Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/peYSt7Z8hqKLAtaOiIhZPciqXZw.roa
File: peYSt7Z8hqKLAtaOiIhZPciqXZw.roa (raw, json)
Hash identifier: FgcaU/7r6+xQ6HtzCswrCyMSFImGytZT0sIAFtK4hPU=
Subject key identifier: A5:E6:12:B7:B6:7C:86:A2:8B:02:D6:8E:88:88:59:3D:C8:AA:5D:9C
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 38A35590
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/peYSt7Z8hqKLAtaOiIhZPciqXZw.roa
Signing time: Tue 17 May 2022 05:23:30 +0000
ROA not before: Tue 17 May 2022 05:23:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42794
IP address blocks: 88.203.213.0/24 maxlen: 24
88.203.210.0/23 maxlen: 23
88.203.208.0/23 maxlen: 23
88.203.212.0/24 maxlen: 24
88.203.214.0/24 maxlen: 24
88.203.215.0/24 maxlen: 24
88.203.233.0/24 maxlen: 24
88.203.232.0/24 maxlen: 24
82.103.112.0/24 maxlen: 24
212.36.17.0/24 maxlen: 24
92.247.120.0/22 maxlen: 22
92.247.124.0/22 maxlen: 22
92.247.128.0/23 maxlen: 23
2a01:288:4004::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 950228368 (0x38a35590)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: May 17 05:23:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a5e612b7b67c86a28b02d68e8888593dc8aa5d9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:bb:45:9a:c8:75:a9:da:67:cc:01:c5:9a:a8:
d2:cd:64:58:75:87:49:db:03:65:88:48:d5:dc:54:
cf:07:c0:b4:ae:32:c5:c6:29:3e:20:c0:47:b4:2e:
f8:de:a6:06:95:4c:d8:0a:01:8b:99:5c:83:67:75:
62:01:ad:d7:2d:45:61:07:17:16:51:04:09:d4:c0:
57:b7:5f:79:0b:00:6d:15:c4:1d:2d:38:a7:ab:db:
2b:a2:9f:ca:7f:fc:f4:db:84:ad:02:60:91:16:40:
63:db:32:3c:04:51:60:26:54:67:db:4b:be:14:5c:
8e:ed:ce:ef:fe:36:41:4e:e3:95:99:3c:49:70:29:
6d:18:b9:36:ff:c3:7f:86:b5:29:91:41:95:8a:63:
df:d0:9b:af:ea:28:25:bf:ef:11:c0:df:f7:e4:65:
ab:e6:60:b2:c2:b6:eb:34:33:8f:0d:d5:52:49:00:
82:cb:b4:97:2a:a3:12:69:05:57:f5:af:0b:7d:9b:
1b:48:4b:3d:33:f7:26:dc:6b:ab:53:1b:9a:00:a1:
59:e9:68:5b:98:3d:96:53:22:7e:c3:e2:99:07:bd:
a5:71:1c:29:f5:7f:3c:46:a6:47:e4:e0:27:69:de:
dd:81:79:7e:87:97:11:5e:47:01:0b:d2:67:b9:64:
4f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:E6:12:B7:B6:7C:86:A2:8B:02:D6:8E:88:88:59:3D:C8:AA:5D:9C
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/peYSt7Z8hqKLAtaOiIhZPciqXZw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.103.112.0/24
88.203.208.0/21
88.203.232.0/23
92.247.120.0-92.247.129.255
212.36.17.0/24
IPv6:
2a01:288:4004::/48
Signature Algorithm: sha256WithRSAEncryption
8c:36:bf:a1:bc:b9:cc:5b:15:c9:ba:50:4d:f4:88:7d:58:e1:
5d:47:23:05:c7:0e:91:cd:15:19:ed:8b:19:53:e1:69:26:27:
