Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/CYgRmf2JmdkGggoPyXEvWOxW4WI.roa
File: CYgRmf2JmdkGggoPyXEvWOxW4WI.roa (raw, json)
Hash identifier: 5TqyQMRVxYaPSZ8xuwOPWVBRmoPlWfkfyT9VpvL6VJc=
Subject key identifier: 09:88:11:99:FD:89:99:D9:06:82:0A:0F:C9:71:2F:58:EC:56:E1:62
Certificate issuer: /CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Certificate serial: 0182F867BA7C04C4ABF680A05725AA87B624
Authority key identifier: D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/CYgRmf2JmdkGggoPyXEvWOxW4WI.roa
Signing time: Thu 01 Sep 2022 09:35:23 +0000
ROA not before: Thu 01 Sep 2022 09:35:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50616
IP address blocks: 185.156.12.0/22 maxlen: 23
31.22.48.0/22 maxlen: 23
31.22.56.0/22 maxlen: 23
31.22.52.0/22 maxlen: 23
31.22.60.0/22 maxlen: 23
109.234.232.0/22 maxlen: 23
109.234.236.0/22 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f8:67:ba:7c:04:c4:ab:f6:80:a0:57:25:aa:87:b6:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d794e81d72f59c65a0d18144a1b2607983536b4a
Validity
Not Before: Sep 1 09:35:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=09881199fd8999d906820a0fc9712f58ec56e162
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:08:fc:df:3a:f0:12:eb:d4:62:67:59:a7:5c:
e4:f8:0a:c8:39:33:32:eb:f4:1e:51:c1:bb:50:01:
fc:a7:5a:ae:ad:c8:03:cf:c8:d9:10:cd:d0:2f:ad:
95:9d:d0:d0:18:a1:87:0f:b8:fa:d9:c4:c8:e2:46:
99:39:2f:b0:36:01:5b:8a:73:96:46:b2:74:f6:35:
ef:0e:4e:db:bc:b8:2e:b5:91:cf:0a:45:74:f4:ff:
f1:f7:10:81:f4:0e:87:e6:64:9b:9e:40:dc:f6:96:
23:09:e4:a5:d3:06:f8:e0:8a:35:95:29:d7:7a:7b:
97:af:bf:8a:fc:5e:f8:fb:5e:2b:a0:61:8a:cf:76:
f1:a7:e6:c3:10:d5:23:f8:39:7d:7f:60:ef:fd:9d:
f5:f2:86:f1:7d:44:8c:31:ae:05:6b:d4:f3:ee:1c:
1d:e5:a4:5b:c6:26:df:52:70:0d:29:04:34:5b:0f:
fc:af:09:4e:66:d6:0f:a0:7a:c8:39:18:08:5b:96:
fb:09:4d:e2:0b:16:8f:17:d7:fc:c1:fb:d4:45:1c:
37:53:b0:8c:07:8f:e1:ed:d3:31:66:f7:3c:75:c2:
8b:f2:bd:80:7d:8d:65:de:c5:c5:fc:98:bd:89:79:
70:a2:c6:e1:e0:14:ca:59:8f:2b:83:89:1a:7b:56:
12:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:88:11:99:FD:89:99:D9:06:82:0A:0F:C9:71:2F:58:EC:56:E1:62
X509v3 Authority Key Identifier:
keyid:D7:94:E8:1D:72:F5:9C:65:A0:D1:81:44:A1:B2:60:79:83:53:6B:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15ToHXL1nGWg0YFEobJgeYNTa0o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/CYgRmf2JmdkGggoPyXEvWOxW4WI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f6a124-7f01-4e40-b796-cca52b626fca/1/15ToHXL1nGWg0YFEobJgeYNTa0o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.48.0/20
