Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iDRfHpIE7SedUp4OQdj9rjg8Kp0.roa
File: iDRfHpIE7SedUp4OQdj9rjg8Kp0.roa (raw, json)
Hash identifier: 45fyrllDJHXmExzvmxVlZ7Mm4ck9M2wt99Cs+zCMYwM=
Subject key identifier: 88:34:5F:1E:92:04:ED:27:9D:52:9E:0E:41:D8:FD:AE:38:3C:2A:9D
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 01853EF6D84C75CB723219625ED100DC29DD
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iDRfHpIE7SedUp4OQdj9rjg8Kp0.roa
Signing time: Fri 23 Dec 2022 12:30:42 +0000
ROA not before: Fri 23 Dec 2022 12:30:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210906
IP address blocks: 85.254.138.0/23 maxlen: 23
85.254.134.0/24 maxlen: 24
85.254.140.0/24 maxlen: 24
85.254.174.0/23 maxlen: 23
85.254.178.0/23 maxlen: 23
85.254.180.0/23 maxlen: 23
85.254.84.0/23 maxlen: 23
85.254.104.0/22 maxlen: 22
85.254.112.0/22 maxlen: 22
85.254.108.0/22 maxlen: 22
85.254.116.0/22 maxlen: 22
85.254.124.0/23 maxlen: 23
85.254.122.0/23 maxlen: 23
85.254.128.0/22 maxlen: 22
85.254.126.0/24 maxlen: 24
217.69.125.0/24 maxlen: 24
217.69.121.0/24 maxlen: 24
217.69.127.0/24 maxlen: 24
217.69.126.0/24 maxlen: 24
85.254.42.0/23 maxlen: 23
85.254.40.0/24 maxlen: 24
85.254.51.0/24 maxlen: 24
85.254.62.0/23 maxlen: 23
85.254.64.0/23 maxlen: 23
85.254.76.0/22 maxlen: 22
85.254.2.0/24 maxlen: 24
85.254.8.0/21 maxlen: 21
85.254.7.0/24 maxlen: 24
159.148.109.0/24 maxlen: 24
159.148.126.0/24 maxlen: 24
159.148.130.0/24 maxlen: 24
159.148.128.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.157.0/24 maxlen: 24
159.148.158.0/24 maxlen: 24
159.148.54.0/24 maxlen: 24
159.148.62.0/24 maxlen: 24
159.148.66.0/24 maxlen: 24
159.148.216.0/24 maxlen: 24
159.148.218.0/24 maxlen: 24
159.148.236.0/24 maxlen: 24
159.148.239.0/24 maxlen: 24
159.148.234.0/24 maxlen: 24
159.148.241.0/24 maxlen: 24
159.148.248.0/24 maxlen: 24
185.27.93.0/24 maxlen: 24
185.27.94.0/24 maxlen: 24
185.27.92.0/24 maxlen: 24
185.27.95.0/24 maxlen: 24
159.148.163.0/24 maxlen: 24
159.148.169.0/24 maxlen: 24
159.148.166.0/23 maxlen: 23
159.148.179.0/24 maxlen: 24
159.148.177.0/24 maxlen: 24
159.148.180.0/24 maxlen: 24
