Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/m6zL7oiVInLSpZUo5DEKabIRXTo.roa
File: m6zL7oiVInLSpZUo5DEKabIRXTo.roa (raw, json)
Hash identifier: OLtu88Ft491ZRNuXj06BqfbsbR44xxJJfXO2izwBtrA=
Subject key identifier: 9B:AC:CB:EE:88:95:22:72:D2:A5:95:28:E4:31:0A:69:B2:11:5D:3A
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 16CD58CC
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/m6zL7oiVInLSpZUo5DEKabIRXTo.roa
Signing time: Sat 01 Jan 2022 02:51:21 +0000
ROA not before: Sat 01 Jan 2022 02:51:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198685
IP address blocks: 85.142.148.0/23 maxlen: 23
85.142.149.0/24 maxlen: 24
85.142.148.0/24 maxlen: 24
85.143.18.0/23 maxlen: 23
2001:b08:26::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 382556364 (0x16cd58cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 02:51:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9baccbee88952272d2a59528e4310a69b2115d3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:d4:c0:c2:a6:ac:13:a3:ce:e1:c9:cf:c3:47:
0e:2e:30:4d:11:e4:91:d5:91:4c:93:30:e3:f8:86:
cc:56:9b:1b:09:03:cf:5a:70:fe:ba:d6:f7:3d:ac:
e1:4e:fb:2f:c1:0b:68:87:fe:c9:84:e7:52:e5:51:
b9:0c:e5:24:0a:29:1a:65:ed:e4:0e:8d:4e:13:3c:
6e:58:a2:9a:18:2a:59:f5:26:77:20:df:fa:52:00:
b3:6a:02:b6:e3:cd:8d:ad:8b:6d:e7:49:44:79:6d:
00:21:b0:27:f5:82:b9:d5:95:61:88:a4:10:f2:62:
77:e2:1d:1a:1c:2f:79:81:2e:53:bf:e9:df:29:a8:
a7:ab:c7:88:27:f1:05:85:4a:af:2b:b5:e7:3e:78:
c1:24:97:0e:12:fc:09:eb:fc:1a:be:61:60:74:51:
87:4e:02:53:be:d7:05:34:13:16:e0:27:8b:05:84:
f9:ed:aa:f8:86:b7:a7:00:6c:2c:b9:b2:50:e1:bd:
cf:83:0b:20:9d:69:c1:33:71:3b:80:bc:e2:59:72:
e8:01:ca:a1:89:ce:6f:8b:31:c0:e7:1e:37:42:53:
06:27:7b:3f:04:62:98:2c:4d:a4:6c:f8:33:17:0b:
4d:2d:5b:e7:a6:49:f3:ee:85:7d:48:6c:fb:b0:88:
b9:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AC:CB:EE:88:95:22:72:D2:A5:95:28:E4:31:0A:69:B2:11:5D:3A
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/m6zL7oiVInLSpZUo5DEKabIRXTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.142.148.0/23
85.143.18.0/23
IPv6:
2001:b08:26::/48
Signature Algorithm: sha256WithRSAEncryption
12:ef:0b:e2:21:bd:f9:78:0d:1c:90:c3:83:85:c0:ff:08:6c:
fc:bd:d7:63:b5:2a:9a:3a:a5:a7:c5:82:73:89:57:96:4b:df:
b6:60:9e:32:42:a9:35:a5:8c:ae:c2:63:ad:70:0d:24:4b:0e:
15:4f:22:d3:75:86:0c:28:00:98:bc:8f:3b:3e:60:48:8b:fb:
