Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DY3MThqCozNyjm5gjgcrKlNlMtA.roa
File: DY3MThqCozNyjm5gjgcrKlNlMtA.roa (raw, json)
Hash identifier: HD3iZNxDo9vc4oEQ+m/N2my1+grgVuMrR5enfS3rdM4=
Subject key identifier: 0D:8D:CC:4E:1A:82:A3:33:72:8E:6E:60:8E:07:2B:2A:53:65:32:D0
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0184C87F1165B47B358FE28598B48D4A6F2A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DY3MThqCozNyjm5gjgcrKlNlMtA.roa
Signing time: Wed 30 Nov 2022 12:24:41 +0000
ROA not before: Wed 30 Nov 2022 12:24:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
85.31.45.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c8:7f:11:65:b4:7b:35:8f:e2:85:98:b4:8d:4a:6f:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 30 12:24:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d8dcc4e1a82a333728e6e608e072b2a536532d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:61:2b:7b:c3:cc:0c:fb:51:a2:14:7b:2e:63:
b3:52:16:8e:13:90:96:94:77:aa:ea:73:78:c3:fb:
e0:94:8d:5f:4d:b9:f9:99:3d:5d:63:48:dd:57:0f:
d2:7e:01:a4:9e:95:4a:29:71:3e:f2:59:f1:6c:24:
05:a5:02:51:ec:18:cd:5a:35:f9:bd:fb:1f:53:70:
07:35:18:f4:ca:f5:0e:ff:6b:78:18:30:8a:eb:f4:
e6:4b:ff:c1:c3:65:78:19:e3:a6:b4:54:98:e7:cb:
5c:ff:6e:45:c2:24:4e:a7:8c:af:08:ff:7d:66:ea:
dd:41:f7:b5:8b:0d:8a:e9:af:34:a9:aa:fd:90:ec:
09:27:f8:53:7e:dd:82:25:94:3e:d1:b4:95:50:ac:
65:a6:d8:91:16:17:a7:58:bf:c2:9d:4d:8d:02:47:
e4:a2:ee:05:98:99:12:6e:7f:ab:44:db:6d:a7:28:
5f:ea:74:58:ff:07:d0:1a:55:15:2b:78:4c:44:a6:
79:b6:f6:a0:dd:d4:88:47:d8:6a:02:e7:95:85:57:
42:1e:8a:c4:d5:9c:4d:fc:27:46:af:98:6a:3e:ef:
dc:81:6b:ff:67:64:4f:1a:b2:51:38:4d:ba:00:0b:
c5:cc:3b:7e:34:71:34:64:6f:63:4f:44:e9:65:e0:
c0:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:8D:CC:4E:1A:82:A3:33:72:8E:6E:60:8E:07:2B:2A:53:65:32:D0
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DY3MThqCozNyjm5gjgcrKlNlMtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.48.0/24
84.21.173.0/24
85.31.45.0/24
85.31.47.0/24
87.120.87.0/24
94.154.172.0/24
178.215.225.0/24
178.215.227.0/24
178.215.239.0/24
185.216.69.0-185.216.70.255
193.35.19.0/24
194.55.224.0/23
194.55.227.0/24
Signature Algorithm: sha256WithRSAEncryption
46:94:0c:40:f0:dc:9a:46:f0:0c:c4:21:df:f1:7e:cb:01:d5:
12:8d:e5:52:7b:15:da:58:eb:26:44:f1:fb:e7:4a:fc:4b:a3:
b8:66:d8:90:66:3c:e3:1c:68:f3:93:10:83:ce:8c:69:e3:12:
c3:0d:10:82:18:91:58:68:55:95:55:56:5e:43:dd:10:74:9a:
68:b4:cc:07:73:96:45:ea:88:f3:99:61:02:e8:30:07:e2:94:
59:7a:fc:33:43:8a:28:32:6e:e0:34:04:b6:cb:a2:31:b8:b9:
e3:58:ed:10:76:e7:60:3b:35:96:ef:1a:03:7d:af:32:4a:53:
7c:2f:7f:dc:a3:47:9c:45:a6:e4:fb:6a:05:ba:34:ba:9a:c9:
18:b9:43:9d:05:09:ed:fa:07:80:90:4b:08:2c:af:27:19:8e:
ff:56:b1:ad:a7:03:3b:e3:32:64:bb:db:82:80:c4:76:c0:ed:
02:02:b2:69:7a:49:9a:21:da:b9:c6:2e:31:07:b6:83:ef:d1:
2f:f9:86:38:97:f4:6b:f0:27:2a:13:b9:35:00:75:cb:26:5d:
71:bf:b8:ef:93:20:49:28:8c:e2:3d:7a:4d:18:29:8d:cc:18:
00:1c:80:2a:d6:a6:d9:73:6e:39:80:b4:f8:10:df:ad:17:7a:
43:4c:44:3c
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAYTIfxFltHs1j+KFmLSNSm8qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTMwMTIyNDQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDhkY2M0ZTFhODJhMzMzNzI4ZTZlNjA4ZTA3MmIyYTUzNjUzMmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGEre8PMDPtRohR7LmOzUhaOE5CW
lHeq6nN4w/vglI1fTbn5mT1dY0jdVw/SfgGknpVKKXE+8lnxbCQFpQJR7BjNWjX5
vfsfU3AHNRj0yvUO/2t4GDCK6/TmS//Bw2V4GeOmtFSY58tc/25FwiROp4yvCP99
ZurdQfe1iw2K6a80qar9kOwJJ/hTft2CJZQ+0bSVUKxlptiRFhenWL/CnU2NAkfk
ou4FmJkSbn+rRNttpyhf6nRY/wfQGlUVK3hMRKZ5tvag3dSIR9hqAueVhVdCHorE
1ZxN/CdGr5hqPu/cgWv/Z2RPGrJROE26AAvFzDt+NHE0ZG9jT0TpZeDAAQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFA2NzE4agqMzco5uYI4HKypTZTLQMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRFkzTVRocUNvek55am01Z2pnY3JLbE5sTXRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAUEwwAwQA
VBWtAwQAVR8tAwQAVR8vAwQAV3hXAwQAXpqsAwQAstfhAwQAstfjAwQAstfvMAwD
BAC52EUDBAC52EYDBADBIxMDBAHCN+ADBADCN+MwDQYJKoZIhvcNAQELBQADggEB
AEaUDEDw3JpG8AzEId/xfssB1RKN5VJ7FdpY6yZE8fvnSvxLo7hm2JBmPOMcaPOT
EIPOjGnjEsMNEIIYkVhoVZVVVl5D3RB0mmi0zAdzlkXqiPOZYQLoMAfilFl6/DND
iigybuA0BLbLojG4ueNY7RB252A7NZbvGgN9rzJKU3wvf9yjR5xFpuT7agW6NLqa
yRi5Q50FCe36B4CQSwgsrycZjv9Wsa2nAzvjMmS724KAxHbA7QICsml6SZoh2rnG
LjEHtoPv0S/5hjiX9GvwJyoTuTUAdcsmXXG/uO+TIEkojOI9ek0YKY3MGAAcgCrW
ptlzbjmAtPgQ360XekNMRDw=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:33 2023 by rpki-client on console-ams.rpki-client.org