Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1JKqy0rcYyPQ-_6_isRAv3d_BDc.roa
File: 1JKqy0rcYyPQ-_6_isRAv3d_BDc.roa (raw, json)
Hash identifier: KKv2UkHCdKnPYy8qNbtIsCCEVIh4ZOxNtwsdVmY2EHc=
Subject key identifier: D4:92:AA:CB:4A:DC:63:23:D0:FB:FE:BF:8A:C4:40:BF:77:7F:04:37
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183E751F70E1B2D3D1D2A44EC5CDF1D165E
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1JKqy0rcYyPQ-_6_isRAv3d_BDc.roa
Signing time: Mon 17 Oct 2022 19:00:52 +0000
ROA not before: Mon 17 Oct 2022 19:00:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
89.46.176.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e7:51:f7:0e:1b:2d:3d:1d:2a:44:ec:5c:df:1d:16:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 17 19:00:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d492aacb4adc6323d0fbfebf8ac440bf777f0437
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:bd:41:e0:16:b9:7b:d1:32:f8:5b:a5:51:8f:
d4:83:aa:4f:88:b0:d4:bd:9b:cc:47:f4:54:c3:52:
ff:d8:4f:24:32:34:ff:ef:54:4e:79:29:52:86:50:
80:aa:8b:1d:d6:6d:d4:0f:0a:0c:d2:46:56:a6:c6:
5f:29:10:82:c3:6e:74:b3:c9:0a:0c:43:9d:87:83:
34:17:44:8f:51:38:0b:d8:c1:44:8f:28:99:f8:48:
58:95:cf:43:53:f4:32:54:e6:f4:7e:b2:eb:a0:0b:
68:c5:c1:a2:3d:81:22:be:b1:dc:f8:55:06:c5:0f:
6e:e7:c8:a7:c3:48:0d:72:f1:d5:b4:63:6e:4d:19:
4e:b6:8b:a7:fb:29:32:de:3d:2d:09:87:83:35:cf:
47:01:20:c8:64:f1:7e:36:27:4c:aa:80:3b:3e:d6:
26:c0:12:39:1c:60:4e:89:d5:33:f5:bb:7a:cd:f4:
43:20:13:ad:f8:cb:bd:d2:86:1e:cb:11:e1:9b:5d:
a7:1f:d0:c9:2b:3f:6c:ed:90:8b:22:9d:e3:37:1f:
4d:26:76:a7:d5:d7:47:3e:7f:78:a6:c7:d4:4d:26:
7a:8a:e8:1e:09:ba:06:d1:14:a4:f4:65:89:a9:af:
93:d9:53:b1:d4:8a:38:1f:ec:dd:15:b3:d2:63:4b:
31:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:92:AA:CB:4A:DC:63:23:D0:FB:FE:BF:8A:C4:40:BF:77:7F:04:37
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1JKqy0rcYyPQ-_6_isRAv3d_BDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.216.0/21
89.46.176.0/21
130.255.64.0/21
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:ab:e8:27:51:cd:69:28:37:dc:79:1b:78:45:e9:c7:75:ad:
02:f6:41:0e:c6:ac:98:8f:24:bc:9f:fc:c1:a3:23:1d:9e:27:
13:7c:ae:6e:ef:83:44:dc:dd:4c:8e:30:e3:2e:d4:30:94:4c:
31:39:59:e9:b6:27:0a:0e:6c:03:c5:38:08:92:ba:62:10:b6:
c9:e7:1a:37:5a:2b:27:5b:50:0b:9f:31:ba:33:ad:7b:ba:97:
b4:ef:6c:e0:62:ff:40:3d:67:2d:7e:c2:8f:51:f3:d0:2d:12:
2c:1f:c2:d2:b7:71:76:7a:f2:2d:ff:54:a6:dc:a2:5d:50:db:
4f:fd:3d:80:09:f4:e9:9b:0f:7d:7d:3d:c6:c4:a7:e4:b2:8b:
71:b4:70:7b:ee:b4:7a:63:92:e5:e6:3f:53:44:06:00:3a:72:
d0:e5:a4:de:c5:73:1d:7b:52:29:d0:58:e7:bb:1f:c7:76:1d:
4e:be:cb:a3:3a:b7:b0:21:8f:48:76:43:23:76:2c:a1:1b:a2:
e6:3e:5d:01:96:1d:04:02:b1:22:d6:e4:65:86:8f:f9:da:c0:
56:8f:70:f2:3d:e8:d5:b0:38:38:6c:17:14:86:f6:de:f3:13:
b5:c1:c6:d8:44:31:3c:14:35:cc:ab:f3:e2:62:85:5c:7e:b2:
72:04:a4:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYPnUfcOGy09HSpE7FzfHRZeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDE3MTkwMDUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDkyYWFjYjRhZGM2MzIzZDBmYmZlYmY4YWM0NDBiZjc3N2YwNDM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgb1B4Ba5e9Ey+FulUY/Ug6pPiLDU
vZvMR/RUw1L/2E8kMjT/71ROeSlShlCAqosd1m3UDwoM0kZWpsZfKRCCw250s8kK
DEOdh4M0F0SPUTgL2MFEjyiZ+EhYlc9DU/QyVOb0frLroAtoxcGiPYEivrHc+FUG
xQ9u58inw0gNcvHVtGNuTRlOtoun+yky3j0tCYeDNc9HASDIZPF+NidMqoA7PtYm
wBI5HGBOidUz9bt6zfRDIBOt+Mu90oYeyxHhm12nH9DJKz9s7ZCLIp3jNx9NJnan
1ddHPn94psfUTSZ6iugeCboG0RSk9GWJqa+T2VOx1Io4H+zdFbPSY0sxMQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNSSqstK3GMj0Pv+v4rEQL93fwQ3MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMUpLcXkwcmNZeVBRLV82X2lzUkF2M2RfQkRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH7q0AwQD
JdrYAwQDWS6wAwQDgv9AAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQAcq+gnUc1p
KDfceRt4RenHda0C9kEOxqyYjyS8n/zBoyMdnicTfK5u74NE3N1MjjDjLtQwlEwx
OVnpticKDmwDxTgIkrpiELbJ5xo3WisnW1ALnzG6M617upe072zgYv9APWctfsKP
UfPQLRIsH8LSt3F2evIt/1Sm3KJdUNtP/T2ACfTpmw99fT3GxKfksotxtHB77rR6
Y5Ll5j9TRAYAOnLQ5aTexXMde1Ip0Fjnux/Hdh1OvsujOrewIY9IdkMjdiyhG6Lm
Pl0Blh0EArEi1uRlho/52sBWj3DyPejVsDg4bBcUhvbe8xO1wcbYRDE8FDXMq/Pi
YoVcfrJyBKT1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org