Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TB94PNpuWf_D2GiqorUq1GHmMAU.roa
File: TB94PNpuWf_D2GiqorUq1GHmMAU.roa (raw, json)
Hash identifier: K0yHCxDwDPz7anu4BGvXMS/J/sA4xnt2C/oGY5uJwPg=
Subject key identifier: 4C:1F:78:3C:DA:6E:59:FF:C3:D8:68:AA:A2:B5:2A:D4:61:E6:30:05
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018224A0F11DC53503A002A5AEFAF57E0E17
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TB94PNpuWf_D2GiqorUq1GHmMAU.roa
Signing time: Fri 22 Jul 2022 06:38:23 +0000
ROA not before: Fri 22 Jul 2022 06:38:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 85.31.45.0/24 maxlen: 24
85.31.47.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
185.218.136.0/24 maxlen: 24
94.154.172.0/24 maxlen: 24
193.35.19.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
94.154.174.0/24 maxlen: 24
109.206.239.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
85.217.144.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.237.0/24 maxlen: 24
80.76.50.0/24 maxlen: 24
80.76.49.0/24 maxlen: 24
80.76.48.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.97.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
185.252.177.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
193.37.42.0/24 maxlen: 24
193.37.47.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
185.216.69.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
79.110.61.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.103.127.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:24:a0:f1:1d:c5:35:03:a0:02:a5:ae:fa:f5:7e:0e:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 22 06:38:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4c1f783cda6e59ffc3d868aaa2b52ad461e63005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:14:0d:11:29:99:25:1e:64:f4:96:8b:aa:85:
31:eb:b0:c2:8f:cc:a3:24:07:41:07:51:8a:e0:cb:
75:9e:cb:92:92:86:6e:42:6d:57:96:e8:f6:9d:15:
d0:46:3f:0f:3e:76:a0:ae:3f:56:00:53:fc:db:21:
bf:8d:47:de:b5:ee:0a:71:e1:81:40:41:90:68:bc:
02:6d:6c:12:c0:28:33:4a:1d:5d:0d:e3:ac:8f:35:
fc:6e:0c:f4:99:1a:b9:56:19:46:10:af:82:5f:92:
e6:76:fc:05:ef:0d:b7:19:de:71:e2:25:4b:0a:ef:
ed:a9:45:53:5e:12:76:d9:e0:e2:a1:d2:fd:78:a2:
0f:9d:be:3f:cc:18:74:87:fc:84:0e:61:20:9e:b9:
c8:ba:a8:a1:50:2c:c3:22:74:d8:bf:76:1c:22:b5:
0c:69:14:ef:18:91:47:7a:57:de:05:85:43:6e:4d:
a0:d4:c2:5b:fc:df:e3:46:05:8e:04:2d:eb:46:c4:
9e:e4:19:21:d8:f0:67:c4:25:fb:a3:7b:dd:89:bf:
5a:92:15:7b:7d:33:bf:94:fa:02:ed:bb:dc:e9:d9:
16:b2:a2:2f:cd:b0:81:a5:c5:e0:d4:23:e2:1f:30:
b3:d6:f9:6a:b3:49:c8:8d:46:53:81:97:eb:7a:42:
2c:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1F:78:3C:DA:6E:59:FF:C3:D8:68:AA:A2:B5:2A:D4:61:E6:30:05
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TB94PNpuWf_D2GiqorUq1GHmMAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.48.0/24
79.110.61.0/24
79.110.63.0/24
80.76.48.0-80.76.50.255
83.219.97.0/24
85.31.45.0/24
85.31.47.0/24
