Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/cvgQPtzM3pvOoTg0ZK_7bnrywys.roa
File: cvgQPtzM3pvOoTg0ZK_7bnrywys.roa (raw, json)
Hash identifier: iIWNnWyOherjFpSVchCTndloYmkVCCP7r9glkKnI2Q0=
Subject key identifier: 72:F8:10:3E:DC:CC:DE:9B:CE:A1:38:34:64:AF:FB:6E:7A:F2:C3:2B
Certificate issuer: /CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Certificate serial: 0183F50BC3CCF683A238480F1338CA29D61C
Authority key identifier: 30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/cvgQPtzM3pvOoTg0ZK_7bnrywys.roa
Signing time: Thu 20 Oct 2022 10:58:52 +0000
ROA not before: Thu 20 Oct 2022 10:58:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34606
IP address blocks: 194.116.0.0/18 maxlen: 18
88.87.96.0/19 maxlen: 19
77.108.0.0/18 maxlen: 18
185.73.244.0/22 maxlen: 22
95.140.136.0/21 maxlen: 21
82.215.128.0/18 maxlen: 18
82.215.128.0/22 maxlen: 22
185.117.216.0/22 maxlen: 22
85.208.232.0/22 maxlen: 22
194.176.126.0/24 maxlen: 24
85.159.176.0/21 maxlen: 21
77.72.32.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f5:0b:c3:cc:f6:83:a2:38:48:0f:13:38:ca:29:d6:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3096d7afbb8a5e315a5c489acea7dcb75aa65d04
Validity
Not Before: Oct 20 10:58:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72f8103edcccde9bcea1383464affb6e7af2c32b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bc:b0:5f:ea:1b:cd:d5:87:35:99:2e:ff:c0:
a7:aa:05:a0:b9:96:b3:77:6b:ca:3d:9e:2b:a2:b8:
16:cd:69:df:31:19:36:e5:45:1f:5e:f0:d3:55:8a:
29:03:9f:01:19:d9:a2:a5:25:9f:49:cf:9d:de:80:
9c:11:2e:13:28:e5:5f:a0:8b:23:88:de:18:03:0e:
a9:73:d8:b1:b0:f2:23:8b:1a:36:fd:06:37:f4:37:
87:78:f5:c9:20:7b:5f:6b:eb:62:f3:2f:e1:06:08:
e9:90:f3:19:5d:64:7b:d2:b7:a6:76:58:9e:d9:2a:
62:b3:92:7b:56:fc:b0:a9:24:94:28:55:ea:96:6a:
16:3a:d3:33:3d:05:a5:ec:1c:86:ee:fe:81:15:a2:
c0:61:fc:78:e5:4c:21:74:e5:03:d7:af:c8:f1:09:
a2:65:d8:8d:b9:9a:03:20:69:ea:f3:49:97:db:79:
25:6f:07:51:8d:44:b9:ee:76:f7:1f:c6:d9:b4:e5:
2b:06:2f:81:a8:9e:37:2c:99:cc:fa:42:8c:61:37:
bb:e9:55:65:a8:68:e2:dc:a6:dc:d6:7d:56:73:7a:
2a:7b:84:d0:71:c0:a4:ba:f7:be:2e:3b:4e:44:03:
6c:25:7d:56:2d:49:ff:24:c1:b8:52:4d:c3:55:69:
90:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F8:10:3E:DC:CC:DE:9B:CE:A1:38:34:64:AF:FB:6E:7A:F2:C3:2B
X509v3 Authority Key Identifier:
keyid:30:96:D7:AF:BB:8A:5E:31:5A:5C:48:9A:CE:A7:DC:B7:5A:A6:5D:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJbXr7uKXjFaXEiazqfct1qmXQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/cvgQPtzM3pvOoTg0ZK_7bnrywys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/cf8f99-e581-4f5f-875f-df4e8c7364fe/1/MJbXr7uKXjFaXEiazqfct1qmXQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.32.0/21