109.234.232.0/21
185.156.12.0/22
Signature Algorithm: sha256WithRSAEncryption
88:ad:8d:b2:b3:d7:fa:c2:e6:7c:d2:66:3f:a8:7f:4d:90:69:
4e:71:82:4e:e2:55:55:11:26:ca:60:ff:b7:c4:eb:2f:23:39:
c2:18:7f:aa:2c:8b:fc:dc:f1:0a:89:da:57:86:ef:af:4c:03:
28:2c:51:20:a2:7a:54:46:76:93:84:93:3b:71:9c:f9:72:7e:
d3:ab:45:75:e9:bb:cc:72:23:2a:77:34:80:8f:f5:80:00:83:
d6:e7:0f:ff:59:52:f0:d8:22:08:43:74:39:ae:b4:36:a5:df:
d8:d4:38:bb:1e:09:56:d4:f0:b5:53:43:23:b5:c9:62:ce:c6:
01:7e:20:f4:1f:4d:a7:00:f0:a8:93:d0:bc:5c:92:96:c7:ee:
d4:e4:0b:ac:88:ed:61:b6:fa:56:85:a3:bb:d6:43:f5:c4:c8:
9f:69:5f:58:bc:74:78:ae:e3:92:f6:fe:0d:bd:c9:e2:8f:b7:
57:5d:cc:90:c6:86:23:a8:4c:05:b0:27:d7:4c:b6:51:f3:12:
fd:f3:9b:28:17:88:45:d1:82:04:f9:c8:34:7d:81:e1:50:31:
be:b6:1f:b7:0a:75:15:b6:bb:52:c7:02:1f:5b:02:7c:eb:b0:
64:75:28:53:2b:5b:bb:8c:03:55:8f:53:c9:3d:c8:0d:9a:57:
53:b9:74:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYL4Z7p8BMSr9oCgVyWqh7YkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTRlODFkNzJmNTljNjVhMGQxODE0NGExYjI2MDc5ODM1
MzZiNGEwHhcNMjIwOTAxMDkzNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTg4MTE5OWZkODk5OWQ5MDY4MjBhMGZjOTcxMmY1OGVjNTZlMTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmAj83zrwEuvUYmdZp1zk+ArIOTMy
6/QeUcG7UAH8p1qurcgDz8jZEM3QL62VndDQGKGHD7j62cTI4kaZOS+wNgFbinOW
RrJ09jXvDk7bvLgutZHPCkV09P/x9xCB9A6H5mSbnkDc9pYjCeSl0wb44Io1lSnX
enuXr7+K/F74+14roGGKz3bxp+bDENUj+Dl9f2Dv/Z318obxfUSMMa4Fa9Tz7hwd
5aRbxibfUnANKQQ0Ww/8rwlOZtYPoHrIORgIW5b7CU3iCxaPF9f8wfvURRw3U7CM
B4/h7dMxZvc8dcKL8r2AfY1l3sXF/Ji9iXlwosbh4BTKWY8rg4kae1YShQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAmIEZn9iZnZBoIKD8lxL1jsVuFiMB8GA1UdIwQY
MBaAFNeU6B1y9ZxloNGBRKGyYHmDU2tKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYt
Y2NhNTJiNjI2ZmNhLzEvQ1lnUm1mMkptZGtHZ2dvUHlYRXZXT3hXNFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mNmExMjQtN2YwMS00ZTQwLWI3OTYtY2NhNTJiNjI2ZmNh
LzEvMTVUb0hYTDFuR1dnMFlGRW9iSmdlWU5UYTBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEHxYwAwQD
beroAwQCuZwMMA0GCSqGSIb3DQEBCwUAA4IBAQCIrY2ys9f6wuZ80mY/qH9NkGlO
cYJO4lVVESbKYP+3xOsvIznCGH+qLIv83PEKidpXhu+vTAMoLFEgonpURnaThJM7
cZz5cn7Tq0V16bvMciMqdzSAj/WAAIPW5w//WVLw2CIIQ3Q5rrQ2pd/Y1Di7HglW
1PC1U0MjtclizsYBfiD0H02nAPCok9C8XJKWx+7U5AusiO1htvpWhaO71kP1xMif
aV9YvHR4ruOS9v4Nvcnij7dXXcyQxoYjqEwFsCfXTLZR8xL985soF4hF0YIE+cg0
fYHhUDG+th+3CnUVtrtSxwIfWwJ867BkdShTK1u7jANVj1PJPcgNmldTuXQ7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:46 2023 by rpki-client on console-fra.rpki-client.org