Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/cvnA4AhXE39TNu-p4De-vOQbVJg.roa
File: cvnA4AhXE39TNu-p4De-vOQbVJg.roa (raw, json)
Hash identifier: IR94imoFxtbGHvrdUfqoSvQQPjRThh3vBXP9Xsf5DFE=
Subject key identifier: 72:F9:C0:E0:08:57:13:7F:53:36:EF:A9:E0:37:BE:BC:E4:1B:54:98
Certificate issuer: /CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Certificate serial: 018382EA7C35BF2B9069E32F0D280EA87691
Authority key identifier: 09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/cvnA4AhXE39TNu-p4De-vOQbVJg.roa
Signing time: Wed 28 Sep 2022 07:05:48 +0000
ROA not before: Wed 28 Sep 2022 07:05:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13273
IP address blocks: 185.114.208.0/22 maxlen: 24
195.54.62.0/23 maxlen: 24
91.216.209.0/24 maxlen: 24
213.162.32.0/20 maxlen: 24
213.91.0.0/18 maxlen: 24
185.21.152.0/22 maxlen: 24
213.162.62.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:82:ea:7c:35:bf:2b:90:69:e3:2f:0d:28:0e:a8:76:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098b1c79bfae12a5b87f35c998bb60b3fa4e6621
Validity
Not Before: Sep 28 07:05:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=72f9c0e00857137f5336efa9e037bebce41b5498
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:05:b4:61:1f:97:0c:c0:cf:56:14:59:2b:e5:
cf:05:20:89:96:dd:82:d8:e1:b5:97:b2:66:a8:af:
08:c7:e1:3e:2a:3b:7e:3e:ea:1f:73:e4:73:3d:4e:
c9:44:97:f7:7b:c7:38:42:96:28:f2:5f:f2:38:40:
32:54:7f:23:09:d1:1a:76:c8:6c:0f:86:28:0c:af:
c2:ae:1f:84:cb:18:90:50:ac:a6:dc:25:7e:ec:72:
27:13:7f:2b:ee:01:ef:ca:09:ad:f8:4b:4b:f9:48:
5e:67:39:e8:1d:b5:61:9e:47:4a:e0:93:07:9c:3d:
6b:6c:0b:5d:fe:75:dc:8f:e3:8d:9e:19:5f:fb:7d:
79:78:9e:9a:41:65:b8:fb:a1:35:42:21:c0:9a:a1:
cd:eb:d2:c9:eb:f8:64:16:21:48:c2:e9:e9:15:24:
61:92:de:ca:0d:74:c3:02:0d:0e:09:bf:64:0e:c5:
5c:6c:bf:63:df:9d:3d:9d:8e:a7:ff:44:c1:f9:68:
57:30:f9:7a:ef:dd:29:80:c5:2d:4c:65:76:35:f7:
0d:1c:f0:b9:ec:60:14:99:da:bf:c0:16:60:0d:0e:
12:be:90:f4:f1:50:cb:d9:a0:13:f7:16:c7:34:72:
49:1f:2d:f0:fe:9c:8e:5f:38:f4:29:4f:97:91:07:
5a:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F9:C0:E0:08:57:13:7F:53:36:EF:A9:E0:37:BE:BC:E4:1B:54:98
X509v3 Authority Key Identifier:
keyid:09:8B:1C:79:BF:AE:12:A5:B8:7F:35:C9:98:BB:60:B3:FA:4E:66:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CYsceb-uEqW4fzXJmLtgs_pOZiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/cvnA4AhXE39TNu-p4De-vOQbVJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/8db002-9080-4f0b-845b-9b7c44dc193b/1/CYsceb-uEqW4fzXJmLtgs_pOZiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.209.0/24
185.21.152.0/22
