Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/ErSQFtXFuwEJ65yInykjBeJnQAQ.roa
File: ErSQFtXFuwEJ65yInykjBeJnQAQ.roa (raw, json)
Hash identifier: okmqNJ5tRzC5sKjIHZB9jQvISpklR8IH6hPQq/+ZFj8=
Subject key identifier: 12:B4:90:16:D5:C5:BB:01:09:EB:9C:88:9F:29:23:05:E2:67:40:04
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 0183E62D79EB1979E9D72FB66820A90881E9
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/ErSQFtXFuwEJ65yInykjBeJnQAQ.roa
Signing time: Mon 17 Oct 2022 13:41:23 +0000
ROA not before: Mon 17 Oct 2022 13:41:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42794
IP address blocks: 88.203.213.0/24 maxlen: 24
88.203.210.0/23 maxlen: 23
88.203.208.0/23 maxlen: 23
88.203.212.0/24 maxlen: 24
88.203.214.0/24 maxlen: 24
88.203.215.0/24 maxlen: 24
88.203.232.0/24 maxlen: 24
88.203.233.0/24 maxlen: 24
212.36.17.0/24 maxlen: 24
82.103.112.0/24 maxlen: 24
92.247.125.0/24 maxlen: 24
92.247.124.0/22 maxlen: 22
92.247.120.0/22 maxlen: 22
92.247.124.0/24 maxlen: 24
92.247.128.0/23 maxlen: 23
92.247.126.0/24 maxlen: 24
92.247.127.0/24 maxlen: 24
2a01:288:4004::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e6:2d:79:eb:19:79:e9:d7:2f:b6:68:20:a9:08:81:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Oct 17 13:41:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=12b49016d5c5bb0109eb9c889f292305e2674004
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:87:e4:c3:6b:db:83:06:45:7b:e9:01:70:36:
03:d2:2a:f3:11:6e:b5:7c:e6:f7:dd:9e:67:ad:63:
bd:5e:da:b9:40:d2:71:b6:27:63:d3:ab:1c:89:93:
2a:35:76:ee:07:b8:c8:8a:dc:b4:c1:5e:5a:e4:92:
50:ad:d9:0f:3f:c1:79:8a:4f:e2:83:4f:43:47:c6:
1c:a4:0f:67:cb:aa:b8:ad:c7:ad:93:52:e4:15:bf:
f0:24:10:25:a2:d5:54:89:ae:7f:cb:db:d9:24:aa:
08:6e:32:b1:2e:5b:80:99:b1:94:02:9e:3c:ef:bd:
2d:fc:6b:6f:b1:1e:e9:68:e7:70:58:58:27:64:c6:
d2:c9:62:ca:80:99:98:2e:64:f5:2e:ba:3f:73:72:
89:a9:f1:c0:6a:e2:67:23:45:7e:bc:83:6a:bf:b0:
43:3b:76:5a:27:01:d0:e0:4b:ca:59:ff:dd:ad:d2:
d8:e4:9d:12:cb:9c:bf:fc:49:af:41:a7:9a:51:3b:
b9:92:88:0a:43:81:3e:23:09:87:a0:90:9c:63:59:
4d:df:d1:dd:62:36:a3:6e:7f:2e:78:85:8c:4a:9e:
17:6e:4c:1f:2a:3a:1a:2c:56:e2:8f:ed:25:ae:3f:
3d:ac:9e:a3:70:18:0d:6e:ff:34:d3:dc:cb:41:32:
41:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B4:90:16:D5:C5:BB:01:09:EB:9C:88:9F:29:23:05:E2:67:40:04
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/ErSQFtXFuwEJ65yInykjBeJnQAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.103.112.0/24
