Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CDR8yZEenz-BPAto36IFIVSdjOs.roa
File: CDR8yZEenz-BPAto36IFIVSdjOs.roa (raw, json)
Hash identifier: Mn+3ifuGIf3KEA4Y4HbQPa1tHW1ZPTv+9L8wiYXcsc8=
Subject key identifier: 08:34:7C:C9:91:1E:9F:3F:81:3C:0B:68:DF:A2:05:21:54:9D:8C:EB
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 09D47B54
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CDR8yZEenz-BPAto36IFIVSdjOs.roa
Signing time: Fri 01 Jul 2022 08:52:02 +0000
ROA not before: Fri 01 Jul 2022 08:52:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 91.186.216.0/22 maxlen: 24
94.241.168.0/21 maxlen: 24
178.253.12.0/23 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.232.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 164920148 (0x9d47b54)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Jul 1 08:52:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=08347cc9911e9f3f813c0b68dfa20521549d8ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fe:95:dc:43:84:b1:d4:d6:f8:89:44:00:0a:
75:fb:69:00:54:7e:d4:5c:77:1c:01:cd:e7:d2:c6:
a1:4b:37:a6:da:95:ab:7c:27:e4:ee:46:b9:9f:24:
22:57:e4:43:8e:88:51:bd:0f:64:6f:5b:e5:82:a6:
92:8a:7d:1e:a2:d9:37:25:5a:f4:2b:53:29:31:c9:
aa:79:b3:8c:c5:c4:97:e3:6b:bd:9f:d7:c1:9c:1c:
c7:2b:5f:c1:3c:19:76:9f:e9:8b:9a:66:28:a4:03:
52:8c:5f:2e:4c:90:bf:87:76:68:a0:21:7e:b8:1b:
a4:73:e9:02:ec:88:14:f3:14:fb:09:18:d8:1c:aa:
55:7e:85:6f:f8:cb:fe:94:ca:79:b5:99:b3:3e:20:
8a:08:7d:03:48:ae:35:4d:d0:89:3a:91:33:09:15:
6b:2e:c2:29:8a:e9:07:ac:74:1b:49:5e:07:c2:88:
91:7b:c7:bf:3e:2a:05:45:95:3e:41:1f:c3:6b:9b:
7b:33:e7:ea:d0:b6:7f:31:e7:8e:2e:7b:bd:b8:bd:
68:98:34:d6:f9:0b:6c:f6:7d:86:6d:60:c0:fd:f7:
e7:6d:14:8b:2b:07:77:13:b5:f3:7e:43:b7:e5:a4:
8b:4e:b2:bb:92:c6:3a:eb:42:36:15:81:74:9a:e9:
4d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:34:7C:C9:91:1E:9F:3F:81:3C:0B:68:DF:A2:05:21:54:9D:8C:EB
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/CDR8yZEenz-BPAto36IFIVSdjOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.232.0/22
91.186.216.0/22
94.241.168.0-94.241.183.255
178.253.12.0/23
Signature Algorithm: sha256WithRSAEncryption
90:b4:a1:75:2b:bc:27:95:03:6f:0d:78:a6:c2:14:17:60:da:
51:3e:8f:50:7d:75:45:09:6c:7c:66:3a:47:83:0a:bd:b4:5c:
dc:7e:41:05:ba:84:cc:02:05:88:2a:53:9e:bf:8c:71:3d:aa:
a8:a6:aa:a9:6c:be:d0:1d:34:05:89:d7:b7:d4:70:86:ee:7c:
c2:59:ae:cf:98:b9:c4:3f:39:3c:de:cb:35:b3:bd:7a:2c:05:
59:62:78:82:00:b3:27:10:e8:3b:ac:4f:54:5f:80:61:d2:9a:
6a:bb:e1:a9:8c:98:65:33:2c:11:07:91:ac:f4:ae:7a:97:e3:
de:a8:91:e9:24:f7:90:9c:29:9c:27:0e:46:6b:d1:3f:5c:f9:
3a:5b:d6:69:1d:43:59:52:db:2f:8d:0a:cc:61:dd:d6:3f:cb:
2b:5b:ab:8a:f8:83:45:79:8e:60:91:64:50:85:b6:72:61:f8:
c0:93:f3:7d:b3:cf:d3:d3:9e:2f:a3:01:f8:4d:6f:bc:a2:3f:
fa:8b:de:0e:aa:a0:62:3a:e2:bf:a8:81:53:c5:7e:51:8f:13:
3a:0b:21:0c:07:69:7e:35:92:e3:55:ac:34:ad:81:03:bd:79:
1c:58:73:cf:49:b8:c9:31:08:30:91:65:a8:36:f9:cc:8f:98:
56:1a:0f:54
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIECdR7VDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDcw
MTA4NTIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDgzNDdjYzk5MTFl
OWYzZjgxM2MwYjY4ZGZhMjA1MjE1NDlkOGNlYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKz+ldxDhLHU1viJRAAKdftpAFR+1Fx3HAHN59LGoUs3ptqV
q3wn5O5GuZ8kIlfkQ46IUb0PZG9b5YKmkop9HqLZNyVa9CtTKTHJqnmzjMXEl+Nr
vZ/XwZwcxytfwTwZdp/pi5pmKKQDUoxfLkyQv4d2aKAhfrgbpHPpAuyIFPMU+wkY
2ByqVX6Fb/jL/pTKebWZsz4gigh9A0iuNU3QiTqRMwkVay7CKYrpB6x0G0leB8KI
kXvHvz4qBUWVPkEfw2ubezPn6tC2fzHnji57vbi9aJg01vkLbPZ9hm1gwP33520U
iysHdxO1835Dt+Wki06yu5LGOutCNhWBdJrpTdkCAwEAAaOCAiMwggIfMB0GA1Ud
DgQWBBQINHzJkR6fP4E8C2jfogUhVJ2M6zAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L0NEUjh5WkVlbnotQlBBdG8zNklGSVZTZGpPcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA5
BggrBgEFBQcBBwEB/wQqMCgwJgQCAAEwIAMEAlOT6AMEAlu62DAMAwQDXvGoAwQD
XvGwAwQBsv0MMA0GCSqGSIb3DQEBCwUAA4IBAQCQtKF1K7wnlQNvDXimwhQXYNpR
Po9QfXVFCWx8ZjpHgwq9tFzcfkEFuoTMAgWIKlOev4xxPaqopqqpbL7QHTQFide3
1HCG7nzCWa7PmLnEPzk83ss1s716LAVZYniCALMnEOg7rE9UX4Bh0ppqu+GpjJhl
MywRB5Gs9K56l+PeqJHpJPeQnCmcJw5Ga9E/XPk6W9ZpHUNZUtsvjQrMYd3WP8sr
W6uK+INFeY5gkWRQhbZyYfjAk/N9s8/T054vowH4TW+8oj/6i94OqqBiOuK/qIFT
xX5RjxM6CyEMB2l+NZLjVaw0rYEDvXkcWHPPSbjJMQgwkWWoNvnMj5hWGg9U
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:44 2023 by rpki-client on console-fra.rpki-client.org