Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/slzddisjNxIpjqrtjP_kCmi1iEk.roa
File: slzddisjNxIpjqrtjP_kCmi1iEk.roa (raw, json)
Hash identifier: S/eF8ww+UfE7NnznSTnOKWM40/2UZEmL526bEO9cCxA=
Subject key identifier: B2:5C:DD:76:2B:23:37:12:29:8E:AA:ED:8C:FF:E4:0A:68:B5:88:49
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01851F56B73A50F7057422EF1D7D602AD00F
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/slzddisjNxIpjqrtjP_kCmi1iEk.roa
Signing time: Sat 17 Dec 2022 09:07:34 +0000
ROA not before: Sat 17 Dec 2022 09:07:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62240
IP address blocks: 89.185.28.0/22 maxlen: 24
109.72.124.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1f:56:b7:3a:50:f7:05:74:22:ef:1d:7d:60:2a:d0:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 17 09:07:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b25cdd762b233712298eaaed8cffe40a68b58849
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:5d:2e:4b:0b:af:bc:14:3e:9a:27:96:07:48:
65:06:b2:f3:e8:02:c4:86:a1:11:ea:4b:9d:45:c9:
d3:c5:14:f5:a8:94:cc:3f:b4:21:fd:f9:22:d0:b8:
09:7f:c6:0b:53:a8:2e:1d:6e:5e:b8:bd:52:38:54:
1d:2b:1d:d9:68:2c:32:b1:99:03:7e:ed:b4:89:d0:
9b:49:c8:9f:a9:ec:03:a6:ad:e9:c1:8e:6e:76:a2:
9c:49:a3:d8:da:2a:d3:41:04:f6:7f:d1:25:3c:04:
8f:f8:2d:3d:49:af:70:f8:14:bb:07:ae:d9:32:cd:
8b:c6:18:f3:7b:65:7e:34:54:1b:ae:16:44:51:a6:
77:0b:71:d4:c3:36:b3:bc:25:80:2a:8d:ae:ee:e9:
f3:86:ad:ae:c0:22:44:ca:a1:49:b7:be:17:7a:51:
22:b4:b8:cd:25:cb:d0:65:10:1c:01:f7:b6:e6:9c:
0a:d2:2e:ea:5f:c1:44:9e:16:86:7e:1f:65:65:24:
e4:a1:0a:b9:bd:a7:60:26:b9:73:8c:dc:e0:19:47:
04:f9:fc:17:a5:65:3a:9b:a5:dd:43:c6:01:bf:b5:
42:a5:af:1e:a9:94:33:04:64:e1:97:f5:52:1d:54:
a4:0d:88:ee:d5:b2:cf:2d:72:ec:c0:a3:38:c9:8b:
b0:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:5C:DD:76:2B:23:37:12:29:8E:AA:ED:8C:FF:E4:0A:68:B5:88:49
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/slzddisjNxIpjqrtjP_kCmi1iEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.185.28.0/22
109.72.124.0/22
Signature Algorithm: sha256WithRSAEncryption
64:e2:aa:29:29:aa:70:53:64:d0:4c:ed:54:66:ad:a0:9f:8e:
38:35:e2:97:e1:f0:f9:07:79:00:c9:67:37:b9:76:fe:b0:0a:
a7:29:c3:3f:36:90:39:61:2a:23:b2:a6:e9:5f:d1:40:4f:53:
71:ef:fb:59:dc:4c:0c:e4:cb:96:9b:f0:97:bd:a5:1e:56:e8:
da:f7:0a:2d:4a:07:37:8f:db:0a:86:22:d9:a0:37:a4:2e:b3:
99:7a:8c:2a:77:a8:60:37:17:90:d0:40:f2:5a:2d:2a:a5:9f:
bd:f0:05:da:e2:de:74:fd:fe:1e:87:17:f8:bc:5f:64:84:df:
f3:40:01:06:78:6b:17:2c:d1:c2:dc:df:67:fe:e2:bf:3a:23:
a2:db:ed:db:ee:73:ae:a7:f8:43:ab:0e:c8:57:a5:06:75:3e:
62:3b:52:16:40:7d:6c:76:63:0d:24:85:7d:8d:1d:d8:b8:ba:
22:29:34:82:16:63:47:87:4b:cd:aa:b0:b4:d5:d0:75:7c:f8:
85:40:e9:e4:da:ea:cd:b4:dc:d8:e6:c8:61:6d:65:19:a1:c9:
ec:c6:3e:5f:95:fb:6e:e2:87:c5:d5:cd:d3:62:f6:46:9e:01:
72:30:45:2e:cf:0a:1a:96:c9:ee:12:0e:a8:12:76:c9:ee:f9:
6b:66:ce:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYUfVrc6UPcFdCLvHX1gKtAPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMjE3MDkwNzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjVjZGQ3NjJiMjMzNzEyMjk4ZWFhZWQ4Y2ZmZTQwYTY4YjU4ODQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhl0uSwuvvBQ+mieWB0hlBrLz6ALE
hqER6kudRcnTxRT1qJTMP7Qh/fki0LgJf8YLU6guHW5euL1SOFQdKx3ZaCwysZkD
fu20idCbScifqewDpq3pwY5udqKcSaPY2irTQQT2f9ElPASP+C09Sa9w+BS7B67Z
Ms2Lxhjze2V+NFQbrhZEUaZ3C3HUwzazvCWAKo2u7unzhq2uwCJEyqFJt74XelEi
tLjNJcvQZRAcAfe25pwK0i7qX8FEnhaGfh9lZSTkoQq5vadgJrlzjNzgGUcE+fwX
pWU6m6XdQ8YBv7VCpa8eqZQzBGThl/VSHVSkDYju1bLPLXLswKM4yYuwTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLJc3XYrIzcSKY6q7Yz/5ApotYhJMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvc2x6ZGRpc2pOeElwanFydGpQX2tDbWkxaUVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWbkcAwQC
bUh8MA0GCSqGSIb3DQEBCwUAA4IBAQBk4qopKapwU2TQTO1UZq2gn444NeKX4fD5
B3kAyWc3uXb+sAqnKcM/NpA5YSojsqbpX9FAT1Nx7/tZ3EwM5MuWm/CXvaUeVuja
9wotSgc3j9sKhiLZoDekLrOZeowqd6hgNxeQ0EDyWi0qpZ+98AXa4t50/f4ehxf4
vF9khN/zQAEGeGsXLNHC3N9n/uK/OiOi2+3b7nOup/hDqw7IV6UGdT5iO1IWQH1s
dmMNJIV9jR3YuLoiKTSCFmNHh0vNqrC01dB1fPiFQOnk2urNtNzY5shhbWUZocns
xj5flftu4ofF1c3TYvZGngFyMEUuzwoalsnuEg6oEnbJ7vlrZs7L
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:15 2024 by rpki-client on console-fra.rpki-client.org