Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/vV4eu4C5tiaM4Io997AejIbswmw.roa
File: vV4eu4C5tiaM4Io997AejIbswmw.roa (raw, json)
Hash identifier: MyZYXkdyE2nA43irTwZYsj+88MY4Lhhcy7HdF6Zb10o=
Subject key identifier: BD:5E:1E:BB:80:B9:B6:26:8C:E0:8A:3D:F7:B0:1E:8C:86:EC:C2:6C
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0183AC2202474512FD7EC63149E32F64864A
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/vV4eu4C5tiaM4Io997AejIbswmw.roa
Signing time: Thu 06 Oct 2022 07:10:53 +0000
ROA not before: Thu 06 Oct 2022 07:10:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 81.22.136.0/22 maxlen: 22
89.185.24.0/22 maxlen: 22
109.72.122.0/24 maxlen: 24
109.72.123.0/24 maxlen: 24
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
93.185.214.0/24 maxlen: 24
81.22.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ac:22:02:47:45:12:fd:7e:c6:31:49:e3:2f:64:86:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Oct 6 07:10:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bd5e1ebb80b9b6268ce08a3df7b01e8c86ecc26c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:cc:c8:24:54:a7:11:5b:b4:3f:b8:13:0f:75:
a0:80:6e:92:0e:3a:a2:ac:91:9d:5a:03:3b:c9:1f:
6d:6d:8d:8e:fc:d2:1d:55:20:40:16:d9:72:e2:93:
a2:f6:32:60:d8:c1:28:4e:24:89:83:26:a2:34:85:
09:06:8c:f9:70:cc:71:62:eb:10:53:32:e0:a9:b6:
33:27:cf:b5:a9:b0:6a:70:c1:7b:43:15:d2:a0:61:
5a:44:f3:85:cf:cd:56:e3:b8:88:0f:c2:2b:de:fb:
24:63:12:5c:ca:a6:1d:8d:45:a3:0f:0d:f9:c0:22:
de:bf:4b:9d:7f:41:36:5b:65:2f:c2:83:34:49:3f:
ff:c8:05:ac:fb:f1:46:d8:6e:d3:f0:69:ca:79:84:
c1:1f:f8:73:ee:49:2b:b6:fc:ca:a5:ff:a4:a4:85:
91:ec:6b:6e:ba:2f:6f:70:75:18:ee:29:e8:af:9e:
8c:13:d9:b6:4c:40:69:cd:83:a7:8e:b9:ce:f0:93:
98:ab:c4:62:d9:cc:41:1e:5d:e6:ba:de:f8:9c:9a:
63:22:f3:f5:10:3a:d3:59:23:1b:48:1a:ce:79:7a:
d7:17:79:32:1e:e1:a9:fe:e6:d9:51:44:35:b1:47:
8b:06:b3:bc:24:ee:5c:8b:ba:b3:29:36:78:2c:2c:
c1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:5E:1E:BB:80:B9:B6:26:8C:E0:8A:3D:F7:B0:1E:8C:86:EC:C2:6C
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/vV4eu4C5tiaM4Io997AejIbswmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0-81.22.139.255
89.185.0.0/22
89.185.24.0/22
93.185.214.0/24
109.72.122.0/23
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:12:7d:c9:68:f1:68:02:1f:47:27:69:70:49:44:78:db:95:
70:66:49:27:85:7f:e8:84:b0:5a:64:a4:63:f7:51:60:16:5a:
20:be:5e:f8:67:ca:bd:24:1d:f6:96:33:cc:3a:16:e6:a2:f9:
6d:c0:63:2f:35:12:8a:19:95:5d:a8:87:7c:b2:21:46:11:d8:
b4:59:69:44:03:57:18:97:1c:6b:e2:df:aa:e4:3d:3f:1d:b2:
86:fd:d6:fc:44:5a:c3:14:60:a5:ec:4a:2c:df:85:09:42:28:
a3:66:0d:fe:ca:9f:3f:d0:f1:67:c0:72:6e:59:2f:60:09:00:
2e:34:40:65:db:cd:16:62:7c:5b:89:d3:e0:2d:d8:4e:75:a1:
0e:0d:13:25:eb:fd:29:50:9a:d8:03:50:a5:5d:21:3e:ae:f5:
d8:38:9a:b0:ae:be:90:c8:94:8e:99:51:d2:80:cc:3e:eb:91:
a1:a7:9b:76:fb:60:a3:10:4c:b7:75:fa:38:8d:2d:f2:57:4c:
f7:11:bd:5a:71:05:df:3b:54:60:1b:12:e9:8c:e6:d2:39:bf:
ee:00:b6:a6:ee:03:eb:03:38:1d:8a:d8:d4:80:ef:a7:cb:54:
82:8f:3c:09:f5:64:09:4f:05:1d:91:03:72:d3:c7:5e:54:3a:
8b:13:88:65
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYOsIgJHRRL9fsYxSeMvZIZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMDA2MDcxMDUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDVlMWViYjgwYjliNjI2OGNlMDhhM2RmN2IwMWU4Yzg2ZWNjMjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkczIJFSnEVu0P7gTD3WggG6SDjqi
rJGdWgM7yR9tbY2O/NIdVSBAFtly4pOi9jJg2MEoTiSJgyaiNIUJBoz5cMxxYusQ
UzLgqbYzJ8+1qbBqcMF7QxXSoGFaRPOFz81W47iID8Ir3vskYxJcyqYdjUWjDw35
wCLev0udf0E2W2UvwoM0ST//yAWs+/FG2G7T8GnKeYTBH/hz7kkrtvzKpf+kpIWR
7Gtuui9vcHUY7inor56ME9m2TEBpzYOnjrnO8JOYq8Ri2cxBHl3mut74nJpjIvP1
EDrTWSMbSBrOeXrXF3kyHuGp/ubZUUQ1sUeLBrO8JO5ci7qzKTZ4LCzBFQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFL1eHruAubYmjOCKPfewHoyG7MJsMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvdlY0ZXU0QzV0aWFNNElvOTk3QWVqSWJzd213LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBAdRFoAD
BAJRFogDBAJZuQADBAJZuRgDBABdudYDBAFtSHoDBAK5HsgwDQYJKoZIhvcNAQEL
BQADggEBACwSfclo8WgCH0cnaXBJRHjblXBmSSeFf+iEsFpkpGP3UWAWWiC+Xvhn
yr0kHfaWM8w6Fuai+W3AYy81EooZlV2oh3yyIUYR2LRZaUQDVxiXHGvi36rkPT8d
sob91vxEWsMUYKXsSizfhQlCKKNmDf7Knz/Q8WfAcm5ZL2AJAC40QGXbzRZifFuJ
0+At2E51oQ4NEyXr/SlQmtgDUKVdIT6u9dg4mrCuvpDIlI6ZUdKAzD7rkaGnm3b7
YKMQTLd1+jiNLfJXTPcRvVpxBd87VGAbEumM5tI5v+4AtqbuA+sDOB2K2NSA76fL
VIKPPAn1ZAlPBR2RA3LTx15UOosTiGU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org