Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ocmAibqXWiql7TO6hUrfniNf-ZE.roa
File: ocmAibqXWiql7TO6hUrfniNf-ZE.roa (raw, json)
Hash identifier: 9gAWXW7mESuCfCcUHUIL/NhOEvoIxeK9+AOcqgiu2aQ=
Subject key identifier: A1:C9:80:89:BA:97:5A:2A:A5:ED:33:BA:85:4A:DF:9E:23:5F:F9:91
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183DA6D400979E23EB505D5C1D100985AFA
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ocmAibqXWiql7TO6hUrfniNf-ZE.roa
Signing time: Sat 15 Oct 2022 06:55:36 +0000
ROA not before: Sat 15 Oct 2022 06:55:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 78.143.224.0/21 maxlen: 24
37.218.208.0/21 maxlen: 24
78.143.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:da:6d:40:09:79:e2:3e:b5:05:d5:c1:d1:00:98:5a:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 15 06:55:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a1c98089ba975a2aa5ed33ba854adf9e235ff991
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ba:bc:2d:c8:99:38:2b:5b:7b:51:b4:73:c6:
00:41:5d:f1:82:72:04:b7:fa:40:51:de:a4:16:32:
88:fd:ea:46:2e:3d:8c:9d:7a:61:d2:80:41:48:bb:
d8:c9:cd:22:ce:91:ef:f9:d4:00:1d:5c:1c:77:20:
db:48:04:fd:f2:2f:c5:8b:4e:db:42:91:bd:2a:c2:
be:b1:62:22:d9:ba:8f:45:7f:48:db:c8:7f:ce:82:
7f:1b:e8:21:7b:dc:f6:c0:86:96:f8:ed:4c:b8:fe:
e7:6c:88:47:40:dd:11:63:4f:a9:63:73:05:63:da:
78:e4:f7:2c:88:bf:42:1a:58:55:ee:1c:1e:53:3c:
54:70:df:b8:c1:df:d9:c6:0d:8e:e8:9f:86:b4:bd:
03:14:2a:23:f1:5c:6f:42:db:5d:cd:41:68:6c:17:
38:bc:3e:06:9f:79:35:49:40:cd:60:6d:c0:27:d4:
fe:0b:f0:5d:7c:e2:3a:d6:69:81:7a:45:29:83:c6:
f3:a8:e9:a4:71:82:3e:fa:d0:a6:04:36:59:95:fd:
3b:51:7c:20:9e:a0:fb:1e:bb:5c:91:36:7d:75:fe:
0c:da:5e:b0:cb:dd:55:11:a5:89:3d:1c:a6:46:58:
bc:f2:40:d7:18:46:ca:20:8f:6c:7e:fb:21:b4:cf:
09:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C9:80:89:BA:97:5A:2A:A5:ED:33:BA:85:4A:DF:9E:23:5F:F9:91
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/ocmAibqXWiql7TO6hUrfniNf-ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.208.0/21
78.143.224.0/20
Signature Algorithm: sha256WithRSAEncryption
7b:b6:55:85:1e:c7:03:32:1f:38:04:ab:ed:dd:7d:7e:bd:43:
30:62:ef:f8:ec:f4:4d:de:32:e0:04:d5:98:cc:f5:59:d2:30:
be:ff:dc:34:1e:b9:c0:55:2d:54:2e:79:1d:c5:51:15:ea:b3:
d0:4a:fb:03:c6:19:9c:9b:41:14:89:36:ca:5b:76:36:d2:29:
41:ff:d3:74:4a:dc:72:c0:e7:bd:68:9e:f5:15:52:43:72:78:
c3:2f:e0:29:ec:ce:63:d0:e8:17:08:80:8a:7f:f6:8d:55:41:
b7:80:79:3a:35:67:82:2a:82:01:92:ee:d0:c9:dd:bf:47:5b:
51:3c:3a:5d:75:71:ee:19:9f:30:c9:f4:d4:a4:74:5b:e9:45:
e5:e7:12:55:67:9c:a3:1f:f7:fd:7f:b4:fa:74:da:0b:a8:15:
6b:3c:d3:1d:cb:a9:85:d0:32:cd:f2:7a:8f:9b:73:05:fe:86:
07:7f:f4:2d:87:23:7c:b1:db:77:34:08:22:ca:fe:1f:ca:ba:
a4:f1:7b:a7:18:93:a9:80:0b:99:94:bf:49:1e:f3:19:76:07:
25:ec:8b:d7:6c:5b:a8:7a:a6:6d:db:58:51:62:08:cb:44:f8:
fe:10:f8:a3:2e:96:a9:de:9a:ce:69:4b:9b:3d:33:54:47:10:
1f:99:21:f0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYPabUAJeeI+tQXVwdEAmFr6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDE1MDY1NTM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM5ODA4OWJhOTc1YTJhYTVlZDMzYmE4NTRhZGY5ZTIzNWZmOTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7q8LciZOCtbe1G0c8YAQV3xgnIE
t/pAUd6kFjKI/epGLj2MnXph0oBBSLvYyc0izpHv+dQAHVwcdyDbSAT98i/Fi07b
QpG9KsK+sWIi2bqPRX9I28h/zoJ/G+ghe9z2wIaW+O1MuP7nbIhHQN0RY0+pY3MF
Y9p45PcsiL9CGlhV7hweUzxUcN+4wd/Zxg2O6J+GtL0DFCoj8VxvQttdzUFobBc4
vD4Gn3k1SUDNYG3AJ9T+C/BdfOI61mmBekUpg8bzqOmkcYI++tCmBDZZlf07UXwg
nqD7HrtckTZ9df4M2l6wy91VEaWJPRymRli88kDXGEbKII9sfvshtM8JTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKHJgIm6l1oqpe0zuoVK354jX/mRMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvb2NtQWlicVhXaXFsN1RPNmhVcmZuaU5mLVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDJdrQAwQE
To/gMA0GCSqGSIb3DQEBCwUAA4IBAQB7tlWFHscDMh84BKvt3X1+vUMwYu/47PRN
3jLgBNWYzPVZ0jC+/9w0HrnAVS1ULnkdxVEV6rPQSvsDxhmcm0EUiTbKW3Y20ilB
/9N0StxywOe9aJ71FVJDcnjDL+Ap7M5j0OgXCICKf/aNVUG3gHk6NWeCKoIBku7Q
yd2/R1tRPDpddXHuGZ8wyfTUpHRb6UXl5xJVZ5yjH/f9f7T6dNoLqBVrPNMdy6mF
0DLN8nqPm3MF/oYHf/QthyN8sdt3NAgiyv4fyrqk8XunGJOpgAuZlL9JHvMZdgcl
7IvXbFuoeqZt21hRYgjLRPj+EPijLpap3prOaUubPTNURxAfmSHw
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:18:47 2024 by rpki-client on console-ams.rpki-client.org