Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ac5ClLsMs5PDGvcYaHR93710SYQ.roa
File: ac5ClLsMs5PDGvcYaHR93710SYQ.roa (raw, json)
Hash identifier: O8kbxc0xSAP+lDU9n0bSju0YcS5G2YaVhZX3GKRZMO4=
Subject key identifier: 69:CE:42:94:BB:0C:B3:93:C3:1A:F7:18:68:74:7D:DF:BD:74:49:84
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183BD3F3D83079DF67EE9ECC05027DD92F8
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ac5ClLsMs5PDGvcYaHR93710SYQ.roa
Signing time: Sun 09 Oct 2022 14:56:21 +0000
ROA not before: Sun 09 Oct 2022 14:56:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 188.215.124.0/22 maxlen: 24
89.46.176.0/22 maxlen: 24
89.46.180.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:bd:3f:3d:83:07:9d:f6:7e:e9:ec:c0:50:27:dd:92:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 9 14:56:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=69ce4294bb0cb393c31af71868747ddfbd744984
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:15:b5:a1:e9:d7:e7:7f:83:c5:b3:98:94:be:
75:a4:8c:6c:32:c2:b6:62:4e:ae:67:24:f0:fa:42:
13:bd:11:cb:11:70:30:9f:e1:49:ed:b5:3c:e1:b5:
e9:25:ab:dd:de:06:07:e1:d8:79:64:ac:1d:d9:fb:
d9:bb:8b:b8:0c:98:09:d6:a9:d7:1d:ee:05:87:6e:
bb:bb:68:42:a0:1a:b8:b6:e8:ff:11:eb:dd:7d:8d:
61:5a:c3:0c:b3:1d:0b:56:9d:10:02:7d:a5:d8:aa:
96:e4:10:45:49:78:fc:03:e8:84:ed:da:7f:16:57:
e3:77:39:87:9c:3d:34:8c:9c:ed:48:f5:94:6e:0f:
b7:d0:5e:cd:a3:de:9e:da:77:32:7a:0f:35:4d:0e:
4b:54:91:dc:fe:ce:4a:6f:77:7d:c5:dc:dd:f8:ad:
5b:aa:af:6f:fb:26:97:ff:bf:87:89:df:ab:e4:4a:
a5:3c:cc:0b:49:7e:f9:40:64:26:e1:ac:32:bc:29:
91:34:78:c7:41:33:81:16:c8:fe:a5:e4:d4:b2:72:
dc:e4:8d:18:30:6d:79:17:89:2a:68:3e:cd:80:47:
b7:da:80:53:09:42:db:08:d3:08:91:99:80:59:cb:
bb:a1:a3:79:fd:b4:8e:0b:25:d0:a7:b9:ab:ad:77:
f0:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:CE:42:94:BB:0C:B3:93:C3:1A:F7:18:68:74:7D:DF:BD:74:49:84
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ac5ClLsMs5PDGvcYaHR93710SYQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
89.46.176.0/21
130.255.64.0/21
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:89:9d:bd:93:f0:1b:54:5c:da:78:05:f8:72:06:3d:2d:a9:
f9:69:2c:74:94:a4:00:e5:e2:e5:4a:84:31:06:f6:12:a8:64:
10:40:8e:39:f1:85:f9:51:76:fb:27:e8:db:1f:99:c6:6c:66:
39:5b:41:68:bd:b5:a0:34:2a:e2:fe:8f:4d:d2:e0:7f:b6:b1:
8a:35:ee:9c:4b:f8:74:ab:1a:74:65:ca:61:12:54:31:d6:e8:
a6:e9:91:2c:a7:d0:8c:d1:fa:3c:4a:7b:7b:32:2e:0a:87:de:
17:bc:c5:7d:dc:a2:85:ef:f5:05:d0:84:6b:5d:24:68:bd:21:
5a:65:c3:e4:1b:9d:32:a1:65:d4:f9:ea:95:e4:0d:7d:3f:94:
8b:3f:30:af:86:3c:95:df:6d:25:00:b8:43:44:79:95:ff:b7:
cf:b0:55:87:5a:70:a3:6b:00:7a:10:2c:c3:8e:d6:73:37:db:
35:c2:3e:91:47:e0:66:7b:e0:1e:f3:9a:36:c7:eb:fb:8f:f3:
b2:fa:e0:39:36:aa:7d:65:0c:d7:7a:0f:e8:29:fa:e1:2b:e8:
19:16:41:6a:61:42:95:ea:b3:71:04:da:56:93:96:7d:e9:1f:
71:5f:9d:88:55:c2:8d:7d:f4:b1:f1:3e:d5:43:34:86:9b:62:
6b:27:0e:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYO9Pz2DB532funswFAn3ZL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDA5MTQ1NjIxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWNlNDI5NGJiMGNiMzkzYzMxYWY3MTg2ODc0N2RkZmJkNzQ0OTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAshW1oenX53+DxbOYlL51pIxsMsK2
Yk6uZyTw+kITvRHLEXAwn+FJ7bU84bXpJavd3gYH4dh5ZKwd2fvZu4u4DJgJ1qnX
He4Fh267u2hCoBq4tuj/EevdfY1hWsMMsx0LVp0QAn2l2KqW5BBFSXj8A+iE7dp/
FlfjdzmHnD00jJztSPWUbg+30F7No96e2ncyeg81TQ5LVJHc/s5Kb3d9xdzd+K1b
qq9v+yaX/7+Hid+r5EqlPMwLSX75QGQm4awyvCmRNHjHQTOBFsj+peTUsnLc5I0Y
MG15F4kqaD7NgEe32oBTCULbCNMIkZmAWcu7oaN5/bSOCyXQp7mrrXfwxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGnOQpS7DLOTwxr3GGh0fd+9dEmEMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvYWM1Q2xMc01zNVBER3ZjWWFIUjkzNzEwU1lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7q0AwQD
WS6wAwQDgv9AAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQCLiZ29k/AbVFzaeAX4
cgY9Lan5aSx0lKQA5eLlSoQxBvYSqGQQQI458YX5UXb7J+jbH5nGbGY5W0FovbWg
NCri/o9N0uB/trGKNe6cS/h0qxp0ZcphElQx1uim6ZEsp9CM0fo8Snt7Mi4Kh94X
vMV93KKF7/UF0IRrXSRovSFaZcPkG50yoWXU+eqV5A19P5SLPzCvhjyV320lALhD
RHmV/7fPsFWHWnCjawB6ECzDjtZzN9s1wj6RR+Bme+Ae85o2x+v7j/Oy+uA5Nqp9
ZQzXeg/oKfrhK+gZFkFqYUKV6rNxBNpWk5Z96R9xX52IVcKNffSx8T7VQzSGm2Jr
Jw7f
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:35 2024 by rpki-client on console-fra.rpki-client.org