Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/CVnE8ztWcU4vlYp86qM88kXaw8E.roa
File: CVnE8ztWcU4vlYp86qM88kXaw8E.roa (raw, json)
Hash identifier: cQuAwSiWCI9iHzCk6ZrBOPaU5iSDfy1BxoNcrhlcRds=
Subject key identifier: 09:59:C4:F3:3B:56:71:4E:2F:95:8A:7C:EA:A3:3C:F2:45:DA:C3:C1
Certificate issuer: /CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Certificate serial: 0184ECA0032A56B61A102821F368E812BD90
Authority key identifier: A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/CVnE8ztWcU4vlYp86qM88kXaw8E.roa
Signing time: Wed 07 Dec 2022 12:47:00 +0000
ROA not before: Wed 07 Dec 2022 12:47:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210403
IP address blocks: 185.98.131.0/24 maxlen: 24
78.138.45.0/24 maxlen: 24
78.138.58.0/24 maxlen: 24
193.203.239.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:a0:03:2a:56:b6:1a:10:28:21:f3:68:e8:12:bd:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0d3216cccc863eca0c3dd189941b1b9ea37cacd
Validity
Not Before: Dec 7 12:47:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0959c4f33b56714e2f958a7ceaa33cf245dac3c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:9f:65:5a:96:1c:a9:d6:5a:f6:50:68:92:86:
9d:f9:41:c9:b2:fe:ae:4a:14:7b:f2:5a:67:9d:8e:
0f:51:64:84:fb:12:a0:0d:c3:01:47:b4:ce:db:75:
04:49:67:8d:9b:f4:d9:37:69:73:fc:1f:a8:f6:3c:
ee:f2:60:d3:55:d5:50:13:cf:53:88:7a:84:8a:55:
ef:da:22:bc:4a:27:be:f0:e3:04:5c:59:51:7d:62:
5b:d2:3d:68:c1:c9:06:ed:87:52:58:aa:59:db:39:
cc:d2:2e:cd:61:54:5e:08:b9:61:d5:02:e0:3e:c1:
72:c1:ac:3e:fd:5d:29:f8:3c:7d:62:2f:63:b3:c3:
54:c3:1c:4c:16:00:a5:e5:77:c8:de:ce:9e:62:be:
dd:e8:fc:a3:49:d2:aa:fd:08:59:75:1f:67:b6:35:
14:ce:ed:62:4b:df:d1:9b:d4:53:3d:36:27:6c:a5:
fb:46:89:cc:b3:bf:5c:12:6e:09:31:c7:0d:c3:8d:
fe:0d:49:0d:8f:a9:1a:91:8c:b3:41:2f:31:be:28:
0b:1a:a9:dd:12:d3:77:0e:96:24:17:4f:c3:85:12:
5b:3b:2f:09:ae:49:2d:24:92:40:b1:94:38:49:68:
16:55:10:fa:2b:d8:a3:1b:95:99:a4:2a:3a:00:bc:
06:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:59:C4:F3:3B:56:71:4E:2F:95:8A:7C:EA:A3:3C:F2:45:DA:C3:C1
X509v3 Authority Key Identifier:
keyid:A0:D3:21:6C:CC:C8:63:EC:A0:C3:DD:18:99:41:B1:B9:EA:37:CA:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNMhbMzIY-ygw90YmUGxueo3ys0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/CVnE8ztWcU4vlYp86qM88kXaw8E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a5b2d1-cba0-4a54-b438-0d44c04a8448/1/oNMhbMzIY-ygw90YmUGxueo3ys0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.138.45.0/24
78.138.58.0/24
