Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/cbnDoAbTs0vJPOlSwNqvS3eCxEE.roa
File: cbnDoAbTs0vJPOlSwNqvS3eCxEE.roa (raw, json)
Hash identifier: JAMF1miaFfh4V0EGkb2AL/EK0X3vHrSejC6dvjJ9nNk=
Subject key identifier: 71:B9:C3:A0:06:D3:B3:4B:C9:3C:E9:52:C0:DA:AF:4B:77:82:C4:41
Certificate issuer: /CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Certificate serial: 01836583036C8A72213B624AD1DD44046502
Authority key identifier: 62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/cbnDoAbTs0vJPOlSwNqvS3eCxEE.roa
Signing time: Thu 22 Sep 2022 14:03:48 +0000
ROA not before: Thu 22 Sep 2022 14:03:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61333
IP address blocks: 94.228.108.0/24 maxlen: 24
94.228.110.0/24 maxlen: 24
185.251.54.0/24 maxlen: 24
185.251.53.0/24 maxlen: 24
94.228.96.0/24 maxlen: 24
94.228.96.0/20 maxlen: 24
94.228.98.0/24 maxlen: 24
94.228.100.0/24 maxlen: 24
94.228.104.0/24 maxlen: 24
94.228.105.0/24 maxlen: 24
149.126.64.0/24 maxlen: 24
149.126.64.0/21 maxlen: 24
149.126.65.0/24 maxlen: 24
149.126.67.0/24 maxlen: 24
149.126.66.0/24 maxlen: 24
149.126.70.0/24 maxlen: 24
194.169.198.0/24 maxlen: 24
193.200.249.0/24 maxlen: 24
2a00:e30:ed00::/41 maxlen: 48
2a00:e30:a00::/40 maxlen: 48
2a00:e30:2100::/41 maxlen: 41
2a00:e30:3000::/41 maxlen: 41
2a00:e30:6900::/41 maxlen: 41
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:65:83:03:6c:8a:72:21:3b:62:4a:d1:dd:44:04:65:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=623526ad9fbec574fa4ec3d9badb5433fdaaca7b
Validity
Not Before: Sep 22 14:03:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71b9c3a006d3b34bc93ce952c0daaf4b7782c441
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:21:89:58:99:9a:12:49:2e:81:92:40:74:b2:
ab:2e:ab:dc:05:ea:22:ae:e6:23:ab:46:00:f1:06:
8a:37:54:4b:47:b7:ea:9f:02:09:c2:d0:9a:b0:14:
34:39:4e:87:99:80:68:0d:42:0e:e9:aa:b0:07:62:
c9:a8:5b:72:96:a0:18:86:a6:c4:04:6c:d4:23:27:
16:62:7f:44:5c:c2:d2:a5:66:fc:cd:2b:b3:3d:97:
78:c6:aa:8d:0e:0f:c5:2b:28:ed:5e:91:d1:aa:0c:
b4:91:91:e9:63:3a:0d:43:57:04:01:2b:1f:bc:e0:
5c:0b:3f:6c:0d:fd:29:4f:ee:eb:34:21:cc:77:af:
e8:6b:b5:f7:3b:85:be:0b:da:33:03:c4:b5:af:d9:
48:49:ec:8b:25:49:26:9e:11:e5:1f:a2:59:fe:9c:
59:c7:95:2b:be:4e:8a:49:e3:99:06:96:19:ab:f1:
5d:d4:37:f8:77:34:e0:2d:f6:d0:b9:b3:bd:74:11:
b9:77:ce:b7:35:a9:de:9c:e3:70:bc:5a:7a:af:d0:
76:83:31:ab:bb:42:1b:6c:d2:a2:ea:e7:d4:0b:ed:
ed:d1:c7:6b:97:dc:47:ac:17:b9:d5:5c:d9:cc:8a:
97:25:76:0b:03:a6:7c:56:2d:89:f8:90:d9:ee:32:
69:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:B9:C3:A0:06:D3:B3:4B:C9:3C:E9:52:C0:DA:AF:4B:77:82:C4:41
X509v3 Authority Key Identifier:
keyid:62:35:26:AD:9F:BE:C5:74:FA:4E:C3:D9:BA:DB:54:33:FD:AA:CA:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YjUmrZ--xXT6TsPZuttUM_2qyns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/cbnDoAbTs0vJPOlSwNqvS3eCxEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/1d8fc9-b21b-4db5-95cf-81c8ce750124/1/YjUmrZ--xXT6TsPZuttUM_2qyns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.96.0/20
