Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qMNaH2ynfoiPIDv5gIPABWlVvXY.roa
File: qMNaH2ynfoiPIDv5gIPABWlVvXY.roa (raw, json)
Hash identifier: N4H84zf/uBRtwgjCTQyiIZkxzIdBGs1QJwcahpwch30=
Subject key identifier: A8:C3:5A:1F:6C:A7:7E:88:8F:20:3B:F9:80:83:C0:05:69:55:BD:76
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0183647C416373F47C548085590237B7CE54
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qMNaH2ynfoiPIDv5gIPABWlVvXY.roa
Signing time: Thu 22 Sep 2022 09:16:48 +0000
ROA not before: Thu 22 Sep 2022 09:16:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 81.22.136.0/22 maxlen: 22
89.185.22.0/23 maxlen: 23
109.72.122.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
93.185.214.0/24 maxlen: 24
81.22.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:64:7c:41:63:73:f4:7c:54:80:85:59:02:37:b7:ce:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Sep 22 09:16:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a8c35a1f6ca77e888f203bf98083c0056955bd76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:5d:dc:9a:39:45:a8:f5:ad:d4:eb:25:0b:44:
7e:a1:04:e0:bd:47:d4:91:e9:00:49:3a:77:ce:3e:
c5:d2:19:7d:4a:55:70:39:e0:32:f8:ca:aa:7d:91:
c0:0f:b6:98:70:f1:de:25:62:72:c7:60:be:7e:4e:
8e:11:be:67:24:64:be:11:d7:b7:99:57:2a:07:0a:
14:67:74:99:98:8e:45:9c:5e:eb:dd:61:ae:c8:17:
7f:49:db:f3:35:81:b7:78:a4:9c:54:91:54:74:d0:
8b:31:b1:8d:a6:10:da:fc:e9:ee:7d:c0:aa:b0:09:
6b:2c:32:cd:cc:51:e1:e5:3d:34:bb:c4:eb:21:10:
99:e1:15:d0:0b:c5:c0:60:1d:15:77:ee:6e:a2:27:
eb:fa:f4:1c:69:21:04:ce:66:88:9f:03:d1:05:35:
49:e0:24:48:7f:61:08:23:45:4a:55:36:c8:fe:3c:
52:ad:25:14:a4:36:23:9e:af:77:49:28:56:07:74:
a6:3d:99:0d:59:e8:23:c0:78:1f:99:23:b8:ac:b9:
bc:8b:a4:5f:e5:e2:4e:73:59:a7:56:c6:fa:b9:78:
36:93:d7:db:5f:57:fa:a3:27:4f:97:32:63:2d:99:
e1:06:76:ae:c0:21:40:d1:a1:df:93:37:07:2b:92:
28:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:C3:5A:1F:6C:A7:7E:88:8F:20:3B:F9:80:83:C0:05:69:55:BD:76
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/qMNaH2ynfoiPIDv5gIPABWlVvXY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0-81.22.139.255
89.185.0.0/22
89.185.22.0/23
93.185.214.0/24
109.72.122.0/23
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
a0:cc:3b:d3:47:a5:33:95:d0:71:32:c4:5d:eb:6e:8e:a7:7b:
88:3d:b2:3e:49:16:b7:94:96:a2:54:bc:13:91:1e:21:b9:2d:
ca:d0:da:ad:95:06:4a:d9:38:e5:e2:06:2b:37:4d:8f:f3:57:
4f:de:b8:9b:ad:b8:60:a8:55:fc:a0:0c:5a:55:43:da:4d:0d:
0d:a2:c6:c4:75:7e:1e:13:6c:b2:91:3e:10:b9:24:a3:b6:26:
41:2f:91:3a:01:bb:a6:9f:af:ab:88:ab:dd:41:3b:52:c5:46:
b1:bc:75:5f:3e:a7:2f:3e:03:7b:70:0a:99:00:d3:3e:4e:9a:
9e:20:2b:aa:aa:bb:2b:87:80:cd:90:6c:4e:f1:0d:e8:94:5d:
4e:bd:33:58:d2:b5:ea:75:1e:2b:8b:aa:87:9b:17:1a:52:e2:
49:22:b7:98:de:66:ad:b5:ab:e3:ce:3e:06:15:3b:94:18:e3:
bd:ad:b7:c8:04:f7:c3:5a:9a:76:70:3a:3a:c9:1b:3e:0e:2e:
6f:56:95:7e:ff:42:ed:e7:06:08:cb:7a:63:87:03:8c:1c:e4:
b8:42:55:85:3a:5a:00:c7:c5:bb:76:8f:6b:06:6a:41:56:cd:
31:e2:83:eb:be:1b:0c:e2:07:16:db:ad:ad:e5:ba:88:ae:cc:
2b:43:f3:c2
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYNkfEFjc/R8VICFWQI3t85UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIwOTIyMDkxNjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGMzNWExZjZjYTc3ZTg4OGYyMDNiZjk4MDgzYzAwNTY5NTViZDc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp13cmjlFqPWt1OslC0R+oQTgvUfU
kekASTp3zj7F0hl9SlVwOeAy+MqqfZHAD7aYcPHeJWJyx2C+fk6OEb5nJGS+Ede3
mVcqBwoUZ3SZmI5FnF7r3WGuyBd/SdvzNYG3eKScVJFUdNCLMbGNphDa/OnufcCq
sAlrLDLNzFHh5T00u8TrIRCZ4RXQC8XAYB0Vd+5uoifr+vQcaSEEzmaInwPRBTVJ
4CRIf2EII0VKVTbI/jxSrSUUpDYjnq93SShWB3SmPZkNWegjwHgfmSO4rLm8i6Rf
5eJOc1mnVsb6uXg2k9fbX1f6oydPlzJjLZnhBnauwCFA0aHfkzcHK5IoWwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKjDWh9sp36IjyA7+YCDwAVpVb12MB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvcU1OYUgyeW5mb2lQSUR2NWdJUEFCV2xWdlhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAdRFoAD
BAJRFogDBAJZuQADBAFZuRYDBABdudYDBAFtSHoDBAK5HsgwDQYJKoZIhvcNAQEL
BQADggEBAKDMO9NHpTOV0HEyxF3rbo6ne4g9sj5JFreUlqJUvBORHiG5LcrQ2q2V
BkrZOOXiBis3TY/zV0/euJutuGCoVfygDFpVQ9pNDQ2ixsR1fh4TbLKRPhC5JKO2
JkEvkToBu6afr6uIq91BO1LFRrG8dV8+py8+A3twCpkA0z5Omp4gK6qquyuHgM2Q
bE7xDeiUXU69M1jStep1HiuLqoebFxpS4kkit5jeZq21q+POPgYVO5QY472tt8gE
98NamnZwOjrJGz4OLm9WlX7/Qu3nBgjLemOHA4wc5LhCVYU6WgDHxbt2j2sGakFW
zTHig+u+GwziBxbbra3luoiuzCtD88I=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org