Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/tAr7t4XXcknU8EQFIDnumOVwPQg.roa
File: tAr7t4XXcknU8EQFIDnumOVwPQg.roa (raw, json)
Hash identifier: Gv3e71A7SCWs2/dX+PsB1B0YMdzAJJLnnqaD9BO+Y8o=
Subject key identifier: B4:0A:FB:B7:85:D7:72:49:D4:F0:44:05:20:39:EE:98:E5:70:3D:08
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 0BCA369B
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/tAr7t4XXcknU8EQFIDnumOVwPQg.roa
Signing time: Tue 08 Feb 2022 08:23:45 +0000
ROA not before: Tue 08 Feb 2022 08:23:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34450
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.41.0/24 maxlen: 24
89.43.45.0/24 maxlen: 24
89.43.46.0/24 maxlen: 24
89.43.73.0/24 maxlen: 24
89.39.252.0/24 maxlen: 24
188.213.18.0/24 maxlen: 24
188.240.14.0/24 maxlen: 24
93.113.202.0/24 maxlen: 24
93.113.203.0/24 maxlen: 24
89.44.209.0/24 maxlen: 24
188.215.95.0/24 maxlen: 24
93.114.99.0/24 maxlen: 24
89.33.163.0/24 maxlen: 24
89.45.34.0/24 maxlen: 24
93.114.55.0/24 maxlen: 24
188.215.72.0/23 maxlen: 24
86.106.80.0/24 maxlen: 24
93.114.187.0/24 maxlen: 24
86.106.97.0/24 maxlen: 24
86.106.104.0/24 maxlen: 24
89.34.8.0/21 maxlen: 21
85.204.125.0/24 maxlen: 24
85.204.127.0/24 maxlen: 24
93.113.158.0/24 maxlen: 24
89.37.136.0/24 maxlen: 24
2a05:b680:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197801627 (0xbca369b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Feb 8 08:23:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b40afbb785d77249d4f044052039ee98e5703d08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:8d:95:12:15:d4:50:cb:02:fd:4e:2b:b1:27:
09:b1:d7:70:e6:c6:f1:a3:64:7a:ba:af:21:4e:71:
00:06:08:9d:53:a5:bc:81:87:28:1d:d8:17:c3:41:
0c:0c:40:92:fd:89:67:1e:bb:c4:d2:1a:bf:56:2e:
1a:e4:81:ca:45:e0:80:fd:02:d7:e0:cb:c9:bd:4b:
86:20:5d:14:41:9c:36:51:39:83:6c:7b:14:ca:bc:
05:5f:ab:f3:fe:9d:0e:ca:e5:65:8e:82:ec:70:39:
30:fe:5b:0f:38:cc:53:0d:3f:23:c8:9b:2a:72:63:
a4:4b:fc:76:3d:33:ed:2c:24:ee:19:d7:e3:1d:9d:
2e:50:ab:17:f7:cf:94:63:a6:fd:dd:fa:d3:6c:42:
c0:95:a6:b4:96:13:e8:79:75:68:87:a6:e4:70:22:
02:bf:9f:52:c4:36:20:cf:08:f2:08:7a:4c:6a:b0:
30:5a:9d:3c:cf:88:a9:a0:27:e8:92:b4:6e:42:82:
b8:64:7d:63:ed:39:e7:08:c0:eb:92:a8:d1:ed:8c:
d1:f9:2f:6f:7f:d0:3f:fb:15:9b:ff:c2:09:85:49:
7b:12:9f:d8:13:52:15:bf:33:cd:66:7a:6e:cb:7d:
d6:87:8c:53:62:8f:70:62:f3:08:04:1e:01:18:b3:
59:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:0A:FB:B7:85:D7:72:49:D4:F0:44:05:20:39:EE:98:E5:70:3D:08
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/tAr7t4XXcknU8EQFIDnumOVwPQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.125.0/24
85.204.127.0/24
86.106.80.0/24
86.106.97.0/24
86.106.104.0/24
89.33.163.0/24
89.34.8.0/21
89.37.136.0/24
89.39.252.0/24
89.43.40.0/22
89.43.45.0-89.43.46.255
89.43.73.0/24
89.44.209.0/24
89.45.34.0/24
93.113.158.0/24
93.113.202.0/23
93.114.55.0/24
93.114.99.0/24
93.114.187.0/24
