Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/8QRZ48Y4iweKo4YMWdBlqiosTmA.roa
File: 8QRZ48Y4iweKo4YMWdBlqiosTmA.roa (raw, json)
Hash identifier: i2Mb/t/j4DNMtmD7Qws33ZpkZv/zGsnh0rvH8OAeBeE=
Subject key identifier: F1:04:59:E3:C6:38:8B:07:8A:A3:86:0C:59:D0:65:AA:2A:2C:4E:60
Certificate issuer: /CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Certificate serial: 15835034
Authority key identifier: 28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/8QRZ48Y4iweKo4YMWdBlqiosTmA.roa
Signing time: Sat 30 Apr 2022 02:37:10 +0000
ROA not before: Sat 30 Apr 2022 02:37:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200532
IP address blocks: 185.129.48.0/24 maxlen: 24
185.129.49.0/24 maxlen: 24
185.129.50.0/24 maxlen: 24
185.129.51.0/24 maxlen: 24
185.100.64.0/24 maxlen: 24
185.100.67.0/24 maxlen: 24
185.100.65.0/24 maxlen: 24
185.100.66.0/24 maxlen: 24
188.241.216.0/24 maxlen: 24
188.241.217.0/24 maxlen: 24
185.111.104.0/22 maxlen: 22
185.111.104.0/24 maxlen: 24
185.111.105.0/24 maxlen: 24
185.111.106.0/24 maxlen: 24
185.111.107.0/24 maxlen: 24
185.98.4.0/24 maxlen: 24
185.98.5.0/24 maxlen: 24
185.98.6.0/24 maxlen: 24
185.98.7.0/24 maxlen: 24
185.121.80.0/24 maxlen: 24
185.121.80.0/22 maxlen: 22
185.121.81.0/24 maxlen: 24
185.121.82.0/24 maxlen: 24
185.121.83.0/24 maxlen: 24
185.113.132.0/22 maxlen: 22
185.113.132.0/24 maxlen: 24
185.113.133.0/24 maxlen: 24
185.113.134.0/24 maxlen: 24
185.113.135.0/24 maxlen: 24
185.125.88.0/24 maxlen: 24
185.125.89.0/24 maxlen: 24
185.125.90.0/24 maxlen: 24
185.125.91.0/24 maxlen: 24
185.116.192.0/24 maxlen: 24
185.116.192.0/22 maxlen: 22
185.116.193.0/24 maxlen: 24
185.116.194.0/24 maxlen: 24
185.116.195.0/24 maxlen: 24
2a06:940::/56 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 360927284 (0x15835034)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=28855852a4bcd1bf1ec813f3c13b0f1f372f3971
Validity
Not Before: Apr 30 02:37:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f10459e3c6388b078aa3860c59d065aa2a2c4e60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:60:a9:e2:27:aa:f9:21:db:3d:fb:b0:12:e2:
24:08:26:38:00:41:f0:7f:8d:26:88:1e:e0:ee:fd:
4b:8e:2c:84:f0:2b:9c:4e:26:6e:a9:71:24:30:6e:
e1:7d:e0:60:d5:30:d4:6c:e2:1a:b5:c4:95:e3:6c:
cc:4f:f5:c4:f8:f2:de:67:b1:4a:0f:75:e6:d3:dd:
64:28:9e:38:7e:6b:ff:27:11:21:e2:af:c8:16:18:
ef:37:26:13:c8:f2:27:2e:54:b8:4b:05:d1:00:0d:
de:29:c9:33:f2:a1:8a:8d:a2:2d:8f:b0:8c:1d:6d:
7d:d8:bc:af:bb:9e:80:0b:e5:a1:e7:5d:8c:6f:59:
29:3d:31:ee:33:cd:35:c6:44:75:b7:55:e7:c2:33:
c0:48:7b:58:56:6b:12:41:87:20:3e:b1:fa:6f:ef:
b6:fe:33:0a:a7:78:9f:51:14:71:b5:d9:c8:2d:02:
7a:5b:46:79:18:63:9e:c3:db:a5:dd:ba:62:d2:1c:
c2:c3:b8:11:29:cc:ac:09:39:64:40:a0:01:f7:01:
1c:26:2d:46:4e:d7:3f:e9:5a:b9:ef:23:b7:71:53:
a3:a4:ae:dd:38:e1:02:82:93:8d:4c:5b:36:63:59:
d1:c8:63:3a:4a:3c:a8:10:9a:43:61:fe:3a:55:01:
db:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:04:59:E3:C6:38:8B:07:8A:A3:86:0C:59:D0:65:AA:2A:2C:4E:60
X509v3 Authority Key Identifier:
