Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nznYAa_Djx0Co07csdKVjbeX0kQ.roa
File: nznYAa_Djx0Co07csdKVjbeX0kQ.roa (raw, json)
Hash identifier: ob5Agqv25o1lQEcSqJEh0HPzQFhSQ074y6txgiQE7qc=
Subject key identifier: 9F:39:D8:01:AF:C3:8F:1D:02:A3:4E:DC:B1:D2:95:8D:B7:97:D2:44
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0184A95033964B423A4C02C2A8F17F8F171E
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nznYAa_Djx0Co07csdKVjbeX0kQ.roa
Signing time: Thu 24 Nov 2022 11:05:16 +0000
ROA not before: Thu 24 Nov 2022 11:05:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 109.72.122.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
93.185.214.0/24 maxlen: 24
81.22.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a9:50:33:96:4b:42:3a:4c:02:c2:a8:f1:7f:8f:17:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Nov 24 11:05:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f39d801afc38f1d02a34edcb1d2958db797d244
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:1f:03:52:01:33:14:b3:9f:5d:94:d1:52:cf:
42:4b:64:73:5f:43:0b:38:d2:85:e8:c1:5e:dc:bf:
5c:b8:7b:cb:01:64:4a:c8:81:c8:90:35:7f:7c:ad:
f2:e3:37:55:44:01:53:6c:b5:36:5b:08:7a:3c:0f:
20:ef:40:29:a8:1a:d1:37:1b:75:0c:ce:85:2a:4b:
72:58:b7:e5:3a:4e:96:fc:8a:36:03:85:4c:02:cd:
f9:49:58:20:69:f1:40:02:26:62:bf:15:68:8f:ab:
ce:5d:b2:b5:a6:88:ff:0f:2c:bd:e6:58:d9:fb:b2:
c5:ec:50:fc:fd:71:67:43:95:72:fb:23:1c:83:9b:
b5:f8:68:ef:91:ad:ab:0c:ce:96:6a:f0:a7:f6:61:
e0:f3:62:00:09:af:a1:dc:bb:93:21:eb:64:92:82:
1c:1a:23:5f:69:2a:7f:4c:c2:f9:d2:e1:69:9a:7c:
44:e5:18:0d:a4:af:52:6f:cf:26:94:b7:88:e7:a0:
52:56:c1:10:44:c7:e4:4b:03:3d:00:17:0c:51:46:
6d:df:e4:20:b2:d4:47:76:48:d9:89:85:6e:2f:49:
de:c7:d7:31:4f:84:73:0f:03:27:77:fa:82:f9:43:
31:af:24:6b:d1:2b:be:9a:2c:c5:ae:60:f3:ad:3a:
ac:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:39:D8:01:AF:C3:8F:1D:02:A3:4E:DC:B1:D2:95:8D:B7:97:D2:44
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/nznYAa_Djx0Co07csdKVjbeX0kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/21
89.185.0.0/22
93.185.214.0/24
109.72.122.0/24
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
88:f1:48:d3:f0:9c:b5:27:c2:06:a4:12:a7:8e:fe:8e:d9:6f:
9f:e5:25:e2:69:09:dd:88:cc:72:ea:3a:01:ac:71:f5:7a:bd:
b7:62:49:5b:cc:b5:13:6e:b1:ba:92:07:42:1b:1f:88:4d:7d:
23:28:90:fa:85:bd:45:ce:64:5b:a2:d0:8e:4c:aa:f2:e8:fb:
f9:c4:44:67:30:1c:ca:cc:82:18:5d:e0:6c:ac:71:f6:be:cf:
6b:df:f1:d3:3c:7d:e0:18:ca:42:65:bc:a7:ec:aa:12:35:fa:
43:53:58:7c:e1:e6:bb:f0:4f:f0:45:b6:14:5e:1c:d3:39:2a:
a6:0e:8f:e7:2a:eb:f7:9e:68:12:e3:25:4e:49:b0:26:1a:c4:
d4:4b:9f:26:6a:d1:5c:9d:e8:b9:30:e2:af:fc:31:c6:93:ce:
4f:01:8f:db:b6:62:92:74:73:65:9a:d5:ca:a4:7d:c7:d0:62:
20:fd:67:8f:f9:06:9b:19:c6:9e:9c:52:82:0a:c7:b2:f2:f5:
7a:75:19:ea:3c:fa:73:e6:e1:03:d3:44:7a:25:ab:5a:25:91:
1e:8e:af:92:e8:75:cd:bb:27:2a:33:ca:52:11:52:3d:2a:9b:
01:1e:3f:9c:16:8d:ae:cd:d7:06:ca:f0:70:d4:18:24:c6:b5:
c5:4b:27:45
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYSpUDOWS0I6TALCqPF/jxceMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMTI0MTEwNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjM5ZDgwMWFmYzM4ZjFkMDJhMzRlZGNiMWQyOTU4ZGI3OTdkMjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoR8DUgEzFLOfXZTRUs9CS2RzX0ML
ONKF6MFe3L9cuHvLAWRKyIHIkDV/fK3y4zdVRAFTbLU2Wwh6PA8g70ApqBrRNxt1
DM6FKktyWLflOk6W/Io2A4VMAs35SVggafFAAiZivxVoj6vOXbK1poj/Dyy95ljZ
+7LF7FD8/XFnQ5Vy+yMcg5u1+Gjvka2rDM6WavCn9mHg82IACa+h3LuTIetkkoIc
GiNfaSp/TML50uFpmnxE5RgNpK9Sb88mlLeI56BSVsEQRMfkSwM9ABcMUUZt3+Qg
stRHdkjZiYVuL0nex9cxT4RzDwMnd/qC+UMxryRr0Su+mizFrmDzrTqsDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJ852AGvw48dAqNO3LHSlY23l9JEMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvbnpuWUFhX0RqeDBDbzA3Y3NkS1ZqYmVYMGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDURaAAwQC
WbkAAwQAXbnWAwQAbUh6AwQCuR7IMA0GCSqGSIb3DQEBCwUAA4IBAQCI8UjT8Jy1
J8IGpBKnjv6O2W+f5SXiaQndiMxy6joBrHH1er23YklbzLUTbrG6kgdCGx+ITX0j
KJD6hb1FzmRbotCOTKry6Pv5xERnMBzKzIIYXeBsrHH2vs9r3/HTPH3gGMpCZbyn
7KoSNfpDU1h84ea78E/wRbYUXhzTOSqmDo/nKuv3nmgS4yVOSbAmGsTUS58matFc
nei5MOKv/DHGk85PAY/btmKSdHNlmtXKpH3H0GIg/WeP+QabGcaenFKCCsey8vV6
dRnqPPpz5uED00R6JataJZEejq+S6HXNuycqM8pSEVI9KpsBHj+cFo2uzdcGyvBw
1BgkxrXFSydF
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org