Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PDia1eGv2PoOFcJhhlQI9zN2cSY.roa
File: PDia1eGv2PoOFcJhhlQI9zN2cSY.roa (raw, json)
Hash identifier: 4ekZS5vqvYOdqOxVuB9sxzPxs6oNgW2DCf6aVj4sIr8=
Subject key identifier: 3C:38:9A:D5:E1:AF:D8:FA:0E:15:C2:61:86:54:08:F7:33:76:71:26
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01841D8D0262E75B84E9AFAB52E82B0DEC3A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PDia1eGv2PoOFcJhhlQI9zN2cSY.roa
Signing time: Fri 28 Oct 2022 07:44:51 +0000
ROA not before: Fri 28 Oct 2022 07:44:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 89.185.24.0/21 maxlen: 24
109.72.122.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
93.185.214.0/24 maxlen: 24
81.22.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:1d:8d:02:62:e7:5b:84:e9:af:ab:52:e8:2b:0d:ec:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 28 07:44:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3c389ad5e1afd8fa0e15c261865408f733767126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:b8:47:9d:a3:ac:cc:42:a5:9b:e8:05:55:89:
d8:73:58:be:e8:04:41:a0:bc:7f:aa:3e:50:d2:44:
c9:b0:53:68:63:da:bf:b5:3f:20:13:01:00:6b:6b:
51:c6:54:59:2a:87:70:30:f0:26:20:80:68:1d:20:
f7:fe:02:33:2a:75:c7:e4:50:e7:3b:a1:a7:66:a7:
55:86:9a:e3:07:dd:24:aa:2d:c7:a4:8f:e0:55:cc:
57:3c:22:44:d1:fa:f9:31:c5:b8:09:7e:eb:27:7c:
dd:cf:e1:a8:84:95:3c:a6:2f:cd:85:61:99:4f:17:
f8:98:36:f5:a0:b2:82:7f:ac:e1:37:79:ef:f5:29:
4d:1f:18:c2:46:16:50:27:7c:c1:50:d5:f1:3e:ce:
b4:57:e5:f3:fb:d6:a1:14:b3:14:1f:98:86:4c:7e:
19:b2:80:ee:bd:f0:b3:50:cf:89:20:18:6d:49:b2:
d7:d3:07:09:6c:bf:00:b2:8c:a9:f3:71:b9:d9:f8:
0d:bb:f2:95:6b:a4:20:89:f2:f2:21:b3:6b:45:35:
58:ed:70:4d:7d:57:3f:f2:bc:9a:9f:27:1f:0e:a7:
41:a9:ed:19:b1:de:fa:cf:5d:43:3c:80:62:3d:dc:
3b:c3:a9:f2:80:a4:9c:0f:45:3e:9e:55:31:c4:16:
f2:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:38:9A:D5:E1:AF:D8:FA:0E:15:C2:61:86:54:08:F7:33:76:71:26
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/PDia1eGv2PoOFcJhhlQI9zN2cSY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/21
89.185.0.0/22
89.185.24.0/21
93.185.214.0/24
109.72.122.0/23
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
21:e3:db:22:d5:28:16:77:d4:2c:8c:e2:d2:45:9c:25:bd:eb:
be:83:ad:f2:9f:e0:a3:94:f2:f3:d4:f2:da:e8:3c:96:80:8a:
a2:28:88:fe:f9:d0:3f:b6:b0:24:37:d6:88:8d:39:e9:8c:f2:
00:ca:66:84:48:6a:23:b3:4c:0e:be:58:46:f9:98:1e:0f:a1:
72:16:8e:8b:13:e1:38:52:b0:bf:5c:31:92:c0:c4:f0:2d:9c:
03:98:cc:02:02:cd:d5:b1:94:84:a6:04:a4:68:0c:96:e2:67:
fe:d4:95:7c:e8:c5:c8:b3:d3:2a:de:ea:c4:d6:dd:4a:a5:0c:
59:9a:87:ec:66:c7:e0:55:b6:e7:e9:af:71:b0:d8:36:65:f5:
69:34:48:d3:56:1a:d3:bf:a1:55:ec:70:5b:4a:18:e1:23:cd:
61:2a:c3:c4:39:83:35:da:4c:ed:51:7c:4c:f8:65:43:02:e6:
55:54:f9:e0:95:ac:05:ff:6c:be:23:26:d4:11:70:ac:e6:85:
5b:47:93:af:7b:e2:80:bc:5a:fc:13:e9:4e:c8:08:e2:79:81:
17:85:a4:bd:ab:90:e8:09:84:9a:4c:90:da:00:2b:ce:24:3c:
e4:aa:1c:15:c8:61:a2:84:98:a1:5c:47:cc:f3:79:31:ab:a2:
6d:33:f7:fe
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQdjQJi51uE6a+rUugrDew6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMDI4MDc0NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzM4OWFkNWUxYWZkOGZhMGUxNWMyNjE4NjU0MDhmNzMzNzY3MTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhrhHnaOszEKlm+gFVYnYc1i+6ARB
oLx/qj5Q0kTJsFNoY9q/tT8gEwEAa2tRxlRZKodwMPAmIIBoHSD3/gIzKnXH5FDn
O6GnZqdVhprjB90kqi3HpI/gVcxXPCJE0fr5McW4CX7rJ3zdz+GohJU8pi/NhWGZ
Txf4mDb1oLKCf6zhN3nv9SlNHxjCRhZQJ3zBUNXxPs60V+Xz+9ahFLMUH5iGTH4Z
soDuvfCzUM+JIBhtSbLX0wcJbL8Asoyp83G52fgNu/KVa6QgifLyIbNrRTVY7XBN
fVc/8ryanycfDqdBqe0Zsd76z11DPIBiPdw7w6nygKScD0U+nlUxxBbyWQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDw4mtXhr9j6DhXCYYZUCPczdnEmMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvUERpYTFlR3YyUG9PRmNKaGhsUUk5ek4yY1NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDURaAAwQC
WbkAAwQDWbkYAwQAXbnWAwQBbUh6AwQCuR7IMA0GCSqGSIb3DQEBCwUAA4IBAQAh
49si1SgWd9QsjOLSRZwlveu+g63yn+CjlPLz1PLa6DyWgIqiKIj++dA/trAkN9aI
jTnpjPIAymaESGojs0wOvlhG+ZgeD6FyFo6LE+E4UrC/XDGSwMTwLZwDmMwCAs3V
sZSEpgSkaAyW4mf+1JV86MXIs9Mq3urE1t1KpQxZmofsZsfgVbbn6a9xsNg2ZfVp
NEjTVhrTv6FV7HBbShjhI81hKsPEOYM12kztUXxM+GVDAuZVVPnglawF/2y+IybU
EXCs5oVbR5Ove+KAvFr8E+lOyAjieYEXhaS9q5DoCYSaTJDaACvOJDzkqhwVyGGi
hJihXEfM83kxq6JtM/f+
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org