185.98.131.0/24
193.203.239.0/24
Signature Algorithm: sha256WithRSAEncryption
12:37:60:1f:0a:1d:c0:99:fb:3e:2e:47:ae:30:c5:03:94:ce:
d6:e0:8e:5b:c6:ba:37:1c:8f:81:ec:2a:47:f0:d2:9a:78:ce:
08:c4:02:73:72:b1:2a:bf:ab:d3:1d:2e:33:81:6a:a7:28:8a:
ec:79:15:22:7f:4a:5c:73:c2:a5:df:ba:42:29:35:6b:b0:4c:
bf:8d:e4:95:96:7b:46:be:5a:09:07:04:57:46:c8:67:69:49:
44:50:bb:ff:df:fd:54:ba:a8:c0:ef:c1:4f:93:d5:c0:2f:77:
5c:ca:98:0a:1a:6d:a3:33:3c:01:66:a5:1f:2f:71:8f:0c:e8:
7c:63:fc:79:34:cc:45:30:33:bd:fa:99:ba:ff:58:dd:05:dc:
76:63:0d:d8:57:53:0e:e6:d6:ea:2b:e1:c2:9e:71:81:3f:28:
9d:dd:d6:12:7b:d6:4f:0c:ca:47:9a:f4:af:1c:00:f2:de:bc:
7c:eb:d7:e1:f7:c6:e0:1a:51:df:cb:b1:63:cb:91:2b:dd:8c:
a6:57:1c:b5:a8:d8:71:4a:a3:61:d8:f4:49:9e:59:28:6a:fe:
3a:fd:ac:4f:55:c6:12:1f:ba:ba:05:3f:dc:c0:c6:90:fb:ce:
0e:37:dc:f8:47:00:12:b1:7c:59:a7:bb:3d:00:39:96:84:9b:
35:49:ae:ae
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTsoAMqVrYaECgh82joEr2QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZDMyMTZjY2NjODYzZWNhMGMzZGQxODk5NDFiMWI5ZWEz
N2NhY2QwHhcNMjIxMjA3MTI0NzAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTU5YzRmMzNiNTY3MTRlMmY5NThhN2NlYWEzM2NmMjQ1ZGFjM2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmZ9lWpYcqdZa9lBokoad+UHJsv6u
ShR78lpnnY4PUWSE+xKgDcMBR7TO23UESWeNm/TZN2lz/B+o9jzu8mDTVdVQE89T
iHqEilXv2iK8Sie+8OMEXFlRfWJb0j1owckG7YdSWKpZ2znM0i7NYVReCLlh1QLg
PsFywaw+/V0p+Dx9Yi9js8NUwxxMFgCl5XfI3s6eYr7d6PyjSdKq/QhZdR9ntjUU
zu1iS9/Rm9RTPTYnbKX7RonMs79cEm4JMccNw43+DUkNj6kakYyzQS8xvigLGqnd
EtN3DpYkF0/DhRJbOy8JrkktJJJAsZQ4SWgWVRD6K9ijG5WZpCo6ALwGOwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAlZxPM7VnFOL5WKfOqjPPJF2sPBMB8GA1UdIwQY
MBaAFKDTIWzMyGPsoMPdGJlBsbnqN8rNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0Mzgt
MGQ0NGMwNGE4NDQ4LzEvQ1ZuRTh6dFdjVTR2bFlwODZxTTg4a1hhdzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hNWIyZDEtY2JhMC00YTU0LWI0MzgtMGQ0NGMwNGE4NDQ4
LzEvb05NaGJNeklZLXlndzkwWW1VR3h1ZW8zeXMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATootAwQA
Too6AwQAuWKDAwQAwcvvMA0GCSqGSIb3DQEBCwUAA4IBAQASN2AfCh3Amfs+Lkeu
MMUDlM7W4I5bxro3HI+B7CpH8NKaeM4IxAJzcrEqv6vTHS4zgWqnKIrseRUif0pc
c8Kl37pCKTVrsEy/jeSVlntGvloJBwRXRshnaUlEULv/3/1UuqjA78FPk9XAL3dc
ypgKGm2jMzwBZqUfL3GPDOh8Y/x5NMxFMDO9+pm6/1jdBdx2Yw3YV1MO5tbqK+HC
nnGBPyid3dYSe9ZPDMpHmvSvHADy3rx869fh98bgGlHfy7Fjy5Er3YymVxy1qNhx
SqNh2PRJnlkoav46/axPVcYSH7q6BT/cwMaQ+84ON9z4RwASsXxZp7s9ADmWhJs1
Sa6u
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:41 2024 by rpki-client on console-ams.rpki-client.org