Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0GsZp1P7UExRN4gKQWDE2ZQ8BVw.roa
File: 0GsZp1P7UExRN4gKQWDE2ZQ8BVw.roa (raw, json)
Hash identifier: bLhpcHoNaitrhTXlBAdatxZdkdwwvW5sCScRx4iReCo=
Subject key identifier: D0:6B:19:A7:53:FB:50:4C:51:37:88:0A:41:60:C4:D9:94:3C:05:5C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183B137E3F4C712361E1AF856C96BA14533
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0GsZp1P7UExRN4gKQWDE2ZQ8BVw.roa
Signing time: Fri 07 Oct 2022 06:52:53 +0000
ROA not before: Fri 07 Oct 2022 06:52:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 92.114.40.0/22 maxlen: 24
92.114.44.0/22 maxlen: 24
149.126.92.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b1:37:e3:f4:c7:12:36:1e:1a:f8:56:c9:6b:a1:45:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 7 06:52:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d06b19a753fb504c5137880a4160c4d9943c055c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:46:c1:82:83:4e:1b:c0:3d:cb:bd:a3:8d:95:
d8:b6:a1:59:7c:7d:4a:c6:5a:5f:6c:de:2a:c9:83:
57:4c:54:c9:25:5c:79:d6:7e:ab:38:c1:bc:a2:e8:
73:8d:0e:ff:41:17:8f:fc:10:fc:0f:ff:92:fa:d7:
36:de:e0:f6:22:e1:8a:b6:db:f5:b5:0b:f7:a1:80:
91:ef:a8:df:ad:8d:5f:92:4a:fa:bd:45:2e:b3:20:
27:49:a3:37:3e:63:4b:b0:2d:0d:a0:d8:10:f8:11:
7c:91:47:89:66:49:43:9b:a3:2e:7e:e1:87:fc:e9:
5a:5d:57:52:19:62:8c:cb:91:76:97:cf:52:b0:57:
cf:cf:e5:e8:d1:56:00:db:06:0b:5f:32:a8:d9:ca:
02:08:b5:4a:3d:54:a5:3d:9e:ae:56:4f:e0:3c:b8:
81:a0:2f:e5:25:e0:4d:76:65:a5:f5:03:12:d4:ad:
3a:f1:83:0c:cf:70:a4:77:c4:57:a1:02:17:90:d7:
ad:1c:b7:24:30:9f:7b:56:2e:62:66:1c:2c:8e:98:
19:e3:07:3d:9c:1e:9f:81:b4:6a:fd:11:6d:1e:be:
48:fc:fc:f2:b1:ad:cd:1d:b4:bf:63:97:83:e6:e9:
03:e9:03:3f:1f:3e:8d:01:46:75:f8:5e:04:3d:b8:
f4:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:6B:19:A7:53:FB:50:4C:51:37:88:0A:41:60:C4:D9:94:3C:05:5C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0GsZp1P7UExRN4gKQWDE2ZQ8BVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
92.114.40.0/21
149.126.92.0/22
Signature Algorithm: sha256WithRSAEncryption
0c:8f:b3:25:c6:06:32:56:75:c9:82:de:80:91:c8:ca:d3:2c:
4b:fe:05:63:d2:d6:df:4c:ad:92:40:1a:d1:69:e5:15:8b:7b:
04:78:7d:0f:e9:02:b4:9e:77:15:0d:b7:a0:3c:e4:3f:27:7f:
b3:02:11:ae:5c:3b:eb:93:b3:db:fa:1c:64:00:ff:cb:53:b9:
44:c0:46:2e:1f:c2:c4:5d:9c:60:44:7d:84:e0:fd:84:2a:f5:
4f:06:27:e6:2c:65:63:dd:8e:46:82:82:3b:27:6e:30:56:ce:
ca:12:b3:1a:1a:21:8b:f9:b1:e7:c4:39:95:3f:6a:c6:56:ee:
7d:08:6c:6e:e9:05:84:01:32:fe:f8:87:e8:3b:48:72:4f:33:
d9:6f:43:91:bf:f9:8d:23:0f:a4:c2:29:62:b0:61:d9:d3:3a:
a2:e3:1f:2e:e5:92:27:7a:92:d8:58:0d:89:dc:8a:d4:7b:56:
25:71:ed:54:9a:b9:af:ca:eb:4d:50:7e:ff:32:c8:fc:a2:fe:
81:68:ba:34:3a:b0:d8:8f:b6:ca:cd:c0:8f:22:ad:66:4d:40:
b3:99:9e:95:a8:24:1c:00:5d:64:f1:92:c8:0c:3a:df:12:cd:
74:bc:4f:d8:b4:f9:2a:c0:df:7e:f5:54:21:3b:7c:65:f3:b5:
35:ad:aa:83
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYOxN+P0xxI2Hhr4VslroUUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDA3MDY1MjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDZiMTlhNzUzZmI1MDRjNTEzNzg4MGE0MTYwYzRkOTk0M2MwNTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg0bBgoNOG8A9y72jjZXYtqFZfH1K
xlpfbN4qyYNXTFTJJVx51n6rOMG8ouhzjQ7/QReP/BD8D/+S+tc23uD2IuGKttv1
tQv3oYCR76jfrY1fkkr6vUUusyAnSaM3PmNLsC0NoNgQ+BF8kUeJZklDm6MufuGH
/OlaXVdSGWKMy5F2l89SsFfPz+Xo0VYA2wYLXzKo2coCCLVKPVSlPZ6uVk/gPLiB
oC/lJeBNdmWl9QMS1K068YMMz3Ckd8RXoQIXkNetHLckMJ97Vi5iZhwsjpgZ4wc9
nB6fgbRq/RFtHr5I/Pzysa3NHbS/Y5eD5ukD6QM/Hz6NAUZ1+F4EPbj0mwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNBrGadT+1BMUTeICkFgxNmUPAVcMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMEdzWnAxUDdVRXhSTjRnS1FXREUyWlE4QlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCH7qwAwQD
XHIoAwQClX5cMA0GCSqGSIb3DQEBCwUAA4IBAQAMj7MlxgYyVnXJgt6AkcjK0yxL
/gVj0tbfTK2SQBrRaeUVi3sEeH0P6QK0nncVDbegPOQ/J3+zAhGuXDvrk7Pb+hxk
AP/LU7lEwEYuH8LEXZxgRH2E4P2EKvVPBifmLGVj3Y5GgoI7J24wVs7KErMaGiGL
+bHnxDmVP2rGVu59CGxu6QWEATL++IfoO0hyTzPZb0ORv/mNIw+kwilisGHZ0zqi
4x8u5ZInepLYWA2J3IrUe1Ylce1UmrmvyutNUH7/Msj8ov6BaLo0OrDYj7bKzcCP
Iq1mTUCzmZ6VqCQcAF1k8ZLIDDrfEs10vE/YtPkqwN9+9VQhO3xl87U1raqD
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org