Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VdE0ZrrnGwIjsteOY5lICIys_mE.roa
File: VdE0ZrrnGwIjsteOY5lICIys_mE.roa (raw, json)
Hash identifier: FR4/0at5dZ0st4rXwnqCzY8fRL+sikXjd3M/siLUtOY=
Subject key identifier: 55:D1:34:66:BA:E7:1B:02:23:B2:D7:8E:63:99:48:08:8C:AC:FE:61
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01847F1EC409A5ADAB7743BD945186533D51
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VdE0ZrrnGwIjsteOY5lICIys_mE.roa
Signing time: Wed 16 Nov 2022 06:27:13 +0000
ROA not before: Wed 16 Nov 2022 06:27:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 49999
IP address blocks: 149.126.88.0/22 maxlen: 24
46.20.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7f:1e:c4:09:a5:ad:ab:77:43:bd:94:51:86:53:3d:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 16 06:27:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=55d13466bae71b0223b2d78e639948088cacfe61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:de:62:90:08:8b:2a:0a:5d:a4:74:e5:d6:9e:
ad:79:08:c4:bd:a1:d1:cc:66:4a:ca:0b:a4:2f:da:
2c:09:d6:0d:fd:7d:a7:30:72:23:a7:66:3c:60:fc:
3f:7b:da:8c:3a:f5:9e:9c:e2:cb:54:cf:2b:96:a1:
a3:7d:fa:03:0b:82:4d:9d:4f:f3:1f:8e:8a:b3:08:
bb:41:60:5e:70:c3:9e:7c:4f:28:c7:58:1f:ca:4d:
f9:07:00:c6:34:7e:6b:3e:e5:f5:bf:ff:c3:ea:86:
84:0e:f4:68:31:3e:a5:de:67:08:8e:9f:5e:af:dd:
6c:db:46:18:85:29:22:b9:e9:a2:d2:df:d2:a8:2f:
48:de:48:11:0a:75:bd:bc:20:7e:62:59:bb:5c:fc:
bb:f2:d1:16:13:ae:46:45:85:6f:57:27:03:1a:77:
37:21:7a:de:d2:c4:9c:2a:6b:26:2c:a4:5e:06:4c:
44:cd:27:10:db:c6:85:42:50:38:72:ff:22:9b:1d:
a1:ad:77:ac:26:19:8a:c8:f6:11:77:96:9d:af:5f:
b9:c2:4a:2f:84:bb:7a:c7:ab:14:14:ea:2a:bf:05:
26:cb:96:f4:34:52:0d:31:8f:28:0b:1f:62:b1:1e:
f7:30:2a:cc:e2:6c:b0:f7:5e:3e:8a:cf:8c:f4:74:
cc:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:D1:34:66:BA:E7:1B:02:23:B2:D7:8E:63:99:48:08:8C:AC:FE:61
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/VdE0ZrrnGwIjsteOY5lICIys_mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.212.0/22
149.126.88.0/22
Signature Algorithm: sha256WithRSAEncryption
80:ed:ce:d6:07:a7:3d:89:da:38:58:55:3b:74:01:63:c1:00:
aa:4d:35:f4:28:d6:7d:e9:04:9a:46:68:0f:c4:35:74:21:e2:
a1:c2:87:70:fc:b5:53:99:68:4d:3f:fc:f2:70:cf:ce:cd:2b:
84:37:71:f1:46:d0:54:9d:43:65:80:6f:80:f9:49:94:e5:64:
cd:ec:5a:43:73:2a:5d:10:f8:ee:f3:0f:ee:b4:ec:23:19:39:
ed:5c:63:ff:1c:ef:39:be:b8:2f:12:1a:97:cb:19:d1:1d:22:
9d:d3:1b:65:54:36:d1:66:7b:12:f6:07:a4:6b:2e:83:84:fa:
0c:fb:79:40:bd:45:a0:2c:1d:81:7e:ec:c2:32:42:70:50:48:
0a:bf:9d:e0:1c:70:4c:e8:4b:8e:75:f6:68:23:11:d5:fe:4d:
d7:e2:6a:9a:c9:9c:81:26:59:93:ef:64:15:f7:1f:c7:da:02:
d4:25:49:fd:5f:c3:de:7f:12:e3:eb:51:66:c1:ec:59:8b:81:
d0:1f:5e:b0:3a:19:be:3e:78:bb:94:89:72:f1:70:f2:00:df:
9a:c9:f4:d7:ef:d2:ec:c8:9b:be:59:2b:c3:31:4b:d7:5c:53:
71:f1:8a:04:22:08:55:3f:7f:94:6a:4f:f7:1d:58:a9:b7:eb:
c0:05:87:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYR/HsQJpa2rd0O9lFGGUz1RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMTE2MDYyNzEzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWQxMzQ2NmJhZTcxYjAyMjNiMmQ3OGU2Mzk5NDgwODhjYWNmZTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnd5ikAiLKgpdpHTl1p6teQjEvaHR
zGZKygukL9osCdYN/X2nMHIjp2Y8YPw/e9qMOvWenOLLVM8rlqGjffoDC4JNnU/z
H46Kswi7QWBecMOefE8ox1gfyk35BwDGNH5rPuX1v//D6oaEDvRoMT6l3mcIjp9e
r91s20YYhSkiuemi0t/SqC9I3kgRCnW9vCB+Ylm7XPy78tEWE65GRYVvVycDGnc3
IXre0sScKmsmLKReBkxEzScQ28aFQlA4cv8imx2hrXesJhmKyPYRd5adr1+5wkov
hLt6x6sUFOoqvwUmy5b0NFINMY8oCx9isR73MCrM4myw914+is+M9HTMvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFXRNGa65xsCI7LXjmOZSAiMrP5hMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvVmRFMFpycm5Hd0lqc3RlT1k1bElDSXlzX21FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLhTUAwQC
lX5YMA0GCSqGSIb3DQEBCwUAA4IBAQCA7c7WB6c9ido4WFU7dAFjwQCqTTX0KNZ9
6QSaRmgPxDV0IeKhwodw/LVTmWhNP/zycM/OzSuEN3HxRtBUnUNlgG+A+UmU5WTN
7FpDcypdEPju8w/utOwjGTntXGP/HO85vrgvEhqXyxnRHSKd0xtlVDbRZnsS9gek
ay6DhPoM+3lAvUWgLB2BfuzCMkJwUEgKv53gHHBM6EuOdfZoIxHV/k3X4mqayZyB
JlmT72QV9x/H2gLUJUn9X8PefxLj61FmwexZi4HQH16wOhm+Pni7lIly8XDyAN+a
yfTX79LsyJu+WSvDMUvXXFNx8YoEIghVP3+Uak/3HVipt+vABYcP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org