149.126.64.0/21
185.251.53.0-185.251.54.255
193.200.249.0/24
194.169.198.0/24
IPv6:
2a00:e30:a00::/40
2a00:e30:2100::/41
2a00:e30:3000::/41
2a00:e30:6900::/41
2a00:e30:ed00::/41
Signature Algorithm: sha256WithRSAEncryption
4f:d4:f1:25:c0:6a:68:64:72:4c:4f:92:fe:84:08:b9:53:f0:
e1:df:04:29:9a:91:ee:e6:01:65:91:79:bb:42:2c:d8:7c:45:
27:21:94:26:a1:87:f8:75:c3:72:20:e9:4b:4c:6a:97:eb:c3:
02:78:a8:2f:c7:7c:8c:42:6d:87:52:66:4c:58:23:64:33:c2:
88:de:c9:80:7e:db:ae:f7:c0:4d:7f:94:1f:b0:bc:c6:27:9d:
98:7d:eb:6b:38:33:2d:43:e3:34:db:8a:c2:72:c1:f0:77:f6:
b0:5f:56:3c:7c:11:c9:03:40:fc:b7:b9:44:53:a7:f1:06:88:
87:66:f7:b1:2a:f4:fa:3a:5e:47:b1:ea:29:e5:96:e6:12:2b:
83:df:eb:c0:40:ea:c6:b7:df:d4:d0:43:9d:9f:74:ad:f6:ad:
02:f8:6d:7c:e9:39:ff:46:43:a0:a3:57:b7:f1:06:e1:d0:36:
d0:3f:e7:8d:25:f0:4f:d9:ba:30:14:90:1f:2a:d1:ea:96:bb:
a4:2c:c5:db:05:b9:6a:95:03:6f:02:9a:57:94:4d:6d:b2:e6:
85:be:52:d7:41:c7:31:bb:65:29:98:46:83:5a:ec:ad:e5:e3:
51:3d:a7:da:27:6c:71:d6:df:7c:0c:2f:67:2e:6e:3c:46:2f:
76:16:8b:35
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYNlgwNsinIhO2JK0d1EBGUCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMzUyNmFkOWZiZWM1NzRmYTRlYzNkOWJhZGI1NDMzZmRh
YWNhN2IwHhcNMjIwOTIyMTQwMzQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWI5YzNhMDA2ZDNiMzRiYzkzY2U5NTJjMGRhYWY0Yjc3ODJjNDQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyGJWJmaEkkugZJAdLKrLqvcBeoi
ruYjq0YA8QaKN1RLR7fqnwIJwtCasBQ0OU6HmYBoDUIO6aqwB2LJqFtylqAYhqbE
BGzUIycWYn9EXMLSpWb8zSuzPZd4xqqNDg/FKyjtXpHRqgy0kZHpYzoNQ1cEASsf
vOBcCz9sDf0pT+7rNCHMd6/oa7X3O4W+C9ozA8S1r9lISeyLJUkmnhHlH6JZ/pxZ
x5Urvk6KSeOZBpYZq/Fd1Df4dzTgLfbQubO9dBG5d863NanenONwvFp6r9B2gzGr
u0IbbNKi6ufUC+3t0cdrl9xHrBe51VzZzIqXJXYLA6Z8Vi2J+JDZ7jJpiQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFHG5w6AG07NLyTzpUsDar0t3gsRBMB8GA1UdIwQY
MBaAFGI1Jq2fvsV0+k7D2brbVDP9qsp7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2Yt
ODFjOGNlNzUwMTI0LzEvY2JuRG9BYlRzMHZKUE9sU3dOcXZTM2VDeEVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xZDhmYzktYjIxYi00ZGI1LTk1Y2YtODFjOGNlNzUwMTI0
LzEvWWpVbXJaLS14WFQ2VHNQWnV0dFVNXzJxeW5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjAsBAIAATAmAwQEXuRgAwQD
lX5AMAwDBAC5+zUDBAC5+zYDBADByPkDBADCqcYwMgQCAAIwLAMGACoADjAKAwcH
KgAOMCEAAwcHKgAOMDAAAwcHKgAOMGkAAwcHKgAOMO0AMA0GCSqGSIb3DQEBCwUA
A4IBAQBP1PElwGpoZHJMT5L+hAi5U/Dh3wQpmpHu5gFlkXm7QizYfEUnIZQmoYf4
dcNyIOlLTGqX68MCeKgvx3yMQm2HUmZMWCNkM8KI3smAftuu98BNf5QfsLzGJ52Y
fetrODMtQ+M024rCcsHwd/awX1Y8fBHJA0D8t7lEU6fxBoiHZvexKvT6Ol5Hseop
5ZbmEiuD3+vAQOrGt9/U0EOdn3St9q0C+G186Tn/RkOgo1e38Qbh0DbQP+eNJfBP
2bowFJAfKtHqlrukLMXbBblqlQNvAppXlE1tsuaFvlLXQccxu2UpmEaDWuyt5eNR
PafaJ2xx1t98DC9nLm48Ri92Fos1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:03 2024 by rpki-client on console-fra.rpki-client.org