d4:b5:02:e3:62:9a:2b:b4:c8:3d:05:50:e7:6c:a1:0e:f8:9a:
9c:ba:c1:f1:82:f3:cf:14:44:cb:5b:8d:bb:e0:0f:1e:c5:b3:
95:e3:bd:16:e3:ab:54:bd:21:81:c2:65:48:2a:73:c6:10:6c:
33:8f:af:6d:77:db:66:51:86:3c:e2:27:bd:85:8a:f0:49:71:
19:a4:84:bb:11:98:97:a0:d0:49:33:d3:77:e8:b6:ba:ce:4d:
99:ca:f0:82:6c:80:c5:58:ae:72:89:b8:35:3f:ee:36:bc:56:
aa:89:28:ef:d2:e8:6e:5f:1d:38:c5:b8:77:41:5a:7a:36:86:
e7:b9:70:ae:9c:c7:e8:f2:fb:4b:d0:65:23:cd:3f:bc:50:29:
8e:58:bd:06:b2:4c:43:03:95:45:16:6e:e6:1d:e3:90:e4:68:
fc:23:e1:ab:48:34:89:4c:71:65:5f:a3:d9:0b:d2:b0:31:2f:
cf:3a:02:3c:95:89:76:c6:43:77:f2:7a:e0:e9:f7:1a:94:30:
17:17:4d:9d:a0:77:11:a0:e7:47:98:0d:73:b6:44:38:28:79:
87:6b:47:06
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgIEOKNVkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NTQ4Y2VkZjE3MDI5ZWQ5OGExMDgxMTNjNmMxMDllY2FjY2Q4MmVjMB4XDTIyMDUx
NzA1MjMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTVlNjEyYjdiNjdj
ODZhMjhiMDJkNjhlODg4ODU5M2RjOGFhNWQ5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALi7RZrIdanaZ8wBxZqo0s1kWHWHSdsDZYhI1dxUzwfAtK4y
xcYpPiDAR7Qu+N6mBpVM2AoBi5lcg2d1YgGt1y1FYQcXFlEECdTAV7dfeQsAbRXE
HS04p6vbK6Kfyn/89NuErQJgkRZAY9syPARRYCZUZ9tLvhRcju3O7/42QU7jlZk8
SXApbRi5Nv/Df4a1KZFBlYpj39Cbr+ooJb/vEcDf9+Rlq+ZgssK26zQzjw3VUkkA
gsu0lyqjEmkFV/WvC32bG0hLPTP3Jtxrq1MbmgChWeloW5g9llMifsPimQe9pXEc
KfV/PEamR+TgJ2ne3YF5foeXEV5HAQvSZ7lkTyECAwEAAaOCAjowggI2MB0GA1Ud
DgQWBBSl5hK3tnyGoosC1o6IiFk9yKpdnDAfBgNVHSMEGDAWgBQFSM7fFwKe2YoQ
gRPGwQnsrM2C7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JVak8zeGNDbnRtS0VJRVR4c0VKN0t6Tmd1dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDkvNTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8x
L3BlWVN0N1o4aHFLTEF0YU9pSWhaUGNpcVhady5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDkv
NTQxYzA1LThkN2QtNDJiOC1hYjAwLTdmYmJhZTZmOTQzNy8xL0JVak8zeGNDbnRt
S0VJRVR4c0VKN0t6Tmd1dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBQ
BggrBgEFBQcBBwEB/wRBMD8wLAQCAAEwJgMEAFJncAMEA1jL0AMEAVjL6DAMAwQD
XPd4AwQBXPeAAwQA1CQRMA8EAgACMAkDBwAqAQKIQAQwDQYJKoZIhvcNAQELBQAD
ggEBAIw2v6G8ucxbFcm6UE30iH1Y4V1HIwXHDpHNFRntixlT4WkmJ9S1AuNimiu0
yD0FUOdsoQ74mpy6wfGC888URMtbjbvgDx7Fs5XjvRbjq1S9IYHCZUgqc8YQbDOP
r21322ZRhjziJ72FivBJcRmkhLsRmJeg0Ekz03fotrrOTZnK8IJsgMVYrnKJuDU/
7ja8VqqJKO/S6G5fHTjFuHdBWno2hue5cK6cx+jy+0vQZSPNP7xQKY5YvQayTEMD
lUUWbuYd45DkaPwj4atINIlMcWVfo9kL0rAxL886AjyViXbGQ3fyeuDp9xqUMBcX
TZ2gdxGg50eYDXO2RDgoeYdrRwY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:13 2023 by rpki-client on console-ams.rpki-client.org