Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qF7pR7gKbvt6AN67-IWEysQc8uA.roa
File: qF7pR7gKbvt6AN67-IWEysQc8uA.roa (raw, json)
Hash identifier: 6cPdwJl3GkYMwRY1/cvzcf27NlfPxUhL1RSfsNCNiro=
Subject key identifier: A8:5E:E9:47:B8:0A:6E:FB:7A:00:DE:BB:F8:85:84:CA:C4:1C:F2:E0
Certificate issuer: /CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Certificate serial: 034BCC5C
Authority key identifier: 82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qF7pR7gKbvt6AN67-IWEysQc8uA.roa
Signing time: Tue 21 Jun 2022 12:52:47 +0000
ROA not before: Tue 21 Jun 2022 12:52:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 88.218.101.0/24 maxlen: 24
88.218.102.0/23 maxlen: 23
88.218.100.0/24 maxlen: 24
195.206.108.0/24 maxlen: 24
195.206.109.0/24 maxlen: 24
193.31.74.0/24 maxlen: 24
193.31.75.0/24 maxlen: 24
85.209.216.0/24 maxlen: 24
85.209.218.0/23 maxlen: 23
139.28.138.0/23 maxlen: 23
139.28.137.0/24 maxlen: 24
45.84.44.0/24 maxlen: 24
194.5.0.0/22 maxlen: 22
45.84.45.0/24 maxlen: 24
45.84.47.0/24 maxlen: 24
141.98.242.0/23 maxlen: 23
194.124.52.0/22 maxlen: 22
85.8.190.0/23 maxlen: 23
85.8.188.0/24 maxlen: 24
85.8.189.0/24 maxlen: 24
45.11.236.0/22 maxlen: 22
92.119.180.0/24 maxlen: 24
45.157.74.0/23 maxlen: 23
45.14.72.0/24 maxlen: 24
5.182.100.0/24 maxlen: 24
5.182.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 55299164 (0x34bcc5c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821a3f21fb0c294d6d4a529b2f1dbd4bd1119bd7
Validity
Not Before: Jun 21 12:52:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a85ee947b80a6efb7a00debbf88584cac41cf2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d4:7a:e4:ac:bb:ea:d3:24:33:ae:eb:25:83:
68:d7:e9:15:bb:77:1f:e4:5b:b2:55:44:82:82:6d:
de:60:1b:89:8b:a0:be:8d:76:3f:ad:61:ae:31:eb:
d0:ef:dd:ae:15:cd:6c:29:74:44:11:29:4d:fe:b3:
fa:43:3d:39:7b:0e:07:34:23:82:b0:ff:2d:fa:0d:
90:ec:10:9f:e4:c7:4b:11:75:e4:d8:6b:61:2e:04:
12:a2:3a:66:c8:2c:a1:d0:70:36:40:4c:89:7a:95:
59:49:f1:18:44:68:61:d8:5d:96:b0:25:bb:7c:69:
95:fe:17:47:53:56:b0:10:c3:d2:f4:25:04:1f:2b:
c3:94:fc:8f:71:cc:1d:99:63:31:12:93:2b:f6:97:
1b:c4:88:6d:67:c1:98:51:b6:00:3b:6a:1e:56:56:
fd:0b:a1:35:91:b3:ca:a8:5e:3a:b1:42:83:3f:7c:
a6:12:13:c0:f0:a8:5e:ea:98:e6:a3:c9:01:6a:65:
6a:6e:c9:f1:24:fb:fc:98:93:c7:dd:a3:07:75:1e:
5d:76:34:87:23:81:14:2f:da:e3:7a:ce:54:d5:63:
a1:fb:48:f7:a1:62:2d:7a:87:d1:58:a9:e3:34:a5:
48:10:c0:30:c4:bd:3e:6f:38:86:04:69:a0:e1:62:
f9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:5E:E9:47:B8:0A:6E:FB:7A:00:DE:BB:F8:85:84:CA:C4:1C:F2:E0
X509v3 Authority Key Identifier:
keyid:82:1A:3F:21:FB:0C:29:4D:6D:4A:52:9B:2F:1D:BD:4B:D1:11:9B:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gho_IfsMKU1tSlKbLx29S9ERm9c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/qF7pR7gKbvt6AN67-IWEysQc8uA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/edc855-f2bc-4e9c-8c0c-b6f2ac86ef27/1/gho_IfsMKU1tSlKbLx29S9ERm9c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.100.0/24
5.182.103.0/24
