Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/7TqNLg8KPXWrEdMglc_MSt5tV8w.roa
File: 7TqNLg8KPXWrEdMglc_MSt5tV8w.roa (raw, json)
Hash identifier: MsWi/4bAupaP51Vuz+UO8NyYS/Xg/570Z6Qm+6VQAw4=
Subject key identifier: ED:3A:8D:2E:0F:0A:3D:75:AB:11:D3:20:95:CF:CC:4A:DE:6D:57:CC
Certificate issuer: /CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Certificate serial: 046B57C2
Authority key identifier: BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/7TqNLg8KPXWrEdMglc_MSt5tV8w.roa
Signing time: Mon 14 Mar 2022 17:41:29 +0000
ROA not before: Mon 14 Mar 2022 17:41:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202513
IP address blocks: 87.239.54.0/24 maxlen: 24
87.239.52.0/22 maxlen: 24
87.239.52.0/23 maxlen: 24
185.147.16.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 74143682 (0x46b57c2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb4a0af156332d3c7ecb585faee3a90d9bf2a096
Validity
Not Before: Mar 14 17:41:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ed3a8d2e0f0a3d75ab11d32095cfcc4ade6d57cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:1f:ed:1c:2f:18:de:1d:0a:55:e5:d1:e2:1d:
dd:b4:72:f2:a5:2a:f6:c6:41:e0:18:0e:4c:f6:44:
0c:40:07:ec:c9:dc:93:09:75:88:df:9d:bf:f5:e7:
c7:cd:0a:93:bc:76:a0:04:bd:39:62:23:d5:da:81:
13:bd:d4:d8:0d:73:8d:43:a0:02:43:0b:d9:d4:24:
86:b3:78:53:e4:71:d5:62:1d:df:0a:51:b6:95:19:
fb:87:99:91:0d:8d:e7:e1:2c:7f:46:a1:ac:80:fd:
e9:0a:1a:12:c3:af:a4:e3:ad:36:55:27:e6:8c:68:
83:f1:45:df:00:bd:1b:29:60:43:3d:73:e7:37:31:
87:0a:79:e7:80:b0:1e:f7:54:3f:c2:34:38:a9:c2:
47:85:67:b4:6d:e0:13:2f:ca:e6:64:64:a1:a0:ef:
ab:3c:8b:e2:af:da:b8:6e:41:77:50:14:3b:1d:4f:
22:69:b0:bd:2a:8a:26:c3:8c:1d:c8:06:b8:94:96:
c0:1c:0a:25:4b:66:53:c9:18:b9:5d:fd:50:72:2a:
41:3f:49:12:59:c3:79:fb:7b:3a:91:44:a4:74:be:
43:da:90:a4:36:dd:ae:c5:3d:54:9f:6b:76:f7:df:
ef:20:39:a6:58:c7:0a:b5:7f:f3:ae:d7:7f:f1:d8:
38:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:3A:8D:2E:0F:0A:3D:75:AB:11:D3:20:95:CF:CC:4A:DE:6D:57:CC
X509v3 Authority Key Identifier:
keyid:BB:4A:0A:F1:56:33:2D:3C:7E:CB:58:5F:AE:E3:A9:0D:9B:F2:A0:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u0oK8VYzLTx-y1hfruOpDZvyoJY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/7TqNLg8KPXWrEdMglc_MSt5tV8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/1b0998-ab81-4cce-8c46-f212666725b4/1/u0oK8VYzLTx-y1hfruOpDZvyoJY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.239.52.0/22
185.147.16.0/22
Signature Algorithm: sha256WithRSAEncryption
