Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/CJwRM69fEIl4aWizXsGWV44h2z4.roa
File: CJwRM69fEIl4aWizXsGWV44h2z4.roa (raw, json)
Hash identifier: +0ZQHmY2TY5supQgDjiO6JBJYa6l48QDDkU9itEusYI=
Subject key identifier: 08:9C:11:33:AF:5F:10:89:78:69:68:B3:5E:C1:96:57:8E:21:DB:3E
Certificate issuer: /CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Certificate serial: 352BAE4E
Authority key identifier: B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/CJwRM69fEIl4aWizXsGWV44h2z4.roa
Signing time: Sat 01 Jan 2022 04:51:39 +0000
ROA not before: Sat 01 Jan 2022 04:51:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202552
IP address blocks: 185.156.148.0/23 maxlen: 23
185.156.148.0/22 maxlen: 22
185.156.150.0/24 maxlen: 24
81.200.128.0/23 maxlen: 23
81.200.140.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 892055118 (0x352bae4e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8e0f79841c0210d95b4ef56ff68441c2aa9fc0f
Validity
Not Before: Jan 1 04:51:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=089c1133af5f1089786968b35ec196578e21db3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:cd:88:05:06:bc:fc:59:21:97:27:84:f6:d0:
6f:c0:3e:96:85:c8:2c:35:2b:51:a6:90:10:17:ce:
5f:65:3a:75:64:9c:bf:1c:10:d5:e0:bb:40:2c:68:
24:3d:ba:dc:2e:64:62:9d:14:0a:28:25:2d:01:8a:
32:2f:08:e1:ba:85:a0:e2:32:53:aa:f5:3d:07:13:
98:b7:87:84:45:65:a8:d1:7f:3d:57:df:27:13:75:
fa:23:1c:fa:ae:19:6d:1b:98:08:5f:c2:b7:db:1a:
b7:29:65:2d:f7:75:25:58:9d:9a:03:e6:f6:7c:b3:
47:bb:41:48:03:d8:e7:e3:b2:50:3c:57:96:6c:30:
9a:7e:9d:c6:b1:9a:6f:93:20:49:b9:dd:21:25:94:
55:b7:2e:35:3c:1e:b0:5f:d7:04:c0:04:d4:b9:97:
4d:58:94:53:88:f5:ac:9b:fd:f8:eb:b8:c1:f4:54:
ac:e4:cf:3c:9a:44:11:de:2e:6c:f3:c1:63:d1:a1:
00:8d:c8:61:e3:d6:ad:4f:39:b1:41:82:a0:b9:05:
54:7d:a3:ab:bd:c6:f8:db:11:d2:49:40:15:fa:38:
c6:a0:4b:69:fb:0c:46:d9:a4:67:74:a0:24:4c:59:
4c:84:54:fc:e3:64:77:58:df:6c:8a:64:87:5d:bb:
e5:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:9C:11:33:AF:5F:10:89:78:69:68:B3:5E:C1:96:57:8E:21:DB:3E
X509v3 Authority Key Identifier:
keyid:B8:E0:F7:98:41:C0:21:0D:95:B4:EF:56:FF:68:44:1C:2A:A9:FC:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/CJwRM69fEIl4aWizXsGWV44h2z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/c9e704-958d-413f-8acc-6ea3cbfd3a84/1/uOD3mEHAIQ2VtO9W_2hEHCqp_A8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.200.128.0/23
81.200.140.0/22
185.156.148.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:0b:c5:ee:e9:cc:a8:e5:ec:9a:3b:c9:dc:51:3b:1c:56:c2:
a6:e7:3a:3f:23:af:a3:29:4d:d2:c7:fe:91:3b:5d:68:d9:f5:
2c:ea:bc:7f:03:db:f5:f0:4f:db:13:1d:6f:f4:bf:54:e1:f4:
db:46:8b:f0:bf:74:5d:51:b4:e2:32:8a:39:31:ed:c9:78:ee:
0e:42:99:5e:2f:c1:3c:f3:3f:10:32:02:0f:d7:56:ea:5e:17:
0e:e0:c0:8c:63:ce:fd:27:41:cd:80:c4:d7:ef:10:23:00:2f:
7f:09:97:24:b1:0e:d8:bc:3e:b2:2a:f3:05:a4:31:be:14:84:
11:8f:86:97:7a:e5:96:b3:7e:13:c3:ca:3d:6f:d3:a4:32:59:
bf:0c:be:0a:70:91:be:33:fa:80:50:0f:2e:73:31:f4:2b:96:
20:f6:79:f4:90:43:76:ea:81:30:81:8d:12:4f:e6:8a:c8:1d:
0b:6b:e3:0b:ec:dc:e5:f8:b9:da:c6:0e:dd:33:c1:09:a5:3b:
17:ab:ab:7a:29:39:9b:6f:c3:4c:45:ff:7e:3e:fb:bf:a3:29:
2a:ec:53:8e:e7:8c:50:d8:ab:ae:31:cb:a8:96:30:a5:a2:d3:
fc:23:88:c9:56:36:75:7b:61:32:81:80:92:3f:fe:27:a1:aa:
3a:f4:c2:18
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENSuuTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
OGUwZjc5ODQxYzAyMTBkOTViNGVmNTZmZjY4NDQxYzJhYTlmYzBmMB4XDTIyMDEw
MTA0NTEzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDg5YzExMzNhZjVm
MTA4OTc4Njk2OGIzNWVjMTk2NTc4ZTIxZGIzZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHNiAUGvPxZIZcnhPbQb8A+loXILDUrUaaQEBfOX2U6dWSc
vxwQ1eC7QCxoJD263C5kYp0UCiglLQGKMi8I4bqFoOIyU6r1PQcTmLeHhEVlqNF/
PVffJxN1+iMc+q4ZbRuYCF/Ct9satyllLfd1JVidmgPm9nyzR7tBSAPY5+OyUDxX
lmwwmn6dxrGab5MgSbndISWUVbcuNTwesF/XBMAE1LmXTViUU4j1rJv9+Ou4wfRU
rOTPPJpEEd4ubPPBY9GhAI3IYePWrU85sUGCoLkFVH2jq73G+NsR0klAFfo4xqBL
afsMRtmkZ3SgJExZTIRU/ONkd1jfbIpkh1275e0CAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBQInBEzr18QiXhpaLNewZZXjiHbPjAfBgNVHSMEGDAWgBS44PeYQcAhDZW0
71b/aEQcKqn8DzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3VPRDNtRUhBSVEyVnRPOVdfMmhFSENxcF9BOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjMvYzllNzA0LTk1OGQtNDEzZi04YWNjLTZlYTNjYmZkM2E4NC8x
L0NKd1JNNjlmRUlsNGFXaXpYc0dXVjQ0aDJ6NC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjMv
YzllNzA0LTk1OGQtNDEzZi04YWNjLTZlYTNjYmZkM2E4NC8xL3VPRDNtRUhBSVEy
VnRPOVdfMmhFSENxcF9BOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAVHIgAMEAlHIjAMEArmclDANBgkq
hkiG9w0BAQsFAAOCAQEAxQvF7unMqOXsmjvJ3FE7HFbCpuc6PyOvoylN0sf+kTtd
aNn1LOq8fwPb9fBP2xMdb/S/VOH020aL8L90XVG04jKKOTHtyXjuDkKZXi/BPPM/
EDICD9dW6l4XDuDAjGPO/SdBzYDE1+8QIwAvfwmXJLEO2Lw+sirzBaQxvhSEEY+G
l3rllrN+E8PKPW/TpDJZvwy+CnCRvjP6gFAPLnMx9CuWIPZ59JBDduqBMIGNEk/m
isgdC2vjC+zc5fi52sYO3TPBCaU7F6ureik5m2/DTEX/fj77v6MpKuxTjueMUNir
rjHLqJYwpaLT/COIyVY2dXthMoGAkj/+J6GqOvTCGA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:22:28 2024 by rpki-client on console-fra.rpki-client.org