Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/_ZGDg-V7peM7iNmZWlEXaAthhHQ.roa
File: _ZGDg-V7peM7iNmZWlEXaAthhHQ.roa (raw, json)
Hash identifier: 9ib+bPjR0Ju2BGop3TrpRcVM0Eg0YPkpagceZ7l1pIQ=
Subject key identifier: FD:91:83:83:E5:7B:A5:E3:3B:88:D9:99:5A:51:17:68:0B:61:84:74
Certificate issuer: /CN=3144e609e361913e3c3b0a78d7486aa45b562401
Certificate serial: 018563270C1126DFA518818897F3CEA162F7
Authority key identifier: 31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/_ZGDg-V7peM7iNmZWlEXaAthhHQ.roa
Signing time: Fri 30 Dec 2022 13:09:41 +0000
ROA not before: Fri 30 Dec 2022 13:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39279
IP address blocks: 185.108.136.0/22 maxlen: 24
89.32.226.0/24 maxlen: 24
89.32.224.0/20 maxlen: 24
185.108.182.0/24 maxlen: 24
185.108.181.0/24 maxlen: 24
185.108.180.0/22 maxlen: 24
185.33.105.0/24 maxlen: 24
185.33.104.0/22 maxlen: 22
2a00:c5a0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:63:27:0c:11:26:df:a5:18:81:88:97:f3:ce:a1:62:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3144e609e361913e3c3b0a78d7486aa45b562401
Validity
Not Before: Dec 30 13:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd918383e57ba5e33b88d9995a5117680b618474
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:48:b1:5f:18:04:41:e9:62:59:f6:4c:a3:9f:
29:07:83:44:b9:9d:a3:5f:96:74:d8:0d:44:20:8c:
bf:bc:e3:11:85:9d:90:62:3b:90:4d:42:49:f5:fa:
11:75:c6:93:90:f5:09:2a:34:23:d1:0a:8d:43:9d:
4a:ac:ac:9a:0a:f8:9d:76:69:b3:f8:38:7c:66:cb:
18:72:65:85:4e:61:18:8a:78:a0:1e:10:59:88:32:
0f:7e:b6:43:26:0b:05:c2:58:6b:fb:33:94:d0:14:
90:19:be:0e:ba:dc:d2:c2:95:41:e1:a4:80:92:84:
11:cb:ca:66:ee:ff:d5:19:52:3f:f0:71:b9:b1:c5:
01:15:05:2e:bf:39:75:16:93:ca:ce:c7:6a:44:8a:
a6:64:ba:86:31:ae:ae:8d:77:20:ef:04:2b:68:b6:
8f:65:e6:d5:c9:c7:ba:38:cc:52:eb:4a:3c:6e:41:
2b:e6:1c:7f:46:3c:c6:75:a5:e7:d3:4f:93:c8:a0:
12:47:8f:b7:e5:33:d4:8b:35:95:e6:12:d4:8e:ad:
b4:d4:b6:35:ac:5a:07:ec:4c:45:83:aa:eb:51:77:
78:8a:a6:fd:29:13:e9:a2:8a:bd:c1:db:7e:d6:f1:
50:76:46:25:9f:85:e9:a4:39:70:30:70:bd:a8:8d:
d5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:91:83:83:E5:7B:A5:E3:3B:88:D9:99:5A:51:17:68:0B:61:84:74
X509v3 Authority Key Identifier:
keyid:31:44:E6:09:E3:61:91:3E:3C:3B:0A:78:D7:48:6A:A4:5B:56:24:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MUTmCeNhkT48Owp410hqpFtWJAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/_ZGDg-V7peM7iNmZWlEXaAthhHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/caa2b6-87e8-4e24-a446-775888a87194/1/MUTmCeNhkT48Owp410hqpFtWJAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.224.0/20
