Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-k8l8kdcZLYGKjq6oxlDEgOug8A.roa
File: 1-k8l8kdcZLYGKjq6oxlDEgOug8A.roa (raw, json)
Hash identifier: 7EKaFBRhCN3iK/l0gEQd4eqyrySL0M0cuORsdZttY3Y=
Subject key identifier: FA:4F:25:F2:47:5C:64:B6:06:2A:3A:BA:A3:19:43:12:03:AE:83:C0
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0185291BF0CD000B14072939A5B322B6DCD4
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-k8l8kdcZLYGKjq6oxlDEgOug8A.roa
Signing time: Mon 19 Dec 2022 06:39:34 +0000
ROA not before: Mon 19 Dec 2022 06:39:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.46.180.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
185.86.142.0/23 maxlen: 24
37.34.88.0/21 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.120.0/22 maxlen: 24
188.215.124.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:29:1b:f0:cd:00:0b:14:07:29:39:a5:b3:22:b6:dc:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 19 06:39:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fa4f25f2475c64b6062a3abaa319431203ae83c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c9:d6:f6:79:ae:dc:a0:b7:dd:65:fd:3f:77:
7b:96:c0:d4:f3:fc:97:1a:cc:3a:3c:1a:94:4c:8f:
6d:e0:16:80:b3:b8:1e:a4:f3:44:9b:5e:36:91:43:
f9:ed:ac:0e:2f:39:e4:ad:35:9d:04:26:06:ce:6e:
69:42:fd:3b:d5:bb:e0:81:13:86:04:50:f4:5f:69:
29:58:21:8d:6c:78:93:b2:5b:9b:f2:05:93:62:ff:
bc:e8:57:d3:21:aa:8c:54:e2:ab:4c:07:17:c0:c0:
35:8e:ee:39:ef:0f:c0:c9:a6:d8:58:7a:ce:9b:22:
57:9b:49:53:5c:19:31:60:b4:7d:07:d4:ab:5a:e6:
60:c5:0b:52:f2:ea:3b:80:7a:ed:85:97:50:e9:8b:
51:20:60:95:ee:69:ab:ef:c5:f2:8b:67:ef:1b:62:
6e:eb:c6:b0:ae:2b:b6:c7:a1:9d:bb:67:13:f3:3a:
17:32:9d:1b:e5:dc:5c:30:db:0b:62:31:13:da:5d:
6c:45:f7:be:aa:fa:43:05:1a:e3:0e:93:13:8b:e0:
dd:68:16:be:85:19:20:1e:45:86:83:b8:84:9a:f7:
46:04:70:4d:f5:46:b4:15:7b:a2:f2:83:59:a3:a5:
4c:00:80:99:00:46:73:48:3f:d8:9f:dd:f8:66:8e:
ae:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4F:25:F2:47:5C:64:B6:06:2A:3A:BA:A3:19:43:12:03:AE:83:C0
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1-k8l8kdcZLYGKjq6oxlDEgOug8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.34.88.0/21
37.218.208.0/20
46.20.210.0/23
89.46.180.0/22
130.255.64.0/21
149.126.88.0/22
185.86.140.0/22
188.215.120.0/21
Signature Algorithm: sha256WithRSAEncryption
54:2e:e8:06:65:ec:73:bc:96:a4:e6:c6:fa:83:cb:4d:c7:4b:
f4:73:f9:d4:2a:da:02:11:9c:b1:54:69:c6:f2:a5:5f:00:71:
68:38:4f:e0:35:e3:de:c8:be:66:66:6c:8e:7b:d9:d8:7d:6c:
fb:ac:21:31:80:18:e3:cb:00:72:79:d0:48:b5:d0:3a:69:12:
f3:41:72:45:fd:6c:1d:82:8d:56:fc:a6:b9:26:c7:c1:8f:55:
3f:82:01:e7:da:b3:b8:39:1b:43:23:3f:74:45:2e:a6:48:12:
a0:7e:be:89:4f:44:03:d4:00:af:f6:52:d8:2d:ce:9b:f8:16:
55:9e:da:95:6e:95:fd:d3:b0:69:56:49:05:99:ea:c9:71:3a:
e9:64:f9:b2:dd:a5:dc:dd:55:0c:47:58:bb:fb:71:e1:79:e3:
2a:c5:e5:dc:05:a6:35:9c:ef:7b:56:48:65:00:8c:d1:79:6d:
e1:54:81:ef:32:22:a4:14:42:56:95:2c:28:3e:81:df:da:ba:
a2:42:fa:e2:3a:74:7d:9a:ae:46:d4:7f:6a:e8:ad:92:a9:cb:
88:13:0b:bb:bb:59:49:2e:4b:4f:9d:5d:ab:58:3e:01:79:f4:
91:80:c5:32:57:1e:6e:53:8d:35:9f:a7:76:c0:d9:2e:77:9f:
88:12:82:b7
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYUpG/DNAAsUByk5pbMittzUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjE5MDYzOTM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRmMjVmMjQ3NWM2NGI2MDYyYTNhYmFhMzE5NDMxMjAzYWU4M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkcnW9nmu3KC33WX9P3d7lsDU8/yX
Gsw6PBqUTI9t4BaAs7gepPNEm142kUP57awOLznkrTWdBCYGzm5pQv071bvggROG
BFD0X2kpWCGNbHiTslub8gWTYv+86FfTIaqMVOKrTAcXwMA1ju457w/AyabYWHrO
myJXm0lTXBkxYLR9B9SrWuZgxQtS8uo7gHrthZdQ6YtRIGCV7mmr78Xyi2fvG2Ju
68awriu2x6Gdu2cT8zoXMp0b5dxcMNsLYjET2l1sRfe+qvpDBRrjDpMTi+DdaBa+
hRkgHkWGg7iEmvdGBHBN9Ua0FXui8oNZo6VMAICZAEZzSD/Yn934Zo6uxQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPpPJfJHXGS2Bio6uqMZQxIDroPAMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMS1rOGw4a2RjWkxZR0tqcTZveGxERWdPdWc4QS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvNjZmMDVjLTc0MWMtNDcyMC1iYzdlLTg5NzE0YTdlOGQ1
OC8xL2hzemdibkRmbHcyUXFfNDh2bi1vZ3ZSbnNlUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAh+6tAME
AyUiWAMEBCXa0AMEAS4U0gMEAlkutAMEA4L/QAMEApV+WAMEArlWjAMEA7zXeDAN
BgkqhkiG9w0BAQsFAAOCAQEAVC7oBmXsc7yWpObG+oPLTcdL9HP51CraAhGcsVRp
xvKlXwBxaDhP4DXj3si+ZmZsjnvZ2H1s+6whMYAY48sAcnnQSLXQOmkS80FyRf1s
HYKNVvymuSbHwY9VP4IB59qzuDkbQyM/dEUupkgSoH6+iU9EA9QAr/ZS2C3Om/gW
VZ7alW6V/dOwaVZJBZnqyXE66WT5st2l3N1VDEdYu/tx4XnjKsXl3AWmNZzve1ZI
ZQCM0Xlt4VSB7zIipBRCVpUsKD6B39q6okL64jp0fZquRtR/auitkqnLiBMLu7tZ
SS5LT51dq1g+AXn0kYDFMlceblONNZ+ndsDZLnefiBKCtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org