Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/IVopDJobJx-tQu0TStsMpwEP5o4.roa
File: IVopDJobJx-tQu0TStsMpwEP5o4.roa (raw, json)
Hash identifier: YYGrONycBQnWZGR/86+HXugyVdtxCFFbxvN840TEw/0=
Subject key identifier: 21:5A:29:0C:9A:1B:27:1F:AD:42:ED:13:4A:DB:0C:A7:01:0F:E6:8E
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 0182F5127A197CB6AB2BB5078452AAE10083
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/IVopDJobJx-tQu0TStsMpwEP5o4.roa
Signing time: Wed 31 Aug 2022 18:03:24 +0000
ROA not before: Wed 31 Aug 2022 18:03:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206617
IP address blocks: 188.241.251.0/24 maxlen: 24
195.2.218.0/23 maxlen: 23
193.178.224.0/23 maxlen: 23
185.18.24.0/22 maxlen: 24
31.14.184.0/21 maxlen: 22
188.213.16.0/24 maxlen: 24
188.241.186.0/24 maxlen: 24
188.213.40.0/21 maxlen: 22
93.114.170.0/24 maxlen: 24
188.240.42.0/24 maxlen: 24
188.240.44.0/23 maxlen: 23
188.241.153.0/24 maxlen: 24
93.114.245.0/24 maxlen: 24
93.115.210.0/24 maxlen: 24
185.167.52.0/22 maxlen: 22
89.40.234.0/23 maxlen: 23
89.32.152.0/23 maxlen: 23
2a03:f140::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f5:12:7a:19:7c:b6:ab:2b:b5:07:84:52:aa:e1:00:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Aug 31 18:03:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=215a290c9a1b271fad42ed134adb0ca7010fe68e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:9d:4f:9a:4c:6d:a0:63:13:23:42:ba:72:1a:
49:2a:87:af:60:b9:3a:ba:01:96:2e:e1:5b:92:f6:
63:ec:93:c0:04:9d:dd:46:84:43:af:e3:83:09:55:
52:ea:1c:6a:ee:bd:44:fe:39:7b:e5:42:2b:2a:de:
58:99:f2:79:db:fd:2c:62:8e:c9:73:11:37:76:70:
b7:23:09:dc:54:38:90:bf:8e:9d:4e:e7:9c:81:5e:
d0:2c:90:61:8b:ba:0c:6e:05:ba:02:e4:1e:0f:b9:
f2:95:3d:43:9b:4e:09:b3:08:96:71:37:40:0e:24:
68:8b:41:11:d1:b2:27:a1:4e:e9:91:d6:00:4f:f1:
72:9e:10:22:a9:dd:cc:11:91:7a:88:7e:cc:18:12:
29:1e:cd:41:03:dc:f4:ee:28:7b:e0:4d:63:4e:d6:
59:7c:92:70:56:83:0a:cb:33:63:12:12:fc:45:df:
89:16:10:5a:0e:7a:9f:00:10:e3:6b:ca:a4:b3:4d:
11:4b:3c:cb:9a:4b:29:10:47:99:2c:40:3c:09:4f:
02:f2:fc:d5:7e:ce:55:7a:c7:e8:76:be:cf:15:0c:
17:8d:87:32:07:9c:a1:f8:3c:1a:1f:b4:36:9d:9e:
eb:16:af:a2:8a:32:60:e6:5e:63:e7:15:1e:1e:d2:
0d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5A:29:0C:9A:1B:27:1F:AD:42:ED:13:4A:DB:0C:A7:01:0F:E6:8E
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/IVopDJobJx-tQu0TStsMpwEP5o4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.184.0/21
89.32.152.0/23
89.40.234.0/23
93.114.170.0/24
93.114.245.0/24
93.115.210.0/24
185.18.24.0/22
185.167.52.0/22
188.213.16.0/24
188.213.40.0/21
188.240.42.0/24
188.240.44.0/23
188.241.153.0/24
188.241.186.0/24
188.241.251.0/24