185.114.208.0/22
195.54.62.0/23
213.91.0.0/18
213.162.32.0/20
213.162.62.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:b4:fd:5d:ea:a7:cc:4b:8f:23:ef:80:9d:d4:3e:cb:54:d4:
fc:75:72:72:f4:20:f4:f2:37:7d:3f:64:13:bb:af:5b:a2:71:
39:22:50:1a:a8:5c:b0:7e:40:d3:1f:e4:ef:0a:80:e1:6f:14:
1d:6b:54:1e:bd:aa:8f:a1:bf:34:98:57:86:35:f4:66:1d:75:
fc:c8:25:3e:3a:d1:61:35:c7:07:0e:d3:76:e4:36:fa:cd:94:
3d:b1:13:60:35:93:0a:fb:bb:f3:f9:6d:02:d7:a1:7e:1f:74:
a4:86:a6:b7:87:10:d1:3c:b6:91:27:6c:b3:3f:41:6a:19:b0:
6b:f7:83:1d:56:d0:5d:f4:02:af:09:ea:27:27:f1:f0:34:91:
ac:3c:d5:79:bf:94:57:23:7f:17:a3:bd:da:c2:9c:d8:c1:d2:
bd:56:74:f8:5d:5b:8a:99:73:eb:94:52:f7:82:f2:69:84:da:
98:6b:90:c0:03:dd:01:ac:1b:09:c9:91:84:79:20:70:12:23:
71:5c:92:f5:1e:e0:38:63:3c:b5:19:cd:35:23:9c:f4:a6:9e:
24:24:f6:c9:6b:b2:eb:1c:72:2b:62:27:a4:c9:7a:d3:30:6f:
99:a6:b9:43:dc:3a:c2:bf:79:9f:b8:c3:71:36:c7:2b:ba:f5:
77:8a:7d:b7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYOC6nw1vyuQaeMvDSgOqHaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGIxYzc5YmZhZTEyYTViODdmMzVjOTk4YmI2MGIzZmE0
ZTY2MjEwHhcNMjIwOTI4MDcwNTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmY5YzBlMDA4NTcxMzdmNTMzNmVmYTllMDM3YmViY2U0MWI1NDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiQW0YR+XDMDPVhRZK+XPBSCJlt2C
2OG1l7JmqK8Ix+E+Kjt+Puofc+RzPU7JRJf3e8c4QpYo8l/yOEAyVH8jCdEadshs
D4YoDK/Crh+EyxiQUKym3CV+7HInE38r7gHvygmt+EtL+UheZznoHbVhnkdK4JMH
nD1rbAtd/nXcj+ONnhlf+315eJ6aQWW4+6E1QiHAmqHN69LJ6/hkFiFIwunpFSRh
kt7KDXTDAg0OCb9kDsVcbL9j3509nY6n/0TB+WhXMPl6790pgMUtTGV2NfcNHPC5
7GAUmdq/wBZgDQ4SvpD08VDL2aAT9xbHNHJJHy3w/pyOXzj0KU+XkQdaQwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHL5wOAIVxN/UzbvqeA3vrzkG1SYMB8GA1UdIwQY
MBaAFAmLHHm/rhKluH81yZi7YLP6TmYhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWIt
OWI3YzQ0ZGMxOTNiLzEvY3ZuQTRBaFhFMzlUTnUtcDREZS12T1FiVkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC84ZGIwMDItOTA4MC00ZjBiLTg0NWItOWI3YzQ0ZGMxOTNi
LzEvQ1lzY2ViLXVFcVc0ZnpYSm1MdGdzX3BPWmlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAW9jRAwQC
uRWYAwQCuXLQAwQBwzY+AwQG1VsAAwQE1aIgAwQA1aI+MA0GCSqGSIb3DQEBCwUA
A4IBAQCwtP1d6qfMS48j74Cd1D7LVNT8dXJy9CD08jd9P2QTu69bonE5IlAaqFyw
fkDTH+TvCoDhbxQda1QevaqPob80mFeGNfRmHXX8yCU+OtFhNccHDtN25Db6zZQ9
sRNgNZMK+7vz+W0C16F+H3Skhqa3hxDRPLaRJ2yzP0FqGbBr94MdVtBd9AKvCeon
J/HwNJGsPNV5v5RXI38Xo73awpzYwdK9VnT4XVuKmXPrlFL3gvJphNqYa5DAA90B
rBsJyZGEeSBwEiNxXJL1HuA4Yzy1Gc01I5z0pp4kJPbJa7LrHHIrYiekyXrTMG+Z
prlD3DrCv3mfuMNxNscruvV3in23
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:59 2024 by rpki-client on console-fra.rpki-client.org