Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aA06Ap8H4MHYxFve9gwy3497wqk.roa
File: aA06Ap8H4MHYxFve9gwy3497wqk.roa (raw, json)
Hash identifier: EqCMvoj2NJh9agQnFMeJk6VDHZoDl4M3CNSft44GyC4=
Subject key identifier: 68:0D:3A:02:9F:07:E0:C1:D8:C4:5B:DE:F6:0C:32:DF:8F:7B:C2:A9
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0184EB40744C9B0857DAD6A4B762E71BF7E4
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aA06Ap8H4MHYxFve9gwy3497wqk.roa
Signing time: Wed 07 Dec 2022 06:23:00 +0000
ROA not before: Wed 07 Dec 2022 06:23:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 185.86.142.0/23 maxlen: 24
37.34.88.0/21 maxlen: 24
185.86.140.0/23 maxlen: 24
37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
46.20.210.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:40:74:4c:9b:08:57:da:d6:a4:b7:62:e7:1b:f7:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Dec 7 06:23:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=680d3a029f07e0c1d8c45bdef60c32df8f7bc2a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:67:fd:13:58:50:07:ca:33:b6:95:1b:8c:c1:
42:f4:a1:da:a5:4e:ea:bd:8c:84:b6:e0:cb:b7:97:
d3:ef:16:ad:7f:e3:64:9e:09:d7:bf:60:c0:9f:1a:
a3:e8:2a:d5:d8:01:36:a3:2a:c4:48:ec:47:df:71:
eb:81:94:06:69:14:16:23:99:1e:58:5c:6a:0d:7d:
86:54:64:cc:3c:80:7d:af:d9:bc:9d:89:eb:1f:dd:
18:9c:c7:7e:29:9a:ac:27:91:ba:8b:5b:72:4a:8c:
5c:7f:65:56:07:f0:82:21:c5:31:2b:46:05:4b:45:
ad:7c:e3:3e:45:e3:91:a7:44:e0:56:59:13:c8:ef:
a9:a9:13:62:85:fd:21:d1:6c:fd:ec:55:f0:61:3e:
63:79:ba:c7:3a:9f:13:54:8d:e5:d6:29:26:03:5d:
f3:60:5d:8d:7e:34:d4:72:66:56:11:bf:58:b5:53:
e7:b9:42:95:be:9c:8d:e2:ce:16:11:87:9b:62:f7:
8d:98:b0:4d:7e:85:f3:ce:af:2c:11:78:ce:e4:d7:
73:98:67:60:1f:8a:82:29:42:8a:f5:92:87:b6:9a:
ef:21:6c:92:68:f2:1a:ee:b5:ef:01:91:9b:2c:08:
0c:d3:f6:7f:12:76:87:ac:ad:d1:46:31:f8:ba:84:
25:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:0D:3A:02:9F:07:E0:C1:D8:C4:5B:DE:F6:0C:32:DF:8F:7B:C2:A9
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/aA06Ap8H4MHYxFve9gwy3497wqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.88.0/21
37.218.216.0/21
46.20.210.0/23
89.46.180.0/22
130.255.64.0/21
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:22:d8:32:ed:22:bf:78:e2:ea:b3:81:12:16:d2:81:ba:1e:
3c:ba:9c:f6:65:00:76:9a:7a:20:eb:84:a2:79:77:90:11:ee:
f1:9d:c4:85:b8:cf:8a:14:bf:2f:25:66:96:5b:35:a2:12:c1:
c0:1e:cf:bd:e6:b7:be:32:e9:87:27:07:61:45:a7:42:7d:45:
d1:b3:e3:5a:84:a0:11:bd:e0:35:f8:f5:6b:d0:ee:ba:0e:86:
f1:25:16:ab:f3:8c:a8:a7:91:3b:42:34:6a:60:d6:3c:48:0d:
b1:19:eb:fa:e2:1e:6b:dc:af:08:e0:b1:6f:64:57:76:58:b3:
25:ad:b5:1d:4f:06:f5:20:c7:5d:a1:74:e4:b5:ee:da:3d:04:
e6:d4:12:89:11:5f:95:54:98:35:cd:c8:d5:fb:50:76:97:35:
21:20:ae:75:26:be:e9:e9:e3:9d:c7:b7:49:c0:9e:e9:7f:56:
5b:c1:43:47:c7:75:fc:58:03:95:02:83:28:86:d0:61:81:d3:
99:96:ea:ce:2a:11:7a:28:5f:7e:25:f9:46:ce:5a:58:ca:f1:
06:9d:e8:23:ec:e5:65:7c:54:30:e4:5c:2e:1b:7a:6a:e3:70:
4c:d0:92:0f:9f:8d:04:95:95:45:5e:06:ef:ae:5b:27:cf:20:
82:00:80:5b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYTrQHRMmwhX2takt2LnG/fkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMjA3MDYyMzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODBkM2EwMjlmMDdlMGMxZDhjNDViZGVmNjBjMzJkZjhmN2JjMmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA02f9E1hQB8oztpUbjMFC9KHapU7q
vYyEtuDLt5fT7xatf+NkngnXv2DAnxqj6CrV2AE2oyrESOxH33HrgZQGaRQWI5ke
WFxqDX2GVGTMPIB9r9m8nYnrH90YnMd+KZqsJ5G6i1tySoxcf2VWB/CCIcUxK0YF
S0WtfOM+ReORp0TgVlkTyO+pqRNihf0h0Wz97FXwYT5jebrHOp8TVI3l1ikmA13z
YF2NfjTUcmZWEb9YtVPnuUKVvpyN4s4WEYebYveNmLBNfoXzzq8sEXjO5NdzmGdg
H4qCKUKK9ZKHtprvIWySaPIa7rXvAZGbLAgM0/Z/EnaHrK3RRjH4uoQl+QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGgNOgKfB+DB2MRb3vYMMt+Pe8KpMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYUEwNkFwOEg0TUhZeEZ2ZTlnd3kzNDk3d3FrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDJSJYAwQD
JdrYAwQBLhTSAwQCWS60AwQDgv9AAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUA
A4IBAQArItgy7SK/eOLqs4ESFtKBuh48upz2ZQB2mnog64SieXeQEe7xncSFuM+K
FL8vJWaWWzWiEsHAHs+95re+MumHJwdhRadCfUXRs+NahKARveA1+PVr0O66Dobx
JRar84yop5E7QjRqYNY8SA2xGev64h5r3K8I4LFvZFd2WLMlrbUdTwb1IMddoXTk
te7aPQTm1BKJEV+VVJg1zcjV+1B2lzUhIK51Jr7p6eOdx7dJwJ7pf1ZbwUNHx3X8
WAOVAoMohtBhgdOZlurOKhF6KF9+JflGzlpYyvEGnegj7OVlfFQw5FwuG3pq43BM
0JIPn40ElZVFXgbvrlsnzyCCAIBb
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org