Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/v3AnGPQxDSxur2HKzJ4PIvqkvqE.roa
File: v3AnGPQxDSxur2HKzJ4PIvqkvqE.roa (raw, json)
Hash identifier: 7oYlPww/2S/W/gHROjfuIV/V3dqxiI0B1wifUU5KA1o=
Subject key identifier: BF:70:27:18:F4:31:0D:2C:6E:AF:61:CA:CC:9E:0F:22:FA:A4:BE:A1
Certificate issuer: /CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Certificate serial: 11A3C52F
Authority key identifier: DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/v3AnGPQxDSxur2HKzJ4PIvqkvqE.roa
Signing time: Sat 01 Jan 2022 12:06:02 +0000
ROA not before: Sat 01 Jan 2022 12:06:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204601
IP address blocks: 185.80.234.0/24 maxlen: 24
80.89.228.0/23 maxlen: 23
80.89.230.0/24 maxlen: 24
80.89.234.0/23 maxlen: 23
80.89.238.0/23 maxlen: 23
80.89.237.0/24 maxlen: 24
85.208.186.0/24 maxlen: 24
85.208.184.0/22 maxlen: 22
85.208.184.0/24 maxlen: 24
85.208.185.0/24 maxlen: 24
85.208.187.0/24 maxlen: 24
185.92.148.0/22 maxlen: 24
89.105.213.0/24 maxlen: 24
89.105.217.0/24 maxlen: 24
45.14.13.0/24 maxlen: 24
45.14.12.0/24 maxlen: 24
45.14.14.0/24 maxlen: 24
45.14.15.0/24 maxlen: 24
80.89.224.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 295945519 (0x11a3c52f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc90e0aee1ecc31066cb744f8a7feedefb3f7930
Validity
Not Before: Jan 1 12:06:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bf702718f4310d2c6eaf61cacc9e0f22faa4bea1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:b8:70:6a:cd:5d:69:cc:41:6a:c8:7f:90:2d:
bc:6a:03:37:ba:60:06:18:4b:1c:5f:0a:91:58:a6:
7f:55:69:79:76:9c:80:fd:84:a6:a4:dd:7c:61:5b:
5e:cd:53:07:f7:92:e2:e3:d1:01:e5:a3:6d:8f:ec:
79:a3:70:fe:4c:63:41:19:79:6b:9f:1d:c8:09:61:
e5:5b:cd:71:b1:9a:6c:5f:a2:23:2b:91:2e:b4:5b:
b0:6e:00:18:1e:4a:f4:25:5e:9b:90:3b:5e:7a:93:
69:1f:d9:6d:a5:78:3d:da:3d:3f:9e:10:32:d7:90:
1a:b4:9e:1d:cf:0f:11:04:bf:55:9f:41:ed:97:cd:
b2:10:99:cd:48:89:1e:44:19:54:5c:75:5c:a3:02:
5d:91:e3:15:0f:53:fb:a2:dd:3b:eb:29:1a:22:7a:
dd:4f:b0:a0:4b:e8:cc:12:50:98:e9:32:d6:68:85:
46:74:c2:54:03:cc:0e:f5:12:b5:a9:05:ec:29:30:
a9:97:6e:66:8e:fb:c3:e7:09:c8:f7:88:96:e5:1c:
b5:a6:87:b5:64:fe:96:2d:cc:01:0b:da:37:ce:d4:
ff:fc:c6:05:27:13:d1:7d:e4:a3:89:2c:90:26:cc:
7c:89:4c:4b:d6:7b:42:98:00:e7:3a:eb:b2:ae:52:
2d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:70:27:18:F4:31:0D:2C:6E:AF:61:CA:CC:9E:0F:22:FA:A4:BE:A1
X509v3 Authority Key Identifier:
keyid:DC:90:E0:AE:E1:EC:C3:10:66:CB:74:4F:8A:7F:EE:DE:FB:3F:79:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3JDgruHswxBmy3RPin_u3vs_eTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/v3AnGPQxDSxur2HKzJ4PIvqkvqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/87b267-49c2-4269-9f66-00bcd9b91c1b/1/3JDgruHswxBmy3RPin_u3vs_eTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.12.0/22