188.213.18.0/24
188.215.72.0/23
188.215.95.0/24
188.240.14.0/24
IPv6:
2a05:b680:1::/48
Signature Algorithm: sha256WithRSAEncryption
c4:db:b9:73:dc:41:57:00:5a:a5:8c:95:89:97:59:e5:d7:14:
e4:b2:74:ea:ee:b8:d0:c4:a5:59:4a:43:11:6a:9f:48:a8:91:
d3:6f:a0:cb:b1:66:36:fa:0b:8d:24:ef:1f:73:4b:77:c9:a7:
ef:71:d3:da:4e:b6:38:6b:23:68:23:35:90:e8:7b:e9:19:7a:
ce:d7:4e:7a:e4:30:df:1a:c1:54:6c:15:44:0f:af:be:cd:8e:
22:c1:2b:bd:c8:1a:65:00:0b:b2:c8:44:a1:cd:8c:37:7b:60:
a8:f9:05:e7:44:99:83:23:8c:ee:9a:cc:bc:72:74:74:8f:d7:
7e:c1:36:26:34:02:8e:d2:31:9e:3d:89:f5:1f:65:d6:e2:eb:
bb:dd:43:0e:2e:8c:58:49:c7:03:44:a9:50:10:07:05:61:4a:
ab:09:86:8d:2d:8b:4d:a2:4a:97:32:20:9d:8f:24:3f:25:da:
0c:60:ff:dd:ec:c1:64:be:e3:2c:98:a6:3d:2c:f6:df:db:b7:
be:ff:ee:5a:b7:48:9b:4d:04:f0:00:0d:6b:38:11:56:e5:75:
8f:79:ab:3e:e9:b7:3d:20:05:6f:46:06:b0:4a:81:65:62:12:
89:ed:ab:6c:5c:6a:a4:b8:b4:87:13:fa:97:8f:66:f3:e8:49:
22:28:4e:bb
-----BEGIN CERTIFICATE-----
MIIFkTCCBHmgAwIBAgIEC8o2mzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
ZTU4OTUyZDM5MzkzNWYwZDNiY2U4MTRmZDkxNzhkMDQ2OTNhZWI5MB4XDTIyMDIw
ODA4MjM0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjQwYWZiYjc4NWQ3
NzI0OWQ0ZjA0NDA1MjAzOWVlOThlNTcwM2QwODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI+NlRIV1FDLAv1OK7EnCbHXcObG8aNkerqvIU5xAAYInVOl
vIGHKB3YF8NBDAxAkv2JZx67xNIav1YuGuSBykXggP0C1+DLyb1LhiBdFEGcNlE5
g2x7FMq8BV+r8/6dDsrlZY6C7HA5MP5bDzjMUw0/I8ibKnJjpEv8dj0z7Swk7hnX
4x2dLlCrF/fPlGOm/d3602xCwJWmtJYT6Hl1aIem5HAiAr+fUsQ2IM8I8gh6TGqw
MFqdPM+IqaAn6JK0bkKCuGR9Y+055wjA65Ko0e2M0fkvb3/QP/sVm//CCYVJexKf
2BNSFb8zzWZ6bst91oeMU2KPcGLzCAQeARizWfsCAwEAAaOCAqswggKnMB0GA1Ud
DgQWBBS0Cvu3hddySdTwRAUgOe6Y5XA9CDAfBgNVHSMEGDAWgBT+WJUtOTk18NO8
6BT9kXjQRpOuuTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L19saVZMVGs1TmZEVHZPZ1VfWkY0MEVhVHJyay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzAvYjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8x
L3RBcjd0NFhYY2tuVThFUUZJRG51bU9Wd1BRZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzAv
YjI2YWE4LWFjZTctNGZhNi05ZThlLTVkNDhiNjVjZTU3My8xL19saVZMVGs1TmZE
VHZPZ1VfWkY0MEVhVHJyay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wAYIKwYBBQUHAQcBAf8EgbAwga0wgZkEAgABMIGSAwQAVcx9AwQAVcx/AwQAVmpQ
AwQAVmphAwQAVmpoAwQAWSGjAwQDWSIIAwQAWSWIAwQAWSf8AwQCWSsoMAwDBABZ
Ky0DBABZKy4DBABZK0kDBABZLNEDBABZLSIDBABdcZ4DBAFdccoDBABdcjcDBABd
cmMDBABdcrsDBAC81RIDBAG810gDBAC8118DBAC88A4wDwQCAAIwCQMHACoFtoAA
ATANBgkqhkiG9w0BAQsFAAOCAQEAxNu5c9xBVwBapYyViZdZ5dcU5LJ06u640MSl
WUpDEWqfSKiR02+gy7FmNvoLjSTvH3NLd8mn73HT2k62OGsjaCM1kOh76Rl6ztdO
euQw3xrBVGwVRA+vvs2OIsErvcgaZQALsshEoc2MN3tgqPkF50SZgyOM7prMvHJ0
dI/XfsE2JjQCjtIxnj2J9R9l1uLru91DDi6MWEnHA0SpUBAHBWFKqwmGjS2LTaJK
lzIgnY8kPyXaDGD/3ezBZL7jLJimPSz239u3vv/uWrdIm00E8AANazgRVuV1j3mr
Pum3PSAFb0YGsEqBZWISie2rbFxqpLi0hxP6l49m8+hJIihOuw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:54 2023 by rpki-client on console-ams.rpki-client.org