Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/RmZGfxaueKheeJ2-DSIhWG-p69E.roa
File: RmZGfxaueKheeJ2-DSIhWG-p69E.roa (raw, json)
Hash identifier: 4nUAVNX/uwqPduPaUmiLOuWT2yF5zoAgyjbdGEWcLjY=
Subject key identifier: 46:66:46:7F:16:AE:78:A8:5E:78:9D:BE:0D:22:21:58:6F:A9:EB:D1
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1D877AE6
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/RmZGfxaueKheeJ2-DSIhWG-p69E.roa
Signing time: Wed 22 Jun 2022 19:18:25 +0000
ROA not before: Wed 22 Jun 2022 19:18:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57033
IP address blocks: 89.185.16.0/22 maxlen: 22
89.185.20.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
5.56.24.0/23 maxlen: 23
5.56.28.0/23 maxlen: 23
5.56.30.0/23 maxlen: 23
5.56.26.0/23 maxlen: 23
93.185.208.0/21 maxlen: 21
93.185.218.0/23 maxlen: 23
93.185.216.0/23 maxlen: 23
89.185.4.0/22 maxlen: 22
93.185.222.0/23 maxlen: 23
93.185.220.0/23 maxlen: 23
89.185.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 495418086 (0x1d877ae6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 22 19:18:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4666467f16ae78a85e789dbe0d2221586fa9ebd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:8d:9c:e7:aa:3f:fe:8a:ae:f7:5d:d5:d9:c4:
9c:ad:d2:91:ea:e4:46:cb:d6:94:9f:a8:2d:17:fc:
ff:27:69:67:18:69:0d:62:f3:f1:0f:fc:ca:5e:8e:
9f:8d:0b:71:a8:a2:8f:62:a2:e4:d0:ed:9c:9d:83:
88:a3:69:4a:c5:26:5d:41:11:18:84:ae:b0:1a:9a:
eb:51:5e:a0:48:95:bb:19:70:06:c4:45:50:ea:b4:
5f:ef:02:d8:d6:69:a4:9f:cd:ff:47:ab:33:79:7d:
7d:c3:22:f2:04:33:80:6b:b3:a0:30:94:88:61:dc:
6d:11:08:03:2a:f3:b4:0f:90:51:37:59:20:ea:09:
d5:05:52:9f:57:d2:58:fc:80:0d:2f:50:a9:48:be:
ac:71:d2:71:49:08:f7:b6:c5:a2:e6:1a:cd:03:f7:
78:34:b7:e4:af:ec:e6:7a:fe:d3:23:ad:30:b6:e9:
f6:ad:05:9e:75:11:97:52:c2:4c:5d:ef:f7:0e:ba:
cf:3c:71:94:47:89:8e:fc:85:77:51:7d:a4:20:46:
91:b5:bf:2c:e9:48:b5:eb:c1:75:f3:6c:29:d1:16:
99:8e:bb:e6:8b:3c:99:b6:16:00:25:f6:b6:5f:d8:
6f:80:e3:85:82:89:a7:4e:fe:3c:6d:db:4b:0c:a6:
6b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:66:46:7F:16:AE:78:A8:5E:78:9D:BE:0D:22:21:58:6F:A9:EB:D1
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/RmZGfxaueKheeJ2-DSIhWG-p69E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.24.0/21
89.185.4.0-89.185.21.255
93.185.208.0/20
185.30.203.0/24
Signature Algorithm: sha256WithRSAEncryption
54:11:23:93:c2:3c:70:1f:6a:bd:0c:fc:49:67:66:d8:2d:dc:
60:26:6d:bd:2a:c2:c6:47:63:bc:2c:ad:05:bd:6a:d4:ef:4d:
05:a9:eb:5c:5d:f3:a3:ec:a1:f7:7c:08:ce:48:42:0f:cd:0a:
a1:4e:55:3c:fa:a2:cc:e8:fa:cd:85:02:3f:ac:a1:a9:90:e3:
a6:50:b0:ef:e5:c6:05:fe:a9:f0:78:3b:0f:74:b3:b6:47:44:
70:fd:8b:95:22:80:71:09:44:84:6d:3b:9d:34:1b:6d:2f:b8:
ad:58:bc:81:35:03:08:04:94:73:05:88:31:8a:e0:ae:9c:19:
bb:7e:ae:7a:31:96:f2:d3:4f:76:0d:34:84:63:8c:a5:c4:31:
f9:1a:9e:c1:75:f3:14:cd:91:58:b8:df:3b:12:ae:dc:6e:a4:
a5:2b:ab:a7:e4:31:6b:6b:aa:e8:2d:b4:cc:3c:ec:27:e3:a9:
81:b1:41:fb:77:9d:ea:08:e2:d5:fc:0b:e8:a1:3d:6b:d6:94:
e3:96:57:b1:7b:dd:8d:25:ec:92:c2:72:ae:b4:20:c5:54:65:
be:b5:32:1b:6d:38:72:86:ca:32:50:5b:80:27:d1:ca:59:0f:
e3:ad:05:16:fc:79:37:4b:a4:9e:a7:62:a7:85:ae:22:df:49:
ed:fd:8d:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEHYd65jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDYy
MjE5MTgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDY2NjQ2N2YxNmFl
NzhhODVlNzg5ZGJlMGQyMjIxNTg2ZmE5ZWJkMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+NnOeqP/6Krvdd1dnEnK3SkerkRsvWlJ+oLRf8/ydpZxhp
DWLz8Q/8yl6On40Lcaiij2Ki5NDtnJ2DiKNpSsUmXUERGISusBqa61FeoEiVuxlw
BsRFUOq0X+8C2NZppJ/N/0erM3l9fcMi8gQzgGuzoDCUiGHcbREIAyrztA+QUTdZ
IOoJ1QVSn1fSWPyADS9QqUi+rHHScUkI97bFouYazQP3eDS35K/s5nr+0yOtMLbp
9q0FnnURl1LCTF3v9w66zzxxlEeJjvyFd1F9pCBGkbW/LOlItevBdfNsKdEWmY67
5os8mbYWACX2tl/Yb4DjhYKJp07+PG3bSwymaycCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBRGZkZ/Fq54qF54nb4NIiFYb6nr0TAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L1JtWkdmeGF1ZUtoZWVKMi1EU0loV0ctcDY5RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAwU4GDAMAwQCWbkEAwQBWbkUAwQE
XbnQAwQAuR7LMA0GCSqGSIb3DQEBCwUAA4IBAQBUESOTwjxwH2q9DPxJZ2bYLdxg
Jm29KsLGR2O8LK0FvWrU700FqetcXfOj7KH3fAjOSEIPzQqhTlU8+qLM6PrNhQI/
rKGpkOOmULDv5cYF/qnweDsPdLO2R0Rw/YuVIoBxCUSEbTudNBttL7itWLyBNQMI
BJRzBYgxiuCunBm7fq56MZby0092DTSEY4ylxDH5Gp7BdfMUzZFYuN87Eq7cbqSl
K6un5DFra6roLbTMPOwn46mBsUH7d53qCOLV/AvooT1r1pTjllexe92NJeySwnKu
tCDFVGW+tTIbbThyhsoyUFuAJ9HKWQ/jrQUW/Hk3S6Sep2Knha4i30nt/Y25
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org