Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CCfNQnbC-VT_Apg-dKyKegOw-0Y.roa
File: CCfNQnbC-VT_Apg-dKyKegOw-0Y.roa (raw, json)
Hash identifier: 9im7grbdTFDRz9sy13S51hbJhMnF6SVqjZV5bxI0XQk=
Subject key identifier: 08:27:CD:42:76:C2:F9:54:FF:02:98:3E:74:AC:8A:7A:03:B0:FB:46
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0183C0BF8BCAC6C6C064998655DAD21787DF
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CCfNQnbC-VT_Apg-dKyKegOw-0Y.roa
Signing time: Mon 10 Oct 2022 07:15:22 +0000
ROA not before: Mon 10 Oct 2022 07:15:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.138.0/23 maxlen: 23
85.254.134.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
85.254.84.0/23 maxlen: 23
85.254.112.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.122.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
85.254.126.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
85.254.62.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.2.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:c0:bf:8b:ca:c6:c6:c0:64:99:86:55:da:d2:17:87:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 10 07:15:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0827cd4276c2f954ff02983e74ac8a7a03b0fb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:88:c8:04:c2:02:4d:1b:e3:3f:21:d5:fc:55:
77:5a:89:63:79:d1:63:49:74:23:80:9f:8c:0f:e4:
05:79:ca:6b:cb:de:3e:9d:ab:06:ac:ce:fa:84:8b:
0c:30:a6:82:8c:65:91:32:6a:16:28:8f:f9:b7:ff:
58:6f:1d:22:de:93:ab:50:2c:7c:2f:59:91:d6:74:
38:a4:6f:ac:54:38:da:75:4e:52:de:08:88:d6:f0:
7d:b0:d6:32:27:01:6d:07:0f:ca:2c:6b:13:52:b1:
72:76:dc:50:59:cb:df:84:96:06:a7:b9:af:09:f3:
e9:3b:a5:d7:ba:ab:bf:4a:1c:27:b6:63:d5:92:e4:
c9:6b:9f:92:9d:f4:b0:e8:9f:7b:48:8e:ef:95:00:
5d:b9:96:b7:ab:e8:1d:27:b4:07:17:b9:31:c0:e0:
b3:79:2e:19:98:84:cd:73:fa:00:0a:71:52:19:dc:
50:78:47:5b:5a:b8:a8:ee:c7:bc:7d:c9:ff:f1:40:
69:2a:1e:84:24:2b:e0:b2:8f:ad:eb:a0:ef:e0:ca:
05:aa:0a:88:64:38:f5:ef:5a:fc:b8:29:c6:c0:34:
de:3f:59:35:59:f5:6e:3a:4e:c1:0e:bc:63:3e:eb:
d7:b4:af:32:95:8f:d9:85:b2:32:e6:64:0e:1f:b6:
63:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:27:CD:42:76:C2:F9:54:FF:02:98:3E:74:AC:8A:7A:03:B0:FB:46
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/CCfNQnbC-VT_Apg-dKyKegOw-0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.62.0-85.254.65.255
85.254.76.0/22
85.254.84.0/23
85.254.112.0/21
85.254.122.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.138.0-85.254.140.255
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.138.0/24
159.148.150.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.248.0/24
