Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Kww8cfa0hpfc6l6W3A6FzECXUoA.roa
File: Kww8cfa0hpfc6l6W3A6FzECXUoA.roa (raw, json)
Hash identifier: 9AAYzV0ooe7yUWP9kNvBMaJNRCYKVR2fLSgYvX7rBPM=
Subject key identifier: 2B:0C:3C:71:F6:B4:86:97:DC:EA:5E:96:DC:0E:85:CC:40:97:52:80
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0183360041DDA424D1983EF95C1D4B0E9D9C
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Kww8cfa0hpfc6l6W3A6FzECXUoA.roa
Signing time: Tue 13 Sep 2022 08:38:49 +0000
ROA not before: Tue 13 Sep 2022 08:38:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 81.22.136.0/22 maxlen: 22
109.72.122.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
93.185.214.0/24 maxlen: 24
81.22.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:36:00:41:dd:a4:24:d1:98:3e:f9:5c:1d:4b:0e:9d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 13 08:38:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b0c3c71f6b48697dcea5e96dc0e85cc40975280
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ea:08:8f:96:2d:79:9c:62:b5:96:c4:07:c9:
9a:ed:98:33:ae:af:d4:53:db:75:c2:9e:dc:a7:bd:
9e:02:aa:aa:9d:56:07:63:a7:d1:72:a7:56:5f:8b:
58:34:11:87:27:31:49:2a:d0:ff:9c:9d:4a:ed:ce:
00:4e:4b:d5:52:37:f6:92:0d:ce:c4:14:5e:89:7f:
e8:04:2d:9b:e1:31:59:a6:4d:53:18:1b:c2:97:77:
b5:2e:f6:0d:6f:85:09:1f:ec:89:ae:6b:46:9e:43:
f4:be:75:36:63:be:3f:81:0c:c7:66:51:70:d6:34:
3d:c8:ff:22:75:d7:f5:55:ec:f4:e4:bd:8b:15:33:
69:0d:38:9b:d2:d4:fc:bb:6c:c5:bd:65:16:a0:54:
c0:79:9a:68:35:08:f4:db:4d:78:1d:be:7b:4e:f4:
f6:a9:68:1e:45:77:b1:9f:8d:a7:7d:0f:4c:9f:8d:
4f:02:d9:0d:18:9b:d5:49:98:84:6a:5a:52:50:17:
e4:cb:18:53:75:d0:07:20:72:cc:a5:aa:f4:de:ae:
60:19:d9:e8:d7:c1:37:15:cf:cd:76:99:23:db:51:
4a:60:1e:76:37:f6:de:fb:bd:5b:c7:56:77:69:da:
0a:da:27:f0:f7:c0:42:44:86:b5:64:fc:71:80:bc:
21:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:0C:3C:71:F6:B4:86:97:DC:EA:5E:96:DC:0E:85:CC:40:97:52:80
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/Kww8cfa0hpfc6l6W3A6FzECXUoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0-81.22.139.255
89.185.0.0/22
93.185.214.0/24
109.72.122.0/23
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
39:bc:01:a0:19:ba:74:cc:8a:14:6e:3d:95:bd:af:e9:53:62:
f2:f6:53:7e:29:8a:49:e4:88:25:86:a2:3f:61:13:a0:db:a4:
a2:e1:43:49:57:fa:26:0e:a0:29:c4:14:f9:61:c8:6e:42:31:
c5:05:29:d9:8d:35:80:f5:f1:48:c3:17:3c:65:85:c6:dc:81:
80:6b:df:a0:72:9b:13:04:0a:26:bb:8a:91:d3:69:26:92:bc:
bd:7b:e3:16:36:4a:25:33:7f:4a:e3:e2:1c:93:95:fe:55:09:
2c:5c:bc:94:8b:0a:ca:88:58:4a:c0:57:7d:c0:35:00:9f:09:
46:28:ff:08:f2:4f:51:4f:17:cb:fe:c1:66:3f:65:01:c6:0d:
cb:09:21:0d:df:f4:70:e3:4d:2f:17:be:65:ce:9e:5f:0e:85:
4d:24:f0:53:8e:c4:21:39:3c:59:56:ea:41:a3:19:66:fc:73:
9f:b3:59:29:e7:b7:a4:a6:ca:bd:08:c5:b0:d6:85:26:e4:fd:
8e:76:44:7a:3c:7f:19:2e:a6:aa:e8:53:c6:db:f3:64:e4:7c:
0f:26:6e:06:c4:43:33:ad:d8:d3:7f:80:ed:12:27:f8:66:2a:
55:bc:60:a2:86:bc:55:49:c6:a3:74:bc:e2:d4:61:b0:f7:bf:
8f:b6:f9:72
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYM2AEHdpCTRmD75XB1LDp2cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIwOTEzMDgzODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjBjM2M3MWY2YjQ4Njk3ZGNlYTVlOTZkYzBlODVjYzQwOTc1MjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOoIj5YteZxitZbEB8ma7Zgzrq/U
U9t1wp7cp72eAqqqnVYHY6fRcqdWX4tYNBGHJzFJKtD/nJ1K7c4ATkvVUjf2kg3O
xBReiX/oBC2b4TFZpk1TGBvCl3e1LvYNb4UJH+yJrmtGnkP0vnU2Y74/gQzHZlFw
1jQ9yP8iddf1Vez05L2LFTNpDTib0tT8u2zFvWUWoFTAeZpoNQj02014Hb57TvT2
qWgeRXexn42nfQ9Mn41PAtkNGJvVSZiEalpSUBfkyxhTddAHIHLMpar03q5gGdno
18E3Fc/Ndpkj21FKYB52N/be+71bx1Z3adoK2ifw98BCRIa1ZPxxgLwhCwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFCsMPHH2tIaX3OpeltwOhcxAl1KAMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvS3d3OGNmYTBocGZjNmw2VzNBNkZ6RUNYVW9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAdRFoAD
BAJRFogDBAJZuQADBABdudYDBAFtSHoDBAK5HsgwDQYJKoZIhvcNAQELBQADggEB
ADm8AaAZunTMihRuPZW9r+lTYvL2U34piknkiCWGoj9hE6DbpKLhQ0lX+iYOoCnE
FPlhyG5CMcUFKdmNNYD18UjDFzxlhcbcgYBr36BymxMECia7ipHTaSaSvL174xY2
SiUzf0rj4hyTlf5VCSxcvJSLCsqIWErAV33ANQCfCUYo/wjyT1FPF8v+wWY/ZQHG
DcsJIQ3f9HDjTS8XvmXOnl8OhU0k8FOOxCE5PFlW6kGjGWb8c5+zWSnnt6Smyr0I
xbDWhSbk/Y52RHo8fxkupqroU8bb82TkfA8mbgbEQzOt2NN/gO0SJ/hmKlW8YKKG
vFVJxqN0vOLUYbD3v4+2+XI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org