Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/JKNp0dhOnD_4UY3PdebeeGHBN8Y.roa
File: JKNp0dhOnD_4UY3PdebeeGHBN8Y.roa (raw, json)
Hash identifier: qjm91GLY5zh2QpsOxjWqx6rPWuMzVehb2mrILELBGZQ=
Subject key identifier: 24:A3:69:D1:D8:4E:9C:3F:F8:51:8D:CF:75:E6:DE:78:61:C1:37:C6
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 14C5F090
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/JKNp0dhOnD_4UY3PdebeeGHBN8Y.roa
Signing time: Sat 01 Jan 2022 05:51:53 +0000
ROA not before: Sat 01 Jan 2022 05:51:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 24589
IP address blocks: 176.103.176.0/20 maxlen: 20
176.103.184.0/24 maxlen: 24
176.103.192.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
185.47.11.0/24 maxlen: 24
185.47.10.0/24 maxlen: 24
87.99.64.0/24 maxlen: 24
87.99.64.0/19 maxlen: 19
87.99.67.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.238.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.236.0/24 maxlen: 24
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/24 maxlen: 24
194.9.212.0/22 maxlen: 22
91.233.214.0/23 maxlen: 23
31.42.80.0/20 maxlen: 20
176.106.96.0/21 maxlen: 21
195.69.88.0/22 maxlen: 22
87.99.95.0/24 maxlen: 24
91.90.255.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
185.220.196.0/22 maxlen: 22
91.90.252.64/29 maxlen: 29
109.229.192.0/19 maxlen: 19
213.110.64.0/19 maxlen: 19
88.135.128.0/19 maxlen: 19
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
83.243.88.0/21 maxlen: 21
176.106.160.0/20 maxlen: 20
171.25.218.0/23 maxlen: 23
176.106.176.0/21 maxlen: 21
2a01:8ca0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 348516496 (0x14c5f090)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 1 05:51:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=24a369d1d84e9c3ff8518dcf75e6de7861c137c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3b:71:e4:d8:63:45:f8:ec:cb:7b:74:a6:a3:
4d:c0:e9:90:5d:b7:38:74:1e:52:75:d7:d4:7d:aa:
88:0f:4a:bf:31:45:3e:2b:5d:4d:82:fe:25:6a:83:
d4:bd:d7:89:6d:b9:b9:95:99:d6:47:09:6a:d1:1e:
5f:1a:f2:87:e0:b9:4e:e9:4e:3a:7d:b3:45:2d:de:
4a:90:75:49:e6:cd:8d:3a:06:d2:a5:0b:f8:08:f9:
80:1e:b6:ba:d5:bf:03:76:49:5a:20:ae:ff:25:33:
cb:db:47:95:ad:f5:77:91:f4:32:42:6c:58:81:e9:
cf:9c:46:09:6f:31:84:95:54:db:92:54:a1:94:1a:
be:38:7f:4d:1d:c4:85:27:8c:aa:f5:19:53:f2:05:
ae:25:27:d6:99:78:04:ea:fb:c4:09:85:43:a8:af:
c6:5b:4a:cd:87:be:19:bc:47:e1:b0:ba:ec:5d:38:
31:41:12:00:94:d6:a2:6f:d5:aa:dd:a8:3f:f5:1a:
03:31:55:e7:b4:41:4c:19:2b:a7:37:94:35:88:68:
26:e5:cb:f4:97:32:e2:63:4f:fc:b9:f8:7e:ae:49:
18:68:e9:81:ad:8a:fc:da:12:d1:bd:9c:cd:44:ed:
ba:ec:cd:ee:7d:d3:4d:6d:1b:20:e0:65:dd:5d:06:
8c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:A3:69:D1:D8:4E:9C:3F:F8:51:8D:CF:75:E6:DE:78:61:C1:37:C6
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/JKNp0dhOnD_4UY3PdebeeGHBN8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0-176.103.199.255
176.106.48.0/20
