Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/N9UbvK7XtJtRtQrBCGg-yrNKR38.roa
File: N9UbvK7XtJtRtQrBCGg-yrNKR38.roa (raw, json)
Hash identifier: ZiBYu7uZq56vE1gReGHitRBn8E3rz460exlb3yc0Q7k=
Subject key identifier: 37:D5:1B:BC:AE:D7:B4:9B:51:B5:0A:C1:08:68:3E:CA:B3:4A:47:7F
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1BD8864B
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/N9UbvK7XtJtRtQrBCGg-yrNKR38.roa
Signing time: Sat 01 Jan 2022 11:56:49 +0000
ROA not before: Sat 01 Jan 2022 11:56:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34092
IP address blocks: 89.185.24.0/21 maxlen: 21
109.72.112.0/20 maxlen: 20
93.185.208.0/20 maxlen: 20
81.22.128.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 467174987 (0x1bd8864b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jan 1 11:56:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=37d51bbcaed7b49b51b50ac108683ecab34a477f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:52:b5:69:df:a5:4f:94:d0:e0:8a:7e:fa:61:
dc:01:2c:b6:29:d7:33:5b:fe:37:21:73:8f:a6:dd:
ad:44:54:a3:72:78:49:1e:f4:3c:22:72:6b:d9:4d:
a3:c9:c7:30:75:63:b0:e8:a0:ad:ed:61:38:50:50:
45:56:93:a8:f4:41:6a:3d:37:11:4f:d0:67:86:4e:
3a:da:f6:0f:5e:8c:80:9c:4b:4d:9d:72:b9:50:15:
d0:f7:de:53:37:a6:22:ae:a6:28:62:c6:79:1a:37:
cd:3f:6b:83:6d:cb:14:3d:72:28:50:bb:a6:1a:27:
ca:e5:ae:e1:0f:41:13:3c:3e:5a:2b:f7:c0:70:2e:
01:7a:b9:a3:ba:d2:a8:5b:4c:a4:06:8e:a7:40:da:
2b:4b:71:08:6d:14:c8:29:dc:b9:b0:dc:b2:30:ae:
83:42:65:db:7d:5f:d6:1c:cd:b1:54:78:ad:22:f2:
2c:07:00:13:db:7d:39:1c:ab:ab:97:c1:41:8b:c2:
6c:98:e6:7d:c4:3c:5b:e9:45:91:55:44:57:0c:a4:
b5:f7:1e:fa:43:cf:cd:0a:d2:9f:28:8f:8f:15:3e:
04:04:ba:75:69:15:12:6d:a0:c1:22:f0:4b:75:b5:
28:08:58:0b:bd:66:4f:89:f8:28:a8:97:4d:fb:9a:
e7:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D5:1B:BC:AE:D7:B4:9B:51:B5:0A:C1:08:68:3E:CA:B3:4A:47:7F
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/N9UbvK7XtJtRtQrBCGg-yrNKR38.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/20
89.185.24.0/21
93.185.208.0/20
109.72.112.0/20
Signature Algorithm: sha256WithRSAEncryption
6d:44:a2:bd:fe:4e:d7:31:62:53:f7:fe:c8:31:48:c8:6a:d3:
83:d6:a8:8a:6a:8f:bd:f8:0b:b6:62:41:67:d1:87:12:c7:c6:
77:c8:e5:bb:74:3f:dc:3f:57:11:f3:c3:29:b2:6a:de:9e:4a:
63:c8:15:9b:5d:56:de:c9:16:73:21:c5:8f:82:c1:9e:98:a8:
65:58:93:0e:56:3b:59:75:4c:06:2c:f4:54:83:7d:1d:b2:d6:
13:3d:a1:b7:7d:da:c1:28:d4:08:02:d0:0e:ed:c5:51:63:33:
14:ee:67:e1:65:be:f7:92:0e:9b:d7:b1:2e:19:49:5a:69:ef:
ca:45:66:2b:76:27:2c:2d:a5:a9:76:d0:ce:a3:00:3b:73:56:
4a:2b:e4:2e:ad:12:a3:ee:a1:93:60:e8:50:60:db:ba:91:12:
e7:6f:28:d4:36:72:78:78:86:d5:05:70:68:53:cd:31:4c:b2:
e0:99:85:f3:32:14:50:51:a4:7d:c8:57:8c:1c:d1:ab:15:13:
2b:ea:70:a9:fa:38:5f:8b:7b:5f:6c:30:15:9d:05:a5:af:ff:
f6:ce:aa:cc:b1:33:98:57:96:db:aa:0f:fc:40:c5:2e:89:57:
41:d0:4a:a2:c6:76:eb:98:8c:28:22:5f:60:29:86:fe:17:f7:
5b:d4:92:9d
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEG9iGSzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDEw
MTExNTY0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMzdkNTFiYmNhZWQ3
YjQ5YjUxYjUwYWMxMDg2ODNlY2FiMzRhNDc3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMRStWnfpU+U0OCKfvph3AEstinXM1v+NyFzj6bdrURUo3J4
SR70PCJya9lNo8nHMHVjsOigre1hOFBQRVaTqPRBaj03EU/QZ4ZOOtr2D16MgJxL
TZ1yuVAV0PfeUzemIq6mKGLGeRo3zT9rg23LFD1yKFC7phonyuWu4Q9BEzw+Wiv3
wHAuAXq5o7rSqFtMpAaOp0DaK0txCG0UyCncubDcsjCug0Jl231f1hzNsVR4rSLy
LAcAE9t9ORyrq5fBQYvCbJjmfcQ8W+lFkVVEVwyktfce+kPPzQrSnyiPjxU+BAS6
dWkVEm2gwSLwS3W1KAhYC71mT4n4KKiXTfua54MCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBQ31Ru8rte0m1G1CsEIaD7Ks0pHfzAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L045VWJ2SzdYdEp0UnRRckJDR2cteXJOS1IzOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBFEWgAMEA1m5GAMEBF250AMEBG1I
cDANBgkqhkiG9w0BAQsFAAOCAQEAbUSivf5O1zFiU/f+yDFIyGrTg9aoimqPvfgL
tmJBZ9GHEsfGd8jlu3Q/3D9XEfPDKbJq3p5KY8gVm11W3skWcyHFj4LBnpioZViT
DlY7WXVMBiz0VIN9HbLWEz2ht33awSjUCALQDu3FUWMzFO5n4WW+95IOm9exLhlJ
WmnvykVmK3YnLC2lqXbQzqMAO3NWSivkLq0So+6hk2DoUGDbupES528o1DZyeHiG
1QVwaFPNMUyy4JmF8zIUUFGkfchXjBzRqxUTK+pwqfo4X4t7X2wwFZ0Fpa//9s6q
zLEzmFeW26oP/EDFLolXQdBKosZ265iMKCJfYCmG/hf3W9SSnQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org