keyid:28:85:58:52:A4:BC:D1:BF:1E:C8:13:F3:C1:3B:0F:1F:37:2F:39:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KIVYUqS80b8eyBPzwTsPHzcvOXE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/8QRZ48Y4iweKo4YMWdBlqiosTmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0e36fc-ba0b-4ce6-af6a-704463ebad36/1/KIVYUqS80b8eyBPzwTsPHzcvOXE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.98.4.0/22
185.100.64.0/22
185.111.104.0/22
185.113.132.0/22
185.116.192.0/22
185.121.80.0/22
185.125.88.0/22
185.129.48.0/22
188.241.216.0/23
IPv6:
2a06:940::/56
Signature Algorithm: sha256WithRSAEncryption
3c:d6:51:a7:5d:c1:1a:03:82:c3:85:ff:11:9b:78:0b:29:e0:
c3:c9:a6:d3:91:d9:17:7b:d9:99:2c:7a:83:45:69:9f:d0:14:
34:61:52:bd:4e:f4:b9:f9:a1:71:a2:0f:c0:b0:25:cf:2b:d1:
08:db:5c:5f:05:f0:51:23:a6:de:40:e4:c1:18:f0:3b:64:7b:
f6:9f:cb:fa:a5:b6:83:62:80:d3:35:b0:e6:59:68:06:a0:ee:
60:26:29:fa:8d:73:b2:8e:88:39:4a:8e:b4:cc:fa:12:c7:a4:
93:3c:a4:7d:7b:de:1a:b6:e2:0e:d2:9a:11:a4:4c:f2:cb:48:
55:e5:37:5b:ad:c9:fd:47:c3:c8:83:7c:43:a7:d8:fe:4e:f1:
00:f3:ac:f1:c2:06:bc:a3:0d:6b:e6:cc:af:7c:26:6b:56:2b:
7b:60:55:d5:7c:16:7d:66:11:8d:6e:ee:c3:ee:03:4c:94:25:
a1:74:2c:e7:46:28:3e:5f:2a:79:85:bf:8f:fa:be:8a:68:c2:
6b:25:5f:57:0c:2d:7c:41:48:58:ac:78:74:3e:47:ec:81:30:
bd:c1:a8:04:54:1c:61:d2:0d:15:21:d4:cd:bc:d6:16:52:76:
dd:95:39:83:44:e8:3a:61:0e:08:3f:94:29:49:d5:a8:e9:c4:
a2:43:6a:77
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgIEFYNQNDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ODg1NTg1MmE0YmNkMWJmMWVjODEzZjNjMTNiMGYxZjM3MmYzOTcxMB4XDTIyMDQz
MDAyMzcxMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjEwNDU5ZTNjNjM4
OGIwNzhhYTM4NjBjNTlkMDY1YWEyYTJjNGU2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALJgqeInqvkh2z37sBLiJAgmOABB8H+NJoge4O79S44shPAr
nE4mbqlxJDBu4X3gYNUw1GziGrXEleNszE/1xPjy3mexSg915tPdZCieOH5r/ycR
IeKvyBYY7zcmE8jyJy5UuEsF0QAN3inJM/Khio2iLY+wjB1tfdi8r7uegAvloedd
jG9ZKT0x7jPNNcZEdbdV58IzwEh7WFZrEkGHID6x+m/vtv4zCqd4n1EUcbXZyC0C
eltGeRhjnsPbpd26YtIcwsO4ESnMrAk5ZECgAfcBHCYtRk7XP+laue8jt3FTo6Su
3TjhAoKTjUxbNmNZ0chjOko8qBCaQ2H+OlUB20kCAwEAAaOCAkswggJHMB0GA1Ud
DgQWBBTxBFnjxjiLB4qjhgxZ0GWqKixOYDAfBgNVHSMEGDAWgBQohVhSpLzRvx7I
E/PBOw8fNy85cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tJVllVcVM4MGI4ZXlCUHp3VHNQSHpjdk9YRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvMGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8x
LzhRUlo0OFk0aXdlS280WU1XZEJscWlvc1RtQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
MGUzNmZjLWJhMGItNGNlNi1hZjZhLTcwNDQ2M2ViYWQzNi8xL0tJVllVcVM4MGI4
ZXlCUHp3VHNQSHpjdk9YRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBh
BggrBgEFBQcBBwEB/wRSMFAwPAQCAAEwNgMEArliBAMEArlkQAMEArlvaAMEArlx
hAMEArl0wAMEArl5UAMEArl9WAMEArmBMAMEAbzx2DAQBAIAAjAKAwgAKgYJQAAA
ADANBgkqhkiG9w0BAQsFAAOCAQEAPNZRp13BGgOCw4X/EZt4Cyngw8mm05HZF3vZ
mSx6g0Vpn9AUNGFSvU70ufmhcaIPwLAlzyvRCNtcXwXwUSOm3kDkwRjwO2R79p/L
+qW2g2KA0zWw5lloBqDuYCYp+o1zso6IOUqOtMz6EsekkzykfXveGrbiDtKaEaRM
8stIVeU3W63J/UfDyIN8Q6fY/k7xAPOs8cIGvKMNa+bMr3wma1Yre2BV1XwWfWYR
jW7uw+4DTJQloXQs50YoPl8qeYW/j/q+imjCayVfVwwtfEFIWKx4dD5H7IEwvcGo
BFQcYdINFSHUzbzWFlJ23ZU5g0ToOmEOCD+UKUnVqOnEokNqdw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:51 2023 by rpki-client on console-ams.rpki-client.org