176.106.96.0/21
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/19
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
11:fa:ab:98:42:31:3c:58:5a:5a:b1:80:cc:a6:19:f7:6b:c8:
91:f4:ae:b1:9e:96:5d:c5:fc:0f:24:12:33:98:4c:5a:62:84:
e8:75:ed:d9:4d:c8:0b:f5:8e:eb:33:3f:45:21:fb:62:6b:40:
32:2b:1d:fa:a6:49:26:9c:75:ea:74:08:4a:38:ad:0d:39:71:
04:f0:6b:13:9b:99:f9:61:5a:f4:76:c0:3a:5a:ca:3d:7f:7b:
3c:61:57:55:0f:ee:d5:03:42:60:23:2d:e8:44:1c:ad:cc:d8:
d1:44:2f:da:aa:d5:60:97:e0:3c:90:a5:69:b4:80:fd:c6:27:
4a:85:8b:46:d2:b9:ad:50:b6:5a:78:17:d9:8c:28:35:7d:15:
a2:48:2d:d0:90:9a:db:0e:74:f4:93:29:65:c6:4a:0f:34:58:
c6:75:dd:ed:3f:43:82:3b:32:27:f7:86:e7:4e:07:ff:c1:2c:
c7:17:d5:d6:bd:c0:58:5a:71:a7:6d:13:8e:31:e6:2a:c7:c1:
71:2a:0a:ce:53:e4:13:9d:c2:f9:85:e5:f1:db:be:4c:b3:be:
ee:19:ea:d7:c9:08:cd:46:34:4c:6b:c2:fe:58:82:e3:35:26:
77:f7:19:6c:b9:de:8d:ec:4e:f4:a6:26:1e:00:c6:65:8f:25:
7b:1a:31:42
-----BEGIN CERTIFICATE-----
MIIFkzCCBHugAwIBAgIEFMXwkDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
OGFkZDliNjcxZjdhMzZlYjIzNjdlMzRmZWU0YmNiMTNiOGY2NmNjMB4XDTIyMDEw
MTA1NTE1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMjRhMzY5ZDFkODRl
OWMzZmY4NTE4ZGNmNzVlNmRlNzg2MWMxMzdjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALc7ceTYY0X47Mt7dKajTcDpkF23OHQeUnXX1H2qiA9KvzFF
PitdTYL+JWqD1L3XiW25uZWZ1kcJatEeXxryh+C5TulOOn2zRS3eSpB1SebNjToG
0qUL+Aj5gB62utW/A3ZJWiCu/yUzy9tHla31d5H0MkJsWIHpz5xGCW8xhJVU25JU
oZQavjh/TR3EhSeMqvUZU/IFriUn1pl4BOr7xAmFQ6ivxltKzYe+GbxH4bC67F04
MUESAJTWom/Vqt2oP/UaAzFV57RBTBkrpzeUNYhoJuXL9Jcy4mNP/Ln4fq5JGGjp
ga2K/NoS0b2czUTtuuzN7n3TTW0bIOBl3V0GjJ8CAwEAAaOCAq0wggKpMB0GA1Ud
DgQWBBQko2nR2E6cP/hRjc915t54YcE3xjAfBgNVHSMEGDAWgBSIrdm2cfejbrI2
fjT+5LyxO49mzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2lLM1p0bkgzbzI2eU5uNDBfdVM4c1R1UFpzdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvM2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8x
L0pLTnAwZGhPbkRfNFVZM1BkZWJlZUdIQk44WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
M2VkMDBhLTE1ZWUtNDY2NC1hN2YxLWExYjk2YjliNzBmOC8xL2lLM1p0bkgzbzI2
eU5uNDBfdVM4c1R1UFpzdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
wgYIKwYBBQUHAQcBAf8EgbIwga8wgZ0EAgABMIGWAwQEHypQAwQDU/NYAwQDVCaI
AwQFV2NAAwQFWIeAAwQFW1rgAwQBW+nWAwQDbcXQAwQFbeXAAwQBqxnaMAwDBASw
Z7ADBAOwZ8ADBASwajADBAOwamAwDAMEBbBqoAMEA7BqsAMEAbkvCgMEArncxAME
AsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQF1W5AMA0EAgACMAcDBQAq
AYygMA0GCSqGSIb3DQEBCwUAA4IBAQAR+quYQjE8WFpasYDMphn3a8iR9K6xnpZd
xfwPJBIzmExaYoTode3ZTcgL9Y7rMz9FIftia0AyKx36pkkmnHXqdAhKOK0NOXEE
8GsTm5n5YVr0dsA6Wso9f3s8YVdVD+7VA0JgIy3oRBytzNjRRC/aqtVgl+A8kKVp
tID9xidKhYtG0rmtULZaeBfZjCg1fRWiSC3QkJrbDnT0kyllxkoPNFjGdd3tP0OC
OzIn94bnTgf/wSzHF9XWvcBYWnGnbROOMeYqx8FxKgrOU+QTncL5heXx275Ms77u
GerXyQjNRjRMa8L+WILjNSZ39xlsud6N7E70piYeAMZljyV7GjFC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:02 2023 by rpki-client on console-ams.rpki-client.org