Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/oVLaZAcomlIN7AgD0oOsqMeLn-k.roa
File: oVLaZAcomlIN7AgD0oOsqMeLn-k.roa (raw, json)
Hash identifier: Xqr/nxjeZDgdsw+yPEyT6szrp+gSJt9rDU1Ube+r9FE=
Subject key identifier: A1:52:DA:64:07:28:9A:52:0D:EC:08:03:D2:83:AC:A8:C7:8B:9F:E9
Certificate issuer: /CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f
Certificate serial: 945F09
Authority key identifier: 1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/oVLaZAcomlIN7AgD0oOsqMeLn-k.roa
Signing time: Thu 24 Mar 2022 13:34:18 +0000
ROA not before: Thu 24 Mar 2022 13:34:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43500
IP address blocks: 212.46.44.0/24 maxlen: 24
185.130.209.0/24 maxlen: 24
185.130.210.0/23 maxlen: 24
195.189.144.0/24 maxlen: 24
2a12:b40::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 9723657 (0x945f09)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c78b1836decab4ff5bdfa5e377a3df87f18fc0f
Validity
Not Before: Mar 24 13:34:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a152da6407289a520dec0803d283aca8c78b9fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:70:66:83:32:d6:27:37:43:dc:86:a0:7b:64:
0f:3d:fc:a8:57:83:4a:d4:38:07:d3:cc:af:e6:ef:
78:22:52:74:a3:a3:d5:9a:39:01:c3:b5:cb:cf:42:
34:5d:16:90:38:93:17:ae:92:06:bb:ab:b7:58:b3:
ee:9b:79:7b:1d:bb:3b:dd:be:76:39:0f:df:41:92:
73:49:22:f7:b6:6d:94:89:c0:0d:27:7f:c9:d1:d9:
2f:8a:79:24:a1:af:63:a7:3d:d8:18:ed:e6:98:57:
74:80:52:4c:19:a5:b3:48:f0:07:60:6e:7c:2d:82:
cd:40:ca:63:2c:70:66:fe:0e:94:dc:ea:12:23:4e:
0c:5b:e1:9e:de:6e:3a:42:d0:2b:0a:5b:62:b0:4c:
dd:e3:a9:48:db:de:33:c3:5d:74:0f:5b:d2:39:70:
f1:05:11:b3:9c:f5:06:95:56:c0:1a:d5:78:5f:bd:
a2:bb:66:55:d6:f6:5d:f1:df:31:85:54:4c:f2:fd:
62:00:6c:b7:84:67:38:b3:43:40:7f:c4:3d:bb:09:
64:81:3b:55:75:f6:67:06:a7:a0:62:08:0a:17:1a:
2a:44:5e:6c:ce:8d:65:75:28:02:ad:41:1e:fe:b9:
a7:76:23:32:0d:27:df:4c:21:52:af:1f:1b:13:60:
6b:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:52:DA:64:07:28:9A:52:0D:EC:08:03:D2:83:AC:A8:C7:8B:9F:E9
X509v3 Authority Key Identifier:
keyid:1C:78:B1:83:6D:EC:AB:4F:F5:BD:FA:5E:37:7A:3D:F8:7F:18:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HHixg23sq0_1vfpeN3o9-H8Y_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/oVLaZAcomlIN7AgD0oOsqMeLn-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/c6152d-1c90-40cc-a206-ec3cb36d1026/1/HHixg23sq0_1vfpeN3o9-H8Y_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.209.0-185.130.211.255
195.189.144.0/24
212.46.44.0/24
IPv6:
2a12:b40::/29
Signature Algorithm: sha256WithRSAEncryption