88.203.208.0/21
88.203.232.0/23
92.247.120.0-92.247.129.255
212.36.17.0/24
IPv6:
2a01:288:4004::/48
Signature Algorithm: sha256WithRSAEncryption
40:2d:40:d6:9a:0f:60:f0:6a:e0:44:5f:99:eb:d1:01:10:9e:
d7:72:83:9b:86:39:f4:83:1c:9e:96:13:1e:c5:0d:47:b9:ad:
3a:4f:8d:dd:21:5a:73:fb:9d:5f:e7:24:3c:3d:98:ec:17:65:
1b:ab:02:b8:d5:a9:d7:f0:ad:22:5f:89:a3:24:df:95:ec:0a:
2f:b1:ce:fc:f4:d1:77:62:4f:8c:62:b8:46:f1:da:b6:d6:48:
dc:f6:42:0f:42:71:bb:c0:56:52:4f:c6:f1:00:ea:e5:17:6d:
89:19:00:2c:0a:17:51:7e:70:b4:4f:7c:23:2c:3e:7a:2f:b8:
99:be:6c:2b:29:3a:27:d5:3a:9a:6f:76:a9:3b:03:36:75:a2:
51:01:e3:3d:3d:80:e1:11:e3:c9:2e:34:51:e3:ca:10:85:34:
5b:d1:66:a3:a8:e4:f8:32:62:24:6b:04:6d:ef:99:21:4e:8f:
75:8e:7c:1a:ac:e1:d1:50:ec:67:4e:54:04:d4:3d:80:f1:c7:
42:a8:68:cb:ae:0d:04:55:56:1c:c3:c2:14:18:e6:ad:31:1b:
36:aa:e6:a2:b3:b2:9b:aa:88:3b:4d:f3:62:0a:eb:88:87:88:
dc:33:0f:65:f8:19:4a:06:b0:50:02:84:2b:5f:91:33:61:bf:
3f:14:86:42
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAYPmLXnrGXnp1y+2aCCpCIHpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjIxMDE3MTM0MTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmI0OTAxNmQ1YzViYjAxMDllYjljODg5ZjI5MjMwNWUyNjc0MDA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYfkw2vbgwZFe+kBcDYD0irzEW61
fOb33Z5nrWO9Xtq5QNJxtidj06sciZMqNXbuB7jIity0wV5a5JJQrdkPP8F5ik/i
g09DR8YcpA9ny6q4rcetk1LkFb/wJBAlotVUia5/y9vZJKoIbjKxLluAmbGUAp48
770t/GtvsR7paOdwWFgnZMbSyWLKgJmYLmT1Lro/c3KJqfHAauJnI0V+vINqv7BD
O3ZaJwHQ4EvKWf/drdLY5J0Sy5y//EmvQaeaUTu5kogKQ4E+IwmHoJCcY1lN39Hd
Yjajbn8ueIWMSp4XbkwfKjoaLFbij+0lrj89rJ6jcBgNbv8009zLQTJBwQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFBK0kBbVxbsBCeuciJ8pIwXiZ0AEMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvRXJTUUZ0WEZ1d0VKNjV5SW55a2pCZUpuUUFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQAUmdwAwQD
WMvQAwQBWMvoMAwDBANc93gDBAFc94ADBADUJBEwDwQCAAIwCQMHACoBAohABDAN
BgkqhkiG9w0BAQsFAAOCAQEAQC1A1poPYPBq4ERfmevRARCe13KDm4Y59IMcnpYT
HsUNR7mtOk+N3SFac/udX+ckPD2Y7BdlG6sCuNWp1/CtIl+JoyTflewKL7HO/PTR
d2JPjGK4RvHattZI3PZCD0Jxu8BWUk/G8QDq5RdtiRkALAoXUX5wtE98Iyw+ei+4
mb5sKyk6J9U6mm92qTsDNnWiUQHjPT2A4RHjyS40UePKEIU0W9Fmo6jk+DJiJGsE
be+ZIU6PdY58Gqzh0VDsZ05UBNQ9gPHHQqhoy64NBFVWHMPCFBjmrTEbNqrmorOy
m6qIO03zYgrriIeI3DMPZfgZSgawUAKEK1+RM2G/PxSGQg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:11 2023 by rpki-client on console-ams.rpki-client.org