Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kiNU2GQgxOyui3elH9-YIeE6pik.roa
File: kiNU2GQgxOyui3elH9-YIeE6pik.roa (raw, json)
Hash identifier: yMCnn+nvoXK2ZXCJkUCYpa3NaW9hf5O10S75nksQHPY=
Subject key identifier: 92:23:54:D8:64:20:C4:EC:AE:8B:77:A5:1F:DF:98:21:E1:3A:A6:29
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018535B14EB90D195F4103C26918C107CBF6
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kiNU2GQgxOyui3elH9-YIeE6pik.roa
Signing time: Wed 21 Dec 2022 17:18:10 +0000
ROA not before: Wed 21 Dec 2022 17:18:10 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.80.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
85.204.78.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:35:b1:4e:b9:0d:19:5f:41:03:c2:69:18:c1:07:cb:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Dec 21 17:18:10 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=922354d86420c4ecae8b77a51fdf9821e13aa629
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:d3:55:f0:fb:50:9e:12:15:f6:08:69:a5:a5:
80:5d:3e:d7:01:d0:ec:0d:90:78:0b:d6:9b:95:6e:
d5:b7:40:86:ae:16:80:24:f5:e6:3b:e9:8a:fa:dc:
3c:2d:76:ae:55:ea:94:a2:8d:a0:91:06:99:ff:7e:
d6:5b:03:cd:1e:eb:91:39:1d:d1:19:40:9a:fc:50:
bf:87:4a:36:02:ea:87:68:c8:c0:c7:68:69:96:00:
f3:64:c1:94:de:2b:36:bb:58:6b:ee:55:58:64:2a:
6e:e7:c6:97:97:4e:b8:6e:15:c8:a7:78:f1:3f:3d:
30:b4:9f:fe:95:cc:ee:a1:82:54:71:3a:90:cb:a5:
e8:a5:1e:a6:b3:cd:a1:ae:c6:ac:df:b1:1e:86:e2:
99:53:41:1a:a5:41:1e:8b:c3:22:82:d0:28:39:cd:
e9:fe:0c:91:bf:ed:e7:38:6d:10:26:21:82:b2:e0:
de:5a:36:d7:45:bc:e1:e2:07:44:c1:9a:c3:17:24:
23:78:38:c9:83:a1:b7:b5:d1:4b:c0:88:83:18:60:
d6:03:d6:53:14:83:51:b4:cf:e0:53:2e:c4:e9:ec:
6b:1e:d1:f1:f7:fa:4a:13:9f:93:fc:a3:e8:05:50:
29:c1:08:b7:f0:fa:42:12:18:4e:5b:de:d0:1d:56:
02:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:23:54:D8:64:20:C4:EC:AE:8B:77:A5:1F:DF:98:21:E1:3A:A6:29
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/kiNU2GQgxOyui3elH9-YIeE6pik.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0-89.43.44.255
89.43.46.0/24
89.43.73.0/24
89.45.34.0/24
93.113.158.0/24
93.113.202.0/24
93.114.55.0/24
93.114.99.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
85:f7:08:a7:7b:bb:37:29:71:b1:95:66:f3:19:99:0b:6f:4c:
d8:bb:0f:1d:c2:31:53:ff:4e:e4:23:86:24:30:6c:af:f1:e6:
be:59:96:7d:ca:82:32:26:2f:7d:46:26:64:2f:70:53:97:70:
ef:5d:3a:58:e2:32:3b:a2:de:e0:50:83:92:ec:6e:6a:f1:ce:
99:d8:5d:a9:bc:93:6f:34:e2:f3:9f:4a:e0:04:a7:09:bc:45:
fb:a3:86:03:a7:c4:b3:7e:2b:e7:84:03:c3:81:ee:87:a5:e2:
34:a0:e0:fa:8b:a6:1a:2c:64:5c:54:a0:db:dc:8a:45:9b:01:
f7:e4:14:0c:d9:a0:c8:1f:cf:16:5a:b8:f8:02:67:d6:16:74:
18:d1:93:32:19:42:c7:29:39:c8:ad:f5:ab:23:32:5f:6f:12:
cc:f0:40:4f:28:4a:bc:25:3c:4c:c4:3f:5e:33:4b:73:9f:04:
7e:6e:08:f3:0e:a4:3f:f0:68:99:83:5f:72:1f:0d:89:1d:4e:
4c:7f:9e:f6:eb:70:ea:6d:1d:65:a6:69:de:b4:eb:02:ee:3f:
6d:d6:33:fb:fa:ce:9a:81:a4:a8:17:b1:2d:37:e8:c8:02:a3:
9b:c3:2c:a2:03:0d:7e:37:91:af:79:dc:ef:b9:96:d8:bd:f0:
65:3d:c9:f0
-----BEGIN CERTIFICATE-----
MIIFjTCCBHWgAwIBAgISAYU1sU65DRlfQQPCaRjBB8v2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjIxMjIxMTcxODEwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjIzNTRkODY0MjBjNGVjYWU4Yjc3YTUxZmRmOTgyMWUxM2FhNjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAntNV8PtQnhIV9ghppaWAXT7XAdDs
DZB4C9ablW7Vt0CGrhaAJPXmO+mK+tw8LXauVeqUoo2gkQaZ/37WWwPNHuuROR3R
GUCa/FC/h0o2AuqHaMjAx2hplgDzZMGU3is2u1hr7lVYZCpu58aXl064bhXIp3jx
Pz0wtJ/+lczuoYJUcTqQy6XopR6ms82hrsas37EehuKZU0EapUEei8MigtAoOc3p
/gyRv+3nOG0QJiGCsuDeWjbXRbzh4gdEwZrDFyQjeDjJg6G3tdFLwIiDGGDWA9ZT
FINRtM/gUy7E6exrHtHx9/pKE5+T/KPoBVApwQi38PpCEhhOW97QHVYC6wIDAQAB
o4ICmTCCApUwHQYDVR0OBBYEFJIjVNhkIMTsrot3pR/fmCHhOqYpMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEva2lOVTJHUWd4T3l1aTNlbEg5LVlJZUU2cGlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGuBggrBgEFBQcBBwEB/wSBnjCBmzCBhwQCAAEwgYADBABV
zE4DBABVzH0DBABVzH8DBABWalADBABZIaMDBANZIggDBABZJYgDBABZJ/wwDAME
A1krKAMEAFkrLAMEAFkrLgMEAFkrSQMEAFktIgMEAF1xngMEAF1xygMEAF1yNwME
AF1yYwMEAF1yuwMEALzVEgMEAbzXSAMEALzwDjAPBAIAAjAJAwcAKgW2gAABMA0G
CSqGSIb3DQEBCwUAA4IBAQCF9wine7s3KXGxlWbzGZkLb0zYuw8dwjFT/07kI4Yk
MGyv8ea+WZZ9yoIyJi99RiZkL3BTl3DvXTpY4jI7ot7gUIOS7G5q8c6Z2F2pvJNv
NOLzn0rgBKcJvEX7o4YDp8SzfivnhAPDge6HpeI0oOD6i6YaLGRcVKDb3IpFmwH3
5BQM2aDIH88WWrj4AmfWFnQY0ZMyGULHKTnIrfWrIzJfbxLM8EBPKEq8JTxMxD9e
M0tznwR+bgjzDqQ/8GiZg19yHw2JHU5Mf57263DqbR1lpmnetOsC7j9t1jP7+s6a
gaSoF7EtN+jIAqObwyyiAw1+N5GvedzvuZbYvfBlPcnw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:08 2023 by rpki-client on console-fra.rpki-client.org