Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/B4H0mSuN3wegnQeTt1UzIM2iO38.roa
File: B4H0mSuN3wegnQeTt1UzIM2iO38.roa (raw, json)
Hash identifier: l6kHLCxTvc/8m4feMRgmbXPALEfR6r9pscSdcbn4Iyk=
Subject key identifier: 07:81:F4:99:2B:8D:DF:07:A0:9D:07:93:B7:55:33:20:CD:A2:3B:7F
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 3DC260
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/B4H0mSuN3wegnQeTt1UzIM2iO38.roa
Signing time: Sat 26 Mar 2022 13:07:43 +0000
ROA not before: Sat 26 Mar 2022 13:07:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51440
IP address blocks: 89.46.179.0/24 maxlen: 24
89.46.178.0/24 maxlen: 24
89.46.177.0/24 maxlen: 24
89.46.176.0/21 maxlen: 21
89.46.176.0/24 maxlen: 24
89.46.183.0/24 maxlen: 24
89.46.182.0/24 maxlen: 24
89.46.181.0/24 maxlen: 24
89.46.180.0/24 maxlen: 24
185.86.143.0/24 maxlen: 24
185.86.142.0/24 maxlen: 24
185.86.141.0/24 maxlen: 24
185.86.140.0/24 maxlen: 24
185.86.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 4047456 (0x3dc260)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Mar 26 13:07:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0781f4992b8ddf07a09d0793b7553320cda23b7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:f3:61:6f:6e:3e:57:4f:57:d8:6c:d4:88:84:
a7:93:61:df:da:3a:24:90:23:0e:92:45:dd:0a:2a:
54:2a:79:d5:52:bb:ff:dc:e7:1b:1c:39:95:40:3a:
fc:c9:70:f2:e3:20:0d:05:54:bf:17:da:84:41:1f:
05:c2:e9:c0:49:11:84:ee:69:9e:cf:f8:a8:18:1f:
9b:a1:10:10:a8:0c:a0:81:28:c9:b8:82:05:14:1b:
83:f4:17:d7:42:ba:d6:78:ce:2c:65:16:20:2e:46:
27:ce:26:fb:b7:15:6b:11:ee:05:12:94:a2:8b:9a:
10:a9:89:fc:6e:be:f8:dd:ac:28:b3:32:2d:3a:30:
c1:91:a6:ed:b8:ff:cd:47:35:1e:fc:6a:b2:b6:b1:
31:32:dd:39:b2:5f:24:ce:40:db:f9:48:e3:65:12:
50:de:c9:fa:18:aa:94:7d:17:72:7a:dd:e0:39:c5:
7e:7e:19:fa:75:13:23:03:3b:29:ae:6a:06:77:dd:
b7:4a:14:01:09:b9:df:6b:c0:dc:b2:71:44:7c:5b:
ba:ca:c6:fe:30:33:43:78:51:91:9b:32:86:f1:f2:
77:73:a0:b0:bd:29:bd:13:99:5a:4b:b9:eb:91:20:
e1:4f:c9:16:30:84:fa:c1:72:ab:6d:c1:c4:5e:e6:
7e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:81:F4:99:2B:8D:DF:07:A0:9D:07:93:B7:55:33:20:CD:A2:3B:7F
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/B4H0mSuN3wegnQeTt1UzIM2iO38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.176.0/21
185.86.140.0/22
Signature Algorithm: sha256WithRSAEncryption
41:69:5a:22:6a:12:f8:4a:1f:59:74:7b:9a:78:03:72:cb:55:
be:e3:cb:26:60:df:7d:c4:21:96:1e:8a:e6:14:87:1a:08:b3:
5c:3e:68:1d:1e:72:6e:46:cc:98:84:b6:30:5f:68:aa:08:e4:
29:79:e1:6a:b5:ee:be:75:c6:11:58:90:b6:6a:30:63:37:88:
a7:a8:33:3f:47:58:18:ac:ec:c2:b8:ec:65:9d:0c:ad:44:a6:
29:32:22:84:26:08:79:a7:27:a1:2b:02:2a:4e:54:43:ea:ad:
d9:ee:99:a4:b2:5e:3b:14:cf:75:c7:59:a6:0c:6e:a1:49:2e:
b3:f4:8a:60:c8:4b:27:41:78:eb:8a:2a:51:b2:32:c1:65:82:
51:28:73:c6:3c:e4:05:fa:39:da:3b:87:db:13:46:10:1a:a3:
14:89:16:9f:2e:5e:39:47:26:79:c0:0f:36:4e:6a:56:1b:3c:
50:89:35:fa:72:1d:2e:7c:1f:dd:03:2c:5e:2f:b9:69:b6:50:
6d:5a:d6:1f:67:e2:e0:2b:13:7b:47:3d:69:7e:44:28:be:ef:
f4:88:02:6e:13:94:94:a9:cb:5b:6c:50:52:67:bd:37:ff:52:
11:d2:3b:bf:61:27:c3:dc:20:64:b0:3a:35:dd:90:13:32:d9:
c7:80:62:dd
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDPcJgMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDg2
Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2N2IxZTQwHhcNMjIwMzI2
MTMwNzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEygwNzgxZjQ5OTJiOGRk
ZjA3YTA5ZDA3OTNiNzU1MzMyMGNkYTIzYjdmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA7fNhb24+V09X2GzUiISnk2Hf2jokkCMOkkXdCipUKnnVUrv/
3OcbHDmVQDr8yXDy4yANBVS/F9qEQR8FwunASRGE7mmez/ioGB+boRAQqAyggSjJ
uIIFFBuD9BfXQrrWeM4sZRYgLkYnzib7txVrEe4FEpSii5oQqYn8br743awoszIt
OjDBkabtuP/NRzUe/GqytrExMt05sl8kzkDb+UjjZRJQ3sn6GKqUfRdyet3gOcV+
fhn6dRMjAzsprmoGd923ShQBCbnfa8DcsnFEfFu6ysb+MDNDeFGRmzKG8fJ3c6Cw
vSm9E5laS7nrkSDhT8kWMIT6wXKrbcHEXuZ+FwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFAeB9Jkrjd8HoJ0Hk7dVMyDNojt/MB8GA1UdIwQYMBaAFIbM4G5w35cNkKv+
PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
aHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4LzEv
QjRIMG1TdU4zd2VnblFlVHQxVXpJTTJpTzM4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82
NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4LzEvaHN6Z2JuRGZsdzJR
cV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWS6wAwQCuVaMMA0GCSqGSIb3DQEB
CwUAA4IBAQBBaVoiahL4Sh9ZdHuaeANyy1W+48smYN99xCGWHormFIcaCLNcPmgd
HnJuRsyYhLYwX2iqCOQpeeFqte6+dcYRWJC2ajBjN4inqDM/R1gYrOzCuOxlnQyt
RKYpMiKEJgh5pyehKwIqTlRD6q3Z7pmksl47FM91x1mmDG6hSS6z9IpgyEsnQXjr
iipRsjLBZYJRKHPGPOQF+jnaO4fbE0YQGqMUiRafLl45RyZ5wA82TmpWGzxQiTX6
ch0ufB/dAyxeL7lptlBtWtYfZ+LgKxN7Rz1pfkQovu/0iAJuE5SUqctbbFBSZ703
/1IR0ju/YSfD3CBksDo13ZATMtnHgGLd
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org