Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/0tEgFv3QDFZZ_aFNJDDF0f60QrE.roa
File: 0tEgFv3QDFZZ_aFNJDDF0f60QrE.roa (raw, json)
Hash identifier: SwZ3gshnMHtt+lArvWDN5eIY4k405SA2bH3V/1GzE3E=
Subject key identifier: D2:D1:20:16:FD:D0:0C:56:59:FD:A1:4D:24:30:C5:D1:FE:B4:42:B1
Certificate issuer: /CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Certificate serial: 06F788F8
Authority key identifier: A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/0tEgFv3QDFZZ_aFNJDDF0f60QrE.roa
Signing time: Sat 01 Jan 2022 07:54:01 +0000
ROA not before: Sat 01 Jan 2022 07:54:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29396
IP address blocks: 84.53.64.0/18 maxlen: 24
185.41.144.0/22 maxlen: 24
91.194.8.0/23 maxlen: 24
82.148.192.0/19 maxlen: 24
90.145.0.0/16 maxlen: 24
2a01:5620::/29 maxlen: 48
2a02:120::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 116885752 (0x6f788f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a86580e18ad6ff8dc942be883c16de8b731f9605
Validity
Not Before: Jan 1 07:54:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d2d12016fdd00c5659fda14d2430c5d1feb442b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3a:56:f5:49:47:52:dd:61:6e:d7:56:15:07:
94:17:6b:da:3e:41:f4:b4:f9:ec:fe:f6:3e:1b:fc:
5f:06:fc:93:16:98:51:8b:a4:d8:87:a6:7b:12:c9:
89:d2:6d:be:b1:08:05:36:31:e7:a5:2b:77:88:e8:
1d:35:90:a1:29:80:53:e5:7a:a5:81:6e:c5:e8:0c:
a8:0c:76:58:f6:99:84:b2:d0:37:02:9d:92:c6:3c:
9e:cc:f0:73:a0:ff:a1:0d:5a:d2:9c:19:66:f4:43:
91:d9:4e:79:d2:b5:66:6f:2b:51:2f:d4:54:4c:bb:
4b:bd:e1:5c:fd:21:76:78:59:f9:67:2f:96:34:3e:
1b:cb:50:a6:3d:6e:b0:27:10:a6:58:77:53:14:68:
d9:40:a0:ce:f5:b4:c2:8a:92:0d:0b:7a:ac:97:ab:
6b:fb:66:c9:41:10:d1:26:da:8b:24:48:02:32:44:
8b:03:08:ec:df:ea:3e:ce:24:db:0f:78:60:6c:52:
a1:18:78:ad:f1:03:48:65:b5:54:33:f8:18:92:4a:
c8:73:36:d7:79:7a:c9:c9:01:2e:3b:f2:a3:5a:ed:
75:96:07:0f:a7:6f:a6:a1:d3:25:4e:ae:c8:c4:47:
79:0f:45:35:43:b4:11:e5:69:55:e9:ac:b6:f5:02:
1a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:D1:20:16:FD:D0:0C:56:59:FD:A1:4D:24:30:C5:D1:FE:B4:42:B1
X509v3 Authority Key Identifier:
keyid:A8:65:80:E1:8A:D6:FF:8D:C9:42:BE:88:3C:16:DE:8B:73:1F:96:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qGWA4YrW_43JQr6IPBbei3MflgU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/0tEgFv3QDFZZ_aFNJDDF0f60QrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/e29dce-a174-4b77-89aa-236e92fc6a59/1/qGWA4YrW_43JQr6IPBbei3MflgU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.148.192.0/19
84.53.64.0/18
90.145.0.0/16
91.194.8.0/23
185.41.144.0/22
IPv6:
2a01:5620::/29
2a02:120::/29
Signature Algorithm: sha256WithRSAEncryption