77.108.0.0/18
82.215.128.0/18
85.159.176.0/21
85.208.232.0/22
88.87.96.0/19
95.140.136.0/21
185.73.244.0/22
185.117.216.0/22
194.116.0.0/18
194.176.126.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:25:37:9c:9f:16:ae:33:8f:3a:25:a8:e7:af:0f:bf:b4:de:
71:36:03:b3:e2:3d:7e:0b:42:e0:a7:1a:14:af:d7:20:1b:76:
6c:5d:84:2d:6e:9a:d3:9f:9f:b8:89:03:39:26:f0:f3:bd:d1:
d5:f5:88:26:5e:fd:12:2b:b4:71:e7:e2:38:2e:9d:54:f8:73:
84:4f:8d:ad:e6:66:a7:49:30:ef:74:14:19:83:27:9a:81:9c:
aa:24:bf:42:fb:81:0c:53:e1:54:8a:ae:68:c5:4d:df:f2:df:
51:f0:0b:38:a5:87:25:e0:9e:42:f5:2f:47:04:86:0b:76:b1:
0e:ca:54:e2:43:03:f9:43:df:b1:e9:73:15:0c:d1:c0:06:7c:
cb:fb:a0:68:bf:f6:33:1c:7d:e5:6e:60:ca:98:0c:af:11:ff:
ce:52:94:ff:4e:bb:53:2a:f8:1d:d2:4a:24:46:8f:a7:d5:63:
8b:91:e9:1b:46:bb:53:99:e5:c4:2a:7e:62:9b:e2:bc:5c:95:
08:f7:59:ac:a0:b4:21:79:72:d5:dc:ec:8d:c4:2f:1e:57:8f:
5d:f7:d7:0e:20:06:58:3c:fb:73:f0:e7:82:0e:01:20:46:f6:
cb:4f:fa:40:0a:88:c3:a1:c9:a2:ed:1f:25:32:74:33:20:2a:
ae:b4:eb:91
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAYP1C8PM9oOiOEgPEzjKKdYcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTZkN2FmYmI4YTVlMzE1YTVjNDg5YWNlYTdkY2I3NWFh
NjVkMDQwHhcNMjIxMDIwMTA1ODUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY4MTAzZWRjY2NkZTliY2VhMTM4MzQ2NGFmZmI2ZTdhZjJjMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrywX+obzdWHNZku/8CnqgWguZaz
d2vKPZ4rorgWzWnfMRk25UUfXvDTVYopA58BGdmipSWfSc+d3oCcES4TKOVfoIsj
iN4YAw6pc9ixsPIjixo2/QY39DeHePXJIHtfa+ti8y/hBgjpkPMZXWR70remdlie
2Spis5J7VvywqSSUKFXqlmoWOtMzPQWl7ByG7v6BFaLAYfx45UwhdOUD16/I8Qmi
ZdiNuZoDIGnq80mX23klbwdRjUS57nb3H8bZtOUrBi+BqJ43LJnM+kKMYTe76VVl
qGji3Kbc1n1Wc3oqe4TQccCkuve+LjtORANsJX1WLUn/JMG4Uk3DVWmQ+wIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFHL4ED7czN6bzqE4NGSv+2568sMrMB8GA1UdIwQY
MBaAFDCW16+7il4xWlxIms6n3Ldapl0EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYt
ZGY0ZThjNzM2NGZlLzEvY3ZnUVB0ek0zcHZPb1RnMFpLXzdibnJ5d3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9jZjhmOTktZTU4MS00ZjVmLTg3NWYtZGY0ZThjNzM2NGZl
LzEvTUpiWHI3dUtYakZhWEVpYXpxZmN0MXFtWFFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQDTUggAwQG
TWwAAwQGUteAAwQDVZ+wAwQCVdDoAwQFWFdgAwQDX4yIAwQCuUn0AwQCuXXYAwQG
wnQAAwQAwrB+MA0GCSqGSIb3DQEBCwUAA4IBAQCyJTecnxauM486Jajnrw+/tN5x
NgOz4j1+C0LgpxoUr9cgG3ZsXYQtbprTn5+4iQM5JvDzvdHV9YgmXv0SK7Rx5+I4
Lp1U+HOET42t5manSTDvdBQZgyeagZyqJL9C+4EMU+FUiq5oxU3f8t9R8As4pYcl
4J5C9S9HBIYLdrEOylTiQwP5Q9+x6XMVDNHABnzL+6Bov/YzHH3lbmDKmAyvEf/O
UpT/TrtTKvgd0kokRo+n1WOLkekbRrtTmeXEKn5im+K8XJUI91msoLQheXLV3OyN
xC8eV49d99cOIAZYPPtz8OeCDgEgRvbLT/pACojDocmi7R8lMnQzICqutOuR
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:09 2024 by rpki-client on console-fra.rpki-client.org