Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uGIMCVfWn-A1r6ptKYy5lVxVB_c.roa
File: uGIMCVfWn-A1r6ptKYy5lVxVB_c.roa (raw, json)
Hash identifier: +IHSNf6cg5DjBX4lxlAG58CzI+kzo0z4gsXqMWxc3RY=
Subject key identifier: B8:62:0C:09:57:D6:9F:E0:35:AF:AA:6D:29:8C:B9:95:5C:55:07:F7
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 0183FE765A845782FF18660CC43EB687BC2C
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uGIMCVfWn-A1r6ptKYy5lVxVB_c.roa
Signing time: Sat 22 Oct 2022 06:51:52 +0000
ROA not before: Sat 22 Oct 2022 06:51:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205570
IP address blocks: 37.34.80.0/21 maxlen: 24
78.143.224.0/21 maxlen: 24
37.218.208.0/21 maxlen: 24
78.143.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:fe:76:5a:84:57:82:ff:18:66:0c:c4:3e:b6:87:bc:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Oct 22 06:51:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b8620c0957d69fe035afaa6d298cb9955c5507f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:3b:9d:83:de:ba:e6:dc:11:a8:9a:cd:90:ad:
a3:fc:31:7e:46:9b:36:0b:8b:8c:a1:82:59:97:77:
f3:fa:92:43:ac:a7:2f:1d:de:de:84:27:1d:b1:50:
49:ec:0b:38:a0:79:01:be:3d:19:2a:f0:7b:8c:89:
2f:47:37:22:8c:5d:08:de:86:d1:dc:67:5e:35:15:
d0:56:d5:60:23:cb:3f:99:fb:0d:93:95:82:45:2e:
dc:c3:da:d1:c1:a6:51:2c:88:a2:67:cd:a5:7a:1f:
3e:e5:56:12:65:6a:87:94:95:41:97:be:a1:a6:a8:
eb:05:0e:80:bf:07:2e:4a:c4:3d:90:84:06:04:18:
3b:9b:6a:e0:29:28:a5:dd:28:5a:8d:66:76:96:d0:
26:81:83:ab:cc:c5:b7:8c:91:72:a2:05:1a:1a:b5:
d2:18:9d:c3:54:5d:0a:69:10:4d:81:98:4e:58:c9:
8c:44:7e:47:f1:89:b8:67:2f:b8:5e:d3:63:1f:51:
ea:59:0c:52:22:96:8f:ea:8b:a4:50:d0:8c:5e:8f:
59:df:7e:60:47:90:0c:28:c9:03:3a:7c:62:07:30:
c7:47:f9:19:17:4f:5f:cf:3b:26:c5:d2:5a:b9:9e:
c5:a2:e1:8d:76:33:65:8a:3d:59:30:ae:f8:ba:92:
31:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:62:0C:09:57:D6:9F:E0:35:AF:AA:6D:29:8C:B9:95:5C:55:07:F7
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/uGIMCVfWn-A1r6ptKYy5lVxVB_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.34.80.0/21
37.218.208.0/21
78.143.224.0/20
Signature Algorithm: sha256WithRSAEncryption
90:27:c8:59:f5:b2:d3:2d:35:9d:04:c2:10:9a:f3:0f:56:5f:
a4:66:7e:5a:27:65:ca:04:48:c1:6a:59:f2:10:ac:48:1c:97:
69:49:cd:9c:28:93:aa:38:2d:28:2c:33:bf:b9:35:b2:d5:8b:
e2:ff:f9:9c:44:85:cd:be:76:d6:8c:5f:31:b2:6f:92:57:20:
9f:5d:7e:50:00:aa:c0:6f:4f:31:11:73:f0:57:b8:d6:a1:43:
1c:d9:e1:93:34:f8:b0:9d:c3:9a:24:ce:d2:6c:2a:5f:74:5a:
20:c1:d8:7e:dc:b0:fa:bc:b2:b1:d5:90:46:22:3f:d7:34:e2:
f0:67:a9:a5:6f:e0:d9:2f:fc:95:7a:0b:b5:b6:0b:c3:36:f5:
6c:b1:fa:11:43:f4:2a:8f:7e:f5:ab:8a:79:7d:33:79:2c:00:
26:10:2d:74:f7:5d:ee:ac:73:a7:bf:ce:09:31:b9:d1:dd:b8:
71:dc:0a:e0:ea:68:5a:fa:eb:5c:86:75:4a:c7:c3:97:9f:59:
97:f3:c5:9e:ee:2f:23:01:f1:0f:88:7f:59:b2:75:5d:f6:b4:
59:5c:f6:94:c8:0b:3d:3d:ae:f0:3a:4d:c7:bd:ca:77:fb:92:
a3:66:07:eb:14:62:92:f7:45:65:d3:86:7a:95:4c:42:32:2e:
75:48:6c:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYP+dlqEV4L/GGYMxD62h7wsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjIxMDIyMDY1MTUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiODYyMGMwOTU3ZDY5ZmUwMzVhZmFhNmQyOThjYjk5NTVjNTUwN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhzudg9665twRqJrNkK2j/DF+Rps2
C4uMoYJZl3fz+pJDrKcvHd7ehCcdsVBJ7As4oHkBvj0ZKvB7jIkvRzcijF0I3obR
3GdeNRXQVtVgI8s/mfsNk5WCRS7cw9rRwaZRLIiiZ82leh8+5VYSZWqHlJVBl76h
pqjrBQ6AvwcuSsQ9kIQGBBg7m2rgKSil3ShajWZ2ltAmgYOrzMW3jJFyogUaGrXS
GJ3DVF0KaRBNgZhOWMmMRH5H8Ym4Zy+4XtNjH1HqWQxSIpaP6oukUNCMXo9Z335g
R5AMKMkDOnxiBzDHR/kZF09fzzsmxdJauZ7FouGNdjNlij1ZMK74upIxxwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLhiDAlX1p/gNa+qbSmMuZVcVQf3MB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvdUdJTUNWZlduLUExcjZwdEtZeTVsVnhWQl9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJSJQAwQD
JdrQAwQETo/gMA0GCSqGSIb3DQEBCwUAA4IBAQCQJ8hZ9bLTLTWdBMIQmvMPVl+k
Zn5aJ2XKBEjBalnyEKxIHJdpSc2cKJOqOC0oLDO/uTWy1Yvi//mcRIXNvnbWjF8x
sm+SVyCfXX5QAKrAb08xEXPwV7jWoUMc2eGTNPiwncOaJM7SbCpfdFogwdh+3LD6
vLKx1ZBGIj/XNOLwZ6mlb+DZL/yVegu1tgvDNvVssfoRQ/Qqj371q4p5fTN5LAAm
EC10913urHOnv84JMbnR3bhx3Arg6mha+utchnVKx8OXn1mX88We7i8jAfEPiH9Z
snVd9rRZXPaUyAs9Pa7wOk3Hvcp3+5KjZgfrFGKS90Vl04Z6lUxCMi51SGwP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:39 2024 by rpki-client on console-fra.rpki-client.org