Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/faUFN8P6LzKZQI07A_nALe3eqSk.roa
File: faUFN8P6LzKZQI07A_nALe3eqSk.roa (raw, json)
Hash identifier: Yhdlf3YDFVBdlg1bHfF0x9ktVnVxSMium+OC0EajaHk=
Subject key identifier: 7D:A5:05:37:C3:FA:2F:32:99:40:8D:3B:03:F9:C0:2D:ED:DE:A9:29
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183F4CAC087EF12A6C00CC4F17A46EA33E3
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/faUFN8P6LzKZQI07A_nALe3eqSk.roa
Signing time: Thu 20 Oct 2022 09:47:51 +0000
ROA not before: Thu 20 Oct 2022 09:47:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 37.218.216.0/21 maxlen: 24
188.215.124.0/22 maxlen: 24
130.255.64.0/22 maxlen: 24
130.255.68.0/22 maxlen: 24
31.186.180.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:f4:ca:c0:87:ef:12:a6:c0:0c:c4:f1:7a:46:ea:33:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 20 09:47:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7da50537c3fa2f3299408d3b03f9c02deddea929
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:19:98:d6:dc:db:df:bc:18:b0:5b:d7:88:a5:
51:b6:f5:b0:4a:da:46:e0:e6:77:a0:1f:01:fe:43:
c7:eb:b8:70:fc:ee:f2:09:01:86:a1:a3:38:8c:43:
11:f9:ea:da:ff:9c:8e:b9:61:6e:e2:e8:b3:a0:d2:
ec:08:f9:48:3f:6f:fd:1b:be:95:c9:10:ef:9f:49:
cf:62:e1:80:f9:93:da:08:90:95:97:52:12:d0:34:
c6:5b:46:81:fd:3a:1c:c6:5e:d4:b8:4a:74:78:24:
d9:7c:78:26:0d:9a:e2:2d:a1:87:29:a9:78:b6:f7:
d9:41:4e:d5:a2:16:93:7c:ca:68:96:24:26:6a:a9:
dd:04:39:d1:e7:72:31:da:7f:bc:92:6e:a0:5c:5b:
dd:37:f2:cb:a7:ec:5a:98:4f:79:77:e4:ae:18:ec:
69:4e:b7:96:3b:13:22:cd:4d:43:9b:ba:a2:33:56:
53:c6:16:d3:b6:14:6a:19:11:07:b4:74:e8:5e:e3:
21:c5:08:02:86:74:03:a1:a8:eb:dd:25:2a:88:2d:
58:36:29:4f:66:0e:ce:00:26:37:2c:5f:35:02:8f:
ae:e2:db:2b:7d:c4:f2:a6:13:a5:db:6f:84:ba:b7:
2a:1e:cb:9f:ee:21:e4:b4:2a:2f:ad:b4:f9:d8:e9:
da:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:A5:05:37:C3:FA:2F:32:99:40:8D:3B:03:F9:C0:2D:ED:DE:A9:29
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/faUFN8P6LzKZQI07A_nALe3eqSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.186.180.0/22
37.218.216.0/21
130.255.64.0/21
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
54:01:8e:8b:da:8d:2d:16:a1:4a:f7:0f:28:00:21:da:5f:cc:
12:6a:7b:0e:1f:71:65:f0:03:30:71:1d:78:4f:10:f8:64:ad:
19:48:bb:1c:0c:ed:b3:52:a2:54:4d:33:3e:c7:f9:cf:7c:58:
ab:51:a4:ec:c2:36:ad:68:b2:25:88:7f:c2:52:89:c3:ba:b6:
24:14:f9:1d:eb:ed:9a:7d:c6:ec:e0:ab:2a:a4:ce:65:89:93:
05:cb:86:fa:c3:ec:dc:df:ac:b8:15:a7:ba:87:4f:c2:f9:15:
b1:0b:5b:8f:2b:7d:1e:4e:41:05:e2:2a:da:3c:e4:c3:69:b9:
b3:59:a0:6b:c6:1d:1b:85:1a:2d:e7:4b:5a:dc:45:70:05:a6:
01:2a:2f:f7:99:b0:d0:33:fa:f1:58:1f:2e:37:4d:ff:27:8f:
69:c1:64:79:20:0e:6d:2f:70:8b:e2:a2:ce:01:c7:ea:b0:f7:
3d:f3:c2:82:65:61:b1:89:93:4e:3c:08:df:be:4d:80:62:7b:
50:61:48:94:d1:16:c5:d3:aa:93:b3:12:59:61:07:7e:d5:74:
fd:90:97:e9:6b:3e:c6:a3:5c:05:cf:5b:c6:50:96:ee:9f:e9:
3a:42:09:82:52:c5:66:fb:cd:05:dc:ec:c5:ed:42:3e:c5:f7:
a0:77:50:aa
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYP0ysCH7xKmwAzE8XpG6jPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDIwMDk0NzUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZGE1MDUzN2MzZmEyZjMyOTk0MDhkM2IwM2Y5YzAyZGVkZGVhOTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RmY1tzb37wYsFvXiKVRtvWwStpG
4OZ3oB8B/kPH67hw/O7yCQGGoaM4jEMR+era/5yOuWFu4uizoNLsCPlIP2/9G76V
yRDvn0nPYuGA+ZPaCJCVl1IS0DTGW0aB/Tocxl7UuEp0eCTZfHgmDZriLaGHKal4
tvfZQU7VohaTfMpoliQmaqndBDnR53Ix2n+8km6gXFvdN/LLp+xamE95d+SuGOxp
TreWOxMizU1Dm7qiM1ZTxhbTthRqGREHtHToXuMhxQgChnQDoajr3SUqiC1YNilP
Zg7OACY3LF81Ao+u4tsrfcTyphOl22+EurcqHsuf7iHktCovrbT52Ona8wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH2lBTfD+i8ymUCNOwP5wC3t3qkpMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvZmFVRk44UDZMektaUUkwN0FfbkFMZTNlcVNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCH7q0AwQD
JdrYAwQDgv9AAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQBUAY6L2o0tFqFK9w8o
ACHaX8wSansOH3Fl8AMwcR14TxD4ZK0ZSLscDO2zUqJUTTM+x/nPfFirUaTswjat
aLIliH/CUonDurYkFPkd6+2afcbs4KsqpM5liZMFy4b6w+zc36y4Fae6h0/C+RWx
C1uPK30eTkEF4iraPOTDabmzWaBrxh0bhRot50ta3EVwBaYBKi/3mbDQM/rxWB8u
N03/J49pwWR5IA5tL3CL4qLOAcfqsPc988KCZWGxiZNOPAjfvk2AYntQYUiU0RbF
06qTsxJZYQd+1XT9kJfpaz7Go1wFz1vGUJbun+k6QgmCUsVm+80F3OzF7UI+xfeg
d1Cq
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org