Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1iNcRfVk9cMckAPZRWJQuqCY6h4.roa
File: 1iNcRfVk9cMckAPZRWJQuqCY6h4.roa (raw, json)
Hash identifier: pq9tZ0yN1boKeQrcUagM3D7tYWir5mtEAzCpiuoUW94=
Subject key identifier: D6:23:5C:45:F5:64:F5:C3:1C:90:03:D9:45:62:50:BA:A0:98:EA:1E
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0182EAD8B273FCEA0B12B0332BA9D1DEB2A6
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1iNcRfVk9cMckAPZRWJQuqCY6h4.roa
Signing time: Mon 29 Aug 2022 18:24:06 +0000
ROA not before: Mon 29 Aug 2022 18:24:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.43.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
86.106.97.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
85.204.78.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:ea:d8:b2:73:fc:ea:0b:12:b0:33:2b:a9:d1:de:b2:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Aug 29 18:24:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d6235c45f564f5c31c9003d9456250baa098ea1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:00:12:49:88:dc:72:a7:dd:e9:e2:fe:a4:7b:
32:9f:f7:e8:b5:ac:15:83:d4:24:2c:08:d0:87:87:
1c:17:3b:38:86:b5:d8:1c:77:51:07:93:be:e9:ba:
d0:37:c5:cf:88:a2:e8:73:30:d0:71:0e:25:1b:f3:
5f:b4:7a:2a:01:e1:c0:31:2b:66:ef:ad:3f:dc:f6:
b8:12:cf:1c:8a:54:5a:39:18:fc:1f:40:e4:d2:91:
0a:34:f3:09:7c:11:77:c1:62:bb:4e:9b:8e:15:cc:
97:0e:4b:74:d6:c6:88:6d:0e:98:c2:b5:5b:42:2b:
fb:ba:2a:cd:9d:73:d1:c6:f6:cb:6f:46:8f:c9:94:
11:da:c3:8b:09:50:59:38:34:d8:77:8d:f2:51:47:
34:5f:8c:28:72:c6:fe:f1:46:1a:ca:09:ef:08:4b:
a2:1c:97:ee:03:b2:74:e4:3c:42:4e:7a:fb:b8:7d:
ce:2f:49:ce:9d:a4:0a:91:b2:d0:bf:90:cc:5a:21:
51:5f:c9:fb:09:20:07:ef:a1:ff:99:c3:6b:fb:03:
0e:cf:ad:6e:12:f8:09:9c:1f:f0:02:26:65:93:ed:
30:fe:3b:79:2a:66:cc:a3:85:98:73:c5:98:4d:38:
be:44:3e:93:85:ce:de:de:9f:b2:1a:ea:7f:d1:e0:
d2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:23:5C:45:F5:64:F5:C3:1C:90:03:D9:45:62:50:BA:A0:98:EA:1E
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/1iNcRfVk9cMckAPZRWJQuqCY6h4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
86.106.97.0/24
86.106.104.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0/24
89.43.43.0-89.43.46.255
89.43.73.0/24
89.44.209.0/24
89.45.34.0/24
93.113.158.0/24
93.113.202.0/24
93.114.55.0/24
93.114.99.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
1b:45:68:cd:79:e7:a8:fe:84:cc:29:51:ef:e8:11:d5:06:d7:
80:d8:bc:6b:44:da:ce:dd:d0:82:dc:bf:64:28:28:23:24:98:
2b:4f:7b:bd:e7:66:80:48:a4:d8:c2:bc:ed:ed:18:0d:44:cc:
04:01:2f:80:08:2e:14:7a:0e:50:4a:14:19:bc:eb:3e:c3:0f:
94:46:bf:37:a7:73:ac:05:0e:40:b1:d5:2c:2e:10:38:b0:d9:
ad:d1:f3:28:91:1f:c6:71:99:d2:33:87:14:56:ec:04:89:55:
7f:76:ce:a5:7c:41:8f:1c:1d:a3:62:2f:8d:d4:fb:a9:71:f1:
a1:12:bd:7b:4a:f1:05:d5:d6:db:de:9d:f9:f0:ce:1d:30:c5:
c0:87:da:ae:b1:7b:c2:cf:48:ba:af:b6:6b:42:6a:6d:31:10:
c4:21:64:bc:ac:cd:4c:24:5e:14:07:c9:29:f8:c2:2a:2c:9a:
25:34:85:22:a7:04:7b:7c:21:21:18:32:52:d3:61:55:f6:46:
37:34:13:ba:62:f5:ed:ec:ca:2e:31:cb:a2:e4:01:f9:3c:a1:
2e:b1:2b:60:a4:67:cc:34:15:b0:72:7c:8e:92:26:a7:9c:37:
4f:de:31:80:8f:d0:75:ca:00:ec:1e:90:cb:92:60:fd:2c:dd:
30:1b:de:c7
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgISAYLq2LJz/OoLErAzK6nR3rKmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIwODI5MTgyNDA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjIzNWM0NWY1NjRmNWMzMWM5MDAzZDk0NTYyNTBiYWEwOThlYTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgASSYjccqfd6eL+pHsyn/fotawV
g9QkLAjQh4ccFzs4hrXYHHdRB5O+6brQN8XPiKLoczDQcQ4lG/NftHoqAeHAMStm
760/3Pa4Es8cilRaORj8H0Dk0pEKNPMJfBF3wWK7TpuOFcyXDkt01saIbQ6YwrVb
Qiv7uirNnXPRxvbLb0aPyZQR2sOLCVBZODTYd43yUUc0X4wocsb+8UYaygnvCEui
HJfuA7J05DxCTnr7uH3OL0nOnaQKkbLQv5DMWiFRX8n7CSAH76H/mcNr+wMOz61u
EvgJnB/wAiZlk+0w/jt5KmbMo4WYc8WYTTi+RD6Thc7e3p+yGup/0eDSiQIDAQAB
o4ICqzCCAqcwHQYDVR0OBBYEFNYjXEX1ZPXDHJAD2UViULqgmOoeMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvMWlOY1JmVms5Y01ja0FQWlJXSlF1cUNZNmg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHABggrBgEFBQcBBwEB/wSBsDCBrTCBmQQCAAEwgZIDBABV
zE4DBABVzH0DBABVzH8DBABWalADBABWamEDBABWamgDBABZIaMDBANZIggDBABZ
JYgDBABZJ/wDBABZKygwDAMEAFkrKwMEAFkrLgMEAFkrSQMEAFks0QMEAFktIgME
AF1xngMEAF1xygMEAF1yNwMEAF1yYwMEAF1yuwMEALzVEgMEAbzXSAMEALzwDjAP
BAIAAjAJAwcAKgW2gAABMA0GCSqGSIb3DQEBCwUAA4IBAQAbRWjNeeeo/oTMKVHv
6BHVBteA2LxrRNrO3dCC3L9kKCgjJJgrT3u952aASKTYwrzt7RgNRMwEAS+ACC4U
eg5QShQZvOs+ww+URr83p3OsBQ5AsdUsLhA4sNmt0fMokR/GcZnSM4cUVuwEiVV/
ds6lfEGPHB2jYi+N1PupcfGhEr17SvEF1dbb3p358M4dMMXAh9qusXvCz0i6r7Zr
QmptMRDEIWS8rM1MJF4UB8kp+MIqLJolNIUipwR7fCEhGDJS02FV9kY3NBO6YvXt
7MouMcui5AH5PKEusStgpGfMNBWwcnyOkiannDdP3jGAj9B1ygDsHpDLkmD9LN0w
G97H
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org