Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xflveWF7lAwqkcJ1hTF8nQ2sb4M.roa
File: xflveWF7lAwqkcJ1hTF8nQ2sb4M.roa (raw, json)
Hash identifier: mVXrzF5kHXKyZW7yPKE+cC9kOJI+SnkPqwVEpGy+TRY=
Subject key identifier: C5:F9:6F:79:61:7B:94:0C:2A:91:C2:75:85:31:7C:9D:0D:AC:6F:83
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 01850864AB2430C3D2688E6F9A6947DCA0EC
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xflveWF7lAwqkcJ1hTF8nQ2sb4M.roa
Signing time: Mon 12 Dec 2022 22:11:33 +0000
ROA not before: Mon 12 Dec 2022 22:11:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60860
IP address blocks: 109.72.122.0/24 maxlen: 24
109.72.120.0/23 maxlen: 23
185.30.200.0/23 maxlen: 23
185.30.203.0/24 maxlen: 24
185.30.202.0/24 maxlen: 24
89.185.0.0/22 maxlen: 22
93.185.214.0/24 maxlen: 24
81.22.128.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:08:64:ab:24:30:c3:d2:68:8e:6f:9a:69:47:dc:a0:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Dec 12 22:11:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5f96f79617b940c2a91c27585317c9d0dac6f83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:07:5e:de:3b:d9:41:5b:79:ce:f9:95:91:73:
b9:9c:f4:f6:28:a3:3b:d0:ec:f4:65:a5:e3:9a:51:
af:b4:57:7c:71:24:d4:c6:33:a2:89:a8:8e:00:1c:
ab:9b:55:34:a8:89:ab:e0:b9:f6:4f:40:53:a4:7e:
6f:bd:7c:53:7c:4b:64:21:02:cd:b6:d8:4b:1f:e7:
b5:b1:4f:24:aa:c8:73:ef:b4:2b:cd:d4:11:75:cf:
b9:93:d4:ee:c1:d9:64:05:d3:be:7c:19:13:da:f9:
bd:82:19:9c:a4:42:0a:c3:40:99:1e:19:33:05:ce:
e0:83:bf:c1:27:d3:50:10:64:3b:a7:24:ad:2e:86:
71:cf:4c:58:81:27:d5:cb:d9:77:57:62:fb:e1:78:
fc:ce:71:8f:5d:e7:59:32:b0:28:a2:83:3c:78:df:
6b:3a:e6:aa:a7:0e:db:af:89:3e:c2:15:d4:92:3d:
64:c8:6e:2b:cc:33:af:60:a7:b5:db:68:61:e5:65:
e7:ad:09:24:b0:0c:be:75:a2:de:83:ac:aa:c2:24:
02:c5:b4:8c:d1:42:32:c8:70:e6:e3:5f:be:ad:ee:
9b:7d:ef:d7:32:17:e1:04:1e:ac:be:42:b9:32:7d:
6a:66:e8:33:6e:71:2a:86:73:c1:6b:e7:dc:10:b4:
4b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F9:6F:79:61:7B:94:0C:2A:91:C2:75:85:31:7C:9D:0D:AC:6F:83
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/xflveWF7lAwqkcJ1hTF8nQ2sb4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.128.0/21
89.185.0.0/22
93.185.214.0/24
109.72.120.0-109.72.122.255
185.30.200.0/22
Signature Algorithm: sha256WithRSAEncryption
0b:bb:37:88:5a:0a:a3:4c:a0:bd:82:92:64:cb:57:bc:aa:1a:
b0:34:01:2b:01:1c:ef:bf:fc:56:ab:8b:80:32:5f:80:20:42:
59:10:5b:65:b4:4f:70:f0:75:fa:cd:a7:bd:1f:91:0d:9c:49:
8f:84:91:19:dd:91:7e:7d:fb:19:61:40:47:01:04:d3:64:ee:
23:d8:03:59:fb:ce:dc:80:e9:b9:de:4b:8f:da:64:dc:70:e1:
40:e6:5b:8d:99:a5:78:9a:4d:09:f8:24:5e:45:46:1f:a2:88:
57:4c:b1:10:62:53:b7:9a:65:e7:d7:14:63:e0:38:15:a9:12:
e8:b0:d9:b0:39:d4:2c:bf:bf:c0:e9:d8:34:63:63:6b:3d:0e:
76:d9:f4:9e:b0:09:87:46:7a:e8:49:70:58:d9:2a:ad:75:f7:
1c:c8:c2:9d:e4:b8:10:df:10:50:94:27:97:89:0e:a5:71:49:
7d:13:ca:0e:06:be:c1:41:18:fe:1c:dc:a8:f8:00:fe:6d:7c:
f8:1d:24:b0:c9:a8:72:63:d3:1c:3e:7e:a5:a9:1f:0c:60:a7:
1e:5d:d5:a9:7f:b4:45:1a:4e:d7:6f:e1:90:4b:49:7d:d0:76:
fb:eb:48:55:4b:b2:ab:bb:f8:3e:07:39:3c:c7:80:ec:d9:44:
a3:d9:ec:e6
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYUIZKskMMPSaI5vmmlH3KDsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjIxMjEyMjIxMTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWY5NmY3OTYxN2I5NDBjMmE5MWMyNzU4NTMxN2M5ZDBkYWM2ZjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQde3jvZQVt5zvmVkXO5nPT2KKM7
0Oz0ZaXjmlGvtFd8cSTUxjOiiaiOAByrm1U0qImr4Ln2T0BTpH5vvXxTfEtkIQLN
tthLH+e1sU8kqshz77QrzdQRdc+5k9TuwdlkBdO+fBkT2vm9ghmcpEIKw0CZHhkz
Bc7gg7/BJ9NQEGQ7pyStLoZxz0xYgSfVy9l3V2L74Xj8znGPXedZMrAoooM8eN9r
Ouaqpw7br4k+whXUkj1kyG4rzDOvYKe122hh5WXnrQkksAy+daLeg6yqwiQCxbSM
0UIyyHDm41++re6bfe/XMhfhBB6svkK5Mn1qZugzbnEqhnPBa+fcELRL8wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMX5b3lhe5QMKpHCdYUxfJ0NrG+DMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEveGZsdmVXRjdsQXdxa2NKMWhURjhuUTJzYjRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQDURaAAwQC
WbkAAwQAXbnWMAwDBANtSHgDBABtSHoDBAK5HsgwDQYJKoZIhvcNAQELBQADggEB
AAu7N4haCqNMoL2CkmTLV7yqGrA0ASsBHO+//Fari4AyX4AgQlkQW2W0T3DwdfrN
p70fkQ2cSY+EkRndkX59+xlhQEcBBNNk7iPYA1n7ztyA6bneS4/aZNxw4UDmW42Z
pXiaTQn4JF5FRh+iiFdMsRBiU7eaZefXFGPgOBWpEuiw2bA51Cy/v8Dp2DRjY2s9
DnbZ9J6wCYdGeuhJcFjZKq119xzIwp3kuBDfEFCUJ5eJDqVxSX0Tyg4GvsFBGP4c
3Kj4AP5tfPgdJLDJqHJj0xw+fqWpHwxgpx5d1al/tEUaTtdv4ZBLSX3QdvvrSFVL
squ7+D4HOTzHgOzZRKPZ7OY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:46 2024 by rpki-client on console-ams.rpki-client.org