Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/JIo3VqG-xefzVQ_K9Xuy8ZtZGpw.roa
File: JIo3VqG-xefzVQ_K9Xuy8ZtZGpw.roa (raw, json)
Hash identifier: 775A6U4165Zlq2CS3FpLUcdBmPczLqwWB0srXdJIOx4=
Subject key identifier: 24:8A:37:56:A1:BE:C5:E7:F3:55:0F:CA:F5:7B:B2:F1:9B:59:1A:9C
Certificate issuer: /CN=a6f87cf4a15b9e7822455b3aa8af0b5ed3a299f7
Certificate serial: 0185285E6D093E71A51CAACFA38A1589A452
Authority key identifier: A6:F8:7C:F4:A1:5B:9E:78:22:45:5B:3A:A8:AF:0B:5E:D3:A2:99:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pvh89KFbnngiRVs6qK8LXtOimfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/JIo3VqG-xefzVQ_K9Xuy8ZtZGpw.roa
Signing time: Mon 19 Dec 2022 03:12:35 +0000
ROA not before: Mon 19 Dec 2022 03:12:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42831
IP address blocks: 81.92.217.0/24 maxlen: 24
81.92.219.0/24 maxlen: 24
81.92.218.0/24 maxlen: 24
81.92.218.0/23 maxlen: 23
94.46.184.0/22 maxlen: 22
81.92.192.0/22 maxlen: 22
185.109.168.0/22 maxlen: 22
94.46.244.0/22 maxlen: 22
91.109.112.0/21 maxlen: 21
94.46.192.0/22 maxlen: 22
94.46.207.0/24 maxlen: 24
94.46.220.0/22 maxlen: 22
185.99.252.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:28:5e:6d:09:3e:71:a5:1c:aa:cf:a3:8a:15:89:a4:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6f87cf4a15b9e7822455b3aa8af0b5ed3a299f7
Validity
Not Before: Dec 19 03:12:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=248a3756a1bec5e7f3550fcaf57bb2f19b591a9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d9:4b:7c:56:9d:40:6b:e3:3a:9c:ba:11:8c:
5d:6a:1b:3c:34:78:d2:24:06:e3:e6:53:ec:56:9a:
55:8a:8c:ce:20:38:c1:79:3a:7c:30:c6:81:54:f9:
7c:aa:26:f3:fc:2f:ed:0b:87:5f:38:65:8b:43:6a:
20:00:5c:c7:9d:c9:77:c5:4f:02:d1:36:54:32:b9:
c3:eb:d8:b8:76:ff:6d:a8:2f:fe:e9:9a:54:e9:fa:
e4:4f:43:a9:32:23:27:2d:b5:2e:0d:bf:01:78:d5:
ef:cb:dc:ac:7f:c1:37:23:14:de:13:b3:9f:7e:d4:
cf:b4:fe:71:b5:d1:24:b6:00:be:b4:ec:06:e2:32:
22:ab:90:2c:02:ed:75:77:13:07:90:8e:e6:8b:14:
5d:d6:f2:e3:9d:a1:5c:8e:f3:fe:9a:d2:04:88:95:
91:c3:30:da:e3:93:ed:b0:f7:6e:e8:4e:27:af:f0:
12:4a:94:53:b5:da:96:0b:a1:1c:f5:2a:09:0e:46:
51:8c:03:84:ef:72:d1:bd:69:da:28:89:90:cf:d7:
9c:8c:5e:86:22:0e:84:38:d4:44:4b:cb:c3:ca:e5:
b9:fd:c9:23:f0:de:86:77:d0:a5:09:e5:97:9f:94:
8c:7f:20:97:2f:56:1f:c7:66:cf:c5:6d:3e:4f:c1:
0b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8A:37:56:A1:BE:C5:E7:F3:55:0F:CA:F5:7B:B2:F1:9B:59:1A:9C
X509v3 Authority Key Identifier:
keyid:A6:F8:7C:F4:A1:5B:9E:78:22:45:5B:3A:A8:AF:0B:5E:D3:A2:99:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pvh89KFbnngiRVs6qK8LXtOimfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/JIo3VqG-xefzVQ_K9Xuy8ZtZGpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/289b1d-08dd-4d53-b12d-7d4028a1bf59/1/pvh89KFbnngiRVs6qK8LXtOimfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.92.192.0/22
