Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1RFLtIPZJz499Mwo_FOPst63Dko.roa
File: 1RFLtIPZJz499Mwo_FOPst63Dko.roa (raw, json)
Hash identifier: zARxDsmX5lk5wQIiL+TVPz9BKDQbIU5JiSAKHvFlPaY=
Subject key identifier: D5:11:4B:B4:83:D9:27:3E:3D:F4:CC:28:FC:53:8F:B2:DE:B7:0E:4A
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183CAC9A67075513944FAAA51BD5D8185BB
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1RFLtIPZJz499Mwo_FOPst63Dko.roa
Signing time: Wed 12 Oct 2022 06:02:36 +0000
ROA not before: Wed 12 Oct 2022 06:02:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209737
IP address blocks: 82.163.172.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
92.114.40.0/22 maxlen: 24
92.114.44.0/22 maxlen: 24
149.126.92.0/22 maxlen: 24
31.186.176.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ca:c9:a6:70:75:51:39:44:fa:aa:51:bd:5d:81:85:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 12 06:02:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d5114bb483d9273e3df4cc28fc538fb2deb70e4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ea:fb:0a:04:8d:51:08:50:a9:48:8c:2d:93:
3f:ca:5b:85:a7:65:ad:a9:34:26:51:bb:08:c3:e6:
d8:1d:94:1f:91:29:8a:c5:03:f2:85:5c:41:9e:82:
83:0b:b8:02:38:2f:e9:17:e6:c8:3f:ef:1f:41:69:
a6:b8:c9:5e:dd:76:d0:ed:6a:c5:0f:a2:4f:ba:9e:
92:cc:41:c9:26:33:1d:dc:a4:54:df:38:bc:b0:48:
55:ad:3f:d5:db:5a:e1:9d:15:b3:c6:1e:68:cf:24:
a1:59:f5:30:4a:05:a2:0e:5f:00:86:17:d2:4b:48:
cd:4a:0f:16:c0:72:4b:63:a8:95:e2:ba:5f:fa:54:
5d:24:46:86:4e:64:16:ef:7b:87:e5:30:90:9b:c7:
1f:9a:2d:3e:2b:73:45:b8:2b:bc:64:20:db:88:b8:
12:4a:c0:7e:08:51:65:a6:a7:90:85:06:42:ac:24:
36:95:20:09:1b:7d:f6:67:68:6d:34:1e:d6:c3:c6:
b9:12:9a:34:dc:b2:b2:c3:8e:5e:c8:ec:17:b9:04:
87:95:ba:ec:5d:11:ee:09:2d:41:24:87:f1:75:b3:
28:ff:71:ac:3b:0a:8a:2b:43:d3:c5:c0:40:e0:f6:
82:ee:0a:f3:a8:1d:fd:d9:57:70:52:c2:de:8d:64:
1b:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:11:4B:B4:83:D9:27:3E:3D:F4:CC:28:FC:53:8F:B2:DE:B7:0E:4A
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/1RFLtIPZJz499Mwo_FOPst63Dko.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.176.0/22
82.163.168.0/21
92.114.40.0/21
149.126.92.0/22
Signature Algorithm: sha256WithRSAEncryption
14:ec:ff:12:bb:bf:c5:e9:9a:75:4b:a0:ee:e8:a6:a2:d6:36:
4c:f9:22:ff:35:bf:a1:7a:e1:93:e1:db:b2:be:bb:82:cd:fe:
3e:96:46:7c:7d:14:b1:10:1f:07:c0:c5:38:84:f9:3c:d2:29:
d4:ce:3c:f4:83:0f:65:ff:48:e8:b5:af:48:56:c5:28:6e:59:
d8:8d:72:34:dd:6d:33:e2:ba:24:5c:f1:a1:5b:1a:24:86:ec:
4e:ac:73:98:c5:1f:33:1c:27:58:6b:51:bd:26:80:b4:92:0b:
4b:c3:ac:63:8b:5f:11:20:a7:71:85:96:42:e6:33:7c:55:a5:
e6:67:cc:71:ac:b3:36:01:2d:ac:fd:2c:ff:5e:12:82:4d:c2:
8b:81:5b:29:f1:7c:17:a7:d6:ee:4d:2e:7a:9a:88:d3:26:89:
ec:bd:6c:df:d3:22:7b:4a:20:e2:2b:47:70:51:a0:be:1b:cd:
2c:1e:ce:b1:16:42:c6:5c:61:7a:48:fc:e2:36:e7:70:c9:93:
2c:ce:e5:18:e7:4a:f2:7a:3d:bf:ca:96:34:95:8a:5f:f0:c0:
28:1e:4b:5b:e1:0c:15:86:1d:ad:29:ea:0c:6a:a4:27:c2:d2:
e9:12:62:58:78:e1:88:26:f6:fe:62:89:88:ae:d8:0c:d2:43:
d2:0e:3d:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPKyaZwdVE5RPqqUb1dgYW7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDEyMDYwMjM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTExNGJiNDgzZDkyNzNlM2RmNGNjMjhmYzUzOGZiMmRlYjcwZTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAter7CgSNUQhQqUiMLZM/yluFp2Wt
qTQmUbsIw+bYHZQfkSmKxQPyhVxBnoKDC7gCOC/pF+bIP+8fQWmmuMle3XbQ7WrF
D6JPup6SzEHJJjMd3KRU3zi8sEhVrT/V21rhnRWzxh5ozyShWfUwSgWiDl8AhhfS
S0jNSg8WwHJLY6iV4rpf+lRdJEaGTmQW73uH5TCQm8cfmi0+K3NFuCu8ZCDbiLgS
SsB+CFFlpqeQhQZCrCQ2lSAJG332Z2htNB7Ww8a5Epo03LKyw45eyOwXuQSHlbrs
XRHuCS1BJIfxdbMo/3GsOwqKK0PTxcBA4PaC7grzqB392VdwUsLejWQbqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNURS7SD2Sc+PfTMKPxTj7Letw5KMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvMVJGTHRJUFpKejQ5OU13b19GT1BzdDYzRGtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7qwAwQD
UqOoAwQDXHIoAwQClX5cMA0GCSqGSIb3DQEBCwUAA4IBAQAU7P8Su7/F6Zp1S6Du
6Kai1jZM+SL/Nb+heuGT4duyvruCzf4+lkZ8fRSxEB8HwMU4hPk80inUzjz0gw9l
/0jota9IVsUoblnYjXI03W0z4rokXPGhWxokhuxOrHOYxR8zHCdYa1G9JoC0kgtL
w6xji18RIKdxhZZC5jN8VaXmZ8xxrLM2AS2s/Sz/XhKCTcKLgVsp8XwXp9buTS56
mojTJonsvWzf0yJ7SiDiK0dwUaC+G80sHs6xFkLGXGF6SPziNudwyZMszuUY50ry
ej2/ypY0lYpf8MAoHktb4QwVhh2tKeoMaqQnwtLpEmJYeOGIJvb+YomIrtgM0kPS
Dj0W
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org