzqdR8yhkbNgLGx+/tvZQ3yBDZ/x7dx6Pe7Gw+vYWnOT3PdAOj0Fqz+JMzH
ODvcmU9bfofSJW7/8wTyHa3DCnbSX/IILnRYkIU1lHDhZ9JUcnccN48mx25/T5UN
L45f4QCBPiz5nG3W8lfFCx2X967zJ9nTcG02DLYRrhqsHb4BSM0UnFS1GsVXaaU4
5Wx7sBWaObpGskKeSnRH9GvJP8HmMl/98KUw64q0rE6FOVHq0e3JtIf55AXURbIR
WiY9z0QNOxvZzCDV3BNzjCdoM/1lMS9GfQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:15:22 2024 by rpki-client on console-ams.rpki-client.org