193.178.224.0/23
195.2.218.0/23
IPv6:
2a03:f140::/32
Signature Algorithm: sha256WithRSAEncryption
5a:d5:f9:54:3e:85:26:9f:30:8f:74:9f:2c:e5:c6:59:74:0f:
da:aa:06:c4:83:a5:e6:bd:a0:bc:2d:24:b0:da:73:6f:08:ad:
19:0a:41:01:1a:40:e1:6f:45:1b:8f:98:ae:55:99:a8:c1:41:
47:eb:2f:a7:14:04:5c:24:46:a6:49:ec:56:c4:21:2f:11:b0:
44:c8:ce:32:ed:67:8e:06:41:71:e9:37:91:c2:ea:0c:2e:f9:
73:ff:79:47:a9:b8:12:04:db:92:db:26:8f:a0:cb:f9:73:c8:
d5:d8:0b:0f:14:61:2c:3e:b6:af:3d:bd:87:60:b1:1b:ca:1f:
ff:88:d6:71:3c:ce:bf:63:83:46:ab:e6:83:b2:78:0e:d2:42:
a2:75:93:d1:6b:38:49:13:d2:b8:92:6a:3c:ff:a7:dc:d3:ec:
01:ab:32:3d:3b:a2:02:3f:14:16:f5:96:08:da:b7:79:5a:90:
05:22:6f:ea:df:34:92:d2:bb:1f:74:13:7f:61:45:d9:af:64:
c1:ac:92:6b:45:81:9f:c6:d2:55:da:60:c5:fe:e8:c4:e6:bb:
1a:f4:bb:fd:de:4e:13:59:ed:33:3e:de:8a:d0:66:d6:5f:65:
8b:62:18:88:01:1c:98:69:ab:1b:cc:ba:11:e1:ec:2e:47:67:
2f:a7:8d:69
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAYL1EnoZfLarK7UHhFKq4QCDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTM0ZGFhYTg4N2Q5OGE1MzQ4YzNhNDYwYTIxZmM4NGUx
MWE0ZTYwHhcNMjIwODMxMTgwMzI0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVhMjkwYzlhMWIyNzFmYWQ0MmVkMTM0YWRiMGNhNzAxMGZlNjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJ1PmkxtoGMTI0K6chpJKoevYLk6
ugGWLuFbkvZj7JPABJ3dRoRDr+ODCVVS6hxq7r1E/jl75UIrKt5YmfJ52/0sYo7J
cxE3dnC3IwncVDiQv46dTuecgV7QLJBhi7oMbgW6AuQeD7nylT1Dm04JswiWcTdA
DiRoi0ER0bInoU7pkdYAT/FynhAiqd3MEZF6iH7MGBIpHs1BA9z07ih74E1jTtZZ
fJJwVoMKyzNjEhL8Rd+JFhBaDnqfABDja8qks00RSzzLmkspEEeZLEA8CU8C8vzV
fs5Vesfodr7PFQwXjYcyB5yh+DwaH7Q2nZ7rFq+iijJg5l5j5xUeHtINFwIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFCFaKQyaGycfrULtE0rbDKcBD+aOMB8GA1UdIwQY
MBaAFAijTaqoh9mKU0jDpGCiH8hOEaTmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAt
YzYyY2YyMGE1ZWM5LzEvSVZvcERKb2JKeC10UXUwVFN0c01wd0VQNW80LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9mNDMzYzMtMTMyZi00ZDY2LWJkMzAtYzYyY2YyMGE1ZWM5
LzEvQ0tOTnFxaUgyWXBUU01Pa1lLSWZ5RTRScE9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wbAQCAAEwZgMEAx8OuAME
AVkgmAMEAVko6gMEAF1yqgMEAF1y9QMEAF1z0gMEArkSGAMEArmnNAMEALzVEAME
A7zVKAMEALzwKgMEAbzwLAMEALzxmQMEALzxugMEALzx+wMEAcGy4AMEAcMC2jAN
BAIAAjAHAwUAKgPxQDANBgkqhkiG9w0BAQsFAAOCAQEAWtX5VD6FJp8wj3SfLOXG
WXQP2qoGxIOl5r2gvC0ksNpzbwitGQpBARpA4W9FG4+YrlWZqMFBR+svpxQEXCRG
pknsVsQhLxGwRMjOMu1njgZBcek3kcLqDC75c/95R6m4EgTbktsmj6DL+XPI1dgL
DxRhLD62rz29h2CxG8of/4jWcTzOv2ODRqvmg7J4DtJConWT0Ws4SRPSuJJqPP+n
3NPsAasyPTuiAj8UFvWWCNq3eVqQBSJv6t80ktK7H3QTf2FF2a9kwaySa0WBn8bS
Vdpgxf7oxOa7GvS7/d5OE1ntMz7eitBm1l9li2IYiAEcmGmrG8y6EeHsLkdnL6eN
aQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:02:12 2024 by rpki-client on console-ams.rpki-client.org