Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/rZZdCqCwCzGxpjBzhq8V82GjmIs.roa
File: rZZdCqCwCzGxpjBzhq8V82GjmIs.roa (raw, json)
Hash identifier: mkgH6sZaQByNbFmO2u/2n9xZVuw0THxZlciD+QpDO0c=
Subject key identifier: AD:96:5D:0A:A0:B0:0B:31:B1:A6:30:73:86:AF:15:F3:61:A3:98:8B
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 330033F9
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/rZZdCqCwCzGxpjBzhq8V82GjmIs.roa
Signing time: Mon 14 Feb 2022 09:25:49 +0000
ROA not before: Mon 14 Feb 2022 09:25:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31368
IP address blocks: 185.173.156.0/24 maxlen: 24
185.173.159.0/24 maxlen: 24
89.107.132.0/23 maxlen: 23
89.107.128.0/23 maxlen: 23
185.173.158.0/24 maxlen: 24
89.107.130.0/23 maxlen: 23
89.107.135.0/24 maxlen: 24
89.107.134.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 855651321 (0x330033f9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Feb 14 09:25:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad965d0aa0b00b31b1a6307386af15f361a3988b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:18:28:ef:ad:f6:66:b1:a9:4c:f9:83:48:90:
b6:57:f6:2d:e9:9b:b4:a4:11:e1:25:90:ec:93:74:
81:e0:f2:68:1a:7a:b8:2d:0a:44:b5:fd:89:a3:46:
9b:c7:2d:20:cc:77:b2:bc:1a:b4:91:9f:9b:c5:f0:
64:aa:da:e2:4a:cb:87:92:bd:bd:bb:93:18:f6:6a:
a4:06:4b:f6:c0:5d:1a:30:ea:65:56:2f:7c:f5:d8:
88:c8:52:1e:b1:a1:c8:01:18:4f:2c:73:d4:df:37:
e1:0e:a9:03:f2:8e:99:1c:56:79:2a:e6:52:c5:99:
28:6d:49:88:59:df:94:b3:0b:d8:8e:4e:9c:e7:02:
92:c2:7e:54:c5:bd:8d:4a:3b:5e:1b:1a:69:32:02:
47:ad:dd:b5:56:ee:86:a3:35:20:0e:52:04:67:87:
cf:f0:11:07:1d:a4:51:10:66:27:84:23:37:85:fe:
2a:55:19:fe:90:3a:c2:15:ad:61:00:31:e7:3b:4b:
17:89:dc:85:38:fd:14:f1:4c:bb:6f:9d:da:bb:e3:
e6:cf:c4:4c:9f:e6:e9:3f:43:9b:f6:08:cb:e7:4f:
8c:72:db:c3:fc:dd:49:96:b5:44:9c:bf:3f:3a:e3:
20:d1:12:6f:6c:f3:3e:0c:93:12:11:11:d9:38:dd:
79:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:96:5D:0A:A0:B0:0B:31:B1:A6:30:73:86:AF:15:F3:61:A3:98:8B
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/rZZdCqCwCzGxpjBzhq8V82GjmIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0/21
185.173.156.0/24
185.173.158.0/23
Signature Algorithm: sha256WithRSAEncryption
10:aa:ab:7e:87:db:55:ef:4e:09:07:6b:60:d1:83:6b:ab:46:
ef:e3:04:54:5e:de:92:b0:42:89:97:b6:8e:b2:4e:db:f1:ba:
57:d6:01:69:37:12:51:f6:8c:32:6e:ef:bf:8a:f3:5a:04:f3:
bc:e9:07:90:7d:0b:da:be:42:b1:0e:2a:2a:1a:83:40:3a:08:
58:f6:c3:48:a6:d1:3b:3e:86:09:a5:3b:4d:de:76:86:a5:ab:
2e:a2:44:c5:bd:82:cf:a3:ce:f6:6d:3b:0a:76:72:c0:86:4e:
62:a2:41:52:c2:b8:e6:24:90:39:9c:a4:f6:84:a6:84:6c:26:
bf:28:5f:f9:25:7e:9a:d7:92:a7:9d:db:b9:d4:09:21:5f:c8:
72:8d:c2:a0:d9:36:eb:38:04:5b:93:84:8d:1a:fe:85:14:fd:
4d:00:51:a3:49:65:b2:9b:25:23:9d:5f:f5:3d:e0:42:77:8e:
e0:87:ef:d5:a4:a9:0c:72:d4:60:b3:1d:74:52:07:76:63:51:
a6:f3:44:b6:74:ee:6b:32:4d:11:d8:7f:93:db:3a:ee:30:f1:
71:f9:42:c6:ae:52:5b:87:bb:0f:0d:c0:6f:16:a2:a5:92:13:
64:71:e1:92:76:95:d8:32:5d:85:ff:aa:a6:18:9a:c0:cc:d9:
5f:f4:6b:b7
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEMwAz+TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
M2RkMzVjY2ZmNmMyYjg2YTFmYWQ4ZjEwM2JjMjAwNzBkMDllNTBkMB4XDTIyMDIx
NDA5MjU0OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ5NjVkMGFhMGIw
MGIzMWIxYTYzMDczODZhZjE1ZjM2MWEzOTg4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKwYKO+t9maxqUz5g0iQtlf2LembtKQR4SWQ7JN0geDyaBp6
uC0KRLX9iaNGm8ctIMx3srwatJGfm8XwZKra4krLh5K9vbuTGPZqpAZL9sBdGjDq
ZVYvfPXYiMhSHrGhyAEYTyxz1N834Q6pA/KOmRxWeSrmUsWZKG1JiFnflLML2I5O
nOcCksJ+VMW9jUo7XhsaaTICR63dtVbuhqM1IA5SBGeHz/ARBx2kURBmJ4QjN4X+
KlUZ/pA6whWtYQAx5ztLF4nchTj9FPFMu2+d2rvj5s/ETJ/m6T9Dm/YIy+dPjHLb
w/zdSZa1RJy/PzrjINESb2zzPgyTEhER2TjdeYMCAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBStll0KoLALMbGmMHOGrxXzYaOYizAfBgNVHSMEGDAWgBSz3TXM/2wrhqH6
2PEDvCAHDQnlDTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3M5MDF6UDlzSzRhaC10anhBN3dnQncwSjVRMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNDRkNGEzLTdhODQtNDQ5OS04YjcxLTJiMTA1MDUxYmE1OS8x
L3JaWmRDcUN3Q3pHeHBqQnpocThWODJHam1Jcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
NDRkNGEzLTdhODQtNDQ5OS04YjcxLTJiMTA1MDUxYmE1OS8xL3M5MDF6UDlzSzRh
aC10anhBN3dnQncwSjVRMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1lrgAMEALmtnAMEAbmtnjANBgkq
hkiG9w0BAQsFAAOCAQEAEKqrfofbVe9OCQdrYNGDa6tG7+MEVF7ekrBCiZe2jrJO
2/G6V9YBaTcSUfaMMm7vv4rzWgTzvOkHkH0L2r5CsQ4qKhqDQDoIWPbDSKbROz6G
CaU7Td52hqWrLqJExb2Cz6PO9m07CnZywIZOYqJBUsK45iSQOZyk9oSmhGwmvyhf
+SV+mteSp53budQJIV/Ico3CoNk26zgEW5OEjRr+hRT9TQBRo0llspslI51f9T3g
QneO4Ifv1aSpDHLUYLMddFIHdmNRpvNEtnTuazJNEdh/k9s67jDxcflCxq5SW4e7
Dw3AbxaipZITZHHhknaV2DJdhf+qphiawMzZX/Rrtw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:18 2024 by rpki-client on console-ams.rpki-client.org