185.27.92.0/22
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
98:a4:52:2e:3a:32:09:a3:a9:ff:99:d2:00:c0:b3:dd:c1:71:
56:ca:c7:92:9f:14:ed:3e:76:0a:a5:60:a5:f4:1d:37:f8:73:
42:63:af:05:e7:bf:3b:97:bc:0e:c3:04:b4:74:f5:a5:af:82:
84:98:30:39:8f:1b:63:b1:41:1e:f1:dc:28:ce:51:58:0c:3b:
d9:64:79:04:6b:40:79:a8:e2:d8:c4:5e:9f:f8:16:40:30:00:
f2:a8:84:41:9f:f0:b7:17:03:6a:6c:51:08:10:ce:61:25:e2:
8f:c3:32:c3:f9:c5:a3:bc:2a:ac:e9:53:ad:31:76:6f:51:4a:
91:a0:b9:33:75:73:9d:5e:fe:b1:fb:fa:91:64:13:a5:71:ac:
f7:b1:87:2d:db:b1:4b:82:5e:a8:bf:10:4f:b7:b0:a6:62:f3:
09:f6:5d:dc:a8:ec:ad:7f:da:83:0e:fd:4a:91:81:f7:0a:a0:
a9:b6:9c:11:b0:5e:95:4d:b5:9c:cf:be:35:43:a8:f7:be:cd:
d5:63:94:1d:da:bf:31:aa:e8:4b:23:0f:f5:99:f9:d0:53:8d:
e3:a8:87:46:73:05:84:bc:84:06:50:39:ba:37:06:aa:e2:d9:
c6:de:7d:79:2c:f4:c1:ab:67:58:00:5b:6b:55:86:49:d9:c7:
b7:01:22:64
-----BEGIN CERTIFICATE-----
MIIGFzCCBP+gAwIBAgISAYPAv4vKxsbAZJmGVdrSF4ffMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMDEwMDcxNTIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODI3Y2Q0Mjc2YzJmOTU0ZmYwMjk4M2U3NGFjOGE3YTAzYjBmYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ojIBMICTRvjPyHV/FV3WoljedFj
SXQjgJ+MD+QFecpry94+nasGrM76hIsMMKaCjGWRMmoWKI/5t/9Ybx0i3pOrUCx8
L1mR1nQ4pG+sVDjadU5S3giI1vB9sNYyJwFtBw/KLGsTUrFydtxQWcvfhJYGp7mv
CfPpO6XXuqu/ShwntmPVkuTJa5+SnfSw6J97SI7vlQBduZa3q+gdJ7QHF7kxwOCz
eS4ZmITNc/oACnFSGdxQeEdbWrio7se8fcn/8UBpKh6EJCvgso+t66Dv4MoFqgqI
ZDj171r8uCnGwDTeP1k1WfVuOk7BDrxjPuvXtK8ylY/ZhbIy5mQOH7Zj3wIDAQAB
o4IDIzCCAx8wHQYDVR0OBBYEFAgnzUJ2wvlU/wKYPnSsinoDsPtGMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvQ0NmTlFuYkMtVlRfQXBnLWRLeUtlZ093LTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNwYIKwYBBQUHAQcBAf8EggEmMIIBIjCCAR4EAgABMIIB
FgMEAFX+AjAMAwQBVf4+AwQBVf5AAwQCVf5MAwQBVf5UAwQDVf5wMAwDBAFV/noD
BABV/n4DBAJV/oADBABV/oYwDAMEAVX+igMEAFX+jAMEAVX+rjAMAwQBVf6yAwQB
Vf60AwQAn5Q2AwQAn5Q+AwQAn5RCAwQAn5RtAwQAn5R+AwQAn5SAAwQAn5SCAwQA
n5SKAwQAn5SWMAwDBACflJ0DBACflJ4DBACflKMDBAGflKYDBACflKkDBACflLEw
DAMEAJ+UswMEAJ+UtAMEAJ+UzAMEAJ+U2AMEAJ+U2gMEAJ+U6gMEAJ+U7AMEAJ+U
7wMEAJ+U8QMEAJ+U+AMEArkbXAMEANlFeTAMAwQA2UV9AwQH2UUAMA0GCSqGSIb3
DQEBCwUAA4IBAQCYpFIuOjIJo6n/mdIAwLPdwXFWyseSnxTtPnYKpWCl9B03+HNC
Y68F5787l7wOwwS0dPWlr4KEmDA5jxtjsUEe8dwozlFYDDvZZHkEa0B5qOLYxF6f
+BZAMADyqIRBn/C3FwNqbFEIEM5hJeKPwzLD+cWjvCqs6VOtMXZvUUqRoLkzdXOd
Xv6x+/qRZBOlcaz3sYct27FLgl6ovxBPt7CmYvMJ9l3cqOytf9qDDv1KkYH3CqCp
tpwRsF6VTbWcz741Q6j3vs3VY5Qd2r8xquhLIw/1mfnQU43jqIdGcwWEvIQGUDm6
Nwaq4tnG3n15LPTBq2dYAFtrVYZJ2ce3ASJk
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org