Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/ggi6fNvt-5P8j5RxMmmIm5o5jpg.roa
File: ggi6fNvt-5P8j5RxMmmIm5o5jpg.roa (raw, json)
Hash identifier: Xn5bh2MwrUYraDJWkNkAvtXq9OC3N3pNxidSgUjRG/0=
Subject key identifier: 82:08:BA:7C:DB:ED:FB:93:FC:8F:94:71:32:69:88:9B:9A:39:8E:98
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 0183568AA5E2C4B99DA27CDC9D97D8C211BD
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/ggi6fNvt-5P8j5RxMmmIm5o5jpg.roa
Signing time: Mon 19 Sep 2022 16:17:50 +0000
ROA not before: Mon 19 Sep 2022 16:17:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1299
IP address blocks: 86.107.255.0/24 maxlen: 24
79.132.145.0/24 maxlen: 24
46.247.245.0/24 maxlen: 24
79.132.153.0/24 maxlen: 24
79.132.154.0/24 maxlen: 24
85.112.211.0/24 maxlen: 24
185.223.148.0/24 maxlen: 24
185.183.63.0/24 maxlen: 24
86.107.248.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:56:8a:a5:e2:c4:b9:9d:a2:7c:dc:9d:97:d8:c2:11:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Sep 19 16:17:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8208ba7cdbedfb93fc8f94713269889b9a398e98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:ee:2b:aa:ba:a3:28:dd:1f:3e:f4:5b:ad:a7:
52:f6:f7:2f:25:be:fc:a3:5e:72:36:11:d5:d8:bb:
ad:f6:bc:6e:bd:5d:8f:d6:d5:6b:45:60:39:e0:da:
7d:4d:4b:4e:4f:ad:93:6a:37:0b:cd:68:f3:13:3c:
81:67:42:40:ae:96:6d:e4:87:8a:25:c8:a5:b0:68:
9e:55:e0:de:33:9d:e6:e7:be:db:ec:81:e2:ff:03:
04:8b:ab:16:5b:41:bd:62:60:f9:d3:9a:cf:42:50:
a8:d6:f3:b1:a3:8d:4a:e3:4c:5d:38:2b:01:69:ed:
48:53:31:6f:3e:52:01:a2:47:fe:e8:2e:09:8c:36:
a2:ff:7c:80:c6:9f:23:18:23:b1:dd:a7:4b:f4:75:
d5:7f:dc:5b:ef:11:c8:52:25:0f:78:ad:ba:9c:10:
b9:ad:90:81:88:2d:93:c2:3b:c9:fd:e9:d6:f1:bf:
f0:b0:78:4f:fb:9f:87:39:15:46:a4:1f:9a:30:ac:
23:e5:41:0c:53:45:6f:e7:ec:98:c5:c6:27:8c:ff:
bf:8d:de:7f:77:6c:09:af:b5:66:f9:d6:1c:a7:a4:
59:0f:c4:1c:f7:0d:ae:d5:12:c3:87:8c:0f:51:70:
6c:00:b0:0c:06:24:3b:6d:56:d7:28:a3:d5:2a:46:
32:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:08:BA:7C:DB:ED:FB:93:FC:8F:94:71:32:69:88:9B:9A:39:8E:98
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/ggi6fNvt-5P8j5RxMmmIm5o5jpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.245.0/24
79.132.145.0/24
79.132.153.0-79.132.154.255
85.112.211.0/24
86.107.248.0/21
185.183.63.0/24
185.223.148.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:01:41:10:0a:46:ea:d9:c5:4b:f2:d3:40:ba:13:24:f2:63:
10:b9:54:49:05:95:c5:62:8a:d3:f8:b5:74:0f:88:d2:95:e1:
fc:fe:88:57:2f:fb:30:06:27:b9:7c:bc:dd:8c:05:c0:f2:91:
d8:fe:16:e9:95:77:3b:d5:1a:a3:f5:84:38:8f:92:8a:35:6c:
31:cd:8e:59:84:56:7a:3e:e9:02:78:f2:22:85:61:bb:9c:b8:
24:97:ae:90:4f:ab:84:e4:b3:f2:ae:ae:cc:92:12:ee:ce:30:
cc:22:f8:f9:17:e8:14:4f:e9:6b:59:b0:8a:1e:a4:5a:cb:8e:
74:e8:45:2d:ae:d0:03:91:7f:98:6c:49:b2:ae:99:b0:42:ba:
07:99:b5:79:2b:c1:e1:3d:df:87:39:22:4e:08:83:1d:cb:b5:
14:2e:2b:ac:f1:68:3f:e7:9e:fb:95:5c:20:0f:00:47:03:86:
97:d1:3c:d9:61:6d:26:2b:c8:a5:d2:f7:a5:38:f3:32:53:c1:
8e:62:b0:dd:9b:f0:5b:48:2c:9b:d0:df:70:eb:fa:b6:4d:fa:
f4:7b:f6:da:62:aa:d6:c6:a9:e0:59:50:c1:ac:15:94:cb:2e:
f0:8d:19:09:7f:2d:ed:00:8e:04:98:a5:51:ef:11:2a:96:e8:
06:bc:c9:7b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYNWiqXixLmdonzcnZfYwhG9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjIwOTE5MTYxNzUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjA4YmE3Y2RiZWRmYjkzZmM4Zjk0NzEzMjY5ODg5YjlhMzk4ZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi+4rqrqjKN0fPvRbradS9vcvJb78
o15yNhHV2Lut9rxuvV2P1tVrRWA54Np9TUtOT62TajcLzWjzEzyBZ0JArpZt5IeK
JcilsGieVeDeM53m577b7IHi/wMEi6sWW0G9YmD505rPQlCo1vOxo41K40xdOCsB
ae1IUzFvPlIBokf+6C4JjDai/3yAxp8jGCOx3adL9HXVf9xb7xHIUiUPeK26nBC5
rZCBiC2TwjvJ/enW8b/wsHhP+5+HORVGpB+aMKwj5UEMU0Vv5+yYxcYnjP+/jd5/
d2wJr7Vm+dYcp6RZD8Qc9w2u1RLDh4wPUXBsALAMBiQ7bVbXKKPVKkYykwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFIIIunzb7fuT/I+UcTJpiJuaOY6YMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvZ2dpNmZOdnQtNVA4ajVSeE1tbUltNW81anBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQALvf1AwQA
T4SRMAwDBABPhJkDBABPhJoDBABVcNMDBANWa/gDBAC5tz8DBAC535QwDQYJKoZI
hvcNAQELBQADggEBAFwBQRAKRurZxUvy00C6EyTyYxC5VEkFlcViitP4tXQPiNKV
4fz+iFcv+zAGJ7l8vN2MBcDykdj+FumVdzvVGqP1hDiPkoo1bDHNjlmEVno+6QJ4
8iKFYbucuCSXrpBPq4Tks/KursySEu7OMMwi+PkX6BRP6WtZsIoepFrLjnToRS2u
0AORf5hsSbKumbBCugeZtXkrweE934c5Ik4Igx3LtRQuK6zxaD/nnvuVXCAPAEcD
hpfRPNlhbSYryKXS96U48zJTwY5isN2b8FtILJvQ33Dr+rZN+vR79tpiqtbGqeBZ
UMGsFZTLLvCNGQl/Le0AjgSYpVHvESqW6Aa8yXs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:46 2024 by rpki-client on console-fra.rpki-client.org