80.89.224.0-80.89.230.255
80.89.234.0/23
80.89.237.0-80.89.239.255
85.208.184.0/22
89.105.213.0/24
89.105.217.0/24
185.80.234.0/24
185.92.148.0/22
Signature Algorithm: sha256WithRSAEncryption
62:0e:40:07:7d:b5:b3:e3:9d:a9:80:13:25:02:9d:ff:9f:d9:
2e:10:22:b6:11:7b:e7:28:b4:b1:75:1b:0f:68:49:d1:c6:50:
a3:bf:e0:df:f5:e1:81:47:8b:6d:f1:ee:fe:4a:0c:67:aa:00:
5b:fd:86:14:34:0c:7e:34:7f:6a:df:77:0b:28:ab:69:8e:cb:
39:65:30:77:27:dd:88:68:f1:86:cf:e0:0f:50:70:42:51:96:
ca:0f:b3:c6:a1:57:6c:15:40:ce:fc:52:c2:80:79:e3:7d:20:
c6:35:7d:6b:1f:e8:e0:96:2b:82:a3:da:36:97:66:24:c0:e3:
7f:22:1c:8b:17:c7:b4:49:78:82:57:f1:70:37:94:af:31:e6:
56:ce:7e:d8:72:6b:fe:5e:cb:79:95:5f:6b:b5:00:93:b8:71:
b0:4b:38:b3:4e:37:40:15:6e:7f:24:ff:09:bd:0e:cb:d6:27:
0a:3d:0c:d9:a4:ff:6b:31:ac:bf:01:2b:35:33:60:24:e2:8a:
f6:c2:5f:f0:dc:63:ee:6e:90:a0:31:1b:4c:e6:19:4a:5d:72:
b8:6c:d4:5d:d4:61:0a:9d:0e:cf:ad:de:a0:22:93:eb:a7:dd:
1d:a2:b5:2f:8c:21:37:f5:0e:40:cd:bd:95:45:58:db:5e:42:
9f:67:0f:b6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgIEEaPFLzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YzkwZTBhZWUxZWNjMzEwNjZjYjc0NGY4YTdmZWVkZWZiM2Y3OTMwMB4XDTIyMDEw
MTEyMDYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmY3MDI3MThmNDMx
MGQyYzZlYWY2MWNhY2M5ZTBmMjJmYWE0YmVhMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANm4cGrNXWnMQWrIf5AtvGoDN7pgBhhLHF8KkVimf1VpeXac
gP2EpqTdfGFbXs1TB/eS4uPRAeWjbY/seaNw/kxjQRl5a58dyAlh5VvNcbGabF+i
IyuRLrRbsG4AGB5K9CVem5A7XnqTaR/ZbaV4Pdo9P54QMteQGrSeHc8PEQS/VZ9B
7ZfNshCZzUiJHkQZVFx1XKMCXZHjFQ9T+6LdO+spGiJ63U+woEvozBJQmOky1miF
RnTCVAPMDvUStakF7CkwqZduZo77w+cJyPeIluUctaaHtWT+li3MAQvaN87U//zG
BScT0X3ko4kskCbMfIlMS9Z7QpgA5zrrsq5SLR8CAwEAAaOCAkkwggJFMB0GA1Ud
DgQWBBS/cCcY9DENLG6vYcrMng8i+qS+oTAfBgNVHSMEGDAWgBTckOCu4ezDEGbL
dE+Kf+7e+z95MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNKRGdydUhzd3hCbXkzUlBpbl91M3ZzX2VUQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTYvODdiMjY3LTQ5YzItNDI2OS05ZjY2LTAwYmNkOWI5MWMxYi8x
L3YzQW5HUFF4RFN4dXIySEt6SjRQSXZxa3ZxRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTYv
ODdiMjY3LTQ5YzItNDI2OS05ZjY2LTAwYmNkOWI5MWMxYi8xLzNKRGdydUhzd3hC
bXkzUlBpbl91M3ZzX2VUQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBf
BggrBgEFBQcBBwEB/wRQME4wTAQCAAEwRgMEAi0ODDAMAwQFUFngAwQAUFnmAwQB
UFnqMAwDBABQWe0DBARQWeADBAJV0LgDBABZadUDBABZadkDBAC5UOoDBAK5XJQw
DQYJKoZIhvcNAQELBQADggEBAGIOQAd9tbPjnamAEyUCnf+f2S4QIrYRe+cotLF1
Gw9oSdHGUKO/4N/14YFHi23x7v5KDGeqAFv9hhQ0DH40f2rfdwsoq2mOyzllMHcn
3Yho8YbP4A9QcEJRlsoPs8ahV2wVQM78UsKAeeN9IMY1fWsf6OCWK4Kj2jaXZiTA
438iHIsXx7RJeIJX8XA3lK8x5lbOfthya/5ey3mVX2u1AJO4cbBLOLNON0AVbn8k
/wm9DsvWJwo9DNmk/2sxrL8BKzUzYCTiivbCX/DcY+5ukKAxG0zmGUpdcrhs1F3U
YQqdDs+t3qAik+un3R2itS+MITf1DkDNvZVFWNteQp9nD7Y=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org