Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9K14AGyqZqXNG6nUYDraoSLzVWU.roa
File: 9K14AGyqZqXNG6nUYDraoSLzVWU.roa (raw, json)
Hash identifier: kDyUnqU6lgZ1p/oyEFqa4MUXpwVFJWDXIW1vWrJIwUQ=
Subject key identifier: F4:AD:78:00:6C:AA:66:A5:CD:1B:A9:D4:60:3A:DA:A1:22:F3:55:65
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0181F730F6D4A21E9D094DE35DED1D5ED552
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9K14AGyqZqXNG6nUYDraoSLzVWU.roa
Signing time: Wed 13 Jul 2022 10:53:10 +0000
ROA not before: Wed 13 Jul 2022 10:53:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 88.209.230.0/24 maxlen: 24
92.52.214.0/24 maxlen: 24
88.209.232.0/22 maxlen: 22
88.209.229.0/24 maxlen: 24
88.209.244.0/23 maxlen: 23
88.209.252.0/24 maxlen: 24
83.137.152.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
88.209.204.0/22 maxlen: 32
88.209.204.0/24 maxlen: 32
88.209.200.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:f7:30:f6:d4:a2:1e:9d:09:4d:e3:5d:ed:1d:5e:d5:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 13 10:53:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f4ad78006caa66a5cd1ba9d4603adaa122f35565
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:36:59:b8:74:af:1d:73:6e:a7:78:45:95:2a:
de:77:18:c1:ef:fa:d6:69:8b:fa:7b:97:af:6f:72:
d7:16:82:07:86:6c:16:97:ff:8c:c6:02:f6:81:19:
15:6c:ac:64:83:fd:18:2c:22:d9:c3:75:59:8f:c0:
9d:69:01:a6:22:02:02:eb:6d:40:8e:ea:84:ef:ab:
e2:26:2b:8c:2b:96:53:10:82:0e:96:9f:86:e1:7f:
2a:b6:87:35:74:03:ce:43:58:a8:85:20:99:3e:3f:
95:b3:de:fa:f9:fe:bb:0c:f0:08:1f:53:8a:f3:43:
d6:36:79:35:a1:70:38:c8:6a:7e:a5:48:95:b5:11:
17:64:42:1d:a3:6b:3a:2d:4e:04:c3:02:8b:0e:ef:
bb:80:0b:cf:74:ea:d8:be:ec:1b:dd:a6:fc:ef:c6:
71:31:2e:6f:de:96:d1:af:56:4c:45:18:9f:c2:b0:
40:63:a1:30:ca:d5:fe:9e:ff:b6:a7:fc:b0:07:84:
34:78:4f:20:cd:01:fc:62:fe:d7:79:27:b4:44:8f:
ee:a2:cb:7e:c9:79:77:f8:39:81:d8:fb:02:ec:c1:
7a:dc:a1:98:c9:d2:d1:e9:2a:36:b6:0f:22:34:e6:
4d:32:e5:22:02:e4:af:69:dc:e3:65:00:06:79:f4:
b5:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:AD:78:00:6C:AA:66:A5:CD:1B:A9:D4:60:3A:DA:A1:22:F3:55:65
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/9K14AGyqZqXNG6nUYDraoSLzVWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.152.0/24
88.209.200.0/21
88.209.229.0-88.209.230.255
88.209.232.0/22
88.209.244.0/23
88.209.252.0/24
88.209.255.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
36:b5:3a:11:2c:37:e4:c2:ae:ea:42:a6:5f:09:cf:dc:df:08:
0a:c8:77:b9:12:cf:6a:66:23:9b:01:c0:e4:6e:e7:2c:49:bc:
bb:d6:9a:72:f4:3d:d1:59:82:a6:74:d9:d4:41:58:dd:ba:8f:
9e:d6:a7:d9:09:63:9d:0a:11:9b:32:a0:ba:fb:8f:9b:c3:8f:
56:2f:82:40:15:51:87:bd:15:05:9a:f7:ea:7e:35:45:71:37:
16:e8:84:e9:10:f4:23:80:54:a3:ee:c3:5d:0a:98:a0:97:69:
cb:3a:ac:63:48:71:31:bf:fa:97:f5:30:9b:62:de:2c:e3:60:
69:14:ff:aa:08:47:14:71:f1:d7:18:a9:f5:24:67:5d:3d:17:
8c:4c:2e:f9:17:dc:76:17:f0:ec:92:68:af:95:5f:ca:42:28:
ab:f2:82:06:f4:b4:c9:d4:f5:b3:91:ce:32:7a:c4:90:02:d9:
e0:33:4c:da:56:30:56:48:1a:c9:19:71:b1:93:34:27:49:3b:
a8:77:bc:4f:50:70:f4:8b:35:19:ba:80:f3:d0:99:7e:88:5e:
48:f5:e3:a7:5f:2e:6d:80:07:16:13:31:74:c4:9d:fe:86:1f:
c7:39:ca:54:2e:ef:d9:f4:c9:bb:4d:ba:23:f1:d1:f8:eb:ad:
33:87:84:93
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYH3MPbUoh6dCU3jXe0dXtVSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzEzMTA1MzEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGFkNzgwMDZjYWE2NmE1Y2QxYmE5ZDQ2MDNhZGFhMTIyZjM1NTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjZZuHSvHXNup3hFlSredxjB7/rW
aYv6e5evb3LXFoIHhmwWl/+MxgL2gRkVbKxkg/0YLCLZw3VZj8CdaQGmIgIC621A
juqE76viJiuMK5ZTEIIOlp+G4X8qtoc1dAPOQ1iohSCZPj+Vs976+f67DPAIH1OK
80PWNnk1oXA4yGp+pUiVtREXZEIdo2s6LU4EwwKLDu+7gAvPdOrYvuwb3ab878Zx
MS5v3pbRr1ZMRRifwrBAY6EwytX+nv+2p/ywB4Q0eE8gzQH8Yv7XeSe0RI/uost+
yXl3+DmB2PsC7MF63KGYydLR6So2tg8iNOZNMuUiAuSvadzjZQAGefS1WQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFPSteABsqmalzRup1GA62qEi81VlMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvOUsxNEFHeXFacVhORzZuVVlEcmFvU0x6VldVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQAU4mYAwQD
WNHIMAwDBABY0eUDBABY0eYDBAJY0egDBAFY0fQDBABY0fwDBABY0f8DBABcNNYw
DQYJKoZIhvcNAQELBQADggEBADa1OhEsN+TCrupCpl8Jz9zfCArId7kSz2pmI5sB
wORu5yxJvLvWmnL0PdFZgqZ02dRBWN26j57Wp9kJY50KEZsyoLr7j5vDj1YvgkAV
UYe9FQWa9+p+NUVxNxbohOkQ9COAVKPuw10KmKCXacs6rGNIcTG/+pf1MJti3izj
YGkU/6oIRxRx8dcYqfUkZ109F4xMLvkX3HYX8OySaK+VX8pCKKvyggb0tMnU9bOR
zjJ6xJAC2eAzTNpWMFZIGskZcbGTNCdJO6h3vE9QcPSLNRm6gPPQmX6IXkj146df
Lm2ABxYTMXTEnf6GH8c5ylQu79n0ybtNuiPx0fjrrTOHhJM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:47:55 2024 by rpki-client on console-ams.rpki-client.org