Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/DLiJBuC15grxCW-Uc-WlK3CdGQE.roa
File: DLiJBuC15grxCW-Uc-WlK3CdGQE.roa (raw, json)
Hash identifier: CwrekHyRmN8dpaH/7XPrC1U9vquUYPE/erOl2DglQmE=
Subject key identifier: 0C:B8:89:06:E0:B5:E6:0A:F1:09:6F:94:73:E5:A5:2B:70:9D:19:01
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 0183C677B2F68FEEC94763021D6918D47509
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/DLiJBuC15grxCW-Uc-WlK3CdGQE.roa
Signing time: Tue 11 Oct 2022 09:54:36 +0000
ROA not before: Tue 11 Oct 2022 09:54:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39494
IP address blocks: 89.104.64.0/19 maxlen: 19
89.104.76.0/24 maxlen: 24
89.111.128.0/18 maxlen: 18
79.174.72.0/22 maxlen: 22
89.111.144.0/20 maxlen: 20
89.111.160.0/20 maxlen: 24
89.111.176.0/20 maxlen: 20
89.111.177.0/24 maxlen: 24
89.111.176.0/22 maxlen: 22
2a01:d8::/32 maxlen: 48
2a02:2090::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c6:77:b2:f6:8f:ee:c9:47:63:02:1d:69:18:d4:75:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Oct 11 09:54:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0cb88906e0b5e60af1096f9473e5a52b709d1901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:5a:bb:0b:13:22:c6:ad:b3:62:05:05:70:23:
00:bb:cf:b0:5e:8c:55:46:ac:a8:ae:00:cb:1e:40:
bd:15:e3:8a:19:77:5d:9d:1a:57:ff:f0:4c:1c:5d:
04:54:a8:6e:8c:ee:a5:89:ae:38:ae:07:d7:5e:f7:
0f:cf:0b:a9:41:11:93:30:14:8d:8e:26:f0:77:7d:
89:49:61:aa:99:93:bf:f6:33:49:a9:15:34:99:e4:
e9:48:21:c6:f7:99:eb:48:a7:e8:c8:98:a9:da:a6:
06:2d:3f:b1:a2:cf:f3:58:32:31:19:09:b6:5d:4c:
54:6f:b9:3c:8c:0b:58:e0:b5:24:47:10:dd:c8:47:
d5:e7:07:ef:de:88:da:ed:53:1c:b1:55:c0:de:34:
12:a5:93:72:28:3f:b6:91:9e:13:2d:02:8b:35:2d:
32:a0:f2:e7:8c:c9:f3:26:72:8a:26:56:ac:ac:50:
ae:e4:6c:57:d6:f7:bf:5a:36:6f:10:90:5b:b2:86:
34:b0:ed:b0:5c:b8:ad:a1:71:3b:13:50:62:3e:7f:
f4:80:0e:fb:a5:0c:e0:30:74:79:dc:ef:18:e7:73:
ec:e9:dd:b2:3f:5b:87:e3:20:3f:ed:67:19:1d:4e:
3a:56:31:bb:bf:13:19:de:7b:90:71:71:21:49:49:
39:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:B8:89:06:E0:B5:E6:0A:F1:09:6F:94:73:E5:A5:2B:70:9D:19:01
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/DLiJBuC15grxCW-Uc-WlK3CdGQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.72.0/22
89.104.64.0/19
89.111.128.0/18
IPv6:
2a01:d8::/32
2a02:2090::/32
Signature Algorithm: sha256WithRSAEncryption
17:6a:2a:29:de:9e:35:a0:5a:cf:eb:01:80:f2:5f:af:ce:57:
