Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XPc6WIa-KzN3USP2jhesQpvn_nw.roa
File: XPc6WIa-KzN3USP2jhesQpvn_nw.roa (raw, json)
Hash identifier: Tn0BuPMwfAuqt2WFE4GtAdaxBse74/sTQwF7373LgB8=
Subject key identifier: 5C:F7:3A:58:86:BE:2B:33:77:51:23:F6:8E:17:AC:42:9B:E7:FE:7C
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 01848AA6773E39F6A43B2E91370758F8CDA8
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XPc6WIa-KzN3USP2jhesQpvn_nw.roa
Signing time: Fri 18 Nov 2022 12:11:16 +0000
ROA not before: Fri 18 Nov 2022 12:11:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:8a:a6:77:3e:39:f6:a4:3b:2e:91:37:07:58:f8:cd:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Nov 18 12:11:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cf73a5886be2b33775123f68e17ac429be7fe7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:d3:f5:38:6f:f4:ca:c0:d8:15:09:1f:b8:dd:
33:6f:c6:17:fb:bd:59:4d:55:d8:e3:91:98:29:37:
f5:ec:82:15:87:c8:36:dd:53:e7:29:99:9f:b3:72:
6f:16:0f:96:49:5b:cd:06:5c:8c:e8:b8:ff:57:40:
5b:b5:3f:66:72:44:55:1d:7b:cf:7e:8a:9d:09:3c:
20:64:cf:6b:d7:46:bb:2f:c1:78:67:08:14:97:b5:
25:cd:7b:1e:13:fa:68:cf:ec:68:a8:0b:e6:ed:82:
a0:23:6f:0e:35:2b:53:ad:4c:a3:0a:38:e3:21:3c:
ec:f0:43:65:21:87:8f:69:a7:df:63:99:9c:41:9f:
33:fe:83:22:32:73:fd:da:0d:d0:63:82:38:05:77:
42:aa:28:14:f0:b5:46:a2:54:d4:b9:f3:30:cd:05:
89:78:db:af:2b:53:27:de:1d:ad:3f:91:d8:fe:6a:
f0:2b:8b:26:e3:62:79:e9:97:56:f8:19:ab:40:60:
f2:ea:29:9f:20:ec:4f:c1:bd:29:a0:4e:f7:b5:43:
2b:f0:68:dd:ae:44:00:af:86:31:f2:9e:a8:73:7c:
e8:5b:7e:f2:ba:ed:56:fb:35:de:10:d5:d3:86:40:
b8:86:22:f0:4c:39:7d:9d:4c:e3:8c:e8:fb:7c:f3:
1c:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F7:3A:58:86:BE:2B:33:77:51:23:F6:8E:17:AC:42:9B:E7:FE:7C
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/XPc6WIa-KzN3USP2jhesQpvn_nw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.216.0/21
46.20.210.0/23
130.255.64.0/21
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
44:b5:bb:fd:3a:b9:b0:86:7d:bb:ef:ed:dd:ba:1e:4f:f6:76:
9c:84:82:be:f9:1f:e4:5b:eb:c6:93:15:0e:5e:3c:ff:d0:aa:
51:e8:5a:77:f6:f0:76:65:18:0a:5c:29:c0:b6:56:df:a2:ce:
c9:5f:12:73:60:06:41:fb:85:f0:3d:c3:92:1e:4f:2a:c9:e4:
fc:ca:00:9e:6b:52:84:b8:fa:1a:9e:3b:f0:d3:b5:92:91:05:
97:c8:e8:23:38:eb:40:df:33:b0:7b:78:84:bc:b6:96:9f:6c:
d6:34:fb:49:f9:fe:46:05:0b:20:b6:a4:b1:6f:18:13:4b:d1:
78:62:e3:d3:14:6e:c5:04:e7:27:29:3c:37:cc:7e:bb:ba:7b:
26:80:3e:1e:7f:d6:87:a8:6c:41:c4:6c:78:27:61:0d:04:f0:
e8:28:02:06:bb:da:a4:60:e9:16:3c:32:20:1d:c3:2e:f6:4a:
2e:07:ef:bd:d1:ed:3c:ed:53:a0:06:2f:40:e5:43:ed:d2:45:
7c:74:46:23:23:23:f6:78:d3:b7:5e:33:9e:9e:1e:5e:c0:36:
4f:a6:06:24:8a:e7:67:cd:8a:3d:75:c3:58:dd:28:45:12:95:
15:24:69:43:5f:23:75:e8:c2:a4:d5:c6:70:c2:c1:d6:b1:d1:
3f:40:bd:17
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSKpnc+OfakOy6RNwdY+M2oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMTE4MTIxMTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Y3M2E1ODg2YmUyYjMzNzc1MTIzZjY4ZTE3YWM0MjliZTdmZTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh9P1OG/0ysDYFQkfuN0zb8YX+71Z
TVXY45GYKTf17IIVh8g23VPnKZmfs3JvFg+WSVvNBlyM6Lj/V0BbtT9mckRVHXvP
foqdCTwgZM9r10a7L8F4ZwgUl7UlzXseE/poz+xoqAvm7YKgI28ONStTrUyjCjjj
ITzs8ENlIYePaaffY5mcQZ8z/oMiMnP92g3QY4I4BXdCqigU8LVGolTUufMwzQWJ
eNuvK1Mn3h2tP5HY/mrwK4sm42J56ZdW+BmrQGDy6imfIOxPwb0poE73tUMr8Gjd
rkQAr4Yx8p6oc3zoW37yuu1W+zXeENXThkC4hiLwTDl9nUzjjOj7fPMcDQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFz3OliGviszd1Ej9o4XrEKb5/58MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvWFBjNldJYS1Lek4zVVNQMmpoZXNRcHZuX253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCH7q0AwQD
JdrYAwQBLhTSAwQDgv9AAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQBE
tbv9Ormwhn277+3duh5P9nachIK++R/kW+vGkxUOXjz/0KpR6Fp39vB2ZRgKXCnA
tlbfos7JXxJzYAZB+4XwPcOSHk8qyeT8ygCea1KEuPoanjvw07WSkQWXyOgjOOtA
3zOwe3iEvLaWn2zWNPtJ+f5GBQsgtqSxbxgTS9F4YuPTFG7FBOcnKTw3zH67unsm
gD4ef9aHqGxBxGx4J2ENBPDoKAIGu9qkYOkWPDIgHcMu9kouB++90e087VOgBi9A
5UPt0kV8dEYjIyP2eNO3XjOenh5ewDZPpgYkiudnzYo9dcNY3ShFEpUVJGlDXyN1
6MKk1cZwwsHWsdE/QL0X
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org