Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/iY7JDfK9CW8BXUygV-SodjRN7OE.roa
File: iY7JDfK9CW8BXUygV-SodjRN7OE.roa (raw, json)
Hash identifier: 7t1/9Efz0L3j4dDZRiwxF7EhmtjfTtylc9axLKRS60M=
Subject key identifier: 89:8E:C9:0D:F2:BD:09:6F:01:5D:4C:A0:57:E4:A8:76:34:4D:EC:E1
Certificate issuer: /CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Certificate serial: 05DBBE39
Authority key identifier: 9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/iY7JDfK9CW8BXUygV-SodjRN7OE.roa
Signing time: Fri 18 Feb 2022 13:01:19 +0000
ROA not before: Fri 18 Feb 2022 13:01:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 212.62.85.0/24 maxlen: 24
84.201.65.0/24 maxlen: 24
84.201.64.0/18 maxlen: 24
84.201.66.0/24 maxlen: 24
84.201.73.0/24 maxlen: 24
84.201.98.0/24 maxlen: 24
81.89.246.0/24 maxlen: 24
212.62.64.0/19 maxlen: 24
212.62.68.0/24 maxlen: 24
212.62.67.0/24 maxlen: 24
212.62.72.0/24 maxlen: 24
81.89.224.0/19 maxlen: 24
2a00:1348:10::/48 maxlen: 64
2a00:1348:11::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 98287161 (0x5dbbe39)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Validity
Not Before: Feb 18 13:01:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=898ec90df2bd096f015d4ca057e4a876344dece1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cb:8f:66:06:a6:77:da:ad:72:e9:0a:e0:3e:
34:ca:43:d2:67:f1:32:54:df:4f:13:af:af:1e:34:
3c:9c:06:eb:0c:0f:84:41:d6:73:3b:8d:c4:1a:0a:
f6:99:2e:b5:20:ad:6d:b7:59:25:18:76:c0:fa:09:
e7:36:24:81:98:df:d5:09:2b:99:54:6b:8f:e1:9d:
59:dc:5f:9e:3a:e0:f2:a8:c1:30:a9:e2:16:7a:d6:
93:e7:eb:47:ea:2b:1c:8d:ec:c0:a3:5d:d0:92:01:
9d:9c:df:8c:78:1a:25:13:ce:25:22:0a:3e:27:d4:
61:f4:48:e0:38:6a:26:72:c9:a7:13:8e:6d:d4:47:
9f:d9:4f:77:be:f3:79:1f:72:6a:34:84:dc:96:d1:
41:df:e4:55:89:45:46:c9:a5:ae:e7:a0:e6:00:94:
3b:af:45:ed:8d:ab:3b:1d:47:b8:ea:31:8c:2f:48:
a8:35:df:c6:58:4c:97:cf:96:a1:3b:10:86:dd:99:
b3:24:08:d9:18:43:64:f0:c8:7d:62:26:d9:c0:ce:
66:7a:4c:4f:4d:78:1e:2f:2d:b9:9e:dc:98:b6:2b:
95:b1:f1:2d:64:d7:fb:ee:83:eb:22:f0:7a:5b:47:
07:f9:4d:26:ce:9b:21:f3:56:37:1f:09:1f:82:cc:
38:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:8E:C9:0D:F2:BD:09:6F:01:5D:4C:A0:57:E4:A8:76:34:4D:EC:E1
X509v3 Authority Key Identifier:
keyid:9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/iY7JDfK9CW8BXUygV-SodjRN7OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.224.0/19
84.201.64.0/18
212.62.64.0/19
IPv6:
2a00:1348:10::/47
Signature Algorithm: sha256WithRSAEncryption
90:f3:78:e8:3e:68:14:f0:9c:f8:31:d8:89:be:04:61:08:cb:
7c:df:17:51:58:e7:65:5d:90:a8:f1:69:a6:64:8b:e7:0a:43:
d6:b2:7e:41:14:5b:f0:1f:59:03:77:4e:6b:6e:16:67:d5:76:
bf:34:5a:af:43:56:48:c7:6b:79:f0:3c:01:de:9b:0f:b9:31:
15:77:51:8c:8b:35:21:95:83:b9:31:8f:23:a6:b9:d4:9b:6d:
f6:96:a2:a6:f1:bf:8a:1c:a0:39:cc:ab:00:ca:0e:f9:92:d5:
dd:84:87:87:8c:a0:d2:29:15:b8:7e:46:fc:bf:42:ab:35:d0:
f7:d6:06:3f:78:7d:0a:f8:9a:02:09:95:36:2f:d3:ad:61:a1:
2e:4a:01:7a:b7:91:ce:40:be:23:0b:01:be:51:0a:05:e9:2e:
c1:eb:4c:dc:a6:1c:99:08:14:1f:a6:6d:2b:d0:8b:ed:98:e1:
6f:1f:fb:39:af:7f:23:20:ba:7e:11:21:8e:ea:16:0f:76:2c:
6e:3c:2c:ee:cf:8e:c6:13:6c:08:b2:e1:1d:25:75:e9:b6:53:
a6:95:5b:00:38:b4:fc:08:c6:63:94:bc:6b:22:c8:f6:a7:82:
5a:2e:4b:42:84:c8:e8:b7:fc:a8:5a:19:c2:7e:de:36:bf:c0:
7c:f2:87:21
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgIEBdu+OTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
YjYzMmVkYjYzNWFhOGY5YzQwYTA0OTVhN2E2M2JiNjUzOTU4MGJiMB4XDTIyMDIx
ODEzMDExOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODk4ZWM5MGRmMmJk
MDk2ZjAxNWQ0Y2EwNTdlNGE4NzYzNDRkZWNlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfLj2YGpnfarXLpCuA+NMpD0mfxMlTfTxOvrx40PJwG6wwP
hEHWczuNxBoK9pkutSCtbbdZJRh2wPoJ5zYkgZjf1QkrmVRrj+GdWdxfnjrg8qjB
MKniFnrWk+frR+orHI3swKNd0JIBnZzfjHgaJRPOJSIKPifUYfRI4DhqJnLJpxOO
bdRHn9lPd77zeR9yajSE3JbRQd/kVYlFRsmlrueg5gCUO69F7Y2rOx1HuOoxjC9I
qDXfxlhMl8+WoTsQht2ZsyQI2RhDZPDIfWIm2cDOZnpMT014Hi8tuZ7cmLYrlbHx
LWTX++6D6yLweltHB/lNJs6bIfNWNx8JH4LMOPkCAwEAAaOCAiYwggIiMB0GA1Ud
DgQWBBSJjskN8r0JbwFdTKBX5Kh2NE3s4TAfBgNVHSMEGDAWgBSbYy7bY1qo+cQK
BJWnpju2U5WAuzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L20yTXUyMk5hcVBuRUNnU1ZwNlk3dGxPVmdMcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZDAyOTgzLWIxMWMtNGJmNy1iNGI1LWU4YzlhZDVmMDUxYS8x
L2lZN0pEZks5Q1c4QlhVeWdWLVNvZGpSTjdPRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
ZDAyOTgzLWIxMWMtNGJmNy1iNGI1LWU4YzlhZDVmMDUxYS8xL20yTXUyMk5hcVBu
RUNnU1ZwNlk3dGxPVmdMcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA8
BggrBgEFBQcBBwEB/wQtMCswGAQCAAEwEgMEBVFZ4AMEBlTJQAMEBdQ+QDAPBAIA
AjAJAwcBKgATSAAQMA0GCSqGSIb3DQEBCwUAA4IBAQCQ83joPmgU8Jz4MdiJvgRh
CMt83xdRWOdlXZCo8WmmZIvnCkPWsn5BFFvwH1kDd05rbhZn1Xa/NFqvQ1ZIx2t5
8DwB3psPuTEVd1GMizUhlYO5MY8jprnUm232lqKm8b+KHKA5zKsAyg75ktXdhIeH
jKDSKRW4fkb8v0KrNdD31gY/eH0K+JoCCZU2L9OtYaEuSgF6t5HOQL4jCwG+UQoF
6S7B60zcphyZCBQfpm0r0IvtmOFvH/s5r38jILp+ESGO6hYPdixuPCzuz47GE2wI
suEdJXXptlOmlVsAOLT8CMZjlLxrIsj2p4JaLktChMjot/yoWhnCft42v8B88och
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:49 2024 by rpki-client on console-ams.rpki-client.org