Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zRw8tS50DvlNhBw0UqRnMlo6OUw.roa
File: zRw8tS50DvlNhBw0UqRnMlo6OUw.roa (raw, json)
Hash identifier: 94RvvNi2+ODQZlQcITuj+V7qqo6EbwOFZoaO7vuGOhk=
Subject key identifier: CD:1C:3C:B5:2E:74:0E:F9:4D:84:1C:34:52:A4:67:32:5A:3A:39:4C
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01825DBED345B91FEF4485063C970C153786
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zRw8tS50DvlNhBw0UqRnMlo6OUw.roa
Signing time: Tue 02 Aug 2022 08:49:23 +0000
ROA not before: Tue 02 Aug 2022 08:49:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 92.52.214.0/24 maxlen: 24
88.209.252.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:5d:be:d3:45:b9:1f:ef:44:85:06:3c:97:0c:15:37:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Aug 2 08:49:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cd1c3cb52e740ef94d841c3452a467325a3a394c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:47:ab:4e:12:2b:1a:d8:4e:71:0f:4f:ff:5e:
04:3b:bd:99:d8:b4:31:cc:63:28:24:5c:5b:40:6f:
06:2b:08:90:3d:e3:95:9f:69:3d:bf:74:ee:55:13:
7d:5a:c8:4d:db:25:62:c1:b2:24:2e:05:0c:ef:cf:
c8:ed:e9:87:43:d8:05:da:3a:28:8a:59:15:7d:8d:
ce:e4:91:df:7c:8d:1b:0e:d1:dd:82:f8:2d:98:1d:
09:41:b1:5d:c5:f1:ab:46:29:f1:64:8a:89:6a:60:
80:5f:1c:c4:9b:e3:96:d5:8d:cd:63:8f:2c:df:d4:
20:51:a0:df:25:74:5d:bd:0d:74:d9:50:ff:d6:c5:
ef:0a:08:0d:36:55:ed:70:9e:e2:56:2f:b0:15:c3:
62:6b:74:bb:17:ce:aa:e5:4d:b1:40:21:c9:77:32:
c4:ba:73:0d:3c:9f:23:6d:53:7e:ff:85:58:17:0c:
a5:23:cf:8b:02:1c:5b:56:68:23:9e:a0:7c:39:0d:
d4:3a:7d:37:20:f9:3e:89:ad:17:e5:b8:a6:86:ea:
e4:8c:85:f7:47:0a:3f:fa:86:4b:83:b5:15:0e:61:
f4:d4:e5:f3:10:e6:47:ec:49:9f:a6:94:34:42:57:
fb:8f:48:f3:1e:dd:a8:45:f1:86:10:cb:f2:f3:a7:
dc:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:1C:3C:B5:2E:74:0E:F9:4D:84:1C:34:52:A4:67:32:5A:3A:39:4C
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zRw8tS50DvlNhBw0UqRnMlo6OUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.151.63.0/24
88.209.252.0/24
88.209.255.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
12:6c:61:37:29:27:14:f0:81:55:4f:47:a2:70:f5:35:47:d9:
7c:13:d0:9c:87:29:f4:47:a9:50:19:c3:29:41:9a:33:3e:4e:
64:fa:9d:72:74:0b:c2:c8:62:64:88:f7:77:42:7d:16:db:00:
66:94:40:77:54:dc:59:a4:5a:ab:9c:6f:6a:fc:7e:b4:52:bb:
e8:a6:80:2f:3a:66:1b:c5:27:9e:a7:14:cd:59:18:b2:33:e4:
5d:d6:b0:20:de:b2:ff:da:28:86:02:38:fd:0c:39:8d:0e:9d:
dd:94:12:0c:c8:1e:fa:32:1a:2a:b4:dd:35:ec:19:de:d2:ff:
3d:57:0a:5b:af:3d:44:10:f9:56:79:52:ac:75:46:c1:c5:8a:
21:a7:fc:b7:c4:13:02:df:e6:ff:38:07:37:3e:3c:36:61:2d:
2e:63:2d:30:32:7c:bb:0d:fc:ef:c1:82:5f:fe:5d:c2:55:cd:
e3:11:b3:15:c8:69:e2:31:95:88:e1:df:da:59:9d:6d:0b:55:
9d:4e:fc:99:d6:46:1d:dd:89:61:21:7a:87:a7:0a:11:14:8a:
0d:7c:59:77:c4:16:b6:03:c3:4f:1c:38:07:4f:e4:12:26:e9:
18:d3:31:ae:d2:45:0b:81:bd:99:ab:f5:e8:55:07:16:af:53:
99:aa:77:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYJdvtNFuR/vRIUGPJcMFTeGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwODAyMDg0OTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDFjM2NiNTJlNzQwZWY5NGQ4NDFjMzQ1MmE0NjczMjVhM2EzOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyEerThIrGthOcQ9P/14EO72Z2LQx
zGMoJFxbQG8GKwiQPeOVn2k9v3TuVRN9WshN2yViwbIkLgUM78/I7emHQ9gF2joo
ilkVfY3O5JHffI0bDtHdgvgtmB0JQbFdxfGrRinxZIqJamCAXxzEm+OW1Y3NY48s
39QgUaDfJXRdvQ102VD/1sXvCggNNlXtcJ7iVi+wFcNia3S7F86q5U2xQCHJdzLE
unMNPJ8jbVN+/4VYFwylI8+LAhxbVmgjnqB8OQ3UOn03IPk+ia0X5bimhurkjIX3
Rwo/+oZLg7UVDmH01OXzEOZH7EmfppQ0Qlf7j0jzHt2oRfGGEMvy86fcZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM0cPLUudA75TYQcNFKkZzJaOjlMMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvelJ3OHRTNTBEdmxOaEJ3MFVxUm5NbG82T1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWJc/AwQA
WNH8AwQAWNH/AwQAXDTWMA0GCSqGSIb3DQEBCwUAA4IBAQASbGE3KScU8IFVT0ei
cPU1R9l8E9Cchyn0R6lQGcMpQZozPk5k+p1ydAvCyGJkiPd3Qn0W2wBmlEB3VNxZ
pFqrnG9q/H60UrvopoAvOmYbxSeepxTNWRiyM+Rd1rAg3rL/2iiGAjj9DDmNDp3d
lBIMyB76MhoqtN017Bne0v89Vwpbrz1EEPlWeVKsdUbBxYohp/y3xBMC3+b/OAc3
Pjw2YS0uYy0wMny7DfzvwYJf/l3CVc3jEbMVyGniMZWI4d/aWZ1tC1WdTvyZ1kYd
3YlhIXqHpwoRFIoNfFl3xBa2A8NPHDgHT+QSJukY0zGu0kULgb2Zq/XoVQcWr1OZ
qnej
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:02 2023 by rpki-client on console-fra.rpki-client.org