Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ceVqC6hlvA5ioOD-ancpNzpAhEQ.roa
File: ceVqC6hlvA5ioOD-ancpNzpAhEQ.roa (raw, json)
Hash identifier: 4pgQOkb1ZO/oK2LyepEHgr5fN95Xd3bUETzVC9tHPYs=
Subject key identifier: 71:E5:6A:0B:A8:65:BC:0E:62:A0:E0:FE:6A:77:29:37:3A:40:84:44
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01824003215CB52B328D10D87EBC8461D58E
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ceVqC6hlvA5ioOD-ancpNzpAhEQ.roa
Signing time: Wed 27 Jul 2022 14:15:23 +0000
ROA not before: Wed 27 Jul 2022 14:15:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 88.209.232.0/22 maxlen: 22
83.137.152.0/24 maxlen: 24
83.137.154.0/23 maxlen: 24
88.209.204.0/24 maxlen: 32
88.209.204.0/22 maxlen: 24
88.209.200.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:40:03:21:5c:b5:2b:32:8d:10:d8:7e:bc:84:61:d5:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 27 14:15:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=71e56a0ba865bc0e62a0e0fe6a7729373a408444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:79:41:82:ca:d6:ef:94:0c:0c:40:4d:be:f0:
1a:76:45:b3:a2:eb:6a:1f:fc:97:c5:62:0d:8f:bf:
10:d6:52:30:94:35:ba:da:c7:d2:fa:35:e0:bf:bc:
31:8a:1c:5c:44:1c:2a:e1:c5:28:35:64:ed:53:45:
c2:12:b8:d7:59:f4:8a:b8:c7:15:00:c6:8c:4c:14:
5e:2f:1e:3c:07:d0:b2:89:f8:19:bc:35:af:59:18:
0a:53:1c:c9:48:e2:ea:2b:75:9f:9e:d3:47:f9:2c:
e5:53:df:59:28:bd:0f:25:78:0a:b3:3b:07:0a:15:
d7:0f:a1:78:6f:95:25:e1:9a:b1:ce:0e:28:7e:37:
b7:37:29:a3:b9:bb:10:7f:8f:08:be:c3:c5:0a:61:
a8:b7:79:b1:d1:20:29:e9:98:8e:8a:d2:16:c7:b2:
4e:49:77:d6:ae:16:1b:38:7b:f8:e6:63:c9:b0:4d:
5d:2b:29:20:06:6e:2f:eb:79:e6:ae:bb:a3:6c:63:
91:d0:14:e8:c2:6f:90:56:fb:c7:04:06:99:32:2b:
9c:da:10:72:c7:c3:fb:00:f7:1e:97:fa:81:ec:28:
f6:fc:1c:e6:ca:00:4b:8d:d3:6a:de:01:00:91:5d:
8d:ad:13:49:28:07:9f:14:85:0c:9f:6e:77:9a:1b:
ff:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E5:6A:0B:A8:65:BC:0E:62:A0:E0:FE:6A:77:29:37:3A:40:84:44
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/ceVqC6hlvA5ioOD-ancpNzpAhEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.152.0/24
83.137.154.0/23
88.209.200.0/21
88.209.232.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:73:c7:65:30:c9:d2:8f:2f:14:b2:35:31:39:0b:ed:a5:6e:
32:f7:9e:ac:78:7f:e7:df:bf:90:04:4a:03:a9:e7:a3:4c:45:
b4:0b:99:1e:7d:09:e8:81:f8:35:03:1a:54:40:ce:ac:e8:b9:
27:b4:76:7e:59:0d:d2:b2:b5:05:90:cf:d5:d8:83:20:90:fd:
c9:d6:f6:42:b5:bc:6a:7d:d6:b4:5b:ef:56:33:85:13:43:61:
30:27:81:19:e2:ef:cb:a6:6a:92:5a:99:9e:85:be:78:13:88:
b5:ce:e3:a6:94:d3:25:21:92:99:e8:b3:b2:49:1e:ac:36:28:
26:c9:39:81:c2:02:36:9c:79:ce:89:30:91:5d:dc:4b:3f:7e:
e4:09:5b:d6:60:b7:d2:20:24:17:84:11:b9:f5:ba:f1:0c:68:
4d:01:27:9b:63:94:b0:04:3d:4c:ae:de:07:4a:d5:7f:5f:f2:
8c:8c:12:d2:8c:90:d4:e0:99:7b:a1:ee:66:d2:4e:09:e9:98:
ea:c6:3e:bd:3b:78:90:3b:57:c9:e2:04:ad:19:dd:b9:6f:87:
ea:df:21:d2:94:40:40:85:43:a5:d7:cb:b9:57:82:c5:e7:3b:
96:66:ad:54:01:b7:24:6d:05:64:ee:e9:20:32:00:44:dd:5b:
e6:d6:89:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYJAAyFctSsyjRDYfryEYdWOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI3MTQxNTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWU1NmEwYmE4NjViYzBlNjJhMGUwZmU2YTc3MjkzNzNhNDA4NDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnlBgsrW75QMDEBNvvAadkWzoutq
H/yXxWINj78Q1lIwlDW62sfS+jXgv7wxihxcRBwq4cUoNWTtU0XCErjXWfSKuMcV
AMaMTBReLx48B9CyifgZvDWvWRgKUxzJSOLqK3WfntNH+SzlU99ZKL0PJXgKszsH
ChXXD6F4b5Ul4Zqxzg4ofje3NymjubsQf48IvsPFCmGot3mx0SAp6ZiOitIWx7JO
SXfWrhYbOHv45mPJsE1dKykgBm4v63nmrrujbGOR0BTowm+QVvvHBAaZMiuc2hBy
x8P7APcel/qB7Cj2/BzmygBLjdNq3gEAkV2NrRNJKAefFIUMn253mhv/tQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHHlaguoZbwOYqDg/mp3KTc6QIREMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvY2VWcUM2aGx2QTVpb09ELWFuY3BOenBBaEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAU4mYAwQB
U4maAwQDWNHIAwQCWNHoMA0GCSqGSIb3DQEBCwUAA4IBAQBac8dlMMnSjy8UsjUx
OQvtpW4y956seH/n37+QBEoDqeejTEW0C5kefQnogfg1AxpUQM6s6LkntHZ+WQ3S
srUFkM/V2IMgkP3J1vZCtbxqfda0W+9WM4UTQ2EwJ4EZ4u/LpmqSWpmehb54E4i1
zuOmlNMlIZKZ6LOySR6sNigmyTmBwgI2nHnOiTCRXdxLP37kCVvWYLfSICQXhBG5
9brxDGhNASebY5SwBD1Mrt4HStV/X/KMjBLSjJDU4Jl7oe5m0k4J6Zjqxj69O3iQ
O1fJ4gStGd25b4fq3yHSlEBAhUOl18u5V4LF5zuWZq1UAbckbQVk7ukgMgBE3Vvm
1onk
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org