Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_CmJPJvDdqDr4qZWpfo7bvzZpX8.roa
File: _CmJPJvDdqDr4qZWpfo7bvzZpX8.roa (raw, json)
Hash identifier: aeZ2O3mzSUR1UoUJtR7QsUWpP9GLarGaWtl4JXvYjwE=
Subject key identifier: FC:29:89:3C:9B:C3:76:A0:EB:E2:A6:56:A5:FA:3B:6E:FC:D9:A5:7F
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 146DF3D6
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_CmJPJvDdqDr4qZWpfo7bvzZpX8.roa
Signing time: Thu 24 Mar 2022 19:33:04 +0000
ROA not before: Thu 24 Mar 2022 19:33:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7029
IP address blocks: 5.182.28.0/22 maxlen: 22
194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.206.0/23 maxlen: 23
45.88.124.0/22 maxlen: 22
45.86.20.0/22 maxlen: 22
91.242.100.0/23 maxlen: 23
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
45.15.244.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
185.173.244.0/22 maxlen: 24
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 342750166 (0x146df3d6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Mar 24 19:33:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fc29893c9bc376a0ebe2a656a5fa3b6efcd9a57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6f:58:a2:0c:f0:30:69:01:cc:66:87:d6:03:
10:53:14:99:b7:52:ce:a1:59:10:bf:91:a8:dd:e8:
d9:23:b2:56:b6:21:d3:da:a7:e4:8e:16:6d:6a:1a:
4e:43:26:94:18:7b:26:ef:fd:58:7d:e4:ec:09:27:
ab:84:2f:62:01:63:f4:31:9b:e2:78:55:0c:a1:00:
85:1c:4c:c5:f2:dc:ce:dc:ba:9c:d6:6f:48:a4:ce:
da:8d:00:3b:38:5c:52:23:2c:a7:78:f6:d5:e1:31:
82:05:99:b3:15:2a:d8:69:7e:52:c1:7b:51:30:9d:
df:ff:b1:52:31:5f:4e:b4:ae:e3:99:a7:68:fa:ee:
07:b4:4d:7a:54:d1:39:45:29:54:dc:6a:92:2e:67:
a2:9a:e5:43:fe:ee:89:ff:26:84:d4:da:da:6c:ba:
bb:09:24:9e:35:61:61:cd:18:e4:bf:2a:11:cc:c1:
9e:b1:c6:04:41:4f:eb:29:84:6e:1a:2b:e9:e9:ee:
ef:e4:ad:c3:3e:fc:f0:4b:45:6e:27:13:5f:e1:a0:
03:e3:70:3e:3f:9d:ed:2e:66:00:67:e3:f0:1b:15:
9a:54:46:df:b6:f6:f4:77:ba:ed:56:e1:88:75:7f:
ba:d3:ab:93:b3:82:96:7d:e3:0c:61:b3:f8:e1:fe:
39:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:29:89:3C:9B:C3:76:A0:EB:E2:A6:56:A5:FA:3B:6E:FC:D9:A5:7F
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/_CmJPJvDdqDr4qZWpfo7bvzZpX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.15.244.0/22
45.86.20.0/22
45.88.124.0/22
91.242.64.0/22
91.242.100.0/23
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.173.244.0/22
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
79:16:71:61:a9:7f:ca:17:34:51:58:82:0c:c1:52:87:b5:f2:
bd:84:89:9a:3e:19:b0:07:cc:4a:cb:6f:f2:81:8a:49:ee:73:
d3:8b:d1:29:8a:d7:68:05:fc:49:fd:06:2a:f8:16:e2:0b:fc:
82:2f:31:88:ec:cf:79:4e:52:e2:9e:a9:e2:16:8d:d2:9c:b7:
f8:31:45:b4:e0:ef:f9:81:74:2d:37:7d:f0:fe:f6:96:23:75:
11:f1:7a:7a:8f:2a:5c:48:a8:04:9c:9e:bc:b4:b2:b6:63:3a:
ff:bd:34:1d:34:d0:38:b8:15:b9:ac:08:97:72:00:f5:3a:ab:
bf:1b:60:f9:3d:93:65:df:7d:57:75:fd:7a:09:87:bb:03:94:
c5:95:be:da:3a:89:fd:89:ea:92:50:24:98:f1:64:57:65:7f:
a5:a8:6c:38:5e:57:f1:6e:fa:a2:64:9a:bb:3e:c3:6e:a0:f0:
1f:5f:d2:91:05:47:d1:e5:15:4d:cb:a0:c1:55:ee:95:ed:19:
69:a2:6b:36:b5:e1:12:f6:6d:0d:cd:58:96:d6:03:e6:76:77:
3f:c3:ab:0b:c5:d2:e5:9c:bf:1d:87:d5:de:07:bf:52:a3:9f:
b9:03:9c:a5:ce:da:f1:b2:33:0d:b8:3e:cc:34:63:bd:8c:98:
50:b3:93:82
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgIEFG3z1jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
YmFiMzA2ODM4NTllYzdlMDIwNmZlOTI2NTM2M2U4ZTM5NzFhOWE4MB4XDTIyMDMy
NDE5MzMwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmMyOTg5M2M5YmMz
NzZhMGViZTJhNjU2YTVmYTNiNmVmY2Q5YTU3ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKtvWKIM8DBpAcxmh9YDEFMUmbdSzqFZEL+RqN3o2SOyVrYh
09qn5I4WbWoaTkMmlBh7Ju/9WH3k7Aknq4QvYgFj9DGb4nhVDKEAhRxMxfLczty6
nNZvSKTO2o0AOzhcUiMsp3j21eExggWZsxUq2Gl+UsF7UTCd3/+xUjFfTrSu45mn
aPruB7RNelTROUUpVNxqki5noprlQ/7uif8mhNTa2my6uwkknjVhYc0Y5L8qEczB
nrHGBEFP6ymEbhor6enu7+Stwz788EtFbicTX+GgA+NwPj+d7S5mAGfj8BsVmlRG
37b29He67VbhiHV/utOrk7OCln3jDGGz+OH+OSkCAwEAAaOCAlEwggJNMB0GA1Ud
DgQWBBT8KYk8m8N2oOviplal+jtu/NmlfzAfBgNVHSMEGDAWgBSLqzBoOFnsfgIG
/pJlNj6OOXGpqDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2k2c3dhRGhaN0g0Q0J2NlNaVFktampseHFhZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmIvODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8x
L19DbUpQSnZEZHFEcjRxWldwZm83YnZ6WnBYOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIv
ODFmZDFhLTQ3YTctNDVkOC1iZTc0LTNhYzllNTZjMzA4OS8xL2k2c3dhRGhaN0g0
Q0J2NlNaVFktampseHFhZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBn
BggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAgW2HAMEAi0P9AMEAi1WFAMEAi1Y
fAMEAlvyQAMEAVvyZAMEAFvyaQMEAlvybAMEA1vyeAMEArmt9AMEAcIyyAMEAcIy
zgMEBcOKYDANBgkqhkiG9w0BAQsFAAOCAQEAeRZxYal/yhc0UViCDMFSh7XyvYSJ
mj4ZsAfMSstv8oGKSe5z04vRKYrXaAX8Sf0GKvgW4gv8gi8xiOzPeU5S4p6p4haN
0py3+DFFtODv+YF0LTd98P72liN1EfF6eo8qXEioBJyevLSytmM6/700HTTQOLgV
uawIl3IA9Tqrvxtg+T2TZd99V3X9egmHuwOUxZW+2jqJ/YnqklAkmPFkV2V/pahs
OF5X8W76omSauz7DbqDwH1/SkQVH0eUVTcugwVXule0ZaaJrNrXhEvZtDc1YltYD
5nZ3P8OrC8XS5Zy/HYfV3ge/UqOfuQOcpc7a8bIzDbg+zDRjvYyYULOTgg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:00:26 2024 by rpki-client on console-ams.rpki-client.org