Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/Cw4C6cvzuUMoLy_cvCxr2rjWil0.roa
File: Cw4C6cvzuUMoLy_cvCxr2rjWil0.roa (raw, json)
Hash identifier: rOmgVKC/EVKW/PUd9vzI9ubnMR61Dlb6NJxnyyf8y5U=
Subject key identifier: 0B:0E:02:E9:CB:F3:B9:43:28:2F:2F:DC:BC:2C:6B:DA:B8:D6:8A:5D
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 0CB75AE0
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/Cw4C6cvzuUMoLy_cvCxr2rjWil0.roa
Signing time: Fri 25 Mar 2022 14:12:50 +0000
ROA not before: Fri 25 Mar 2022 14:12:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199256
IP address blocks: 93.119.24.0/22 maxlen: 24
159.253.224.0/22 maxlen: 24
185.122.132.0/22 maxlen: 24
81.173.12.0/22 maxlen: 24
144.2.240.0/21 maxlen: 24
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
185.156.196.0/22 maxlen: 24
185.57.100.0/22 maxlen: 24
185.32.152.0/22 maxlen: 24
5.149.168.0/21 maxlen: 24
2a04:b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 213342944 (0xcb75ae0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Mar 25 14:12:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0b0e02e9cbf3b943282f2fdcbc2c6bdab8d68a5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:a3:fd:c3:d3:c8:e8:3b:fe:31:9e:8c:e0:14:
a3:04:a6:ef:49:04:1e:e7:4e:33:db:44:50:35:e6:
ed:d9:f7:c0:cd:23:27:90:0a:22:ca:96:2d:5c:ee:
a2:db:07:06:05:39:42:7a:d4:25:73:34:cd:c8:d9:
e6:12:d1:93:fc:31:c8:27:84:55:51:2b:40:23:35:
e8:6e:30:2c:5d:76:01:d9:14:15:dc:45:38:cb:18:
26:f4:f2:18:eb:bb:c1:f1:cf:e5:ab:7c:14:c8:8e:
a9:79:7b:80:a9:a0:79:db:ae:6e:b5:23:0c:25:9e:
bb:c7:7e:8a:13:20:7a:e5:fb:4a:c4:cd:7f:f0:27:
a5:3a:fc:c4:cc:df:b3:48:73:6c:e1:3c:52:07:61:
71:3c:70:ae:16:4a:a7:a5:c3:ed:12:db:71:a5:35:
7b:b3:59:e9:e7:a7:f9:71:b8:0d:87:97:94:2f:09:
16:6e:e4:f8:e1:fc:f6:c8:8d:73:b7:16:2f:86:9c:
58:d3:fb:12:c0:9b:2d:02:42:fb:0c:46:59:6d:01:
05:e4:55:4d:56:c9:b2:36:ba:a2:87:34:8e:b6:05:
7b:a4:af:71:f2:ff:e7:b0:03:38:a4:43:41:87:6e:
92:ab:4e:cd:e0:f4:1f:0e:ce:97:64:e7:a9:7d:e6:
e2:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:0E:02:E9:CB:F3:B9:43:28:2F:2F:DC:BC:2C:6B:DA:B8:D6:8A:5D
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/Cw4C6cvzuUMoLy_cvCxr2rjWil0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.57.100.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
4d:34:41:de:a7:da:99:52:f9:b1:07:d6:dd:d4:8e:a9:cc:26:
06:03:cd:4e:98:d8:58:57:f5:71:fd:3d:8f:52:d9:00:1f:de:
22:a4:ec:52:e2:5a:df:97:53:d6:da:a4:8e:d8:47:9f:24:6b:
1b:f3:16:5c:16:48:32:a7:78:63:6c:a1:c8:59:d0:87:a4:f4:
84:5c:93:0a:7f:97:d3:8d:ea:85:5f:8b:b6:77:64:f5:b7:1f:
88:fc:1f:1d:ee:6f:db:02:99:99:2e:84:4e:f5:10:0e:57:74:
cb:55:17:8b:37:da:56:29:56:3e:bb:f8:22:13:78:56:7d:21:
b4:eb:63:80:f3:1e:1c:9c:56:83:fe:12:90:e4:14:d1:51:13:
65:9b:d7:c1:86:80:c1:b6:32:6d:95:e1:4c:1a:18:e3:04:30:
a4:cf:85:80:b6:a3:96:39:05:a7:60:11:a0:96:0f:01:c9:90:
26:b2:0c:2a:c3:a3:a1:c3:f9:0b:91:37:a1:50:d0:03:21:ee:
a8:79:87:5c:3b:b3:5f:8c:ab:5d:11:2f:d5:2a:79:e8:15:a1:
a4:63:35:2c:e0:eb:8f:84:47:96:27:bd:be:4b:bf:d7:66:71:
43:93:4b:96:bc:18:bb:a0:62:a6:d1:f0:15:f6:47:0f:ea:20:
b9:6e:6e:b7
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgIEDLda4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
M2IyOTgxOTc4ODg1Njk2Y2UxYzJiYmY0YWY5OWRhZGMyYzYxOGViMB4XDTIyMDMy
NTE0MTI1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGIwZTAyZTljYmYz
Yjk0MzI4MmYyZmRjYmMyYzZiZGFiOGQ2OGE1ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmj/cPTyOg7/jGejOAUowSm70kEHudOM9tEUDXm7dn3wM0j
J5AKIsqWLVzuotsHBgU5QnrUJXM0zcjZ5hLRk/wxyCeEVVErQCM16G4wLF12AdkU
FdxFOMsYJvTyGOu7wfHP5at8FMiOqXl7gKmgeduubrUjDCWeu8d+ihMgeuX7SsTN
f/AnpTr8xMzfs0hzbOE8UgdhcTxwrhZKp6XD7RLbcaU1e7NZ6een+XG4DYeXlC8J
Fm7k+OH89siNc7cWL4acWNP7EsCbLQJC+wxGWW0BBeRVTVbJsja6ooc0jrYFe6Sv
cfL/57ADOKRDQYdukqtOzeD0Hw7Ol2TnqX3m4ncCAwEAAaOCAlQwggJQMB0GA1Ud
DgQWBBQLDgLpy/O5QygvL9y8LGvauNaKXTAfBgNVHSMEGDAWgBSTspgZeIhWls4c
K79K+Z2twsYY6zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2s3S1lHWGlJVnBiT0hDdV9Tdm1kcmNMR0dPcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNzk4NmE5LTRlNDYtNGMzMy05MmM5LTMxYzk1ZTJhMWQ2Zi8x
L0N3NEM2Y3Z6dVVNb0x5X2N2Q3hyMnJqV2lsMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
Nzk4NmE5LTRlNDYtNGMzMy05MmM5LTMxYzk1ZTJhMWQ2Zi8xL2s3S1lHWGlJVnBi
T0hDdV9Tdm1kcmNMR0dPcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBq
BggrBgEFBQcBBwEB/wRbMFkwSAQCAAEwQgMEAwWVqAMEAlGtDAMEAFvY7AMEAFvY
8QMEAl13GAMEA5AC8AMEAp/94AMEArkgmAMEArk5ZAMEArl6hAMEArmcxDANBAIA
AjAHAwUDKgQLADANBgkqhkiG9w0BAQsFAAOCAQEATTRB3qfamVL5sQfW3dSOqcwm
BgPNTpjYWFf1cf09j1LZAB/eIqTsUuJa35dT1tqkjthHnyRrG/MWXBZIMqd4Y2yh
yFnQh6T0hFyTCn+X043qhV+Ltndk9bcfiPwfHe5v2wKZmS6ETvUQDld0y1UXizfa
VilWPrv4IhN4Vn0htOtjgPMeHJxWg/4SkOQU0VETZZvXwYaAwbYybZXhTBoY4wQw
pM+FgLajljkFp2ARoJYPAcmQJrIMKsOjocP5C5E3oVDQAyHuqHmHXDuzX4yrXREv
1Sp56BWhpGM1LODrj4RHlie9vku/12ZxQ5NLlrwYu6BiptHwFfZHD+oguW5utw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:54 2024 by rpki-client on console-ams.rpki-client.org