15:72:90:0d:ce:68:2a:51:a5:e4:20:3c:8a:98:df:4e:81:df:
2d:a4:e8:0e:07:28:41:57:fc:b8:b6:4b:21:9a:d9:6a:68:15:
e8:43:da:11:c9:61:da:d0:03:15:b7:99:af:c0:92:46:60:96:
cc:90:0c:a0:d9:3d:14:4f:69:63:6f:49:96:ae:9c:b2:23:d2:
77:7d:a2:b1:86:c4:83:bd:e8:64:84:e5:b0:a8:11:c4:91:c9:
ed:0b:ea:ce:79:b0:a5:3c:14:38:90:52:62:03:aa:af:66:31:
3d:03:4b:5b:80:2f:17:02:09:bc:7f:05:85:f2:fa:b5:37:d5:
21:69:de:f0:4e:0a:68:ec:de:0f:9a:ce:a5:0e:b1:3d:9e:df:
75:62:52:2b:c9:98:18:ed:df:cf:25:d9:83:2e:c1:95:2b:d3:
b3:15:ce:d5:5c:cd:04:fe:a2:07:38:27:33:75:75:ba:dd:04:
6d:70:7d:37:2b:90:9d:be:37:a3:90:ab:be:6e:d6:83:46:f5:
33:4c:0e:ca:b3:61:51:70:b1:ad:e1:06:bb:9f:51:95:a5:22:
46:7d:ae:82:83:b3:fe:06:78:9e:4e:39:e1:31:3d:9b:71:09:
2a:81:b6:1b:4c:55:d3:e0:f4:83:36:c5:e6:f8:9a:35:61:10:
df:0d:fe:a2
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEBveI+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODY1ODBlMThhZDZmZjhkYzk0MmJlODgzYzE2ZGU4YjczMWY5NjA1MB4XDTIyMDEw
MTA3NTQwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDJkMTIwMTZmZGQw
MGM1NjU5ZmRhMTRkMjQzMGM1ZDFmZWI0NDJiMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKU6VvVJR1LdYW7XVhUHlBdr2j5B9LT57P72Phv8Xwb8kxaY
UYuk2IemexLJidJtvrEIBTYx56Urd4joHTWQoSmAU+V6pYFuxegMqAx2WPaZhLLQ
NwKdksY8nszwc6D/oQ1a0pwZZvRDkdlOedK1Zm8rUS/UVEy7S73hXP0hdnhZ+Wcv
ljQ+G8tQpj1usCcQplh3UxRo2UCgzvW0woqSDQt6rJera/tmyUEQ0SbaiyRIAjJE
iwMI7N/qPs4k2w94YGxSoRh4rfEDSGW1VDP4GJJKyHM213l6yckBLjvyo1rtdZYH
D6dvpqHTJU6uyMRHeQ9FNUO0EeVpVemstvUCGuECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTS0SAW/dAMVln9oU0kMMXR/rRCsTAfBgNVHSMEGDAWgBSoZYDhitb/jclC
vog8Ft6Lcx+WBTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FHV0E0WXJXXzQzSlFyNklQQmJlaTNNZmxnVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjkvZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8x
LzB0RWdGdjNRREZaWl9hRk5KRERGMGY2MFFyRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjkv
ZTI5ZGNlLWExNzQtNGI3Ny04OWFhLTIzNmU5MmZjNmE1OS8xL3FHV0E0WXJXXzQz
SlFyNklQQmJlaTNNZmxnVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswIwQCAAEwHQMEBVKUwAMEBlQ1QAMDAFqRAwQBW8II
AwQCuSmQMBQEAgACMA4DBQMqAVYgAwUDKgIBIDANBgkqhkiG9w0BAQsFAAOCAQEA
FXKQDc5oKlGl5CA8ipjfToHfLaToDgcoQVf8uLZLIZrZamgV6EPaEclh2tADFbeZ
r8CSRmCWzJAMoNk9FE9pY29Jlq6csiPSd32isYbEg73oZITlsKgRxJHJ7Qvqznmw
pTwUOJBSYgOqr2YxPQNLW4AvFwIJvH8FhfL6tTfVIWne8E4KaOzeD5rOpQ6xPZ7f
dWJSK8mYGO3fzyXZgy7BlSvTsxXO1VzNBP6iBzgnM3V1ut0EbXB9NyuQnb43o5Cr
vm7Wg0b1M0wOyrNhUXCxreEGu59RlaUiRn2ugoOz/gZ4nk454TE9m3EJKoG2G0xV
0+D0gzbF5viaNWEQ3w3+og==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:51:20 2024 by rpki-client on console-fra.rpki-client.org