Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/WAqEbQbA8kMv_WYOFvoUZ8Mzjww.roa
File: WAqEbQbA8kMv_WYOFvoUZ8Mzjww.roa (raw, json)
Hash identifier: RcKeJu50mc2RRu1Tj59e33jqZVONzHf4gXF9Zej3XE8=
Subject key identifier: 58:0A:84:6D:06:C0:F2:43:2F:FD:66:0E:16:FA:14:67:C3:33:8F:0C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1CC3D7ED
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/WAqEbQbA8kMv_WYOFvoUZ8Mzjww.roa
Signing time: Wed 06 Apr 2022 21:47:28 +0000
ROA not before: Wed 06 Apr 2022 21:47:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57033
IP address blocks: 89.185.16.0/21 maxlen: 21
185.30.203.0/24 maxlen: 24
5.56.24.0/23 maxlen: 23
5.56.26.0/23 maxlen: 23
5.56.28.0/23 maxlen: 23
5.56.30.0/23 maxlen: 23
93.185.216.0/23 maxlen: 23
89.185.0.0/22 maxlen: 22
93.185.218.0/23 maxlen: 23
89.185.4.0/22 maxlen: 22
93.185.222.0/23 maxlen: 23
89.185.8.0/21 maxlen: 21
93.185.220.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 482596845 (0x1cc3d7ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Apr 6 21:47:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=580a846d06c0f2432ffd660e16fa1467c3338f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ef:5c:d3:82:ac:e0:82:63:e3:be:5e:1c:d9:
19:f1:99:94:b9:09:eb:9f:b6:16:37:e5:fd:8c:c5:
58:b8:7a:01:6d:49:eb:4b:1a:f7:a0:df:13:37:2d:
c4:71:70:4b:37:c5:e6:f9:8f:de:35:8d:47:ae:f1:
dd:a1:c7:0c:3b:4c:d9:21:7c:ae:bf:3e:fb:42:5b:
6a:ab:07:6f:d5:fd:3b:e2:a8:36:7a:7b:79:bf:14:
5e:a6:be:b1:ac:16:94:10:39:59:44:4b:ea:2d:5a:
54:97:9a:11:fc:ca:f9:cf:50:ad:6a:52:68:50:e1:
c7:20:66:8b:4a:eb:ff:03:a9:4e:01:4e:0a:27:45:
04:22:90:c9:70:18:a4:4d:f3:7a:8d:7b:7b:3e:8a:
08:1c:31:c1:02:34:ca:f0:f0:89:5c:e4:bc:88:33:
ee:c7:e2:f1:2e:c0:99:b2:40:5e:43:49:b0:e0:e8:
af:d8:50:4a:86:cc:2e:4c:89:a3:ca:04:cc:b9:32:
a0:69:c8:33:2c:a6:2b:23:04:82:8b:e4:5b:95:2e:
7f:22:f8:5b:3d:f4:74:89:77:43:ac:7c:dc:7f:b5:
40:c4:02:78:01:8c:17:a7:88:d4:6c:bf:06:61:04:
f3:47:70:ff:92:e4:fd:45:8a:cc:7c:cd:a2:28:59:
82:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:0A:84:6D:06:C0:F2:43:2F:FD:66:0E:16:FA:14:67:C3:33:8F:0C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/WAqEbQbA8kMv_WYOFvoUZ8Mzjww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.24.0/21
89.185.0.0-89.185.23.255
93.185.216.0/21
185.30.203.0/24
Signature Algorithm: sha256WithRSAEncryption
90:33:5c:f6:65:8b:cd:c3:14:0c:5d:76:d1:ad:a6:fa:09:be:
80:91:d8:00:44:53:6e:34:2a:c4:54:52:25:60:1e:d1:f4:47:
08:27:52:80:f8:cb:ee:78:4a:27:a6:7a:9d:14:a6:2c:f0:d1:
4c:bb:7e:7e:c7:11:46:a0:07:0c:c1:1b:72:25:b3:d0:5d:fd:
38:48:31:ce:dc:0f:49:37:ba:6e:5e:cf:56:80:f8:04:93:ed:
30:bf:bf:37:a2:88:91:f6:9b:ca:59:16:a0:80:96:00:ce:d3:
4d:7b:e5:f9:01:ee:af:79:e2:3f:21:2f:93:09:14:dc:0a:6e:
64:99:14:09:fa:09:0b:16:81:73:12:7d:68:04:fb:c4:77:3a:
aa:6c:18:9a:e1:34:0c:b8:30:7e:13:56:46:83:ce:90:90:1c:
db:22:81:65:b7:6c:f7:87:34:23:68:21:5f:95:3e:00:b6:ed:
3b:9a:50:08:c1:46:11:da:7e:c3:b0:64:01:21:1b:94:cc:c5:
04:77:25:8c:90:1b:31:4a:bb:2f:0d:76:2d:23:c0:76:80:0f:
3b:83:d3:28:4f:24:26:70:b3:10:0d:61:dd:93:5f:2b:f9:78:
c9:cf:a5:8e:5a:ed:8d:ab:f3:5f:c2:46:35:c0:5c:45:1a:e5:
88:41:da:9d
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgIEHMPX7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDQw
NjIxNDcyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNTgwYTg0NmQwNmMw
ZjI0MzJmZmQ2NjBlMTZmYTE0NjdjMzMzOGYwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJrvXNOCrOCCY+O+XhzZGfGZlLkJ65+2Fjfl/YzFWLh6AW1J
60sa96DfEzctxHFwSzfF5vmP3jWNR67x3aHHDDtM2SF8rr8++0JbaqsHb9X9O+Ko
Nnp7eb8UXqa+sawWlBA5WURL6i1aVJeaEfzK+c9QrWpSaFDhxyBmi0rr/wOpTgFO
CidFBCKQyXAYpE3zeo17ez6KCBwxwQI0yvDwiVzkvIgz7sfi8S7AmbJAXkNJsODo
r9hQSobMLkyJo8oEzLkyoGnIMyymKyMEgovkW5UufyL4Wz30dIl3Q6x83H+1QMQC
eAGMF6eI1Gy/BmEE80dw/5Lk/UWKzHzNoihZgv0CAwEAAaOCAiIwggIeMB0GA1Ud
DgQWBBRYCoRtBsDyQy/9Zg4W+hRnwzOPDDAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L1dBcUViUWJBOGtNdl9XWU9Gdm9VWjhNemp3dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA4
BggrBgEFBQcBBwEB/wQpMCcwJQQCAAEwHwMEAwU4GDALAwMAWbkDBANZuRADBANd
udgDBAC5HsswDQYJKoZIhvcNAQELBQADggEBAJAzXPZli83DFAxddtGtpvoJvoCR
2ABEU240KsRUUiVgHtH0RwgnUoD4y+54Siemep0Upizw0Uy7fn7HEUagBwzBG3Il
s9Bd/ThIMc7cD0k3um5ez1aA+AST7TC/vzeiiJH2m8pZFqCAlgDO00175fkB7q95
4j8hL5MJFNwKbmSZFAn6CQsWgXMSfWgE+8R3OqpsGJrhNAy4MH4TVkaDzpCQHNsi
gWW3bPeHNCNoIV+VPgC27TuaUAjBRhHafsOwZAEhG5TMxQR3JYyQGzFKuy8Ndi0j
wHaADzuD0yhPJCZwsxANYd2TXyv5eMnPpY5a7Y2r81/CRjXAXEUa5YhB2p0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org