Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zuTvDsnI_AKK0HkDoZ1J80J43bg.roa
File: zuTvDsnI_AKK0HkDoZ1J80J43bg.roa (raw, json)
Hash identifier: v1ITxTNTEh0ZVNvx5T7ccr9PQ7nne8SajL+HhggoJIs=
Subject key identifier: CE:E4:EF:0E:C9:C8:FC:02:8A:D0:79:03:A1:9D:49:F3:42:78:DD:B8
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01823A85D0834455ACD378002F90E7912EAD
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zuTvDsnI_AKK0HkDoZ1J80J43bg.roa
Signing time: Tue 26 Jul 2022 12:40:24 +0000
ROA not before: Tue 26 Jul 2022 12:40:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 92.52.214.0/24 maxlen: 24
88.209.252.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:3a:85:d0:83:44:55:ac:d3:78:00:2f:90:e7:91:2e:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 26 12:40:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=cee4ef0ec9c8fc028ad07903a19d49f34278ddb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d1:0b:b6:6a:a0:92:4c:b1:fe:7d:ce:f0:d0:
a1:83:b5:c9:a9:b3:a8:fd:39:6c:89:65:a7:ec:ab:
9b:ff:66:d1:43:65:c8:e3:74:8d:e5:ad:f7:e8:f2:
7a:d5:36:b6:69:54:02:68:9c:d9:24:44:6d:c4:13:
0a:84:51:2f:b1:c5:3e:60:ec:2a:50:74:bf:01:25:
de:0b:69:3e:1a:0a:67:a9:0f:63:43:2c:be:cb:5d:
07:b5:58:ca:2b:b0:77:b5:6f:36:62:a1:7b:15:91:
4d:c0:dc:ee:b3:58:59:d3:0c:7b:31:dd:d0:8e:26:
98:02:bc:81:80:41:ca:d1:bb:aa:22:1e:ce:13:13:
77:8c:f2:a1:eb:48:ab:d9:92:45:7b:33:f9:c9:59:
24:71:e8:51:dc:fb:a8:aa:89:27:7a:6d:ba:d8:f7:
10:9e:c3:13:cd:dc:7a:3b:31:f2:1d:e9:a4:5c:8a:
06:12:c6:b4:8c:95:7a:ae:fe:2c:2b:e8:3f:e0:f9:
a1:04:71:8e:60:28:4a:c1:59:cc:eb:59:bd:27:75:
88:62:9c:d9:46:7a:a1:84:e9:9b:fd:e1:7b:b2:77:
6e:4d:6a:2d:17:f3:88:b2:d7:60:0f:9e:90:79:0d:
02:1a:24:85:9d:dd:7d:b7:15:65:1d:6a:62:a3:6f:
d5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:E4:EF:0E:C9:C8:FC:02:8A:D0:79:03:A1:9D:49:F3:42:78:DD:B8
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zuTvDsnI_AKK0HkDoZ1J80J43bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.209.252.0/24
88.209.255.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:10:86:13:4b:06:2e:44:c0:26:b3:f3:4d:a4:fd:2b:f4:d3:
e5:08:72:cb:e9:ab:7b:4e:3a:17:06:06:c9:5e:2e:30:d5:f4:
98:79:93:9a:2e:ee:d0:6a:56:98:fe:70:8d:13:db:e6:f9:75:
e9:43:46:07:08:75:01:a1:ec:01:9d:84:3a:9e:67:ad:cb:35:
38:b0:62:4d:bf:0a:c0:0a:f1:54:e7:ee:b6:55:c9:c8:6e:59:
01:6a:57:2d:97:0d:82:24:c4:8d:9a:7f:f9:dc:e4:80:0e:9a:
d7:97:0b:ca:14:3d:95:d4:7a:5e:7e:6d:bd:13:84:f9:e1:43:
56:28:70:a2:fc:52:30:5f:00:a1:d1:1a:ba:90:68:52:0c:b7:
26:de:88:c4:ef:af:01:2c:0d:1f:59:39:76:f8:95:c5:e7:83:
58:2f:cf:e6:49:71:da:27:98:1f:67:16:ce:8b:1a:e4:78:81:
fa:1a:26:4c:14:cb:7a:38:73:30:b4:55:27:73:ac:11:ae:46:
bc:e4:ee:9b:97:e2:35:3f:90:1b:e7:4f:b1:23:1f:79:d7:86:
8f:3d:5a:6e:3b:57:09:cb:73:56:d7:90:fb:6c:13:21:1b:5a:
99:48:60:65:32:8f:b3:74:88:df:94:5b:a9:cb:cc:dd:22:cc:
60:d1:8e:70
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYI6hdCDRFWs03gAL5DnkS6tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzI2MTI0MDI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWU0ZWYwZWM5YzhmYzAyOGFkMDc5MDNhMTlkNDlmMzQyNzhkZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9ELtmqgkkyx/n3O8NChg7XJqbOo
/TlsiWWn7Kub/2bRQ2XI43SN5a336PJ61Ta2aVQCaJzZJERtxBMKhFEvscU+YOwq
UHS/ASXeC2k+GgpnqQ9jQyy+y10HtVjKK7B3tW82YqF7FZFNwNzus1hZ0wx7Md3Q
jiaYAryBgEHK0buqIh7OExN3jPKh60ir2ZJFezP5yVkkcehR3Puoqoknem262PcQ
nsMTzdx6OzHyHemkXIoGEsa0jJV6rv4sK+g/4PmhBHGOYChKwVnM61m9J3WIYpzZ
RnqhhOmb/eF7snduTWotF/OIstdgD56QeQ0CGiSFnd19txVlHWpio2/V1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM7k7w7JyPwCitB5A6GdSfNCeN24MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvenVUdkRzbklfQUtLMEhrRG9aMUo4MEo0M2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWNH8AwQA
WNH/AwQAXDTWMA0GCSqGSIb3DQEBCwUAA4IBAQC4EIYTSwYuRMAms/NNpP0r9NPl
CHLL6at7TjoXBgbJXi4w1fSYeZOaLu7QalaY/nCNE9vm+XXpQ0YHCHUBoewBnYQ6
nmetyzU4sGJNvwrACvFU5+62VcnIblkBalctlw2CJMSNmn/53OSADprXlwvKFD2V
1Hpefm29E4T54UNWKHCi/FIwXwCh0Rq6kGhSDLcm3ojE768BLA0fWTl2+JXF54NY
L8/mSXHaJ5gfZxbOixrkeIH6GiZMFMt6OHMwtFUnc6wRrka85O6bl+I1P5Ab50+x
Ix9514aPPVpuO1cJy3NW15D7bBMhG1qZSGBlMo+zdIjflFupy8zdIsxg0Y5w
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:28 2024 by rpki-client on console-fra.rpki-client.org