14:4b:72:5d:87:ba:ff:64:22:ce:d5:5c:db:71:94:ff:47:96:
ea:56:59:c2:48:92:63:1b:4c:00:ba:dd:69:c4:3f:7b:7b:1c:
43:e8:58:bd:af:cd:80:c9:77:4e:81:37:ca:27:b6:0f:17:4e:
1e:09:2a:ba:8f:40:26:c3:de:eb:c3:2a:9f:5b:e5:6f:cc:b2:
06:8b:90:95:80:fd:ce:65:dc:05:e8:38:01:15:e7:4a:27:5a:
87:a4:1d:e4:b8:e8:80:96:d3:09:a7:7a:10:84:ed:66:3d:b8:
54:3d:5e:ab:01:f6:bf:73:92:fe:a5:2f:38:cb:e4:66:52:47:
6a:6b:48:4c:34:62:4e:91:4c:e8:29:a2:7e:9f:3c:d4:55:4d:
f1:6c:2e:2c:20:3e:39:04:e2:04:2d:5e:22:38:cd:10:99:f5:
17:4d:20:c5:d1:eb:ca:b5:09:c2:2b:5a:94:4e:ee:4b:72:31:
a3:59:1b:d6:e5:93:d6:28:d4:21:f3:b6:20:d0:14:28:41:99:
67:46:ec:69:b0:28:4e:66:a6:2e:c5:6e:f1:94:aa:b4:89:86:
f8:09:3a:c4:78:dd:26:bb:da:f9:26:1a:f9:6f:40:cd:24:b6:
45:a2:a7:83:f3:b0:ea:eb:33:9e:9f:80:b3:91:bf:c3:90:aa:
c9:62:73:62
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBGtXwjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
YjRhMGFmMTU2MzMyZDNjN2VjYjU4NWZhZWUzYTkwZDliZjJhMDk2MB4XDTIyMDMx
NDE3NDEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZWQzYThkMmUwZjBh
M2Q3NWFiMTFkMzIwOTVjZmNjNGFkZTZkNTdjYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwf7RwvGN4dClXl0eId3bRy8qUq9sZB4BgOTPZEDEAH7Mnc
kwl1iN+dv/Xnx80Kk7x2oAS9OWIj1dqBE73U2A1zjUOgAkML2dQkhrN4U+Rx1WId
3wpRtpUZ+4eZkQ2N5+Esf0ahrID96QoaEsOvpOOtNlUn5oxog/FF3wC9GylgQz1z
5zcxhwp554CwHvdUP8I0OKnCR4VntG3gEy/K5mRkoaDvqzyL4q/auG5Bd1AUOx1P
ImmwvSqKJsOMHcgGuJSWwBwKJUtmU8kYuV39UHIqQT9JElnDeft7OpFEpHS+Q9qQ
pDbdrsU9VJ9rdvff7yA5pljHCrV/867Xf/HYODECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTtOo0uDwo9dasR0yCVz8xK3m1XzDAfBgNVHSMEGDAWgBS7SgrxVjMtPH7L
WF+u46kNm/KgljAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3Uwb0s4Vll6TFR4LXkxaGZydU9wRFp2eW9KWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODYvMWIwOTk4LWFiODEtNGNjZS04YzQ2LWYyMTI2NjY3MjViNC8x
LzdUcU5MZzhLUFhXckVkTWdsY19NU3Q1dFY4dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODYv
MWIwOTk4LWFiODEtNGNjZS04YzQ2LWYyMTI2NjY3MjViNC8xL3Uwb0s4Vll6TFR4
LXkxaGZydU9wRFp2eW9KWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlfvNAMEArmTEDANBgkqhkiG9w0B
AQsFAAOCAQEAFEtyXYe6/2QiztVc23GU/0eW6lZZwkiSYxtMALrdacQ/e3scQ+hY
va/NgMl3ToE3yie2DxdOHgkquo9AJsPe68Mqn1vlb8yyBouQlYD9zmXcBeg4ARXn
Sidah6Qd5LjogJbTCad6EITtZj24VD1eqwH2v3OS/qUvOMvkZlJHamtITDRiTpFM
6Cmifp881FVN8WwuLCA+OQTiBC1eIjjNEJn1F00gxdHryrUJwitalE7uS3Ixo1kb
1uWT1ijUIfO2INAUKEGZZ0bsabAoTmamLsVu8ZSqtImG+Ak6xHjdJrva+SYa+W9A
zSS2RaKng/Ow6usznp+As5G/w5CqyWJzYg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:37:35 2024 by rpki-client on console-fra.rpki-client.org