85.217.144.0/24
87.120.84.0/24
87.120.87.0/24
94.103.125.0-94.103.127.255
94.154.172.0/24
94.154.174.0/24
109.206.239.0/24
178.215.225.0-178.215.227.255
178.215.236.0/23
178.215.239.0/24
185.216.69.0-185.216.70.255
185.218.136.0/24
185.246.221.0/24
185.252.176.0/23
193.35.18.0/23
193.37.42.0/24
193.37.47.0/24
193.47.62.0/23
193.222.96.0-193.222.98.255
194.169.175.0/24
194.180.50.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:be:8f:37:64:3f:19:aa:7d:3d:60:13:59:44:ee:18:2f:cb:
d2:4a:d8:56:c3:b6:bb:00:c7:c4:62:61:d9:91:3c:b7:87:ac:
7c:6d:f4:62:be:b6:8f:88:66:39:72:d8:fc:d0:7f:ec:e4:6e:
48:24:dc:24:eb:c3:31:b9:ed:5b:12:b9:36:2d:29:bd:d2:0d:
c1:da:ca:20:1c:ff:c2:9e:fb:89:89:b0:90:0c:92:05:44:17:
64:6e:1f:0d:d0:ef:19:ad:1a:81:f3:3c:71:cf:b5:60:e3:40:
b9:c3:f2:ac:92:b4:d2:9c:5c:17:15:60:11:39:b9:7f:92:ed:
02:15:83:1b:5c:58:38:da:82:3a:17:88:0d:e2:df:8d:1d:63:
f3:83:28:f4:c1:bd:19:88:88:e3:af:03:fb:3e:d1:ce:47:99:
4b:b2:cb:fc:86:44:68:16:2a:23:e2:e1:5d:4f:e0:ae:4e:95:
19:1a:d8:3c:74:9c:c8:0e:71:98:17:14:77:ca:90:20:68:9c:
f1:e0:f4:43:7f:10:3f:ab:9f:17:ac:20:5d:cb:34:45:3d:a7:
ad:b9:cb:2b:28:25:57:3f:a4:fd:33:c8:1a:75:f7:fd:11:5f:
3a:6b:32:42:65:45:d4:ce:2d:4a:b1:08:06:44:d7:ea:a1:1c:
04:93:ab:32
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAYIkoPEdxTUDoAKlrvr1fg4XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwNzIyMDYzODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzFmNzgzY2RhNmU1OWZmYzNkODY4YWFhMmI1MmFkNDYxZTYzMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhQNESmZJR5k9JaLqoUx67DCj8yj
JAdBB1GK4Mt1nsuSkoZuQm1Xluj2nRXQRj8PPnagrj9WAFP82yG/jUfete4KceGB
QEGQaLwCbWwSwCgzSh1dDeOsjzX8bgz0mRq5VhlGEK+CX5LmdvwF7w23Gd5x4iVL
Cu/tqUVTXhJ22eDiodL9eKIPnb4/zBh0h/yEDmEgnrnIuqihUCzDInTYv3YcIrUM
aRTvGJFHelfeBYVDbk2g1MJb/N/jRgWOBC3rRsSe5Bkh2PBnxCX7o3vdib9akhV7
fTO/lPoC7bvc6dkWsqIvzbCBpcXg1CPiHzCz1vlqs0nIjUZTgZfrekIslQIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFEwfeDzabln/w9hoqqK1KtRh5jAFMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVEI5NFBOcHVXZl9EMkdpcW9yVXExR0htTUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DCB3QQCAAEwgdYDBABP
bjADBABPbj0DBABPbj8wDAMEBFBMMAMEAFBMMgMEAFPbYQMEAFUfLQMEAFUfLwME
AFXZkAMEAFd4VAMEAFd4VzAMAwQAXmd9AwQHXmcAAwQAXpqsAwQAXpquAwQAbc7v
MAwDBACy1+EDBAKy1+ADBAGy1+wDBACy1+8wDAMEALnYRQMEALnYRgMEALnaiAME
ALn23QMEAbn8sAMEAcEjEgMEAMElKgMEAMElLwMEAcEvPjAMAwQFwd5gAwQAwd5i
AwQAwqmvAwQAwrQyAwQA1FfNMA0GCSqGSIb3DQEBCwUAA4IBAQCkvo83ZD8Zqn09
YBNZRO4YL8vSSthWw7a7AMfEYmHZkTy3h6x8bfRivraPiGY5ctj80H/s5G5IJNwk
68Mxue1bErk2LSm90g3B2sogHP/CnvuJibCQDJIFRBdkbh8N0O8ZrRqB8zxxz7Vg
40C5w/KskrTSnFwXFWARObl/ku0CFYMbXFg42oI6F4gN4t+NHWPzgyj0wb0ZiIjj
rwP7PtHOR5lLssv8hkRoFioj4uFdT+CuTpUZGtg8dJzIDnGYFxR3ypAgaJzx4PRD
fxA/q58XrCBdyzRFPaetucsrKCVXP6T9M8gadff9EV86azJCZUXUzi1KsQgGRNfq
oRwEk6sy
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:37 2023 by rpki-client on console-ams.rpki-client.org