Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6db34b-8afa-49c5-b73f-9204c197aa65/1/dYn0uC02SDxXCbohK_5qsejcET8.roa
File: dYn0uC02SDxXCbohK_5qsejcET8.roa (raw, json)
Hash identifier: prI0K5/8YtUh+q5RxfZE5kzGgpSPwA9jp/6IAaDAo+c=
Subject key identifier: 75:89:F4:B8:2D:36:48:3C:57:09:BA:21:2B:FE:6A:B1:E8:DC:11:3F
Certificate issuer: /CN=47edf8f1bf0c4fbc469e71c99d82489ea1f3da4a
Certificate serial: 143168C0
Authority key identifier: 47:ED:F8:F1:BF:0C:4F:BC:46:9E:71:C9:9D:82:48:9E:A1:F3:DA:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-348b8MT7xGnnHJnYJInqHz2ko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6db34b-8afa-49c5-b73f-9204c197aa65/1/dYn0uC02SDxXCbohK_5qsejcET8.roa
Signing time: Tue 01 Feb 2022 14:33:30 +0000
ROA not before: Tue 01 Feb 2022 14:33:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41627
IP address blocks: 89.251.40.0/21 maxlen: 21
185.167.92.0/22 maxlen: 22
31.171.224.0/20 maxlen: 20
91.147.236.0/22 maxlen: 22
89.251.32.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 338782400 (0x143168c0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47edf8f1bf0c4fbc469e71c99d82489ea1f3da4a
Validity
Not Before: Feb 1 14:33:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=7589f4b82d36483c5709ba212bfe6ab1e8dc113f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:79:db:d8:32:31:01:33:62:57:25:58:98:50:
87:47:c2:25:8c:2d:b1:1b:e4:e5:5d:23:2e:9f:c6:
f7:b5:b1:8b:4f:97:ed:32:3e:f3:e9:8b:47:48:9c:
ac:f9:65:94:c1:14:d3:b5:68:f9:47:87:58:e2:23:
9b:db:61:6d:4a:61:87:20:88:db:33:bb:82:27:0d:
46:2c:94:15:ad:30:d4:bc:c7:f0:51:9d:dd:2f:db:
e9:ce:f8:d9:a0:b7:4c:ed:b7:bc:87:6e:75:42:a8:
71:4e:e3:dc:b1:0b:a5:c0:a4:f3:42:92:b5:72:4d:
50:4f:91:c8:39:56:7f:6b:01:0a:e8:75:04:73:31:
f1:24:3d:cc:63:25:f7:4f:c1:aa:8b:be:76:f6:ce:
51:22:89:c3:06:46:d0:3e:9c:27:b0:00:c0:b9:28:
4b:80:35:f7:37:e5:70:72:78:c8:3a:99:c4:87:e0:
04:75:8f:7e:e5:3c:b7:54:13:1a:40:9d:4d:99:39:
f2:7c:24:92:4a:3f:d9:60:4a:38:ba:96:20:bc:07:
b0:c6:9c:57:81:f6:57:af:ab:3b:19:7e:4b:5d:56:
13:87:4a:d2:48:c8:61:12:00:e2:39:f4:49:2e:dd:
98:68:a9:22:22:c3:9b:55:31:e5:3c:37:a7:44:cd:
d5:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:89:F4:B8:2D:36:48:3C:57:09:BA:21:2B:FE:6A:B1:E8:DC:11:3F
X509v3 Authority Key Identifier:
keyid:47:ED:F8:F1:BF:0C:4F:BC:46:9E:71:C9:9D:82:48:9E:A1:F3:DA:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-348b8MT7xGnnHJnYJInqHz2ko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6db34b-8afa-49c5-b73f-9204c197aa65/1/dYn0uC02SDxXCbohK_5qsejcET8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6db34b-8afa-49c5-b73f-9204c197aa65/1/R-348b8MT7xGnnHJnYJInqHz2ko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.224.0/20