1d:72:59:96:38:3e:17:68:56:1c:f1:0c:74:1f:59:a0:cb:15:
a6:f3:67:b5:e3:61:7e:61:d9:04:0a:f0:8c:96:1f:04:fc:97:
3d:a1:11:f9:e6:cf:17:4f:e4:25:fa:61:bd:8b:c6:3b:34:db:
54:ab:cf:99:26:36:1a:27:c4:52:b3:b8:f1:be:7f:62:34:a0:
25:ef:ff:eb:d4:0a:9e:cd:7a:df:12:f3:47:f6:1f:69:9d:7b:
28:6c:5f:a2:0b:f6:b9:76:e9:da:b5:a7:e6:28:f5:93:01:c6:
6f:77:ad:54:94:e4:7c:5d:ec:8e:cc:ac:20:8d:b6:eb:af:99:
99:1d:38:cb:90:d2:0b:c7:d6:19:75:8d:de:4f:05:ec:78:12:
d9:53:a2:c4:f8:11:f6:91:0d:96:39:06:7a:a1:a3:ea:32:9f:
b6:08:32:1a:7d:4d:65:8b:a3:ea:d3:6d:17:2b:7a:95:2d:6e:
b6:ab:9a:d5:e9:18:ae:9b:1d:51:b0:09:1d:72:45:1a:d7:82:
e1:e1:5b:6b:12:fe:ab:b1:10:20:16:cc:4c:0a:9c:7b:e6:6c:
eb:ff:5b:c5:2a:ae:9c:a6:b6:12:de:63:54:f2:69:29:c4:21:
59:8a:6b:c0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYPGd7L2j+7JR2MCHWkY1HUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZmFkMjNlMTFjZjBkMjRhNDc3NTk0ZWJhMDlmOTlhY2M2
ZjFmZmYwHhcNMjIxMDExMDk1NDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2I4ODkwNmUwYjVlNjBhZjEwOTZmOTQ3M2U1YTUyYjcwOWQxOTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlq7CxMixq2zYgUFcCMAu8+wXoxV
RqyorgDLHkC9FeOKGXddnRpX//BMHF0EVKhujO6lia44rgfXXvcPzwupQRGTMBSN
jibwd32JSWGqmZO/9jNJqRU0meTpSCHG95nrSKfoyJip2qYGLT+xos/zWDIxGQm2
XUxUb7k8jAtY4LUkRxDdyEfV5wfv3oja7VMcsVXA3jQSpZNyKD+2kZ4TLQKLNS0y
oPLnjMnzJnKKJlasrFCu5GxX1ve/WjZvEJBbsoY0sO2wXLitoXE7E1BiPn/0gA77
pQzgMHR53O8Y53Ps6d2yP1uH4yA/7WcZHU46VjG7vxMZ3nuQcXEhSUk5cQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAy4iQbgteYK8QlvlHPlpStwnRkBMB8GA1UdIwQY
MBaAFL360j4Rzw0kpHdZTroJ+ZrMbx//MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEt
NGY0ZTcxZTMyMDg0LzEvRExpSkJ1QzE1Z3J4Q1ctVWMtV2xLM0NkR1FFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9lMjUyMzktNmFiMC00OTE5LWE3NmEtNGY0ZTcxZTMyMDg0
LzEvdmZyU1BoSFBEU1NrZDFsT3VnbjVtc3h2SF84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCT65IAwQF
WWhAAwQGWW+AMBQEAgACMA4DBQAqAQDYAwUAKgIgkDANBgkqhkiG9w0BAQsFAAOC
AQEAF2oqKd6eNaBaz+sBgPJfr85XHXJZljg+F2hWHPEMdB9ZoMsVpvNnteNhfmHZ
BArwjJYfBPyXPaER+ebPF0/kJfphvYvGOzTbVKvPmSY2GifEUrO48b5/YjSgJe//
69QKns163xLzR/YfaZ17KGxfogv2uXbp2rWn5ij1kwHGb3etVJTkfF3sjsysII22
66+ZmR04y5DSC8fWGXWN3k8F7HgS2VOixPgR9pENljkGeqGj6jKftggyGn1NZYuj
6tNtFyt6lS1utqua1ekYrpsdUbAJHXJFGteC4eFbaxL+q7EQIBbMTAqce+Zs6/9b
xSqunKa2Et5jVPJpKcQhWYprwA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:15 2024 by rpki-client on console-fra.rpki-client.org