c6:80:4e:3a:ed:b4:31:a8:ae:7e:1c:68:2b:6c:ea:43:33:78:
51:2e:22:d3:f2:11:e1:91:48:21:19:1c:c7:82:f3:ab:3f:06:
b5:05:f5:12:c4:c4:08:4e:26:20:ed:e1:e1:7e:12:f7:2b:49:
72:85:c5:32:4f:e2:bf:61:d6:91:d4:fa:4d:b4:a5:31:f4:97:
d4:a1:71:c1:02:2c:da:d2:c7:1d:5a:6a:ad:3f:7d:01:cc:32:
cb:bd:c6:49:4e:e8:16:52:97:b2:d7:57:96:83:23:d6:27:bc:
99:6b:23:6d:9a:7c:d8:64:0a:e8:1a:2b:1d:ba:48:42:3b:78:
10:09:0a:44:48:29:d6:c6:55:00:f8:c6:cf:c0:c7:6f:d7:bc:
d5:2e:26:df:0d:bf:6f:4c:ed:b5:3c:1f:a0:07:55:90:ff:64:
58:00:43:df:ab:e8:98:18:6f:fb:f4:dc:16:4f:09:39:0d:8f:
fb:fc:41:a9
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgIEFs1YzDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGIyMjAyM2I2ZWFkNGMyOTY4M2E5ZmVkNDQ5M2QwM2RlZTJjNjg1MB4XDTIyMDEw
MTAyNTEyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWJhY2NiZWU4ODk1
MjI3MmQyYTU5NTI4ZTQzMTBhNjliMjExNWQzYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMLUwMKmrBOjzuHJz8NHDi4wTRHkkdWRTJMw4/iGzFabGwkD
z1pw/rrW9z2s4U77L8ELaIf+yYTnUuVRuQzlJAopGmXt5A6NThM8bliimhgqWfUm
dyDf+lIAs2oCtuPNja2LbedJRHltACGwJ/WCudWVYYikEPJid+IdGhwveYEuU7/p
3ymop6vHiCfxBYVKryu15z54wSSXDhL8Cev8Gr5hYHRRh04CU77XBTQTFuAniwWE
+e2q+Ia3pwBsLLmyUOG9z4MLIJ1pwTNxO4C84lly6AHKoYnOb4sxwOceN0JTBid7
PwRimCxNpGz4MxcLTS1b56ZJ8+6FfUhs+7CIuQUCAwEAAaOCAiAwggIcMB0GA1Ud
DgQWBBSbrMvuiJUictKllSjkMQppshFdOjAfBgNVHSMEGDAWgBQ4siAjturUwpaD
qf7UST0D3uLGhTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09MSWdJN2JxMU1LV2c2bi0xRWs5QTk3aXhvVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTcvODgxM2Y1LTRlN2ItNGQ1MS1iNWYzLTQwZDk1YmQzM2ZjYi8x
L202ekw3b2lWSW5MU3BaVW81REVLYWJJUlhUby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTcv
ODgxM2Y1LTRlN2ItNGQ1MS1iNWYzLTQwZDk1YmQzM2ZjYi8xL09MSWdJN2JxMU1L
V2c2bi0xRWs5QTk3aXhvVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA2
BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAVWOlAMEAVWPEjAPBAIAAjAJAwcA
IAELCAAmMA0GCSqGSIb3DQEBCwUAA4IBAQAS7wviIb35eA0ckMODhcD/CGz8vddj
tSqaOqWnxYJziVeWS9+2YJ4yQqk1pYyuwmOtcA0kSw4VTyLTdYYMKACYvI87PmBI
i/vGgE467bQxqK5+HGgrbOpDM3hRLiLT8hHhkUghGRzHgvOrPwa1BfUSxMQITiYg
7eHhfhL3K0lyhcUyT+K/YdaR1PpNtKUx9JfUoXHBAiza0scdWmqtP30BzDLLvcZJ
TugWUpey11eWgyPWJ7yZayNtmnzYZAroGisdukhCO3gQCQpESCnWxlUA+MbPwMdv
17zVLibfDb9vTO21PB+gB1WQ/2RYAEPfq+iYGG/79NwWTwk5DY/7/EGp
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:46 2024 by rpki-client on console-fra.rpki-client.org