Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/35cuchtMMq-KJsddF3kQZ5TKvd4.roa
File: 35cuchtMMq-KJsddF3kQZ5TKvd4.roa (raw, json)
Hash identifier: vKXX7kJjJE+zxzP0HEPPbBmRjmEU1mCOlxD5rYpyRlo=
Subject key identifier: DF:97:2E:72:1B:4C:32:AF:8A:26:C7:5D:17:79:10:67:94:CA:BD:DE
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 01835B72C0751889C3C55942BDF0EADCB55D
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/35cuchtMMq-KJsddF3kQZ5TKvd4.roa
Signing time: Tue 20 Sep 2022 15:09:50 +0000
ROA not before: Tue 20 Sep 2022 15:09:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.43.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
85.204.78.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:5b:72:c0:75:18:89:c3:c5:59:42:bd:f0:ea:dc:b5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Sep 20 15:09:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=df972e721b4c32af8a26c75d1779106794cabdde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:68:47:c5:bc:3b:74:fa:7d:32:b6:6f:a9:7a:
5f:6e:08:25:66:50:b9:df:52:4c:ce:9e:af:51:af:
4c:90:c1:9f:9b:20:0b:90:63:20:46:8d:96:50:c9:
49:89:7d:d5:91:ff:84:25:9a:3d:77:e7:cb:03:db:
60:48:63:9b:10:c3:24:0d:d0:c3:c8:9e:2f:74:0f:
09:75:83:54:4e:a0:e6:29:c9:15:19:24:0b:31:ba:
73:6f:a6:40:d4:67:84:80:d9:2b:c0:d1:3f:98:5a:
91:d7:db:bf:08:5d:a9:f5:3c:c8:7e:b1:fc:0f:92:
07:45:bd:0f:71:60:66:50:64:0d:d5:fd:91:99:15:
6c:ee:99:17:b0:6d:a2:86:fc:5e:66:d2:48:78:cd:
64:80:50:77:f2:61:60:8e:62:1a:d7:d0:48:48:16:
76:4e:3b:b5:25:21:52:ae:08:8f:36:1e:be:b1:22:
0c:3f:7a:0d:ef:ab:2e:9e:6e:d0:40:75:8c:b8:5f:
7a:20:0d:d2:e9:45:44:aa:9a:05:81:eb:ed:7d:7e:
86:35:ab:ca:8f:38:ce:6b:79:88:68:5d:08:0c:a3:
98:69:43:65:ea:e9:b1:e2:ce:ac:5b:28:00:83:8d:
85:f4:b0:03:ce:41:3b:d9:17:89:14:2a:b5:41:3d:
dc:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:97:2E:72:1B:4C:32:AF:8A:26:C7:5D:17:79:10:67:94:CA:BD:DE
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/35cuchtMMq-KJsddF3kQZ5TKvd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
86.106.104.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0/24
89.43.43.0-89.43.46.255
89.43.73.0/24
89.44.209.0/24
93.113.158.0/24
93.113.202.0/24
93.114.55.0/24
93.114.99.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
0c:73:6a:87:1e:95:13:60:30:7a:50:fc:c1:56:61:74:58:96:
f5:09:d4:49:b3:a2:71:ac:52:ad:35:b2:cf:2d:57:81:ec:98:
9c:d2:67:22:48:26:48:01:7b:1c:65:eb:02:9d:0f:0d:4a:a7:
bc:b7:50:71:1b:4b:7b:5c:a4:29:7a:da:86:ef:f6:fc:0c:a2:
49:6f:30:88:de:85:d9:5c:26:3d:7c:6c:49:ff:82:f5:99:af:
39:a2:e5:00:b7:87:89:b9:30:3c:e0:a7:e9:43:c3:94:6e:23:
ef:3c:e9:a9:38:8e:c0:99:4e:0a:55:79:87:0d:fe:72:41:66:
56:05:c0:7e:95:3f:1c:f3:78:cf:e2:6f:87:f2:38:91:df:40:
27:8b:91:1a:78:1f:ae:e8:52:44:cc:a9:d0:b3:17:7a:14:88:
c8:39:a3:12:ac:c5:6b:5d:bd:83:53:36:31:52:b5:0a:23:93:
5c:0c:b0:59:37:da:15:a6:3d:ee:d4:d6:59:c6:78:b6:ac:6e:
e9:58:6e:fe:86:ec:fd:38:c0:6a:f5:7a:a0:d9:ce:e9:4d:f6:
7f:c3:a4:7c:18:31:ed:f1:7f:dd:a8:6a:d2:cd:39:58:c7:b8:
2d:e4:48:f7:d1:cd:15:15:cb:f3:7e:3d:23:96:52:a4:fa:c5:
61:3c:b9:44
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYNbcsB1GInDxVlCvfDq3LVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIwOTIwMTUwOTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjk3MmU3MjFiNGMzMmFmOGEyNmM3NWQxNzc5MTA2Nzk0Y2FiZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhWhHxbw7dPp9MrZvqXpfbgglZlC5
31JMzp6vUa9MkMGfmyALkGMgRo2WUMlJiX3Vkf+EJZo9d+fLA9tgSGObEMMkDdDD
yJ4vdA8JdYNUTqDmKckVGSQLMbpzb6ZA1GeEgNkrwNE/mFqR19u/CF2p9TzIfrH8
D5IHRb0PcWBmUGQN1f2RmRVs7pkXsG2ihvxeZtJIeM1kgFB38mFgjmIa19BISBZ2
Tju1JSFSrgiPNh6+sSIMP3oN76sunm7QQHWMuF96IA3S6UVEqpoFgevtfX6GNavK
jzjOa3mIaF0IDKOYaUNl6umx4s6sWygAg42F9LADzkE72ReJFCq1QT3cmQIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFN+XLnIbTDKviibHXRd5EGeUyr3eMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvMzVjdWNodE1NcS1LSnNkZEYza1FaNVRLdmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBhwQCAAEwgYADBABV
zE4DBABVzH0DBABVzH8DBABWalADBABWamgDBABZIaMDBANZIggDBABZJYgDBABZ
J/wDBABZKygwDAMEAFkrKwMEAFkrLgMEAFkrSQMEAFks0QMEAF1xngMEAF1xygME
AF1yNwMEAF1yYwMEALzVEgMEAbzXSAMEALzwDjAPBAIAAjAJAwcAKgW2gAABMA0G
CSqGSIb3DQEBCwUAA4IBAQAMc2qHHpUTYDB6UPzBVmF0WJb1CdRJs6JxrFKtNbLP
LVeB7Jic0mciSCZIAXscZesCnQ8NSqe8t1BxG0t7XKQpetqG7/b8DKJJbzCI3oXZ
XCY9fGxJ/4L1ma85ouUAt4eJuTA84KfpQ8OUbiPvPOmpOI7AmU4KVXmHDf5yQWZW
BcB+lT8c83jP4m+H8jiR30Ani5EaeB+u6FJEzKnQsxd6FIjIOaMSrMVrXb2DUzYx
UrUKI5NcDLBZN9oVpj3u1NZZxni2rG7pWG7+huz9OMBq9Xqg2c7pTfZ/w6R8GDHt
8X/dqGrSzTlYx7gt5Ej30c0VFcvzfj0jllKk+sVhPLlE
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:54 2023 by rpki-client on console-ams.rpki-client.org