45.11.236.0/22
45.14.72.0/24
45.84.44.0/23
45.84.47.0/24
45.157.74.0/23
85.8.188.0/22
85.209.216.0/24
85.209.218.0/23
88.218.100.0/22
92.119.180.0/24
139.28.137.0-139.28.139.255
141.98.242.0/23
193.31.74.0/23
194.5.0.0/22
194.124.52.0/22
195.206.108.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:2b:eb:f5:5a:06:e9:1d:59:06:a9:75:c5:cc:18:35:fc:ee:
2d:f2:e6:81:1a:34:82:4e:a0:37:dd:91:a2:b0:19:d6:67:f7:
bb:f9:74:19:93:71:5a:60:a0:fd:16:70:f2:4e:54:d6:df:58:
34:5b:99:79:90:a7:d5:45:ab:f0:bc:c3:c8:68:ba:88:f7:e1:
a0:5d:16:06:39:48:65:38:c1:5b:5c:4f:43:c6:2b:4a:9a:28:
23:b8:46:61:ca:d4:70:19:84:14:2a:52:af:30:bb:03:1d:2b:
b4:02:e6:57:23:22:1b:29:68:72:ed:8e:7b:4e:45:76:eb:a9:
4d:06:f0:8e:e0:e6:4b:99:93:90:45:46:d2:06:66:88:9e:cd:
bf:c6:9d:6e:f7:f9:77:85:4c:bb:72:08:b0:4f:97:42:44:62:
d7:e9:24:0e:d7:eb:99:93:1e:57:0e:64:18:19:c5:8f:f0:a5:
60:d8:be:1b:03:ec:de:39:db:bc:45:5d:15:25:f4:b8:2b:89:
c5:7a:a4:dd:0f:22:e6:78:33:cb:24:e5:c7:fa:4a:7c:df:e8:
a6:29:ce:05:9d:f8:2a:74:75:ad:c0:c5:c7:4d:e0:19:e5:8b:
16:a9:6c:f7:66:8d:f4:95:d3:c0:06:cd:f7:98:ca:6f:0e:48:
35:6a:6e:b7
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIEA0vMXDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MjFhM2YyMWZiMGMyOTRkNmQ0YTUyOWIyZjFkYmQ0YmQxMTE5YmQ3MB4XDTIyMDYy
MTEyNTI0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTg1ZWU5NDdiODBh
NmVmYjdhMDBkZWJiZjg4NTg0Y2FjNDFjZjJlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANjUeuSsu+rTJDOu6yWDaNfpFbt3H+RbslVEgoJt3mAbiYug
vo12P61hrjHr0O/drhXNbCl0RBEpTf6z+kM9OXsOBzQjgrD/LfoNkOwQn+THSxF1
5NhrYS4EEqI6ZsgsodBwNkBMiXqVWUnxGERoYdhdlrAlu3xplf4XR1NWsBDD0vQl
BB8rw5T8j3HMHZljMRKTK/aXG8SIbWfBmFG2ADtqHlZW/QuhNZGzyqheOrFCgz98
phITwPCoXuqY5qPJAWplam7J8ST7/JiTx92jB3UeXXY0hyOBFC/a43rOVNVjoftI
96FiLXqH0Vip4zSlSBDAMMS9Pm84hgRpoOFi+asCAwEAAaOCAngwggJ0MB0GA1Ud
DgQWBBSoXulHuApu+3oA3rv4hYTKxBzy4DAfBgNVHSMEGDAWgBSCGj8h+wwpTW1K
UpsvHb1L0RGb1zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dob19JZnNNS1UxdFNsS2JMeDI5UzlFUm05Yy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTIvZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8x
L3FGN3BSN2dLYnZ0NkFONjctSVdFeXNRYzh1QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTIv
ZWRjODU1LWYyYmMtNGU5Yy04YzBjLWI2ZjJhYzg2ZWYyNy8xL2dob19JZnNNS1Ux
dFNsS2JMeDI5UzlFUm05Yy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jQYIKwYBBQUHAQcBAf8EfjB8MHoEAgABMHQDBAAFtmQDBAAFtmcDBAItC+wDBAAt
DkgDBAEtVCwDBAAtVC8DBAEtnUoDBAJVCLwDBABV0dgDBAFV0doDBAJY2mQDBABc
d7QwDAMEAIsciQMEAosciAMEAY1i8gMEAcEfSgMEAsIFAAMEAsJ8NAMEAcPObDAN
BgkqhkiG9w0BAQsFAAOCAQEAPivr9VoG6R1ZBql1xcwYNfzuLfLmgRo0gk6gN92R
orAZ1mf3u/l0GZNxWmCg/RZw8k5U1t9YNFuZeZCn1UWr8LzDyGi6iPfhoF0WBjlI
ZTjBW1xPQ8YrSpooI7hGYcrUcBmEFCpSrzC7Ax0rtALmVyMiGylocu2Oe05Fduup
TQbwjuDmS5mTkEVG0gZmiJ7Nv8adbvf5d4VMu3IIsE+XQkRi1+kkDtfrmZMeVw5k
GBnFj/ClYNi+GwPs3jnbvEVdFSX0uCuJxXqk3Q8i5ngzyyTlx/pKfN/opinOBZ34
KnR1rcDFx03gGeWLFqls92aN9JXTwAbN95jKbw5INWputw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:17 2023 by rpki-client on console-fra.rpki-client.org