Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kaZ-ysUPYCfGIeNE2dNaf7zTMns.roa
File: kaZ-ysUPYCfGIeNE2dNaf7zTMns.roa (raw, json)
Hash identifier: 5IIhZMv5NQtzNDvH/8jgR9erw0JXJtAwAwh0QwZO2Oo=
Subject key identifier: 91:A6:7E:CA:C5:0F:60:27:C6:21:E3:44:D9:D3:5A:7F:BC:D3:32:7B
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 1BA2034D
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kaZ-ysUPYCfGIeNE2dNaf7zTMns.roa
Signing time: Sat 01 Jan 2022 05:03:44 +0000
ROA not before: Sat 01 Jan 2022 05:03:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56871
IP address blocks: 89.45.92.0/24 maxlen: 24
89.45.93.0/24 maxlen: 24
185.104.196.0/22 maxlen: 22
89.42.233.0/24 maxlen: 24
89.42.232.0/24 maxlen: 24
188.213.233.0/24 maxlen: 24
86.104.132.0/23 maxlen: 23
89.46.112.0/23 maxlen: 23
85.204.196.0/23 maxlen: 23
89.44.100.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 463602509 (0x1ba2034d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 1 05:03:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=91a67ecac50f6027c621e344d9d35a7fbcd3327b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e2:7f:22:fd:8e:ae:36:c8:27:ee:99:5a:b3:
a0:8d:6f:9a:b6:80:aa:25:41:80:ea:7f:2a:97:d8:
29:51:f3:39:14:db:c7:48:ee:ab:77:e5:58:08:32:
22:2d:48:66:f6:04:da:f4:c3:f6:3d:5f:90:d6:93:
0c:78:70:c8:c1:51:49:10:8b:9f:a0:96:ab:88:32:
b0:06:49:fd:19:f7:16:db:9f:b6:f1:ab:b2:db:cd:
0f:4e:ad:14:b9:63:c6:6b:2e:3d:c0:ae:92:a9:e8:
43:b4:ee:bb:1d:2d:51:11:37:cf:70:c7:f7:a6:b9:
fc:9a:d8:ce:2e:c4:3e:7b:0a:26:63:9a:4f:8f:80:
79:ee:e0:e3:e9:77:8b:dc:3f:9f:ae:3f:23:17:2f:
1c:d1:43:92:12:a7:dc:fc:7e:fb:65:a2:83:d7:81:
c7:e6:5d:48:44:21:c4:ae:c3:c2:96:87:cc:40:13:
05:c9:53:7c:46:1f:b8:3f:d6:2a:20:d7:86:e3:2b:
74:ca:d2:6d:72:06:26:bd:86:2f:2a:15:e9:c0:92:
54:86:69:25:5c:68:7b:db:a8:a4:fa:9a:b4:84:3c:
9a:59:f5:6a:c9:be:60:56:0a:c0:4e:77:a7:d8:57:
06:d3:cd:7d:33:9f:28:a3:a1:52:18:f5:36:08:cb:
5d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:A6:7E:CA:C5:0F:60:27:C6:21:E3:44:D9:D3:5A:7F:BC:D3:32:7B
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/kaZ-ysUPYCfGIeNE2dNaf7zTMns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.196.0/23
86.104.132.0/23
89.42.232.0/23
89.44.100.0/23
89.45.92.0/23
89.46.112.0/23
185.104.196.0/22
188.213.233.0/24
Signature Algorithm: sha256WithRSAEncryption
56:d1:e2:08:02:84:bb:c9:08:d7:58:43:2c:39:08:05:48:12:
0b:e5:f8:09:4f:b4:8b:9e:7b:bf:0e:c0:48:a9:10:d2:86:48:
de:1b:6e:b0:d9:d7:ce:52:d4:34:4c:fc:e1:99:08:bb:f3:d1:
c2:c3:e3:88:26:ec:fa:c3:c4:e6:bc:18:01:30:cc:e9:a6:7f:
e0:aa:2b:2a:db:d0:47:22:75:33:aa:c1:6b:35:f3:89:80:ef:
00:4c:57:cf:5c:bd:f7:61:8d:ad:e3:df:4b:5d:e4:f1:2f:37:
80:e5:94:0b:79:0a:6e:8a:dd:18:9a:4c:3b:5c:d6:e5:83:dd:
26:90:ec:3a:47:78:d3:af:15:06:ba:29:ab:43:0b:91:15:87:
fd:06:01:2f:1b:fb:b7:b4:82:de:3d:46:4e:b6:f6:ef:2b:f9:
d2:f7:2f:23:09:69:96:7b:d0:f8:4b:a7:0f:ac:47:0f:65:9a:
6d:9a:9e:28:6a:60:57:13:7e:b9:6e:7f:e5:0f:f6:1d:6a:6f:
3d:a0:df:fb:53:df:35:9a:e2:05:48:4c:43:7d:f3:cb:b1:46:
c0:fe:72:6e:92:4b:31:b1:70:92:6e:67:e2:78:91:33:b5:4e:
b4:85:70:6f:19:25:db:b6:59:9e:62:52:2f:56:c7:1d:46:90:
83:90:80:40
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEG6IDTTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NDljYmJkNWMyY2Y0MTk1Y2M2ZWM3ZjIxZjYwNzU4MWEwMjI0ZGFhMB4XDTIyMDEw
MTA1MDM0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOTFhNjdlY2FjNTBm
NjAyN2M2MjFlMzQ0ZDlkMzVhN2ZiY2QzMzI3YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALLifyL9jq42yCfumVqzoI1vmraAqiVBgOp/KpfYKVHzORTb
x0juq3flWAgyIi1IZvYE2vTD9j1fkNaTDHhwyMFRSRCLn6CWq4gysAZJ/Rn3Ftuf
tvGrstvND06tFLljxmsuPcCukqnoQ7Tuux0tURE3z3DH96a5/JrYzi7EPnsKJmOa
T4+Aee7g4+l3i9w/n64/IxcvHNFDkhKn3Px++2Wig9eBx+ZdSEQhxK7DwpaHzEAT
BclTfEYfuD/WKiDXhuMrdMrSbXIGJr2GLyoV6cCSVIZpJVxoe9uopPqatIQ8mln1
asm+YFYKwE53p9hXBtPNfTOfKKOhUhj1NgjLXbcCAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBSRpn7KxQ9gJ8Yh40TZ01p/vNMyezAfBgNVHSMEGDAWgBQ0nLvVws9Blcxu
x/IfYHWBoCJNqjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8x
L2thWi15c1VQWUNmR0llTkUyZE5hZjd6VE1ucy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmQv
Y2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2MC8xL05KeTcxY0xQUVpY
TWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwNgQCAAEwMAMEAVXMxAMEAVZohAMEAVkq6AMEAVks
ZAMEAVktXAMEAVkucAMEArloxAMEALzV6TANBgkqhkiG9w0BAQsFAAOCAQEAVtHi
CAKEu8kI11hDLDkIBUgSC+X4CU+0i557vw7ASKkQ0oZI3htusNnXzlLUNEz84ZkI
u/PRwsPjiCbs+sPE5rwYATDM6aZ/4KorKtvQRyJ1M6rBazXziYDvAExXz1y992GN
rePfS13k8S83gOWUC3kKbordGJpMO1zW5YPdJpDsOkd4068VBropq0MLkRWH/QYB
Lxv7t7SC3j1GTrb27yv50vcvIwlplnvQ+EunD6xHD2WabZqeKGpgVxN+uW5/5Q/2
HWpvPaDf+1PfNZriBUhMQ33zy7FGwP5ybpJLMbFwkm5n4niRM7VOtIVwbxkl27ZZ
nmJSL1bHHUaQg5CAQA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:23:57 2024 by rpki-client on console-fra.rpki-client.org