81.92.217.0-81.92.219.255
91.109.112.0/21
94.46.184.0/22
94.46.192.0/22
94.46.207.0/24
94.46.220.0/22
94.46.244.0/22
185.99.252.0/22
185.109.168.0/22
Signature Algorithm: sha256WithRSAEncryption
33:b0:e6:16:1f:4a:d9:db:e4:d5:7b:5d:42:30:62:a5:7a:92:
5c:c5:aa:cd:08:e8:79:39:fd:26:2d:21:31:67:9e:23:1b:40:
d4:45:4c:2a:19:52:b7:37:de:33:8a:84:58:73:e3:32:38:f9:
a9:3d:ff:bc:84:13:fc:6c:ea:93:85:0e:d0:ed:63:f6:6d:2d:
d9:09:ec:f0:01:17:63:90:c0:8f:c3:00:5f:4f:3a:8b:7d:ae:
30:28:8a:69:64:29:1f:1f:33:ae:8f:2f:bc:56:d6:bc:5f:74:
20:93:49:31:da:58:1d:44:fb:1b:53:4f:4b:d0:c5:4f:0b:76:
b5:3f:48:0c:ff:f1:a5:33:c6:6a:ba:e6:16:65:95:19:9b:4a:
0d:f2:ef:53:fb:82:97:e6:6c:fb:a0:be:c2:2f:44:19:25:02:
29:19:dc:17:8f:5d:4f:9a:42:f2:7e:bc:80:2a:6a:7e:30:7f:
85:90:17:75:95:d3:b8:e1:38:e2:74:c5:15:13:00:52:3c:30:
3d:67:45:39:49:f3:cf:ee:d8:a3:d7:b8:80:a9:8e:ea:27:c0:
1f:77:e5:fd:a3:be:34:cf:63:6d:ed:d8:47:94:c8:dc:86:aa:
ff:ca:2e:f1:2f:55:d3:e8:29:8e:f4:78:f5:3f:8f:c9:97:ba:
05:6c:a5:fb
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYUoXm0JPnGlHKrPo4oViaRSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Zjg3Y2Y0YTE1YjllNzgyMjQ1NWIzYWE4YWYwYjVlZDNh
Mjk5ZjcwHhcNMjIxMjE5MDMxMjM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNDhhMzc1NmExYmVjNWU3ZjM1NTBmY2FmNTdiYjJmMTliNTkxYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNlLfFadQGvjOpy6EYxdahs8NHjS
JAbj5lPsVppViozOIDjBeTp8MMaBVPl8qibz/C/tC4dfOGWLQ2ogAFzHncl3xU8C
0TZUMrnD69i4dv9tqC/+6ZpU6frkT0OpMiMnLbUuDb8BeNXvy9ysf8E3IxTeE7Of
ftTPtP5xtdEktgC+tOwG4jIiq5AsAu11dxMHkI7mixRd1vLjnaFcjvP+mtIEiJWR
wzDa45PtsPdu6E4nr/ASSpRTtdqWC6Ec9SoJDkZRjAOE73LRvWnaKImQz9ecjF6G
Ig6EONRES8vDyuW5/ckj8N6Gd9ClCeWXn5SMfyCXL1Yfx2bPxW0+T8ELdwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCSKN1ahvsXn81UPyvV7svGbWRqcMB8GA1UdIwQY
MBaAFKb4fPShW554IkVbOqivC17Topn3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHZoODlLRmJubmdpUlZzNnFLOExYdE9pbWZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8yODliMWQtMDhkZC00ZDUzLWIxMmQt
N2Q0MDI4YTFiZjU5LzEvSklvM1ZxRy14ZWZ6VlFfSzlYdXk4WnRaR3B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8yODliMWQtMDhkZC00ZDUzLWIxMmQtN2Q0MDI4YTFiZjU5
LzEvcHZoODlLRmJubmdpUlZzNnFLOExYdE9pbWZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCUVzAMAwD
BABRXNkDBAJRXNgDBANbbXADBAJeLrgDBAJeLsADBABeLs8DBAJeLtwDBAJeLvQD
BAK5Y/wDBAK5bagwDQYJKoZIhvcNAQELBQADggEBADOw5hYfStnb5NV7XUIwYqV6
klzFqs0I6Hk5/SYtITFnniMbQNRFTCoZUrc33jOKhFhz4zI4+ak9/7yEE/xs6pOF
DtDtY/ZtLdkJ7PABF2OQwI/DAF9POot9rjAoimlkKR8fM66PL7xW1rxfdCCTSTHa
WB1E+xtTT0vQxU8LdrU/SAz/8aUzxmq65hZllRmbSg3y71P7gpfmbPugvsIvRBkl
AikZ3BePXU+aQvJ+vIAqan4wf4WQF3WV07jhOOJ0xRUTAFI8MD1nRTlJ88/u2KPX
uICpjuonwB935f2jvjTPY23t2EeUyNyGqv/KLvEvVdPoKY70ePU/j8mXugVspfs=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:04 2023 by rpki-client on console-fra.rpki-client.org