Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/rXNz56KtwuuYJnytijJ-kkd86Vc.roa
File: rXNz56KtwuuYJnytijJ-kkd86Vc.roa (raw, json)
Hash identifier: XD2qhETcaYgjEnuZUcPMoai5TcDmmjxaxedkOE/SCu0=
Subject key identifier: AD:73:73:E7:A2:AD:C2:EB:98:26:7C:AD:8A:32:7E:92:47:7C:E9:57
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0CE37E1A
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/rXNz56KtwuuYJnytijJ-kkd86Vc.roa
Signing time: Fri 20 May 2022 07:33:29 +0000
ROA not before: Fri 20 May 2022 07:33:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
86.106.80.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.97.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
93.114.171.0/24 maxlen: 24
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
85.204.78.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 216235546 (0xce37e1a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: May 20 07:33:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad7373e7a2adc2eb98267cad8a327e92477ce957
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:54:48:7e:94:9d:26:d1:5a:b7:07:50:ae:85:
68:cf:77:c4:05:47:16:98:9c:86:6a:52:03:87:48:
e6:6f:ad:89:18:9c:b8:e1:13:ce:4c:b3:b7:33:bf:
9e:62:16:e5:4e:b0:87:a2:00:63:fb:ca:a6:d7:19:
f8:12:bf:48:6b:a5:f4:4b:a3:4a:c2:ab:b0:a6:3c:
55:46:77:88:0a:35:87:89:2e:bb:f8:3d:78:6c:05:
ab:2c:cf:65:26:43:13:4a:2e:a4:4b:cb:ef:44:14:
9a:4b:38:5e:29:1f:a5:e4:a4:e4:66:56:a5:be:1f:
95:8a:5a:04:46:e8:eb:13:ef:12:42:89:33:8c:69:
80:d0:70:5d:ff:15:b1:12:10:c9:c2:f5:61:2e:a2:
5b:2b:16:10:3e:6d:ad:f1:fa:41:be:b4:5c:b5:12:
2e:93:be:ce:f6:54:a0:52:db:bb:a1:71:d4:de:db:
5e:a3:58:76:3b:02:36:c2:3b:e2:88:69:e9:d1:d1:
ee:59:1d:18:33:4c:af:87:29:c9:91:e4:cf:66:80:
47:2a:ca:0a:b9:d2:84:c4:ae:d2:fc:60:40:49:c2:
4f:04:fd:99:d7:e4:47:be:e7:c4:b4:8d:53:87:9d:
ce:22:e4:ea:3c:00:eb:ab:3e:a0:b1:a8:2f:e6:4f:
5b:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:73:73:E7:A2:AD:C2:EB:98:26:7C:AD:8A:32:7E:92:47:7C:E9:57
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/rXNz56KtwuuYJnytijJ-kkd86Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.78.0/24
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
86.106.97.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0/22
89.43.45.0/24
89.43.73.0/24
89.44.209.0/24
89.45.34.0/24
93.113.158.0/24
93.113.202.0/24
93.114.55.0/24
93.114.99.0/24
93.114.171.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
cd:c6:2d:4b:f7:bf:79:9e:12:f3:b6:9a:b8:94:48:1e:f7:f8:
d7:4f:d8:73:fc:fb:b2:2a:9f:3f:cf:97:92:cb:9f:c7:9a:91:
9f:90:50:e1:38:f4:a0:a6:6f:97:95:4c:ae:90:e6:62:bf:53:
8e:0a:82:c1:1b:35:09:7b:ed:f6:2d:dd:8e:a4:50:06:6b:24:
04:24:fd:59:39:56:20:cd:60:7d:ac:21:3a:ac:02:30:f9:13:
86:87:c6:d6:42:e2:2b:c5:84:c0:cb:6e:f9:38:50:e4:2e:ca:
fb:0c:cd:37:83:14:52:36:fd:65:35:96:84:b7:5b:4c:c2:9b:
35:2b:56:e5:c0:7a:b8:5e:da:9a:6c:2c:0c:36:eb:96:f1:08:
0e:79:a4:fe:41:ad:16:f3:41:d4:26:0d:5a:d1:cd:50:b0:44:
fe:c9:75:20:13:ee:69:ad:ed:b3:a6:3b:91:2e:2b:b9:7e:0d:
bb:ea:3e:d7:be:15:cc:32:b2:32:8b:a4:eb:04:f3:bb:cd:36:
fc:53:19:19:b5:dd:34:ad:9a:e9:7a:95:2c:1d:f9:b2:cf:93:
51:86:2d:f9:62:32:91:5a:cf:c8:81:26:61:55:3a:35:36:10:
01:10:ee:68:65:c0:b9:fb:95:ca:0e:ce:d1:57:3c:29:b8:56:
c9:bb:93:6e
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIEDON+GjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDUy
MDA3MzMyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYWQ3MzczZTdhMmFk
YzJlYjk4MjY3Y2FkOGEzMjdlOTI0NzdjZTk1NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAO1USH6UnSbRWrcHUK6FaM93xAVHFpichmpSA4dI5m+tiRic
uOETzkyztzO/nmIW5U6wh6IAY/vKptcZ+BK/SGul9EujSsKrsKY8VUZ3iAo1h4ku
u/g9eGwFqyzPZSZDE0oupEvL70QUmks4XikfpeSk5GZWpb4flYpaBEbo6xPvEkKJ
M4xpgNBwXf8VsRIQycL1YS6iWysWED5trfH6Qb60XLUSLpO+zvZUoFLbu6Fx1N7b
XqNYdjsCNsI74ohp6dHR7lkdGDNMr4cpyZHkz2aARyrKCrnShMSu0vxgQEnCTwT9
mdfkR77nxLSNU4edziLk6jwA66s+oLGoL+ZPWyECAwEAAaOCAqMwggKfMB0GA1Ud
DgQWBBStc3Pnoq3C65gmfK2KMn6SR3zpVzAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L3JYTno1Nkt0d3V1WUpueXRpakota2tkODZWYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
uAYIKwYBBQUHAQcBAf8EgagwgaUwgZEEAgABMIGKAwQAVcxOAwQAVcx9AwQAVcx/
AwQAVmpQAwQAVmphAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQCWSsoAwQAWSst
AwQAWStJAwQAWSzRAwQAWS0iAwQAXXGeAwQAXXHKAwQAXXI3AwQAXXJjAwQAXXKr
AwQAXXK7AwQAvNUSAwQBvNdIAwQAvPAOMA8EAgACMAkDBwAqBbaAAAEwDQYJKoZI
hvcNAQELBQADggEBAM3GLUv3v3meEvO2mriUSB73+NdP2HP8+7Iqnz/Pl5LLn8ea
kZ+QUOE49KCmb5eVTK6Q5mK/U44KgsEbNQl77fYt3Y6kUAZrJAQk/Vk5ViDNYH2s
ITqsAjD5E4aHxtZC4ivFhMDLbvk4UOQuyvsMzTeDFFI2/WU1loS3W0zCmzUrVuXA
erhe2ppsLAw265bxCA55pP5BrRbzQdQmDVrRzVCwRP7JdSAT7mmt7bOmO5EuK7l+
DbvqPte+FcwysjKLpOsE87vNNvxTGRm13TStmul6lSwd+bLPk1GGLfliMpFaz8iB
JmFVOjU2EAEQ7mhlwLn7lcoOztFXPCm4Vsm7k24=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:38 2024 by rpki-client on console-ams.rpki-client.org