Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5IWlk6LotuX6VSi__O0Ct_eWKX4.roa
File: 5IWlk6LotuX6VSi__O0Ct_eWKX4.roa (raw, json)
Hash identifier: Zlffna9IGp3zYZd5G9HVCAjwwvF/q2VaOtg6Kf1u2hk=
Subject key identifier: E4:85:A5:93:A2:E8:B6:E5:FA:55:28:BF:FC:ED:02:B7:F7:96:29:7E
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0184D6F71862B7347564B6B8A47272CFF512
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5IWlk6LotuX6VSi__O0Ct_eWKX4.roa
Signing time: Sat 03 Dec 2022 07:50:28 +0000
ROA not before: Sat 03 Dec 2022 07:50:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:d6:f7:18:62:b7:34:75:64:b6:b8:a4:72:72:cf:f5:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 3 07:50:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e485a593a2e8b6e5fa5528bffced02b7f796297e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:84:ca:87:a0:02:fd:7f:f3:42:89:d2:4a:9d:
1a:4f:15:bc:60:69:48:be:5c:3a:68:7f:a6:5c:05:
1b:72:14:ca:29:d4:e5:8c:56:b1:ac:19:ea:42:f1:
c4:16:c1:a7:34:36:20:93:a8:50:10:dd:27:f4:b6:
7f:be:a9:75:62:85:ac:ae:43:01:e6:1e:cb:be:34:
8b:69:9b:50:2a:50:6f:22:10:49:1c:2e:61:34:7e:
f0:a1:7b:ee:cb:e5:e5:98:84:fe:c6:ea:a2:c1:de:
9b:71:92:1e:d1:eb:72:f6:f5:bc:4d:01:7e:bb:06:
8c:56:81:cd:a3:ce:b9:06:37:10:0b:38:c1:eb:52:
4e:03:8d:f7:fa:f9:ef:4d:4d:c5:18:93:19:a9:3a:
9f:44:15:6b:21:3e:1a:c0:bc:3f:2a:44:b9:29:db:
79:d7:94:b0:82:e1:dc:13:e4:f0:d1:0a:ad:58:f5:
c9:36:61:f4:34:9f:7c:54:5d:c4:fc:1c:0d:b9:3e:
6b:5e:59:81:77:d0:06:8b:d0:36:22:19:a5:75:93:
ec:76:4f:fc:ff:a5:cb:e1:e7:f2:fe:a1:52:bc:32:
89:a8:18:de:70:9e:ec:97:74:1e:44:97:f7:20:43:
0f:1b:11:7e:17:e4:71:c2:03:43:b9:65:69:e5:45:
c4:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:85:A5:93:A2:E8:B6:E5:FA:55:28:BF:FC:ED:02:B7:F7:96:29:7E
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5IWlk6LotuX6VSi__O0Ct_eWKX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.216.0/21
46.20.210.0/23
89.46.180.0/22
130.255.64.0/21
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
70:f2:18:69:9c:6f:69:e0:bc:65:25:99:a8:27:35:37:10:f2:
27:4e:be:e7:2e:fc:90:86:c9:56:d4:5e:21:4c:a9:ce:31:6b:
1c:70:e2:dc:e1:09:e2:df:36:9c:d3:80:8b:54:67:0a:5a:1a:
86:dc:ff:f4:60:ba:8c:e1:6f:ff:32:d6:78:30:be:cf:d8:c0:
68:ec:12:16:c7:31:91:26:1b:9c:73:bc:a3:89:b7:b1:e4:75:
89:49:67:d6:f1:5d:0e:d9:36:df:d2:a9:f7:e8:c5:1b:86:16:
cc:40:fa:90:94:b0:d9:8b:f0:0f:cf:2b:50:25:a6:de:e3:97:
54:5d:85:55:28:00:b2:b7:4b:3c:39:69:03:91:3d:45:4e:7b:
31:67:b8:6d:6c:8c:b3:ff:d9:46:13:06:be:92:d3:fd:23:45:
21:6a:b4:78:8f:27:af:19:f3:ee:1f:2b:b9:01:fd:f3:3d:c2:
ab:83:fc:c2:73:70:cc:16:ab:1e:93:d2:6e:0b:ec:1a:b8:24:
20:b0:be:ea:3d:8e:b9:be:04:78:d8:57:2b:a1:92:3e:00:f8:
e1:73:84:e4:55:e8:25:7a:06:34:72:43:9b:32:ae:46:b1:b1:
f3:a5:ce:e2:68:a1:34:d0:2a:d1:6f:f6:b8:f2:9b:57:65:10:
d4:14:18:aa
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYTW9xhitzR1ZLa4pHJyz/USMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjAzMDc1MDI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDg1YTU5M2EyZThiNmU1ZmE1NTI4YmZmY2VkMDJiN2Y3OTYyOTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjoTKh6AC/X/zQonSSp0aTxW8YGlI
vlw6aH+mXAUbchTKKdTljFaxrBnqQvHEFsGnNDYgk6hQEN0n9LZ/vql1YoWsrkMB
5h7LvjSLaZtQKlBvIhBJHC5hNH7woXvuy+XlmIT+xuqiwd6bcZIe0ety9vW8TQF+
uwaMVoHNo865BjcQCzjB61JOA433+vnvTU3FGJMZqTqfRBVrIT4awLw/KkS5Kdt5
15SwguHcE+Tw0QqtWPXJNmH0NJ98VF3E/BwNuT5rXlmBd9AGi9A2IhmldZPsdk/8
/6XL4efy/qFSvDKJqBjecJ7sl3QeRJf3IEMPGxF+F+RxwgNDuWVp5UXEDQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFOSFpZOi6Lbl+lUov/ztArf3lil+MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNUlXbGs2TG90dVg2VlNpX19PMEN0X2VXS1g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDJdrYAwQB
LhTSAwQCWS60AwQDgv9AAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQBw
8hhpnG9p4LxlJZmoJzU3EPInTr7nLvyQhslW1F4hTKnOMWsccOLc4Qni3zac04CL
VGcKWhqG3P/0YLqM4W//MtZ4ML7P2MBo7BIWxzGRJhucc7yjibex5HWJSWfW8V0O
2Tbf0qn36MUbhhbMQPqQlLDZi/APzytQJabe45dUXYVVKACyt0s8OWkDkT1FTnsx
Z7htbIyz/9lGEwa+ktP9I0UharR4jyevGfPuHyu5Af3zPcKrg/zCc3DMFqsek9Ju
C+wauCQgsL7qPY65vgR42FcroZI+APjhc4TkVeglegY0ckObMq5GsbHzpc7iaKE0
0CrRb/a48ptXZRDUFBiq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:46 2024 by rpki-client on console-ams.rpki-client.org