Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/CvK7TZHEdyCZqSt6s3sQINt6c4c.roa
File: CvK7TZHEdyCZqSt6s3sQINt6c4c.roa (raw, json)
Hash identifier: tskiI9bR9Bp8b3AGzPcpAacmSEY07N8Zi6HKbEhHYGs=
Subject key identifier: 0A:F2:BB:4D:91:C4:77:20:99:A9:2B:7A:B3:7B:10:20:DB:7A:73:87
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01827C91C13FE79B12A558EC97B2B2F9DCC1
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/CvK7TZHEdyCZqSt6s3sQINt6c4c.roa
Signing time: Mon 08 Aug 2022 08:28:23 +0000
ROA not before: Mon 08 Aug 2022 08:28:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 89.19.56.0/22 maxlen: 24
185.175.224.0/23 maxlen: 24
185.68.244.0/23 maxlen: 24
213.170.223.0/24 maxlen: 24
185.100.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7c:91:c1:3f:e7:9b:12:a5:58:ec:97:b2:b2:f9:dc:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Aug 8 08:28:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0af2bb4d91c4772099a92b7ab37b1020db7a7387
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:35:cd:52:1e:03:2a:a1:92:d9:14:cf:c0:13:
f6:6c:1e:1e:1c:d4:21:90:cb:90:27:c8:3f:2e:c2:
d5:de:2f:25:01:27:0f:a0:7f:91:20:a1:0e:82:66:
78:ec:01:d3:68:1c:25:9f:71:8f:af:d6:63:ba:92:
1d:09:1c:e6:63:9b:dd:f1:0f:a7:e4:82:32:56:40:
14:2c:f7:c7:e8:2c:dd:71:a3:e5:93:ef:fe:04:e0:
43:9b:31:99:17:89:28:3a:09:58:5b:4a:98:d6:2e:
65:d0:43:34:d2:93:70:f7:c9:97:b9:23:53:c1:f3:
f7:e2:50:ae:9a:8d:6e:f8:f7:aa:89:6f:46:aa:3a:
4b:3b:cf:50:ae:83:fa:ec:ac:74:5f:cb:e4:34:65:
7d:0f:af:43:58:1f:8c:ad:69:cb:b1:24:ce:5d:ff:
7f:67:ae:ee:69:ac:6f:5b:a3:48:2a:c1:8b:54:2c:
7e:02:58:5b:14:eb:79:13:f0:e8:57:1a:64:06:90:
bb:56:7b:ef:85:3b:78:bd:0e:9b:39:cc:17:bc:08:
43:fc:bd:2b:8a:fa:59:06:e0:85:76:2f:bf:41:bb:
46:65:f6:c5:37:31:ab:87:ef:f1:12:5b:05:3e:e0:
af:07:66:01:90:51:57:cc:8d:63:12:00:01:04:df:
25:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:F2:BB:4D:91:C4:77:20:99:A9:2B:7A:B3:7B:10:20:DB:7A:73:87
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/CvK7TZHEdyCZqSt6s3sQINt6c4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.56.0/22
185.68.244.0/23
185.100.159.0/24
185.175.224.0/23
213.170.223.0/24
Signature Algorithm: sha256WithRSAEncryption
82:77:79:be:17:cd:b6:a5:90:be:69:37:54:78:b9:78:ca:2f:
05:5c:b9:f3:e9:47:0e:2b:08:5f:9b:3e:a9:9c:c7:9d:c6:8e:
6d:8f:10:9a:2f:cc:3c:85:e2:c4:60:10:6d:46:29:65:49:e4:
a6:10:c3:43:8f:8c:e3:d2:fd:03:89:b4:60:65:38:d3:db:98:
8f:3d:e6:6e:d9:d9:38:0a:d0:77:97:28:58:ac:e8:c0:84:15:
3b:7a:ee:0a:c9:85:96:67:58:ee:23:d3:f9:47:3d:aa:2f:37:
bc:32:d2:d6:e2:16:79:9c:4b:2a:85:e1:cd:06:b1:62:7a:bb:
42:fd:f3:69:d0:ea:72:02:06:f9:ac:7a:3f:5d:0f:82:9e:3b:
61:51:44:b5:5e:60:34:43:1b:76:42:14:54:79:55:08:cb:94:
a0:af:a1:72:3b:5e:2c:e5:38:a2:4f:1a:64:b9:4e:2f:a5:ee:
47:53:e6:cf:74:3a:ff:fb:60:5d:56:ee:87:35:2d:da:a8:b2:
bb:39:98:98:a2:9c:12:0d:77:e8:81:8c:ad:03:a4:ad:53:0e:
5f:de:e7:fe:88:55:aa:cb:c4:a9:aa:f1:8d:92:a7:e6:75:3f:
f3:e6:c5:d0:dd:a5:de:3e:9f:54:73:e2:ff:7a:d2:43:08:ff:
9f:26:ff:5b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYJ8kcE/55sSpVjsl7Ky+dzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjIwODA4MDgyODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWYyYmI0ZDkxYzQ3NzIwOTlhOTJiN2FiMzdiMTAyMGRiN2E3Mzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijXNUh4DKqGS2RTPwBP2bB4eHNQh
kMuQJ8g/LsLV3i8lAScPoH+RIKEOgmZ47AHTaBwln3GPr9ZjupIdCRzmY5vd8Q+n
5IIyVkAULPfH6CzdcaPlk+/+BOBDmzGZF4koOglYW0qY1i5l0EM00pNw98mXuSNT
wfP34lCumo1u+PeqiW9GqjpLO89QroP67Kx0X8vkNGV9D69DWB+MrWnLsSTOXf9/
Z67uaaxvW6NIKsGLVCx+AlhbFOt5E/DoVxpkBpC7VnvvhTt4vQ6bOcwXvAhD/L0r
ivpZBuCFdi+/QbtGZfbFNzGrh+/xElsFPuCvB2YBkFFXzI1jEgABBN8lHQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAryu02RxHcgmakrerN7ECDbenOHMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvQ3ZLN1RaSEVkeUNacVN0NnMzc1FJTnQ2YzRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCWRM4AwQB
uUT0AwQAuWSfAwQBua/gAwQA1arfMA0GCSqGSIb3DQEBCwUAA4IBAQCCd3m+F822
pZC+aTdUeLl4yi8FXLnz6UcOKwhfmz6pnMedxo5tjxCaL8w8heLEYBBtRillSeSm
EMNDj4zj0v0DibRgZTjT25iPPeZu2dk4CtB3lyhYrOjAhBU7eu4KyYWWZ1juI9P5
Rz2qLze8MtLW4hZ5nEsqheHNBrFiertC/fNp0OpyAgb5rHo/XQ+CnjthUUS1XmA0
Qxt2QhRUeVUIy5Sgr6FyO14s5TiiTxpkuU4vpe5HU+bPdDr/+2BdVu6HNS3aqLK7
OZiYopwSDXfogYytA6StUw5f3uf+iFWqy8SpqvGNkqfmdT/z5sXQ3aXePp9Uc+L/
etJDCP+fJv9b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:35:59 2024 by rpki-client on console-fra.rpki-client.org