Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dx3hf7lA5tQ1vdkgmMY5NxukCkg.roa
File: dx3hf7lA5tQ1vdkgmMY5NxukCkg.roa (raw, json)
Hash identifier: afw5KNvdxl9R0LlPnwE1MnWrrRdSWb+bp0uFt2LQlfo=
Subject key identifier: 77:1D:E1:7F:B9:40:E6:D4:35:BD:D9:20:98:C6:39:37:1B:A4:0A:48
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01823A85D1499FD830A773465F72A971722F
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dx3hf7lA5tQ1vdkgmMY5NxukCkg.roa
Signing time: Tue 26 Jul 2022 12:40:24 +0000
ROA not before: Tue 26 Jul 2022 12:40:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211619
IP address blocks: 92.52.218.0/24 maxlen: 24
88.209.229.0/24 maxlen: 24
45.9.168.0/24 maxlen: 24
5.182.112.0/24 maxlen: 24
5.182.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3a:85:d1:49:9f:d8:30:a7:73:46:5f:72:a9:71:72:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 26 12:40:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=771de17fb940e6d435bdd92098c639371ba40a48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3d:f2:f8:ff:a7:c6:89:1d:a9:23:e1:ca:03:
d6:59:86:6c:3f:7e:0e:40:6b:c1:b4:b4:2b:5e:f6:
15:c2:7c:97:76:2d:90:af:7d:ad:3f:aa:2c:69:ee:
d9:27:52:37:a0:08:1a:79:db:80:04:19:38:ca:76:
7a:8b:0f:1c:4c:45:1b:88:da:27:aa:92:7b:bb:1c:
98:54:a9:bc:36:86:0d:4e:fb:be:d2:23:15:9f:78:
83:53:99:95:6f:bb:c2:72:b8:63:52:b6:9e:90:15:
1d:61:f7:32:15:26:8c:be:16:46:f8:6f:87:e1:ad:
34:ac:86:dc:b8:72:47:75:08:b5:78:7b:45:2e:9a:
3a:34:4e:50:9c:bb:4e:31:71:ea:7e:53:a3:75:d1:
b1:c1:29:6d:1c:e2:69:e0:2f:8e:74:bf:c3:9b:68:
1b:a0:d0:9e:5b:24:ed:13:5c:0d:b2:36:0b:71:ca:
a1:6f:90:e7:53:8b:d8:ff:5a:77:a0:64:cb:60:49:
ea:0b:7d:f7:08:36:f1:90:8e:0e:7a:86:11:0e:ca:
3b:f0:da:97:06:79:84:9a:56:38:4b:1a:c9:97:84:
ef:0e:70:60:73:3c:7d:8e:57:e5:9c:05:45:d5:20:
75:a4:e7:6d:15:f5:7b:2e:d2:b8:82:b8:3c:ac:c9:
5d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:1D:E1:7F:B9:40:E6:D4:35:BD:D9:20:98:C6:39:37:1B:A4:0A:48
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/dx3hf7lA5tQ1vdkgmMY5NxukCkg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.112.0/24
5.182.115.0/24
45.9.168.0/24
88.209.229.0/24
92.52.218.0/24
Signature Algorithm: sha256WithRSAEncryption
43:67:d7:0e:4a:37:5d:b0:96:dc:14:e9:7f:c5:0b:77:01:bd:
ae:bb:f7:e8:db:dc:54:54:cc:55:3a:ca:8c:33:65:15:44:c4:
d9:1a:ab:27:9d:d7:be:fb:b7:b6:f1:27:cd:ad:40:e0:ca:0b:
74:a1:2d:bb:00:2d:79:a3:8e:83:01:6e:46:44:86:1f:13:1d:
45:4a:4c:46:2a:20:71:0e:b1:51:65:ae:b9:66:d3:7b:7f:0d:
9d:84:d8:c5:8e:66:ef:30:05:25:7e:06:43:2a:b4:3b:cf:92:
df:00:e7:57:87:6b:c1:26:9b:8d:41:26:20:5d:44:fc:cf:e3:
4b:d9:b6:74:80:66:6c:ff:3d:66:28:57:6f:19:b9:47:cb:66:
3a:18:c3:0f:9d:4b:27:2d:9f:84:83:46:53:4c:7d:5a:96:ef:
11:95:d7:44:95:cb:62:b4:37:36:0f:f6:a7:22:62:d7:87:68:
4d:5d:f5:83:8e:70:11:90:c0:67:7e:77:a5:4f:36:64:bf:d0:
2b:a8:3e:22:ac:b8:eb:cc:b2:5a:b5:83:d8:8b:6f:69:cd:7d:
84:da:58:90:31:ee:af:0d:a5:ec:dc:85:36:10:a0:f2:dd:85:
c6:17:9b:3b:98:8f:89:69:06:1a:d2:f6:48:58:77:87:0e:64:
65:92:f0:e2
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYI6hdFJn9gwp3NGX3KpcXIvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI2MTI0MDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzFkZTE3ZmI5NDBlNmQ0MzViZGQ5MjA5OGM2MzkzNzFiYTQwYTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkj3y+P+nxokdqSPhygPWWYZsP34O
QGvBtLQrXvYVwnyXdi2Qr32tP6osae7ZJ1I3oAgaeduABBk4ynZ6iw8cTEUbiNon
qpJ7uxyYVKm8NoYNTvu+0iMVn3iDU5mVb7vCcrhjUraekBUdYfcyFSaMvhZG+G+H
4a00rIbcuHJHdQi1eHtFLpo6NE5QnLtOMXHqflOjddGxwSltHOJp4C+OdL/Dm2gb
oNCeWyTtE1wNsjYLccqhb5DnU4vY/1p3oGTLYEnqC333CDbxkI4OeoYRDso78NqX
BnmEmlY4SxrJl4TvDnBgczx9jlflnAVF1SB1pOdtFfV7LtK4grg8rMldgQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHcd4X+5QObUNb3ZIJjGOTcbpApIMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvZHgzaGY3bEE1dFExdmRrZ21NWTVOeHVrQ2tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABbZwAwQA
BbZzAwQALQmoAwQAWNHlAwQAXDTaMA0GCSqGSIb3DQEBCwUAA4IBAQBDZ9cOSjdd
sJbcFOl/xQt3Ab2uu/fo29xUVMxVOsqMM2UVRMTZGqsnnde++7e28SfNrUDgygt0
oS27AC15o46DAW5GRIYfEx1FSkxGKiBxDrFRZa65ZtN7fw2dhNjFjmbvMAUlfgZD
KrQ7z5LfAOdXh2vBJpuNQSYgXUT8z+NL2bZ0gGZs/z1mKFdvGblHy2Y6GMMPnUsn
LZ+Eg0ZTTH1alu8RlddElctitDc2D/anImLXh2hNXfWDjnARkMBnfnelTzZkv9Ar
qD4irLjrzLJatYPYi29pzX2E2liQMe6vDaXs3IU2EKDy3YXGF5s7mI+JaQYa0vZI
WHeHDmRlkvDi
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:51 2023 by rpki-client on console-ams.rpki-client.org