159.148.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:f6:d8:4c:75:cb:72:32:19:62:5e:d1:00:dc:29:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Dec 23 12:30:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=88345f1e9204ed279d529e0e41d8fdae383c2a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f0:c4:f2:28:f1:2d:5d:dd:c7:6e:fd:93:1e:
e5:85:35:d1:5a:3e:ea:23:5b:a2:d4:95:ac:08:b1:
05:97:f3:e8:46:ec:4b:0c:3c:24:ac:1f:b4:7e:8f:
67:ff:de:f8:51:8d:3c:30:f7:f5:f7:ee:41:a6:90:
ad:4b:e2:2e:d7:24:03:61:31:f1:be:ae:f4:0e:8d:
4e:51:e6:5a:aa:45:f4:cd:9e:f5:9f:fe:1b:10:7a:
56:09:4d:90:9a:43:b4:43:56:f7:e5:6c:bb:26:1b:
16:72:5e:e8:d1:5c:9b:c8:30:b4:4e:15:35:db:cf:
96:91:0f:dc:b8:21:df:6b:89:9b:81:82:e1:d3:e2:
0e:31:e1:9b:e9:ff:a7:11:66:69:74:5a:1c:4d:b8:
ac:0e:af:5d:ad:80:16:35:10:78:e2:17:79:88:8b:
29:92:74:de:bf:5f:87:4a:43:bc:86:57:4e:4a:d0:
7e:77:0d:55:bc:c9:a7:10:cc:44:a8:53:71:a8:9a:
e0:a9:4d:de:db:51:3c:6e:91:37:71:12:9a:f0:03:
e1:88:7b:43:6d:0b:6a:50:1c:d2:58:c4:59:ec:62:
9f:82:2f:8e:b8:98:c5:91:bc:77:f3:01:76:3d:15:
d7:bc:59:cd:7c:2b:05:3d:81:2c:96:70:23:2e:b5:
ac:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:34:5F:1E:92:04:ED:27:9D:52:9E:0E:41:D8:FD:AE:38:3C:2A:9D
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/iDRfHpIE7SedUp4OQdj9rjg8Kp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.2.0/24
85.254.7.0-85.254.15.255
85.254.40.0/24
85.254.42.0/23
85.254.51.0/24
85.254.62.0-85.254.65.255
85.254.76.0/22
85.254.84.0/23
85.254.104.0-85.254.119.255
85.254.122.0-85.254.126.255
85.254.128.0/22
85.254.134.0/24
85.254.138.0-85.254.140.255
85.254.174.0/23
85.254.178.0-85.254.181.255
159.148.54.0/24
159.148.62.0/24
159.148.66.0/24
159.148.109.0/24
159.148.126.0/24
159.148.128.0/24
159.148.130.0/24
159.148.138.0/24
159.148.150.0/24
159.148.157.0-159.148.158.255
159.148.163.0/24
159.148.166.0/23
159.148.169.0/24
159.148.177.0/24
159.148.179.0-159.148.180.255
159.148.204.0/24
159.148.216.0/24
159.148.218.0/24
159.148.234.0/24
159.148.236.0/24
159.148.239.0/24
159.148.241.0/24
159.148.248.0/24
185.27.92.0/22
217.69.121.0/24
217.69.125.0-217.69.127.255
Signature Algorithm: sha256WithRSAEncryption
b2:29:4c:e8:42:89:50:23:b2:50:4d:c7:f3:8b:45:9e:66:77:
22:72:5e:4d:b8:8b:f3:55:41:22:50:9f:9e:ed:c2:f3:69:90:
c2:64:87:6d:ad:b4:4d:33:1d:21:65:0b:43:33:55:d3:4e:9f:
35:9c:d8:59:e4:ed:ca:de:c5:c6:70:4d:8a:0f:26:64:dc:e6:
31:98:e3:6b:c5:7d:4f:12:4a:30:b1:18:64:3a:4b:6b:6a:e7:
fa:35:1e:87:b8:30:52:ee:3f:ad:bd:a7:ed:e9:c3:9e:20:a0:
64:d2:bb:26:0c:57:2f:7a:22:65:e0:88:69:d0:d6:75:3a:46:
47:03:4a:ab:3c:0a:a8:21:9d:b7:20:d3:a4:57:43:2b:7d:f7:
99:9a:c6:e9:8e:bc:fe:86:f2:ca:1b:b0:9b:a4:53:b3:6d:7b:
ad:ff:1e:46:75:7f:a7:58:33:fc:1b:c3:ff:cc:00:83:e2:f8:
07:6f:62:db:e8:b3:df:08:47:69:1f:82:9f:c7:b3:e1:30:f9:
dd:7e:d9:fb:08:c4:6f:b7:53:88:4b:2f:fd:b9:b1:2b:d5:11:
b4:03:26:47:41:6f:6a:70:8d:7f:a6:2a:9c:6e:2c:d6:37:52:
75:ec:e2:e0:f7:21:0c:82:ba:eb:88:f9:95:a4:f1:1d:4d:80:
89:32:0f:20
-----BEGIN CERTIFICATE-----
MIIGPzCCBSegAwIBAgISAYU+9thMdctyMhliXtEA3CndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjIxMjIzMTIzMDQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODM0NWYxZTkyMDRlZDI3OWQ1MjllMGU0MWQ4ZmRhZTM4M2MyYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfDE8ijxLV3dx279kx7lhTXRWj7q
I1ui1JWsCLEFl/PoRuxLDDwkrB+0fo9n/974UY08MPf19+5BppCtS+Iu1yQDYTHx
vq70Do1OUeZaqkX0zZ71n/4bEHpWCU2QmkO0Q1b35Wy7JhsWcl7o0VybyDC0ThU1
28+WkQ/cuCHfa4mbgYLh0+IOMeGb6f+nEWZpdFocTbisDq9drYAWNRB44hd5iIsp
knTev1+HSkO8hldOStB+dw1VvMmnEMxEqFNxqJrgqU3e21E8bpE3cRKa8APhiHtD
bQtqUBzSWMRZ7GKfgi+OuJjFkbx38wF2PRXXvFnNfCsFPYEslnAjLrWsQwIDAQAB
o4IDSzCCA0cwHQYDVR0OBBYEFIg0Xx6SBO0nnVKeDkHY/a44PCqdMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvaURSZkhwSUU3U2VkVXA0T1Fkajlyamc4S3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXwYIKwYBBQUHAQcBAf8EggFOMIIBSjCCAUYEAgABMIIB
PgMEAFX+AjAMAwQAVf4HAwQEVf4AAwQAVf4oAwQBVf4qAwQAVf4zMAwDBAFV/j4D
BAFV/kADBAJV/kwDBAFV/lQwDAMEA1X+aAMEA1X+cDAMAwQBVf56AwQAVf5+AwQC
Vf6AAwQAVf6GMAwDBAFV/ooDBABV/owDBAFV/q4wDAMEAVX+sgMEAVX+tAMEAJ+U
NgMEAJ+UPgMEAJ+UQgMEAJ+UbQMEAJ+UfgMEAJ+UgAMEAJ+UggMEAJ+UigMEAJ+U
ljAMAwQAn5SdAwQAn5SeAwQAn5SjAwQBn5SmAwQAn5SpAwQAn5SxMAwDBACflLMD
BACflLQDBACflMwDBACflNgDBACflNoDBACflOoDBACflOwDBACflO8DBACflPED
BACflPgDBAK5G1wDBADZRXkwDAMEANlFfQMEB9lFADANBgkqhkiG9w0BAQsFAAOC
AQEAsilM6EKJUCOyUE3H84tFnmZ3InJeTbiL81VBIlCfnu3C82mQwmSHba20TTMd
IWULQzNV006fNZzYWeTtyt7FxnBNig8mZNzmMZjja8V9TxJKMLEYZDpLa2rn+jUe
h7gwUu4/rb2n7enDniCgZNK7JgxXL3oiZeCIadDWdTpGRwNKqzwKqCGdtyDTpFdD
K333mZrG6Y68/obyyhuwm6RTs217rf8eRnV/p1gz/BvD/8wAg+L4B29i2+iz3whH
aR+Cn8ez4TD53X7Z+wjEb7dTiEsv/bmxK9URtAMmR0FvanCNf6YqnG4s1jdSdezi
4PchDIK664j5laTxHU2AiTIPIA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:46 2023 by rpki-client on console-fra.rpki-client.org