Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cMnKw509PgpOCp1D9QbVUiYXLuM.roa
File: cMnKw509PgpOCp1D9QbVUiYXLuM.roa (raw, json)
Hash identifier: ga+g4FKNyU0LTJIUUVN9NCkj87x/b5IRKllfATApkg8=
Subject key identifier: 70:C9:CA:C3:9D:3D:3E:0A:4E:0A:9D:43:F5:06:D5:52:26:17:2E:E3
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 091553E0
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cMnKw509PgpOCp1D9QbVUiYXLuM.roa
Signing time: Thu 21 Apr 2022 08:44:45 +0000
ROA not before: Thu 21 Apr 2022 08:44:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 91.186.208.0/22 maxlen: 24
178.253.32.0/24 maxlen: 24
178.253.33.0/24 maxlen: 24
83.147.240.0/22 maxlen: 24
178.253.55.0/24 maxlen: 24
83.147.252.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152392672 (0x91553e0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Apr 21 08:44:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=70c9cac39d3d3e0a4e0a9d43f506d55226172ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:eb:9a:d3:f8:bb:69:1f:3c:4f:53:81:69:8b:
9c:d2:94:b4:e9:11:15:54:3b:ca:4d:40:a6:89:95:
7c:61:e5:08:25:5e:b4:23:89:78:b0:64:c5:77:b9:
bf:c3:11:08:dc:c2:81:98:95:9c:98:e6:98:68:5c:
da:cc:bf:b9:7c:13:6e:f7:a0:54:98:a8:3a:3d:a4:
67:fb:64:32:1d:d3:8d:a5:c5:74:f2:88:5e:cd:77:
7e:8a:dc:d7:bf:37:5b:4b:08:f6:be:cf:b3:9b:59:
55:f4:c4:3b:2f:41:45:62:aa:c2:d1:5d:a0:02:16:
4c:92:48:67:49:21:0b:05:e9:36:bf:32:ec:76:e4:
b8:75:21:f7:4d:2d:37:27:28:57:63:bc:cc:6f:3c:
97:25:9b:34:7e:d8:7d:0c:77:d3:26:f5:3e:13:6b:
c3:0e:dd:c8:18:53:de:59:5f:e3:68:f5:5d:73:6c:
ca:51:fd:24:91:f8:9b:04:bb:8f:a0:aa:71:a4:ac:
4d:ca:cd:1c:4a:31:dd:66:6b:fd:7c:af:45:67:40:
3f:58:53:dc:81:da:58:e8:27:b7:2a:e3:c9:0c:08:
a2:25:a6:30:e5:43:9e:ea:dc:a0:2b:3c:5d:c3:9c:
58:03:e8:6b:30:a0:03:cc:e2:53:09:9a:53:18:49:
30:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:C9:CA:C3:9D:3D:3E:0A:4E:0A:9D:43:F5:06:D5:52:26:17:2E:E3
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/cMnKw509PgpOCp1D9QbVUiYXLuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.240.0/22
83.147.252.0/22
91.186.208.0/22
178.253.32.0/23
178.253.55.0/24
Signature Algorithm: sha256WithRSAEncryption
15:d1:74:a0:70:73:81:2d:7c:af:7b:15:16:f9:2d:81:07:ff:
0a:fa:43:cc:ac:63:71:18:c7:53:9b:da:ed:3a:a4:8c:57:4b:
41:7e:70:a0:68:ae:3b:4d:45:ba:9a:12:3f:0c:77:6a:90:7c:
c1:c3:a2:ff:81:c2:11:2a:b1:21:23:c2:04:bc:bc:57:23:48:
d0:ac:0a:48:0a:59:2f:c3:88:0d:e2:d0:6f:b6:63:80:b9:d9:
98:56:60:a6:df:87:89:f9:86:bb:7a:94:86:a8:b5:fd:3d:09:
b3:a5:b6:0d:d6:f8:10:6d:95:0c:02:81:9d:ab:4f:6f:40:e4:
95:bf:89:2e:ad:61:10:11:c6:3c:0d:7c:ff:ac:92:b8:84:11:
d3:20:da:23:48:91:c1:d2:cc:d8:5b:2d:66:63:ce:aa:fd:da:
09:c4:41:d9:1f:bd:7c:4f:53:35:f7:41:9c:92:23:b7:66:17:
e9:93:6e:f1:b8:49:90:28:3d:b7:cd:73:7a:88:ef:17:f1:4f:
30:1c:aa:bb:6c:8f:d5:46:d4:10:ad:f2:33:34:1c:98:3c:6d:
a4:59:b0:8d:95:33:e0:9c:e1:e4:e3:db:18:99:ae:79:ba:6a:
8f:cf:ae:eb:3a:fa:90:3b:25:5a:71:0a:2b:ea:09:25:c5:da:
0d:a4:fa:e3
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIECRVT4DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
Mjc3OGRlMmE5YmU5ODAyMTIwMzgyZTc1MGQxNTllOTU4NzJjMmFlMB4XDTIyMDQy
MTA4NDQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzBjOWNhYzM5ZDNk
M2UwYTRlMGE5ZDQzZjUwNmQ1NTIyNjE3MmVlMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALnrmtP4u2kfPE9TgWmLnNKUtOkRFVQ7yk1ApomVfGHlCCVe
tCOJeLBkxXe5v8MRCNzCgZiVnJjmmGhc2sy/uXwTbvegVJioOj2kZ/tkMh3TjaXF
dPKIXs13forc1783W0sI9r7Ps5tZVfTEOy9BRWKqwtFdoAIWTJJIZ0khCwXpNr8y
7HbkuHUh900tNycoV2O8zG88lyWbNH7YfQx30yb1PhNrww7dyBhT3llf42j1XXNs
ylH9JJH4mwS7j6CqcaSsTcrNHEox3WZr/XyvRWdAP1hT3IHaWOgntyrjyQwIoiWm
MOVDnurcoCs8XcOcWAPoazCgA8ziUwmaUxhJMJMCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRwycrDnT0+Ck4KnUP1BtVSJhcu4zAfBgNVHSMEGDAWgBTCd43iqb6YAhID
gudQ0VnpWHLCrjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3duZU40cW0tbUFJU0E0TG5VTkZaNlZoeXdxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjgvNDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8x
L2NNbkt3NTA5UGdwT0NwMUQ5UWJWVWlZWEx1TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjgv
NDEwOTMwLTlkNjUtNGJlOC05ZWJhLWY5OGRhNTRhZjQzNC8xL3duZU40cW0tbUFJ
U0E0TG5VTkZaNlZoeXdxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAlOT8AMEAlOT/AMEAlu60AMEAbL9
IAMEALL9NzANBgkqhkiG9w0BAQsFAAOCAQEAFdF0oHBzgS18r3sVFvktgQf/CvpD
zKxjcRjHU5va7TqkjFdLQX5woGiuO01FupoSPwx3apB8wcOi/4HCESqxISPCBLy8
VyNI0KwKSApZL8OIDeLQb7ZjgLnZmFZgpt+HifmGu3qUhqi1/T0Js6W2Ddb4EG2V
DAKBnatPb0Dklb+JLq1hEBHGPA18/6ySuIQR0yDaI0iRwdLM2FstZmPOqv3aCcRB
2R+9fE9TNfdBnJIjt2YX6ZNu8bhJkCg9t81zeojvF/FPMByqu2yP1UbUEK3yMzQc
mDxtpFmwjZUz4Jzh5OPbGJmuebpqj8+u6zr6kDslWnEKK+oJJcXaDaT64w==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:38 2023 by rpki-client on console-ams.rpki-client.org