185.33.104.0/22
185.108.136.0/22
185.108.180.0/22
IPv6:
2a00:c5a0::/32
Signature Algorithm: sha256WithRSAEncryption
71:5a:02:0d:21:41:c4:f5:84:fa:16:40:bb:5c:0f:20:e6:22:
44:40:db:97:2d:06:52:90:e6:74:5b:85:54:10:b0:f8:f4:dc:
04:4b:ab:a1:e8:1a:88:8c:a9:2c:5a:4b:86:93:15:a4:98:98:
95:a0:b7:72:23:97:43:f8:cf:e2:06:cb:82:ef:09:1e:9f:97:
a8:f2:94:9f:b0:4d:0b:0b:2a:03:3a:84:58:5d:96:25:6e:b3:
3d:c5:6b:e7:1f:77:b6:96:d5:8b:80:dc:d2:5c:04:9b:38:df:
45:15:ac:23:f7:72:3f:e1:35:13:83:c9:56:ae:9c:28:b3:f5:
76:f1:0e:5d:44:d4:f0:98:7e:ba:3a:33:05:2f:ee:70:8a:68:
2d:80:0c:2e:4c:da:9c:4b:25:ad:44:40:02:52:ec:bf:11:e7:
a8:38:41:66:61:b7:d2:7b:21:b0:c8:29:42:76:98:15:7f:70:
9c:ed:8c:7a:15:a5:2f:de:ed:b6:3d:39:a0:0b:d4:18:32:a5:
ee:ad:10:12:b9:68:53:08:6a:31:05:49:4d:c5:9b:b1:cd:a8:
ca:49:57:38:18:0e:9b:15:89:49:89:3a:35:e7:d0:11:b4:93:
08:5e:38:1d:5a:60:d3:72:d8:52:a9:24:6f:c3:a6:b6:9d:3d:
62:e9:41:60
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVjJwwRJt+lGIGIl/POoWL3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxNDRlNjA5ZTM2MTkxM2UzYzNiMGE3OGQ3NDg2YWE0NWI1
NjI0MDEwHhcNMjIxMjMwMTMwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkxODM4M2U1N2JhNWUzM2I4OGQ5OTk1YTUxMTc2ODBiNjE4NDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA30ixXxgEQeliWfZMo58pB4NEuZ2j
X5Z02A1EIIy/vOMRhZ2QYjuQTUJJ9foRdcaTkPUJKjQj0QqNQ51KrKyaCviddmmz
+Dh8ZssYcmWFTmEYinigHhBZiDIPfrZDJgsFwlhr+zOU0BSQGb4OutzSwpVB4aSA
koQRy8pm7v/VGVI/8HG5scUBFQUuvzl1FpPKzsdqRIqmZLqGMa6ujXcg7wQraLaP
ZebVyce6OMxS60o8bkEr5hx/RjzGdaXn00+TyKASR4+35TPUizWV5hLUjq201LY1
rFoH7ExFg6rrUXd4iqb9KRPpooq9wdt+1vFQdkYln4XppDlwMHC9qI3VCwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFP2Rg4Ple6XjO4jZmVpRF2gLYYR0MB8GA1UdIwQY
MBaAFDFE5gnjYZE+PDsKeNdIaqRbViQBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYt
Nzc1ODg4YTg3MTk0LzEvX1pHRGctVjdwZU03aU5tWldsRVhhQXRoaEhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYWEyYjYtODdlOC00ZTI0LWE0NDYtNzc1ODg4YTg3MTk0
LzEvTVVUbUNlTmhrVDQ4T3dwNDEwaHFwRnRXSkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEWSDgAwQC
uSFoAwQCuWyIAwQCuWy0MA0EAgACMAcDBQAqAMWgMA0GCSqGSIb3DQEBCwUAA4IB
AQBxWgINIUHE9YT6FkC7XA8g5iJEQNuXLQZSkOZ0W4VUELD49NwES6uh6BqIjKks
WkuGkxWkmJiVoLdyI5dD+M/iBsuC7wken5eo8pSfsE0LCyoDOoRYXZYlbrM9xWvn
H3e2ltWLgNzSXASbON9FFawj93I/4TUTg8lWrpwos/V28Q5dRNTwmH66OjMFL+5w
imgtgAwuTNqcSyWtREACUuy/EeeoOEFmYbfSeyGwyClCdpgVf3Cc7Yx6FaUv3u22
PTmgC9QYMqXurRASuWhTCGoxBUlNxZuxzajKSVc4GA6bFYlJiTo159ARtJMIXjgd
WmDTcthSqSRvw6a2nT1i6UFg
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:19 2023 by rpki-client on console-fra.rpki-client.org