Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ciPacPeiEm1NkXpD65Ginsj-Elc.roa
File: ciPacPeiEm1NkXpD65Ginsj-Elc.roa (raw, json)
Hash identifier: IeMh89pCJJHJ965R5i+t7VHoSVuiTFiSXPhXny3MIZE=
Subject key identifier: 72:23:DA:70:F7:A2:12:6D:4D:91:7A:43:EB:91:A2:9E:C8:FE:12:57
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0184866DF72FAB7C098E5ECA3470F3633616
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ciPacPeiEm1NkXpD65Ginsj-Elc.roa
Signing time: Thu 17 Nov 2022 16:31:04 +0000
ROA not before: Thu 17 Nov 2022 16:31:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 109.72.122.0/24 maxlen: 24
109.72.124.0/22 maxlen: 22
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
93.185.214.0/24 maxlen: 24
81.22.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:86:6d:f7:2f:ab:7c:09:8e:5e:ca:34:70:f3:63:36:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 17 16:31:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7223da70f7a2126d4d917a43eb91a29ec8fe1257
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:46:3b:12:44:a3:31:3e:9a:83:85:dc:54:33:
39:46:1b:93:3c:e2:40:12:b2:ba:03:97:f6:ca:e7:
d9:27:0f:ce:e9:c2:bd:f9:ee:7b:39:9e:fa:e1:5e:
d7:b3:02:37:e4:a6:e5:a6:52:a9:bb:68:ef:76:be:
e5:cf:9d:16:2d:18:57:45:c9:50:71:77:24:da:1b:
0f:8e:98:0a:27:0a:1e:72:04:cc:c3:f2:f6:ec:3e:
4b:33:f2:00:12:45:e2:bd:ff:b8:90:e0:b8:a1:ac:
c1:42:78:8d:6d:fe:c6:6b:39:3f:bf:8e:a4:f4:61:
84:2a:aa:b9:99:f0:20:bc:9b:0f:96:79:3f:d6:f8:
16:9e:a6:5d:11:ee:01:f4:4f:06:55:f0:f3:f2:4c:
c3:44:15:61:c6:c2:cb:1c:54:01:08:f7:7a:2d:d2:
a0:f2:7c:70:a2:bc:b9:1f:0d:ff:6f:ec:1e:80:93:
3f:6a:5e:6b:79:1f:cf:76:27:f6:1a:0f:67:9e:71:
69:60:f9:a3:1b:fd:db:a3:be:75:ea:23:34:9f:4d:
46:6c:b3:2f:3f:f5:6a:e5:d9:b8:4a:b7:03:d9:f9:
72:42:15:23:8b:09:cd:c8:bf:c9:d4:e7:10:26:e5:
72:90:de:c4:4c:28:13:e6:9f:c5:30:e4:0b:e8:cc:
97:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:23:DA:70:F7:A2:12:6D:4D:91:7A:43:EB:91:A2:9E:C8:FE:12:57
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ciPacPeiEm1NkXpD65Ginsj-Elc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/21
89.185.0.0/22
93.185.214.0/24
109.72.122.0/24
109.72.124.0/22
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
08:6d:d5:4d:e3:43:51:84:e1:fb:93:9d:be:c5:45:8b:ef:42:
0e:02:0d:97:4c:fb:2b:e6:2e:99:13:57:65:c5:f6:d4:f0:06:
95:f5:96:fb:72:d0:9c:d6:3a:51:68:be:12:42:56:08:0b:71:
6e:17:18:88:f7:26:f9:4f:ef:d0:d5:20:63:97:36:8e:3f:af:
86:41:1c:41:37:36:ba:a8:a3:53:c6:19:8f:8f:f7:ad:a4:a6:
fb:8c:bd:cf:39:51:c3:2b:b9:9e:2e:b4:b6:81:98:dd:c2:f3:
6e:68:08:d9:0b:6d:9e:19:aa:f9:93:cb:98:f7:8c:f7:29:a3:
9e:88:47:32:a2:1b:b7:9c:68:43:b5:99:54:41:84:89:33:65:
cd:e5:41:aa:90:1d:86:81:ef:14:d5:7e:70:64:41:97:b3:8e:
5b:44:55:90:b2:32:2a:48:be:8c:5e:cb:43:46:90:73:9d:22:
9c:3d:c9:a1:20:78:6b:5d:b9:12:a4:cf:84:e3:97:b0:31:3c:
42:88:fc:5f:10:dc:9f:20:46:c3:89:9c:21:b3:98:3a:5d:e0:
3a:a8:11:9d:11:24:7c:b8:3d:53:da:68:be:27:87:20:9b:64:
cb:30:b7:62:5a:00:84:f2:44:58:77:23:4b:07:42:8a:ba:dd:
58:54:f4:c8
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYSGbfcvq3wJjl7KNHDzYzYWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMTE3MTYzMTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjIzZGE3MGY3YTIxMjZkNGQ5MTdhNDNlYjkxYTI5ZWM4ZmUxMjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAikY7EkSjMT6ag4XcVDM5RhuTPOJA
ErK6A5f2yufZJw/O6cK9+e57OZ764V7XswI35KblplKpu2jvdr7lz50WLRhXRclQ
cXck2hsPjpgKJwoecgTMw/L27D5LM/IAEkXivf+4kOC4oazBQniNbf7Gazk/v46k
9GGEKqq5mfAgvJsPlnk/1vgWnqZdEe4B9E8GVfDz8kzDRBVhxsLLHFQBCPd6LdKg
8nxwory5Hw3/b+wegJM/al5reR/Pdif2Gg9nnnFpYPmjG/3bo7516iM0n01GbLMv
P/Vq5dm4SrcD2flyQhUjiwnNyL/J1OcQJuVykN7ETCgT5p/FMOQL6MyX0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHIj2nD3ohJtTZF6Q+uRop7I/hJXMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvY2lQYWNQZWlFbTFOa1hwRDY1R2luc2otRWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDURaAAwQC
WbkAAwQAXbnWAwQAbUh6AwQCbUh8AwQCuR7IMA0GCSqGSIb3DQEBCwUAA4IBAQAI
bdVN40NRhOH7k52+xUWL70IOAg2XTPsr5i6ZE1dlxfbU8AaV9Zb7ctCc1jpRaL4S
QlYIC3FuFxiI9yb5T+/Q1SBjlzaOP6+GQRxBNza6qKNTxhmPj/etpKb7jL3POVHD
K7meLrS2gZjdwvNuaAjZC22eGar5k8uY94z3KaOeiEcyohu3nGhDtZlUQYSJM2XN
5UGqkB2Gge8U1X5wZEGXs45bRFWQsjIqSL6MXstDRpBznSKcPcmhIHhrXbkSpM+E
45ewMTxCiPxfENyfIEbDiZwhs5g6XeA6qBGdESR8uD1T2mi+J4cgm2TLMLdiWgCE
8kRYdyNLB0KKut1YVPTI
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org