Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0garOp5VBjUJgAaxvY2IM9SG6Rg.roa
File: 0garOp5VBjUJgAaxvY2IM9SG6Rg.roa (raw, json)
Hash identifier: iTHwPAd7PBU1IK5FEeMjdWU3pfTyu9TDVkmbWqGMbFU=
Subject key identifier: D2:06:AB:3A:9E:55:06:35:09:80:06:B1:BD:8D:88:33:D4:86:E9:18
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0184D6F8025B59B6F2F89D85542DD15D4BE7
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0garOp5VBjUJgAaxvY2IM9SG6Rg.roa
Signing time: Sat 03 Dec 2022 07:51:28 +0000
ROA not before: Sat 03 Dec 2022 07:51:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211585
IP address blocks: 82.163.56.0/22 maxlen: 24
82.163.68.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d6:f8:02:5b:59:b6:f2:f8:9d:85:54:2d:d1:5d:4b:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 3 07:51:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d206ab3a9e550635098006b1bd8d8833d486e918
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b5:04:9e:2e:a0:9d:9c:9e:06:b4:c4:93:df:
ba:50:82:df:9a:a8:a5:dd:86:b3:bc:43:3c:61:af:
d7:e0:00:5a:47:01:54:88:2f:23:3f:e6:02:23:55:
71:05:86:d0:d5:fc:70:bb:73:a7:bf:f8:48:c6:fc:
7e:9d:10:7e:9e:ad:b6:8a:67:4a:39:cc:40:af:d6:
1c:c5:5f:b1:b0:3d:eb:50:53:d0:43:83:1f:fe:3c:
68:f1:d7:90:8c:25:89:38:5b:77:22:5a:51:96:cb:
8f:1e:53:06:a9:df:2e:c7:af:d7:e4:fb:d9:07:ea:
19:57:be:1b:b5:79:67:ad:21:9a:81:76:dd:3f:65:
be:01:32:48:6d:f7:7e:3f:50:ed:35:63:fe:b7:7a:
d7:b6:da:11:d1:d4:5a:16:f7:39:11:d4:23:c3:62:
cc:95:a9:2b:d1:b6:57:86:fc:38:16:3e:7a:76:94:
e4:8c:38:91:ab:4b:e7:f7:1e:0a:f5:14:2e:e7:57:
59:84:f8:17:b2:c0:5b:b2:8a:c2:6d:3b:19:26:e4:
ec:9d:92:0c:fd:a3:d5:b1:8a:95:6c:bd:0c:d9:4c:
e4:88:e3:1f:c0:08:89:a0:c3:af:8e:06:3a:a6:47:
3f:38:45:69:4a:27:cd:e4:50:4d:df:fb:9d:ef:3b:
18:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:06:AB:3A:9E:55:06:35:09:80:06:B1:BD:8D:88:33:D4:86:E9:18
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/0garOp5VBjUJgAaxvY2IM9SG6Rg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.56.0/22
82.163.68.0/22
82.163.224.0/22
Signature Algorithm: sha256WithRSAEncryption
69:33:1b:c5:39:1e:2a:0f:df:21:71:28:c3:f8:49:99:b9:74:
bb:2f:bc:1f:dc:56:17:4a:7c:8d:66:a1:17:bc:f3:02:98:ba:
92:54:80:0a:68:bb:fa:93:15:81:a6:11:3c:45:3c:6f:22:77:
04:96:2d:d2:6d:b3:b6:a2:d0:a1:1d:75:56:df:ec:fd:2e:d7:
90:19:a5:a7:63:8a:93:47:ab:1c:51:b3:01:d6:bb:3a:a0:f7:
df:0c:5a:28:23:5f:22:c6:31:38:e1:1e:4f:18:e5:40:6f:4d:
5c:0e:97:c1:33:76:48:3a:18:32:de:5b:44:ce:d1:67:7c:15:
3a:fd:f9:97:0f:59:39:35:21:fe:b6:5c:3c:d1:0a:bb:17:0e:
6a:31:1e:68:ff:c9:13:93:a0:4f:75:04:f0:98:8b:52:31:47:
67:45:71:20:bd:d0:d0:ea:d2:a4:8e:a0:95:f8:98:b9:84:73:
46:6e:a8:03:e6:c6:f4:b2:29:cc:fc:01:09:54:26:ad:2c:8d:
c4:47:b9:18:03:ad:f8:72:d7:e6:f4:5f:82:57:76:30:49:db:
31:d5:bf:4e:79:88:06:94:e5:08:12:e9:7b:79:1f:71:bf:c1:
4a:a6:a8:6a:2e:65:65:ae:f1:8e:7b:87:69:72:cf:2e:4a:7b:
ca:df:0e:0c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYTW+AJbWbby+J2FVC3RXUvnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjAzMDc1MTI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjA2YWIzYTllNTUwNjM1MDk4MDA2YjFiZDhkODgzM2Q0ODZlOTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7UEni6gnZyeBrTEk9+6UILfmqil
3YazvEM8Ya/X4ABaRwFUiC8jP+YCI1VxBYbQ1fxwu3Onv/hIxvx+nRB+nq22imdK
OcxAr9YcxV+xsD3rUFPQQ4Mf/jxo8deQjCWJOFt3IlpRlsuPHlMGqd8ux6/X5PvZ
B+oZV74btXlnrSGagXbdP2W+ATJIbfd+P1DtNWP+t3rXttoR0dRaFvc5EdQjw2LM
lakr0bZXhvw4Fj56dpTkjDiRq0vn9x4K9RQu51dZhPgXssBbsorCbTsZJuTsnZIM
/aPVsYqVbL0M2UzkiOMfwAiJoMOvjgY6pkc/OEVpSifN5FBN3/ud7zsYcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNIGqzqeVQY1CYAGsb2NiDPUhukYMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMGdhck9wNVZCalVKZ0FheHZZMklNOVNHNlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCUqM4AwQC
UqNEAwQCUqPgMA0GCSqGSIb3DQEBCwUAA4IBAQBpMxvFOR4qD98hcSjD+EmZuXS7
L7wf3FYXSnyNZqEXvPMCmLqSVIAKaLv6kxWBphE8RTxvIncEli3SbbO2otChHXVW
3+z9LteQGaWnY4qTR6scUbMB1rs6oPffDFooI18ixjE44R5PGOVAb01cDpfBM3ZI
Ohgy3ltEztFnfBU6/fmXD1k5NSH+tlw80Qq7Fw5qMR5o/8kTk6BPdQTwmItSMUdn
RXEgvdDQ6tKkjqCV+Ji5hHNGbqgD5sb0sinM/AEJVCatLI3ER7kYA634ctfm9F+C
V3YwSdsx1b9OeYgGlOUIEul7eR9xv8FKpqhqLmVlrvGOe4dpcs8uSnvK3w4M
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org