Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cwdqZSzpjob7xO9bJ_vd3vNiKzc.roa
File: cwdqZSzpjob7xO9bJ_vd3vNiKzc.roa (raw, json)
Hash identifier: Ll9y4V/Cm5eBO7DhUmLFM7EXz3/Xkr8/IiCjjznyDSE=
Subject key identifier: 73:07:6A:65:2C:E9:8E:86:FB:C4:EF:5B:27:FB:DD:DE:F3:62:2B:37
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01827CE19E733517F9895D75B4C8057C329F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cwdqZSzpjob7xO9bJ_vd3vNiKzc.roa
Signing time: Mon 08 Aug 2022 09:55:37 +0000
ROA not before: Mon 08 Aug 2022 09:55:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 88.209.231.0/24 maxlen: 24
88.209.232.0/22 maxlen: 22
83.137.152.0/24 maxlen: 24
83.137.154.0/23 maxlen: 24
88.151.61.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
88.209.204.0/24 maxlen: 32
88.209.204.0/22 maxlen: 24
88.209.200.0/22 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:7c:e1:9e:73:35:17:f9:89:5d:75:b4:c8:05:7c:32:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 8 09:55:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=73076a652ce98e86fbc4ef5b27fbdddef3622b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:d8:d0:9e:d9:2a:3a:30:d4:32:e0:3b:6a:2c:
12:6b:31:f9:18:5c:95:6e:ce:a8:9c:27:9a:68:cd:
6e:27:04:c9:77:50:22:1e:1d:de:db:0e:a7:56:e3:
b0:f3:fc:07:d6:13:80:fa:96:8a:39:5b:df:15:bf:
4d:90:61:25:2a:41:c6:a4:17:dc:0f:70:03:0b:69:
e0:f3:99:49:10:e6:cf:35:73:4b:df:0d:10:0e:91:
08:06:bb:02:a8:b5:57:c7:5b:4d:53:4f:73:97:45:
31:39:05:18:10:70:ad:03:7e:cc:66:f7:75:56:d3:
92:c3:de:36:88:e9:54:aa:92:76:9d:90:c1:8d:46:
19:d1:a1:41:11:50:f3:86:02:4a:2e:9d:34:69:7c:
3a:ae:1c:62:fb:80:ed:7d:f5:81:6a:3d:2a:92:a7:
83:57:65:43:94:b2:06:bf:e5:7c:2d:05:50:07:f5:
f9:02:6e:18:4b:81:54:7d:5b:03:05:fd:ed:b6:96:
62:86:7a:4f:56:79:fb:36:4d:47:5f:af:e9:4a:e7:
b9:76:44:c0:8f:f7:7c:83:69:8d:f7:d1:06:ec:9a:
01:98:69:f7:71:05:4c:87:01:c1:be:12:bf:c4:37:
39:f3:f4:9f:d4:96:c2:a8:dd:a3:95:4f:df:6b:cd:
56:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:07:6A:65:2C:E9:8E:86:FB:C4:EF:5B:27:FB:DD:DE:F3:62:2B:37
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/cwdqZSzpjob7xO9bJ_vd3vNiKzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.152.0/24
83.137.154.0/23
88.151.61.0/24
88.151.63.0/24
88.209.200.0/21
88.209.231.0-88.209.235.255
Signature Algorithm: sha256WithRSAEncryption
50:10:3a:31:e2:c1:59:96:79:3c:3e:c2:de:8b:78:51:0c:fc:
9c:a7:55:be:d1:ac:4c:c4:49:f1:fa:77:dc:2f:1e:99:b6:b1:
89:7a:1f:7d:37:f4:4f:15:cb:7c:07:d7:a0:97:d5:3c:5b:1c:
0f:9f:47:08:e0:38:7b:b3:cc:0f:64:dc:cc:5b:96:9b:55:66:
bc:ec:70:3f:2f:0f:72:32:78:01:99:7f:6f:4a:84:fe:06:b9:
f2:e5:8f:69:92:14:79:41:77:c8:35:9e:fe:53:54:d3:0c:93:
9d:5e:79:40:09:c2:8d:ee:97:3c:fc:80:40:4e:55:8c:50:6b:
7b:ea:42:84:44:81:64:69:ac:3c:1f:2b:ed:ba:51:32:84:bd:
18:9f:f6:6c:37:d2:cc:ea:ec:d3:71:20:4a:a1:15:15:92:79:
0a:44:73:ec:49:7f:72:36:e4:bc:94:aa:be:00:3a:f4:ff:6f:
54:9c:d7:bb:60:45:c4:17:a3:83:9e:40:28:11:f4:c9:45:25:
0b:94:16:ce:88:fe:41:5d:04:ad:85:50:93:bd:08:e2:87:68:
f9:fc:52:26:82:02:53:dd:41:6a:c8:18:6b:e3:4d:10:9c:7c:
d8:fa:ed:05:88:30:0d:f0:2d:e3:15:17:fc:12:03:dc:7c:e4:
7b:27:b7:59
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYJ84Z5zNRf5iV11tMgFfDKfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwODA4MDk1NTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzA3NmE2NTJjZTk4ZTg2ZmJjNGVmNWIyN2ZiZGRkZWYzNjIyYjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9jQntkqOjDUMuA7aiwSazH5GFyV
bs6onCeaaM1uJwTJd1AiHh3e2w6nVuOw8/wH1hOA+paKOVvfFb9NkGElKkHGpBfc
D3ADC2ng85lJEObPNXNL3w0QDpEIBrsCqLVXx1tNU09zl0UxOQUYEHCtA37MZvd1
VtOSw942iOlUqpJ2nZDBjUYZ0aFBEVDzhgJKLp00aXw6rhxi+4DtffWBaj0qkqeD
V2VDlLIGv+V8LQVQB/X5Am4YS4FUfVsDBf3ttpZihnpPVnn7Nk1HX6/pSue5dkTA
j/d8g2mN99EG7JoBmGn3cQVMhwHBvhK/xDc58/Sf1JbCqN2jlU/fa81W6wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHMHamUs6Y6G+8TvWyf73d7zYis3MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvY3dkcVpTenBqb2I3eE85YkpfdmQzdk5pS3pjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAU4mYAwQB
U4maAwQAWJc9AwQAWJc/AwQDWNHIMAwDBABY0ecDBAJY0egwDQYJKoZIhvcNAQEL
BQADggEBAFAQOjHiwVmWeTw+wt6LeFEM/JynVb7RrEzESfH6d9wvHpm2sYl6H303
9E8Vy3wH16CX1TxbHA+fRwjgOHuzzA9k3MxblptVZrzscD8vD3IyeAGZf29KhP4G
ufLlj2mSFHlBd8g1nv5TVNMMk51eeUAJwo3ulzz8gEBOVYxQa3vqQoREgWRprDwf
K+26UTKEvRif9mw30szq7NNxIEqhFRWSeQpEc+xJf3I25LyUqr4AOvT/b1Sc17tg
RcQXo4OeQCgR9MlFJQuUFs6I/kFdBK2FUJO9COKHaPn8UiaCAlPdQWrIGGvjTRCc
fNj67QWIMA3wLeMVF/wSA9x85Hsnt1k=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:01 2023 by rpki-client on console-fra.rpki-client.org