a6:99:d7:b2:1a:53:6f:c0:aa:19:e1:88:61:73:ed:af:cd:10:
75:f5:7c:d8:cb:25:2a:8b:8a:60:1b:52:5c:fc:0a:7e:42:77:
d3:51:84:6f:f5:ce:5e:fc:39:e1:4d:2c:c7:74:0b:34:1e:b5:
dc:fc:92:41:6d:55:c5:0d:56:d4:a1:4f:ea:81:8f:b7:4f:c5:
10:c6:8c:ef:6b:89:39:69:c3:54:57:b9:f6:81:67:a6:2a:8f:
82:91:d3:5a:df:32:1a:28:03:a1:9b:0a:6f:49:7d:f2:58:00:
5f:f5:93:de:32:66:c4:62:1f:60:0d:f6:23:f2:80:8f:40:56:
c5:13:d2:6d:22:95:8e:3c:4f:76:99:97:8a:fc:09:8b:00:71:
3a:a0:0a:fa:92:f1:1a:8a:98:37:1a:16:7d:06:fb:66:8a:d2:
50:85:01:27:a3:3b:3f:46:a0:43:1b:fc:ac:d4:1a:6e:72:58:
53:5a:f5:2d:11:ba:7f:0a:3f:bc:41:2a:e5:2f:2f:e4:df:b8:
55:50:98:9c:14:21:90:f7:71:73:69:e5:4a:26:ae:0b:65:6a:
0e:77:f0:f5:8f:e0:6e:ac:ca:e8:0e:62:6d:78:ea:07:9b:d5:
0e:49:d9:26:9d:19:d2:87:96:3b:04:d8:19:9e:fa:b6:88:9d:
84:5b:0b:79
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIEAJRfCTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
Yzc4YjE4MzZkZWNhYjRmZjViZGZhNWUzNzdhM2RmODdmMThmYzBmMB4XDTIyMDMy
NDEzMzQxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTE1MmRhNjQwNzI4
OWE1MjBkZWMwODAzZDI4M2FjYThjNzhiOWZlOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKBwZoMy1ic3Q9yGoHtkDz38qFeDStQ4B9PMr+bveCJSdKOj
1Zo5AcO1y89CNF0WkDiTF66SBrurt1iz7pt5ex27O92+djkP30GSc0ki97ZtlInA
DSd/ydHZL4p5JKGvY6c92Bjt5phXdIBSTBmls0jwB2BufC2CzUDKYyxwZv4OlNzq
EiNODFvhnt5uOkLQKwpbYrBM3eOpSNveM8NddA9b0jlw8QURs5z1BpVWwBrVeF+9
ortmVdb2XfHfMYVUTPL9YgBst4RnOLNDQH/EPbsJZIE7VXX2ZwanoGIIChcaKkRe
bM6NZXUoAq1BHv65p3YjMg0n30whUq8fGxNga78CAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBShUtpkByiaUg3sCAPSg6yox4uf6TAfBgNVHSMEGDAWgBQceLGDbeyrT/W9
+l43ej34fxj8DzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0hIaXhnMjNzcTBfMXZmcGVOM285LUg4WV9BOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDgvYzYxNTJkLTFjOTAtNDBjYy1hMjA2LWVjM2NiMzZkMTAyNi8x
L29WTGFaQWNvbWxJTjdBZ0Qwb09zcU1lTG4tay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDgv
YzYxNTJkLTFjOTAtNDBjYy1hMjA2LWVjM2NiMzZkMTAyNi8xL0hIaXhnMjNzcTBf
MXZmcGVOM285LUg4WV9BOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwIAQCAAEwGjAMAwQAuYLRAwQCuYLQAwQAw72QAwQA
1C4sMA0EAgACMAcDBQMqEgtAMA0GCSqGSIb3DQEBCwUAA4IBAQCmmdeyGlNvwKoZ
4Yhhc+2vzRB19XzYyyUqi4pgG1Jc/Ap+QnfTUYRv9c5e/DnhTSzHdAs0HrXc/JJB
bVXFDVbUoU/qgY+3T8UQxozva4k5acNUV7n2gWemKo+CkdNa3zIaKAOhmwpvSX3y
WABf9ZPeMmbEYh9gDfYj8oCPQFbFE9JtIpWOPE92mZeK/AmLAHE6oAr6kvEaipg3
GhZ9BvtmitJQhQEnozs/RqBDG/ys1BpuclhTWvUtEbp/Cj+8QSrlLy/k37hVUJic
FCGQ93FzaeVKJq4LZWoOd/D1j+BurMroDmJteOoHm9UOSdkmnRnSh5Y7BNgZnvq2
iJ2EWwt5
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:48 2024 by rpki-client on console-fra.rpki-client.org