Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DwCm82l_E2WKVz7etPNLzVzRKLU.roa
File: DwCm82l_E2WKVz7etPNLzVzRKLU.roa (raw, json)
Hash identifier: TJbyZnI+ChCFDLYOcTBG0zV78nlsOgET/gsyGUatEHE=
Subject key identifier: 0F:00:A6:F3:69:7F:13:65:8A:57:3E:DE:B4:F3:4B:CD:5C:D1:28:B5
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0184558992CEABD15662D30D7B1C5FEAA843
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DwCm82l_E2WKVz7etPNLzVzRKLU.roa
Signing time: Tue 08 Nov 2022 04:39:50 +0000
ROA not before: Tue 08 Nov 2022 04:39:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 89.185.24.0/21 maxlen: 24
109.72.122.0/24 maxlen: 24
109.72.124.0/22 maxlen: 22
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
93.185.214.0/24 maxlen: 24
81.22.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:55:89:92:ce:ab:d1:56:62:d3:0d:7b:1c:5f:ea:a8:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 8 04:39:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f00a6f3697f13658a573edeb4f34bcd5cd128b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:78:80:5c:ce:16:8b:38:b3:97:5c:15:91:cb:
a2:47:0e:89:17:bc:a2:a4:7d:b2:95:2c:d2:2a:b8:
80:aa:3e:23:f7:36:44:00:98:a1:06:c0:ce:25:5e:
56:ea:f1:75:d9:45:d5:cd:47:3b:bf:55:ca:0d:5d:
73:49:8e:c3:bb:d9:4a:b0:16:8b:20:9a:f2:4b:4c:
a5:24:e8:88:33:cf:44:10:a3:fb:3a:ed:b7:ed:60:
df:90:01:5d:f7:74:1e:48:bc:2c:07:2d:46:85:76:
18:13:a1:35:3c:a5:ab:72:87:d4:4f:bd:2a:41:87:
97:1f:4d:b9:d6:4d:21:d2:e6:24:cc:4a:0e:b7:e7:
ea:99:aa:7e:91:77:4b:fa:89:0c:e8:e2:24:e6:4f:
63:99:fb:af:49:33:f5:cb:63:93:24:e2:a0:14:86:
ef:6c:fc:89:6f:be:86:d5:95:6a:be:0b:f8:56:77:
6f:f0:0f:78:4e:f5:d9:30:17:dc:39:18:10:8c:80:
10:87:c3:5b:81:1c:03:e6:da:cf:12:50:4c:cd:a2:
a2:a8:33:8e:78:12:e8:92:8b:d7:e8:1e:74:82:1d:
07:fc:05:e1:43:08:31:03:a2:7c:f1:9f:4b:08:66:
62:67:53:bb:ff:9a:0c:d6:ad:64:07:a2:fa:b7:4c:
ac:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:00:A6:F3:69:7F:13:65:8A:57:3E:DE:B4:F3:4B:CD:5C:D1:28:B5
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/DwCm82l_E2WKVz7etPNLzVzRKLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/21
89.185.0.0/22
89.185.24.0/21
93.185.214.0/24
109.72.122.0/24
109.72.124.0/22
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
45:80:b1:6e:86:40:23:cb:42:e6:0a:6b:d1:79:b6:98:88:ff:
58:85:9f:0a:91:70:fe:d1:66:d9:f1:45:ac:49:2f:b8:29:ad:
d6:5b:fa:8c:8e:c1:ec:bf:60:8d:d7:af:2f:bc:b0:2d:cd:cc:
d1:ce:ca:0b:26:53:ec:af:a0:11:18:5d:80:e2:e7:3b:31:9e:
10:8c:cf:bf:97:eb:ee:b5:46:42:36:16:5c:61:b2:ea:bb:20:
86:b6:2e:c8:d1:b4:f6:02:1f:c3:b7:6c:15:aa:29:74:a5:b3:
ed:8a:38:0f:da:6a:7e:0b:d3:ac:6c:8f:35:b7:fa:0b:df:55:
48:7d:f8:3e:ad:c2:0d:f5:5a:bc:d0:39:5d:69:a4:3e:aa:70:
cc:1f:eb:82:48:b9:e3:48:14:df:04:68:c5:22:29:03:23:ca:
63:ac:59:29:68:74:49:d6:67:4e:d8:02:f2:0f:5e:93:74:5a:
44:b6:5d:59:94:9f:84:93:1e:fd:de:9d:20:8b:f1:ad:88:3d:
4c:39:61:3d:02:34:c1:70:cb:d8:e9:a9:7f:33:f1:4d:a4:2a:
49:b1:12:28:d5:5e:5d:99:86:fb:6d:69:d5:e9:83:04:d4:b7:
36:10:34:2a:b7:56:60:4e:74:51:43:69:4c:87:50:2d:36:fa:
95:f2:7b:b9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYRViZLOq9FWYtMNexxf6qhDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMTA4MDQzOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjAwYTZmMzY5N2YxMzY1OGE1NzNlZGViNGYzNGJjZDVjZDEyOGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoniAXM4Wizizl1wVkcuiRw6JF7yi
pH2ylSzSKriAqj4j9zZEAJihBsDOJV5W6vF12UXVzUc7v1XKDV1zSY7Du9lKsBaL
IJryS0ylJOiIM89EEKP7Ou237WDfkAFd93QeSLwsBy1GhXYYE6E1PKWrcofUT70q
QYeXH0251k0h0uYkzEoOt+fqmap+kXdL+okM6OIk5k9jmfuvSTP1y2OTJOKgFIbv
bPyJb76G1ZVqvgv4Vndv8A94TvXZMBfcORgQjIAQh8NbgRwD5trPElBMzaKiqDOO
eBLokovX6B50gh0H/AXhQwgxA6J88Z9LCGZiZ1O7/5oM1q1kB6L6t0ysFQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFA8ApvNpfxNlilc+3rTzS81c0Si1MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvRHdDbTgybF9FMldLVno3ZXRQTkx6VnpSS0xVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDURaAAwQC
WbkAAwQDWbkYAwQAXbnWAwQAbUh6AwQCbUh8AwQCuR7IMA0GCSqGSIb3DQEBCwUA
A4IBAQBFgLFuhkAjy0LmCmvRebaYiP9YhZ8KkXD+0WbZ8UWsSS+4Ka3WW/qMjsHs
v2CN168vvLAtzczRzsoLJlPsr6ARGF2A4uc7MZ4QjM+/l+vutUZCNhZcYbLquyCG
ti7I0bT2Ah/Dt2wVqil0pbPtijgP2mp+C9OsbI81t/oL31VIffg+rcIN9Vq80Dld
aaQ+qnDMH+uCSLnjSBTfBGjFIikDI8pjrFkpaHRJ1mdO2ALyD16TdFpEtl1ZlJ+E
kx793p0gi/GtiD1MOWE9AjTBcMvY6al/M/FNpCpJsRIo1V5dmYb7bWnV6YME1Lc2
EDQqt1ZgTnRRQ2lMh1AtNvqV8nu5
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:45 2024 by rpki-client on console-ams.rpki-client.org