Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mrKOgvsZTg-zShHL_FdldtvUqqI.roa
File: mrKOgvsZTg-zShHL_FdldtvUqqI.roa (raw, json)
Hash identifier: 65lQZwvgyuf7DFtll5o/MS+xK3cNLmI7CvVaYACDw1o=
Subject key identifier: 9A:B2:8E:82:FB:19:4E:0F:B3:4A:11:CB:FC:57:65:76:DB:D4:AA:A2
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 1D51EB34
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mrKOgvsZTg-zShHL_FdldtvUqqI.roa
Signing time: Sat 04 Jun 2022 10:04:20 +0000
ROA not before: Sat 04 Jun 2022 10:04:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57033
IP address blocks: 89.185.16.0/21 maxlen: 21
185.30.203.0/24 maxlen: 24
5.56.24.0/23 maxlen: 23
5.56.28.0/23 maxlen: 23
5.56.30.0/23 maxlen: 23
5.56.26.0/23 maxlen: 23
93.185.208.0/21 maxlen: 21
93.185.218.0/23 maxlen: 23
93.185.216.0/23 maxlen: 23
89.185.4.0/22 maxlen: 22
93.185.222.0/23 maxlen: 23
93.185.220.0/23 maxlen: 23
89.185.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 491907892 (0x1d51eb34)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Jun 4 10:04:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9ab28e82fb194e0fb34a11cbfc576576dbd4aaa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:70:83:c8:96:3d:15:27:e6:c8:55:b4:45:44:
38:b1:4f:68:2f:3e:1d:97:04:91:ca:fa:cd:f6:2e:
39:77:0c:62:be:94:25:81:d6:91:c2:56:68:6e:64:
04:64:dc:16:74:36:c4:6a:03:2f:2f:32:ce:bb:a4:
16:87:a5:dc:2d:f1:b5:d3:78:25:56:0b:87:4b:0a:
21:f3:81:4f:22:f7:b2:0b:c5:8f:e0:f1:58:da:ec:
7b:23:5c:c7:ea:d4:e5:6c:31:ec:f6:73:5c:cd:c1:
d0:c0:a8:2f:89:4a:b6:2e:96:2c:74:93:e3:e4:91:
52:60:a0:db:f0:eb:e1:60:c2:19:7f:fd:67:19:64:
bf:6a:02:8e:43:78:13:ac:6c:25:38:f3:82:5f:0a:
6f:f9:35:8c:91:ba:66:71:8b:4f:75:94:21:22:58:
90:91:47:0f:9d:c4:ca:7c:c8:2e:f1:ee:1d:21:6c:
a8:16:2d:bf:4d:e1:be:52:e3:5f:1c:a5:f4:fe:fb:
64:fa:6c:80:51:e7:9d:0b:76:21:29:79:8c:43:89:
c1:c5:e7:34:83:f9:58:fe:a4:79:bc:ab:3c:b2:ac:
b6:97:b8:1f:7e:b2:49:d4:c3:ff:25:23:f3:8b:b6:
0d:62:5e:c0:40:fc:81:13:d0:9c:1d:3e:e3:46:e1:
7b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:B2:8E:82:FB:19:4E:0F:B3:4A:11:CB:FC:57:65:76:DB:D4:AA:A2
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mrKOgvsZTg-zShHL_FdldtvUqqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.24.0/21
89.185.4.0-89.185.23.255
93.185.208.0/20
185.30.203.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:da:1d:c5:a0:eb:4f:42:37:ce:05:87:d5:3e:28:62:14:3f:
76:ea:76:01:6a:a0:d9:90:fd:6f:0d:91:e6:7f:0c:e6:c5:3f:
81:8b:97:7c:61:ab:79:cd:98:62:98:87:ed:76:4a:68:0c:cf:
b9:cb:fe:26:e3:0e:d3:fc:e4:71:fd:43:9e:c2:69:59:0f:80:
ef:0e:0b:ee:29:0f:6f:37:b4:67:63:f8:0a:cf:79:ec:c0:1d:
c3:b5:e9:e6:3c:ba:f7:67:65:bf:d5:c6:3e:ed:4e:32:4e:6d:
1f:2a:bb:dd:ff:d1:ae:ac:83:57:3f:8e:7f:59:ad:82:46:06:
a4:29:2f:b6:49:fe:7e:1e:3c:86:48:07:ec:6a:37:64:ab:8e:
da:5e:38:f4:41:4b:21:f2:c5:ac:07:78:eb:e6:c5:7e:ba:8f:
fc:90:53:81:cf:b0:93:78:a6:f2:c3:27:ee:69:e0:56:bc:34:
0f:3c:d0:b6:73:fc:da:7a:53:52:32:b7:55:8b:d2:44:2d:69:
e0:fd:62:dc:60:00:7a:e6:3f:db:5f:ed:60:40:12:a4:fe:84:
cb:a5:41:94:6d:1b:19:4e:aa:2a:3e:2d:e7:f5:5a:6f:c8:6d:
40:fc:b4:95:0f:7e:1f:0d:d3:2a:3e:6f:a7:ed:4f:13:fa:1f:
d5:b9:f9:a7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIEHVHrNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
ODJjZjgwOWMwZTNlOGU1NTUyZjlkMGRkMmUyN2UwZGQyZDhkYWJlMB4XDTIyMDYw
NDEwMDQyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWFiMjhlODJmYjE5
NGUwZmIzNGExMWNiZmM1NzY1NzZkYmQ0YWFhMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKpwg8iWPRUn5shVtEVEOLFPaC8+HZcEkcr6zfYuOXcMYr6U
JYHWkcJWaG5kBGTcFnQ2xGoDLy8yzrukFoel3C3xtdN4JVYLh0sKIfOBTyL3sgvF
j+DxWNrseyNcx+rU5Wwx7PZzXM3B0MCoL4lKti6WLHST4+SRUmCg2/Dr4WDCGX/9
Zxlkv2oCjkN4E6xsJTjzgl8Kb/k1jJG6ZnGLT3WUISJYkJFHD53EynzILvHuHSFs
qBYtv03hvlLjXxyl9P77ZPpsgFHnnQt2ISl5jEOJwcXnNIP5WP6kebyrPLKstpe4
H36ySdTD/yUj84u2DWJewED8gRPQnB0+40bhey8CAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBSaso6C+xlOD7NKEcv8V2V229SqojAfBgNVHSMEGDAWgBSYLPgJwOPo5VUv
nQ3S4n4N0tjavjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21DejRDY0RqNk9WVkw1ME4wdUotRGRMWTJyNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8x
L21yS09ndnNaVGctelNoSExfRmRsZHR2VXFxSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NjE2OGQ3LTk0NmMtNDU3NC05MWVhLTgyYWQxNDU1NWVhYS8xL21DejRDY0RqNk9W
Vkw1ME4wdUotRGRMWTJyNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAwU4GDAMAwQCWbkEAwQDWbkQAwQE
XbnQAwQAuR7LMA0GCSqGSIb3DQEBCwUAA4IBAQBv2h3FoOtPQjfOBYfVPihiFD92
6nYBaqDZkP1vDZHmfwzmxT+Bi5d8Yat5zZhimIftdkpoDM+5y/4m4w7T/ORx/UOe
wmlZD4DvDgvuKQ9vN7RnY/gKz3nswB3DtenmPLr3Z2W/1cY+7U4yTm0fKrvd/9Gu
rINXP45/Wa2CRgakKS+2Sf5+HjyGSAfsajdkq47aXjj0QUsh8sWsB3jr5sV+uo/8
kFOBz7CTeKbywyfuaeBWvDQPPNC2c/zaelNSMrdVi9JELWng/WLcYAB65j/bX+1g
QBKk/oTLpUGUbRsZTqoqPi3n9VpvyG1A/LSVD34fDdMqPm+n7U8T+h/Vufmn
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org