Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IhSdImprFhH80zstx6JNbUgMFAA.roa
File: IhSdImprFhH80zstx6JNbUgMFAA.roa (raw, json)
Hash identifier: ZzhBvxbAN0eH/49jgPJhsKkIhbUf21eh5Nm1mBfiGz4=
Subject key identifier: 22:14:9D:22:6A:6B:16:11:FC:D3:3B:2D:C7:A2:4D:6D:48:0C:14:00
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0184C3D18D9D06081C2ECEFA781A1C60ECFE
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IhSdImprFhH80zstx6JNbUgMFAA.roa
Signing time: Tue 29 Nov 2022 14:36:41 +0000
ROA not before: Tue 29 Nov 2022 14:36:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 92.52.214.0/24 maxlen: 24
88.209.201.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c3:d1:8d:9d:06:08:1c:2e:ce:fa:78:1a:1c:60:ec:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 29 14:36:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=22149d226a6b1611fcd33b2dc7a24d6d480c1400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:79:7e:1c:25:66:87:b2:65:68:0e:e8:bf:e1:
58:f4:ee:69:f1:2e:cb:e7:80:69:f2:3c:8f:77:4b:
97:ea:0e:2a:f7:a7:d0:b1:12:b3:34:02:68:2b:f4:
7c:7f:87:a8:27:b2:8e:65:33:dd:b3:1e:a1:db:d1:
7b:9f:ff:82:c2:40:de:6e:cc:b7:b8:3e:d6:62:d6:
96:23:32:80:d0:af:c6:8d:78:db:97:85:63:23:34:
55:fd:b2:29:d1:f7:42:09:d1:8a:29:1a:eb:f5:b6:
85:f2:98:38:75:6d:bb:60:dc:2b:bc:93:14:e7:2d:
3f:23:81:19:9c:ba:19:bb:89:ba:87:30:d6:a1:3f:
f7:37:0b:d1:10:9a:b7:5f:fd:1f:c7:c3:8b:fe:18:
01:6b:43:36:e3:cc:f7:b2:59:28:0d:36:44:6e:43:
7a:b1:9d:9d:19:3a:8b:69:d0:7d:c0:87:02:11:56:
f0:ca:88:03:14:3c:05:e0:be:ac:24:65:16:ff:84:
85:aa:00:6c:ae:35:23:23:4a:08:0d:84:d2:68:5b:
01:15:c7:49:fe:25:03:62:bf:9e:5d:1a:b4:ad:17:
5e:05:7c:4f:0f:30:5e:71:2e:cf:0a:79:ba:20:8e:
86:95:a3:41:93:b5:17:19:59:2f:97:04:28:eb:6c:
c4:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:14:9D:22:6A:6B:16:11:FC:D3:3B:2D:C7:A2:4D:6D:48:0C:14:00
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/IhSdImprFhH80zstx6JNbUgMFAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.201.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:11:d6:78:27:06:ab:17:4b:5c:7c:58:d1:6d:dc:6c:eb:6b:
83:ed:44:cb:52:ce:b9:c3:c5:bb:c0:b6:2d:34:e0:8f:82:7d:
3b:b6:24:a1:a1:ae:6b:a5:45:75:e1:84:b9:68:88:16:d4:4a:
30:5b:23:3d:e4:a1:88:12:58:b4:3b:34:0d:51:4c:de:36:cb:
6f:6e:d4:1b:d0:36:1a:e0:1c:83:32:ef:47:7a:0c:76:bc:80:
e5:8a:e0:86:e4:1d:c8:16:22:6d:84:3a:85:56:12:3c:a0:c0:
a6:8e:94:a2:a3:21:18:ad:12:db:8b:23:88:35:ff:be:c7:95:
e1:73:29:3a:06:22:39:e6:fc:1f:bf:14:ad:66:02:9f:5f:41:
5b:c6:9d:09:c6:29:4a:6b:7f:4a:76:1e:b5:90:95:23:d8:7d:
9e:34:69:4f:dc:43:56:7b:9f:1d:e7:8d:00:aa:04:f4:7c:88:
49:fb:a1:a9:8a:dc:56:37:39:65:b1:05:f0:bc:cb:c6:8b:3c:
b0:36:2b:f6:bb:62:b7:cd:50:4c:87:99:1e:34:2a:35:02:f2:
a5:35:27:9c:ed:7c:93:a4:5c:23:81:5e:6d:1f:11:9e:ac:18:
51:d2:f8:1b:01:5f:b0:cf:d0:74:b6:5a:37:f9:88:80:46:4d:
fe:55:cb:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTD0Y2dBggcLs76eBocYOz+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMTI5MTQzNjQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjE0OWQyMjZhNmIxNjExZmNkMzNiMmRjN2EyNGQ2ZDQ4MGMxNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnl+HCVmh7JlaA7ov+FY9O5p8S7L
54Bp8jyPd0uX6g4q96fQsRKzNAJoK/R8f4eoJ7KOZTPdsx6h29F7n/+CwkDebsy3
uD7WYtaWIzKA0K/GjXjbl4VjIzRV/bIp0fdCCdGKKRrr9baF8pg4dW27YNwrvJMU
5y0/I4EZnLoZu4m6hzDWoT/3NwvREJq3X/0fx8OL/hgBa0M248z3slkoDTZEbkN6
sZ2dGTqLadB9wIcCEVbwyogDFDwF4L6sJGUW/4SFqgBsrjUjI0oIDYTSaFsBFcdJ
/iUDYr+eXRq0rRdeBXxPDzBecS7PCnm6II6GlaNBk7UXGVkvlwQo62zESwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCIUnSJqaxYR/NM7LceiTW1IDBQAMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvSWhTZEltcHJGaEg4MHpzdHg2Sk5iVWdNRkFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNHJAwQA
XDTWMA0GCSqGSIb3DQEBCwUAA4IBAQDAEdZ4JwarF0tcfFjRbdxs62uD7UTLUs65
w8W7wLYtNOCPgn07tiShoa5rpUV14YS5aIgW1EowWyM95KGIEli0OzQNUUzeNstv
btQb0DYa4ByDMu9Hegx2vIDliuCG5B3IFiJthDqFVhI8oMCmjpSioyEYrRLbiyOI
Nf++x5Xhcyk6BiI55vwfvxStZgKfX0Fbxp0JxilKa39Kdh61kJUj2H2eNGlP3ENW
e58d540AqgT0fIhJ+6GpitxWNzllsQXwvMvGizywNiv2u2K3zVBMh5keNCo1AvKl
NSec7XyTpFwjgV5tHxGerBhR0vgbAV+wz9B0tlo3+YiARk3+Vcvj
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:51 2023 by rpki-client on console-ams.rpki-client.org