Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/gki8EetgMOt73Ha3c8bWW_8z8FQ.roa
File: gki8EetgMOt73Ha3c8bWW_8z8FQ.roa (raw, json)
Hash identifier: 381UhyOm6RTwOW4E/WIo9ylfNTksbtmtUi0Ibi/9SXM=
Subject key identifier: 82:48:BC:11:EB:60:30:EB:7B:DC:76:B7:73:C6:D6:5B:FF:33:F0:54
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0B9C844B
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/gki8EetgMOt73Ha3c8bWW_8z8FQ.roa
Signing time: Wed 19 Jan 2022 20:41:51 +0000
ROA not before: Wed 19 Jan 2022 20:41:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
93.113.203.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
86.106.80.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.97.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194806859 (0xb9c844b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 19 20:41:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8248bc11eb6030eb7bdc76b773c6d65bff33f054
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:65:52:68:17:02:48:a6:77:3f:ef:d5:0c:7d:
d2:33:c7:6e:86:2d:f9:b3:40:15:f6:5d:96:3c:8b:
ce:42:89:ae:4d:e5:ab:27:5d:b8:b3:0e:38:f3:0a:
31:48:a8:fa:1f:d6:1e:d9:93:34:ea:cc:78:5f:57:
3c:7b:69:ca:65:fb:23:0d:26:6b:06:6b:71:7b:e2:
c6:c9:c4:10:d6:2f:6a:93:35:32:7f:e4:33:6a:d0:
c5:9c:e6:9d:7d:60:95:cb:bd:15:e9:e8:85:62:eb:
80:37:db:c8:3a:c9:0d:b5:fe:04:13:1b:fd:fa:d5:
76:a2:75:df:28:fd:11:69:51:5f:df:f4:6a:37:19:
14:d8:d1:8f:10:24:f7:16:25:b4:47:ad:e5:b9:17:
b2:03:1e:6a:1a:36:2f:8a:53:c0:ab:08:c4:50:e0:
36:22:7d:76:95:68:2e:55:50:31:df:ac:9b:a3:78:
f8:0c:e4:f4:86:80:9d:90:ab:4d:40:9e:63:72:81:
4c:e0:97:f6:56:16:9c:8d:fc:1e:10:a6:2d:bf:30:
08:3b:3c:d1:3c:ab:ea:51:88:c0:c8:0b:3d:b2:f1:
68:05:57:15:9d:24:af:12:d5:25:f6:92:4a:9a:2c:
3c:4b:e8:7f:a5:95:6d:f8:ed:a5:c9:2e:e5:e8:a3:
1f:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:48:BC:11:EB:60:30:EB:7B:DC:76:B7:73:C6:D6:5B:FF:33:F0:54
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/gki8EetgMOt73Ha3c8bWW_8z8FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.127.0/24
86.106.80.0/24
86.106.97.0/24
86.106.104.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0/22
89.43.45.0-89.43.46.255
89.43.73.0/24
89.44.209.0/24
89.45.34.0/24
93.113.158.0/24
93.113.202.0/23
93.114.55.0/24
93.114.99.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
9e:1f:0c:79:ad:05:f2:36:7b:95:44:34:be:04:d1:49:e5:51:
8c:98:7f:f0:f3:17:a4:69:be:f3:ec:30:ad:7d:b7:e7:a5:82:
20:7c:3f:27:ea:3e:e2:11:b6:ee:62:fc:67:26:45:b8:5f:8a:
99:f7:e2:e2:e1:99:03:7e:9c:0a:1c:0e:51:df:ef:b0:3c:ac:
33:bc:ec:2d:a1:05:01:30:88:5b:55:9a:d9:ad:91:bb:ad:7c:
73:5a:e1:8c:36:58:ee:e2:e0:36:51:06:07:02:de:87:09:39:
2f:ab:91:04:17:06:65:ab:33:ca:90:83:fa:ac:63:a5:19:0b:
49:f1:36:11:2d:28:6e:53:d0:35:37:a3:f8:14:6b:95:e4:5d:
ea:f6:09:01:a8:69:99:02:20:36:c4:42:f6:32:d9:12:9f:a3:
ab:08:a4:0e:dd:e3:61:8c:e0:ba:c5:3a:16:f5:e3:4b:84:f7:
b8:0e:c7:6d:a4:85:34:2f:dc:c8:3e:d3:94:fd:83:9e:0b:b1:
8c:96:8b:32:e9:49:4a:07:99:a2:f5:3c:61:91:de:a7:03:1a:
3b:99:7c:c0:91:93:6f:97:22:58:22:9a:bb:5d:af:09:47:e1:
06:ff:61:17:26:44:31:50:3b:43:dc:42:78:ac:2f:7a:03:c5:
f4:f3:44:3d
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIEC5yESzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDEx
OTIwNDE1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoODI0OGJjMTFlYjYw
MzBlYjdiZGM3NmI3NzNjNmQ2NWJmZjMzZjA1NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM9lUmgXAkimdz/v1Qx90jPHboYt+bNAFfZdljyLzkKJrk3l
qydduLMOOPMKMUio+h/WHtmTNOrMeF9XPHtpymX7Iw0mawZrcXvixsnEENYvapM1
Mn/kM2rQxZzmnX1glcu9FenohWLrgDfbyDrJDbX+BBMb/frVdqJ13yj9EWlRX9/0
ajcZFNjRjxAk9xYltEet5bkXsgMeaho2L4pTwKsIxFDgNiJ9dpVoLlVQMd+sm6N4
+Azk9IaAnZCrTUCeY3KBTOCX9lYWnI38HhCmLb8wCDs80Tyr6lGIwMgLPbLxaAVX
FZ0krxLVJfaSSposPEvof6WVbfjtpcku5eijH6sCAwEAAaOCAp8wggKbMB0GA1Ud
DgQWBBSCSLwR62Aw63vcdrdzxtZb/zPwVDAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L2draThFZXRnTU90NzNIYTNjOGJXV184ejhGUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
tAYIKwYBBQUHAQcBAf8EgaQwgaEwgY0EAgABMIGGAwQAVcx/AwQAVmpQAwQAVmph
AwQAVmpoAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQCWSsoMAwDBABZKy0DBABZ
Ky4DBABZK0kDBABZLNEDBABZLSIDBABdcZ4DBAFdccoDBABdcjcDBABdcmMDBABd
crsDBAC81RIDBAG810gDBAC88A4wDwQCAAIwCQMHACoFtoAAATANBgkqhkiG9w0B
AQsFAAOCAQEAnh8Mea0F8jZ7lUQ0vgTRSeVRjJh/8PMXpGm+8+wwrX2356WCIHw/
J+o+4hG27mL8ZyZFuF+Kmffi4uGZA36cChwOUd/vsDysM7zsLaEFATCIW1Wa2a2R
u618c1rhjDZY7uLgNlEGBwLehwk5L6uRBBcGZaszypCD+qxjpRkLSfE2ES0oblPQ
NTej+BRrleRd6vYJAahpmQIgNsRC9jLZEp+jqwikDt3jYYzgusU6FvXjS4T3uA7H
baSFNC/cyD7TlP2DnguxjJaLMulJSgeZovU8YZHepwMaO5l8wJGTb5ciWCKau12v
CUfhBv9hFyZEMVA7Q9xCeKwvegPF9PNEPQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org