Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/S7aHdo2PD6kJLx75gM1IzEpHSQM.roa
File: S7aHdo2PD6kJLx75gM1IzEpHSQM.roa (raw, json)
Hash identifier: rRzQTTbyXzkPe3MfKo113DLcN6xhw9r3vTgzUwSrmpE=
Subject key identifier: 4B:B6:87:76:8D:8F:0F:A9:09:2F:1E:F9:80:CD:48:CC:4A:47:49:03
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1D3A36D3
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/S7aHdo2PD6kJLx75gM1IzEpHSQM.roa
Signing time: Thu 26 May 2022 10:05:22 +0000
ROA not before: Thu 26 May 2022 10:05:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57033
IP address blocks: 89.185.16.0/21 maxlen: 21
185.30.203.0/24 maxlen: 24
5.56.24.0/23 maxlen: 23
5.56.28.0/23 maxlen: 23
5.56.30.0/23 maxlen: 23
5.56.26.0/23 maxlen: 23
93.185.208.0/21 maxlen: 21
89.185.0.0/22 maxlen: 22
93.185.218.0/23 maxlen: 23
93.185.216.0/23 maxlen: 23
89.185.4.0/22 maxlen: 22
93.185.222.0/23 maxlen: 23
93.185.220.0/23 maxlen: 23
89.185.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 490354387 (0x1d3a36d3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 26 10:05:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4bb687768d8f0fa9092f1ef980cd48cc4a474903
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:59:53:f9:1b:5d:1d:cc:4a:36:3f:91:a9:4c:
7a:fd:5b:48:41:05:d6:40:15:9d:18:72:2e:09:68:
dd:1e:45:36:cf:b2:52:d3:1e:5c:d2:3a:4b:f9:91:
e7:d7:7f:af:05:66:ef:bd:43:52:40:6a:fe:f3:d4:
4d:4a:42:de:45:64:35:78:13:d7:70:85:b2:f1:bf:
e1:6b:40:fd:1e:b2:d7:86:97:87:da:28:c2:0b:49:
81:9b:d9:cc:29:58:03:6f:b8:2e:05:96:7d:7a:45:
fb:60:ef:82:b7:d5:1f:17:e2:ad:13:26:68:4e:25:
8d:0c:f6:24:d6:2e:de:26:b3:f5:cf:1f:b2:2c:9b:
01:63:42:73:0b:02:14:e5:7a:8f:6f:c1:c0:e8:18:
86:9e:bd:2b:6a:c3:44:ed:c4:cd:19:d8:94:40:3d:
36:ba:38:c3:11:36:5b:cb:cf:61:81:e1:d3:9f:ea:
72:0b:57:3e:46:d8:91:c6:1c:7a:bc:89:c2:ed:c5:
85:6b:94:63:21:2a:37:e9:9a:57:0b:2e:0f:6b:73:
b7:0c:98:cb:32:ce:d6:fa:0c:ed:7a:15:4b:6f:52:
f0:5c:a0:e2:2c:8f:02:c8:99:7b:c3:2a:69:cb:68:
1e:13:bb:c4:72:da:bd:47:15:15:6d:84:0c:5f:23:
9c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:B6:87:76:8D:8F:0F:A9:09:2F:1E:F9:80:CD:48:CC:4A:47:49:03
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/S7aHdo2PD6kJLx75gM1IzEpHSQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.24.0/21
89.185.0.0-89.185.23.255
93.185.208.0/20
185.30.203.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:e6:26:5c:30:de:b4:ce:c0:31:0d:89:78:45:e5:44:62:8d:
b5:ac:7d:46:f5:2e:e3:c4:32:34:c5:ae:0a:e4:45:a7:1f:ee:
af:8f:ec:41:8d:76:1a:19:da:dc:39:7b:b3:22:5a:3a:bf:8b:
8a:2d:d3:ee:84:8c:dd:ed:3e:dd:15:3e:7c:11:c0:70:5d:44:
2b:97:c0:71:5a:9a:59:31:db:6c:3a:88:be:6b:42:9b:52:c4:
45:44:d4:8d:76:7c:0d:62:47:66:61:e8:51:56:28:e8:5a:94:
92:86:ef:7f:f0:8e:fa:72:bc:f9:98:a1:85:aa:a9:29:a0:19:
37:fe:b5:f5:c8:75:fc:73:85:03:7a:40:ae:f2:f0:71:67:a1:
82:0a:d9:48:85:c6:76:08:a5:4e:05:29:a1:ac:4f:83:e9:c1:
ca:bf:9d:27:14:35:fd:0e:7a:88:9e:61:a8:8a:93:ae:af:ef:
92:39:5f:69:9c:57:b6:85:42:91:24:50:41:0a:1b:9e:f7:a4:
bd:32:71:8a:77:15:8c:c4:06:bd:46:da:12:7c:32:b8:30:3a:
8c:e1:ef:2a:9d:2b:58:ae:d6:90:b1:7b:a1:c2:4f:98:59:ee:
49:de:fc:08:c1:79:46:67:82:c6:3d:0c:a1:7a:d3:9d:8e:54:
e7:79:4a:93
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIEHTo20zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDUy
NjEwMDUyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNGJiNjg3NzY4ZDhm
MGZhOTA5MmYxZWY5ODBjZDQ4Y2M0YTQ3NDkwMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJxZU/kbXR3MSjY/kalMev1bSEEF1kAVnRhyLglo3R5FNs+y
UtMeXNI6S/mR59d/rwVm771DUkBq/vPUTUpC3kVkNXgT13CFsvG/4WtA/R6y14aX
h9oowgtJgZvZzClYA2+4LgWWfXpF+2DvgrfVHxfirRMmaE4ljQz2JNYu3iaz9c8f
siybAWNCcwsCFOV6j2/BwOgYhp69K2rDRO3EzRnYlEA9Nro4wxE2W8vPYYHh05/q
cgtXPkbYkcYceryJwu3FhWuUYyEqN+maVwsuD2tztwyYyzLO1voM7XoVS29S8Fyg
4iyPAsiZe8MqactoHhO7xHLavUcVFW2EDF8jnG8CAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBRLtod2jY8PqQkvHvmAzUjMSkdJAzAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L1M3YUhkbzJQRDZrSkx4NzVnTTFJekVwSFNRTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwJQQCAAEwHwMEAwU4GDALAwMAWbkDBANZuRADBARd
udADBAC5HsswDQYJKoZIhvcNAQELBQADggEBADvmJlww3rTOwDENiXhF5URijbWs
fUb1LuPEMjTFrgrkRacf7q+P7EGNdhoZ2tw5e7MiWjq/i4ot0+6EjN3tPt0VPnwR
wHBdRCuXwHFamlkx22w6iL5rQptSxEVE1I12fA1iR2Zh6FFWKOhalJKG73/wjvpy
vPmYoYWqqSmgGTf+tfXIdfxzhQN6QK7y8HFnoYIK2UiFxnYIpU4FKaGsT4Ppwcq/
nScUNf0OeoieYaiKk66v75I5X2mcV7aFQpEkUEEKG573pL0ycYp3FYzEBr1G2hJ8
MrgwOozh7yqdK1iu1pCxe6HCT5hZ7kne/AjBeUZngsY9DKF6052OVOd5SpM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org