89.251.32.0/20
91.147.236.0/22
185.167.92.0/22
Signature Algorithm: sha256WithRSAEncryption
e0:a6:73:38:0d:ef:94:d0:cc:f6:f4:03:e5:44:11:de:24:1f:
22:f4:44:2c:d3:12:ca:59:d3:3d:db:b7:e4:72:fe:c0:75:7a:
71:cf:6e:ea:ba:2d:fb:ed:ed:cd:da:8f:32:c7:4d:56:d8:e3:
74:28:14:84:b6:6a:ec:28:6f:80:a7:52:05:8e:2c:2d:81:bb:
5d:24:69:27:05:18:fc:eb:27:e0:26:17:25:ee:94:45:68:e3:
8b:90:cc:e3:ae:3f:a1:51:2d:bd:bc:bb:b8:c4:69:de:69:10:
f8:53:21:40:5c:a4:53:e6:4f:35:72:ff:2b:ef:a5:e4:4b:96:
2c:de:ba:17:3d:56:28:c4:6f:5c:84:7d:20:b4:bf:16:c6:23:
64:64:58:ce:b9:52:49:91:08:d3:6e:c3:e8:d7:f1:de:f4:76:
57:dc:7c:ae:80:8a:82:5f:4e:97:97:a1:e4:67:ba:8f:9c:e1:
28:6d:cc:cc:69:a7:da:94:64:37:84:3f:f0:9d:84:f5:3e:22:
34:ac:58:79:83:f3:34:d8:c3:d7:97:a8:51:0d:4c:58:f9:a1:
46:31:90:ea:6b:97:a8:45:f4:09:5b:c9:5a:21:b5:bf:ab:28:
59:23:81:0a:39:d5:dd:07:86:15:4c:1f:b6:47:0d:90:32:2e:
1b:bc:07:ce
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEFDFowDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
N2VkZjhmMWJmMGM0ZmJjNDY5ZTcxYzk5ZDgyNDg5ZWExZjNkYTRhMB4XDTIyMDIw
MTE0MzMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNzU4OWY0YjgyZDM2
NDgzYzU3MDliYTIxMmJmZTZhYjFlOGRjMTEzZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOh529gyMQEzYlclWJhQh0fCJYwtsRvk5V0jLp/G97Wxi0+X
7TI+8+mLR0icrPlllMEU07Vo+UeHWOIjm9thbUphhyCI2zO7gicNRiyUFa0w1LzH
8FGd3S/b6c742aC3TO23vIdudUKocU7j3LELpcCk80KStXJNUE+RyDlWf2sBCuh1
BHMx8SQ9zGMl90/Bqou+dvbOUSKJwwZG0D6cJ7AAwLkoS4A19zflcHJ4yDqZxIfg
BHWPfuU8t1QTGkCdTZk58nwkkko/2WBKOLqWILwHsMacV4H2V6+rOxl+S11WE4dK
0kjIYRIA4jn0SS7dmGipIiLDm1Ux5Tw3p0TN1SUCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBR1ifS4LTZIPFcJuiEr/mqx6NwRPzAfBgNVHSMEGDAWgBRH7fjxvwxPvEae
ccmdgkieofPaSjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ItMzQ4YjhNVDd4R25uSEpuWUpJbnFIejJrby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2QvNmRiMzRiLThhZmEtNDljNS1iNzNmLTkyMDRjMTk3YWE2NS8x
L2RZbjB1QzAyU0R4WENib2hLXzVxc2VqY0VUOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Qv
NmRiMzRiLThhZmEtNDljNS1iNzNmLTkyMDRjMTk3YWE2NS8xL1ItMzQ4YjhNVDd4
R25uSEpuWUpJbnFIejJrby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEBB+r4AMEBFn7IAMEAluT7AMEArmn
XDANBgkqhkiG9w0BAQsFAAOCAQEA4KZzOA3vlNDM9vQD5UQR3iQfIvRELNMSylnT
Pdu35HL+wHV6cc9u6rot++3tzdqPMsdNVtjjdCgUhLZq7ChvgKdSBY4sLYG7XSRp
JwUY/Osn4CYXJe6URWjji5DM464/oVEtvby7uMRp3mkQ+FMhQFykU+ZPNXL/K++l
5EuWLN66Fz1WKMRvXIR9ILS/FsYjZGRYzrlSSZEI027D6Nfx3vR2V9x8roCKgl9O
l5eh5Ge6j5zhKG3MzGmn2pRkN4Q/8J2E9T4iNKxYeYPzNNjD15eoUQ1MWPmhRjGQ
6muXqEX0CVvJWiG1v6soWSOBCjnV3QeGFUwftkcNkDIuG7wHzg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:17 2024 by rpki-client on console-fra.rpki-client.org