Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/P-dA911gV1u0xvO9lhJ9aKRVKxI.roa
File: P-dA911gV1u0xvO9lhJ9aKRVKxI.roa (raw, json)
Hash identifier: nt5HIKIxvNOkMft5q67SQzpYjv+8aX+wmr9gvZIqy/c=
Subject key identifier: 3F:E7:40:F7:5D:60:57:5B:B4:C6:F3:BD:96:12:7D:68:A4:55:2B:12
Certificate issuer: /CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Certificate serial: 0331889D
Authority key identifier: 08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/P-dA911gV1u0xvO9lhJ9aKRVKxI.roa
Signing time: Sat 01 Jan 2022 05:55:20 +0000
ROA not before: Sat 01 Jan 2022 05:55:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206617
IP address blocks: 188.241.251.0/24 maxlen: 24
195.2.218.0/23 maxlen: 23
193.178.224.0/23 maxlen: 23
185.18.24.0/22 maxlen: 22
31.14.184.0/21 maxlen: 21
188.213.16.0/24 maxlen: 24
188.241.186.0/24 maxlen: 24
188.213.40.0/21 maxlen: 21
93.114.170.0/24 maxlen: 24
188.240.42.0/24 maxlen: 24
188.240.44.0/23 maxlen: 23
188.241.153.0/24 maxlen: 24
93.114.245.0/24 maxlen: 24
93.115.210.0/24 maxlen: 24
185.167.52.0/22 maxlen: 22
89.40.234.0/23 maxlen: 23
89.32.152.0/23 maxlen: 23
2a03:f140::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 53577885 (0x331889d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a34daaa887d98a5348c3a460a21fc84e11a4e6
Validity
Not Before: Jan 1 05:55:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3fe740f75d60575bb4c6f3bd96127d68a4552b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e1:7d:93:b2:05:29:6d:46:df:73:d9:2a:a0:
ac:76:f2:75:5c:10:6f:77:ba:12:16:79:ee:77:96:
fe:0e:d1:26:b4:13:e7:c7:ea:b6:7c:0c:96:e1:15:
1c:b0:f1:6d:30:b2:7d:d0:61:2a:78:7e:2e:87:bc:
20:77:fc:e6:69:d2:6b:63:57:6f:55:1b:fb:9b:8c:
e6:db:72:15:93:4b:b3:46:75:a1:57:94:c3:ca:1c:
4d:4f:ec:8d:f5:df:e3:13:85:69:ba:83:b6:39:a5:
27:12:09:25:c7:85:5c:33:42:a7:5e:61:ab:3a:7a:
f9:dd:c4:dc:e6:0a:b6:93:13:a6:2d:21:3f:86:b8:
ca:70:33:8b:c9:df:00:68:a1:1d:a4:40:10:d5:ca:
cc:6d:2d:15:0e:1d:da:a3:6d:8c:79:e0:af:5f:f2:
1b:cc:16:fc:90:6e:a1:cc:df:04:ab:b9:58:23:9d:
d6:97:5b:96:c5:26:56:ce:5d:f3:60:71:cc:02:4c:
cf:d4:b2:98:29:40:83:e0:21:f5:70:ca:41:d0:77:
5f:bb:f3:a1:7c:5f:5c:f5:96:03:89:58:0a:bb:4f:
b6:7f:fc:ab:01:ec:15:20:1c:8f:aa:b9:2a:6f:94:
94:09:b7:60:a4:16:cb:46:e3:ae:cf:1c:c1:fa:f1:
b2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E7:40:F7:5D:60:57:5B:B4:C6:F3:BD:96:12:7D:68:A4:55:2B:12
X509v3 Authority Key Identifier:
keyid:08:A3:4D:AA:A8:87:D9:8A:53:48:C3:A4:60:A2:1F:C8:4E:11:A4:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKNNqqiH2YpTSMOkYKIfyE4RpOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/P-dA911gV1u0xvO9lhJ9aKRVKxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/f433c3-132f-4d66-bd30-c62cf20a5ec9/1/CKNNqqiH2YpTSMOkYKIfyE4RpOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.184.0/21
89.32.152.0/23
89.40.234.0/23
93.114.170.0/24
93.114.245.0/24
93.115.210.0/24
185.18.24.0/22
185.167.52.0/22
188.213.16.0/24
188.213.40.0/21
188.240.42.0/24
188.240.44.0/23
188.241.153.0/24
188.241.186.0/24
188.241.251.0/24
193.178.224.0/23
195.2.218.0/23
IPv6:
2a03:f140::/32
Signature Algorithm: sha256WithRSAEncryption
34:04:a5:7c:e9:e2:d5:fa:56:2f:fc:e0:ed:4e:d8:45:fa:ec:
dd:91:b4:38:7b:dd:56:62:91:be:b2:1a:83:cc:af:24:8e:b0:
96:0c:15:d2:62:55:30:5e:e4:19:70:86:7f:aa:5e:6c:42:ee:
bf:90:26:88:36:99:68:3f:e9:b2:7a:f7:54:84:8f:1a:50:8b:
59:2f:3b:e8:6c:fd:be:7e:b3:14:68:0c:c5:a6:ad:fb:56:34:
d4:34:1d:fd:13:9b:8c:71:d9:f1:5f:00:07:6d:4d:f7:fa:fd:
62:b4:f7:f7:4d:39:18:1a:3d:3c:37:8f:6f:a9:7d:b1:9d:48:
b8:d3:31:ab:af:e2:f6:d2:ec:f9:b2:bc:f6:93:40:e9:04:e1:
4a:a0:56:6a:7b:1e:88:d2:e9:02:62:b1:21:62:61:07:0a:17:
bf:1c:95:1a:f1:dc:4d:50:73:ce:62:34:32:ef:dc:65:51:6b:
55:7f:04:91:5f:b8:10:3c:df:6f:52:68:96:c7:3c:e3:17:f1:
ed:c4:ff:3e:71:97:58:3d:9f:6c:4c:3a:13:db:ed:a3:d2:f5:
0b:e7:5a:94:99:9f:97:09:fd:24:a1:97:6c:26:3e:e5:40:16:
ac:5a:33:28:da:60:06:fa:98:db:da:63:aa:7c:ee:3f:1b:c5:
1d:16:88:91
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIEAzGInTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OGEzNGRhYWE4ODdkOThhNTM0OGMzYTQ2MGEyMWZjODRlMTFhNGU2MB4XDTIyMDEw
MTA1NTUyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoM2ZlNzQwZjc1ZDYw
NTc1YmI0YzZmM2JkOTYxMjdkNjhhNDU1MmIxMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMnhfZOyBSltRt9z2SqgrHbydVwQb3e6EhZ57neW/g7RJrQT
58fqtnwMluEVHLDxbTCyfdBhKnh+Loe8IHf85mnSa2NXb1Ub+5uM5ttyFZNLs0Z1
oVeUw8ocTU/sjfXf4xOFabqDtjmlJxIJJceFXDNCp15hqzp6+d3E3OYKtpMTpi0h
P4a4ynAzi8nfAGihHaRAENXKzG0tFQ4d2qNtjHngr1/yG8wW/JBuoczfBKu5WCOd
1pdblsUmVs5d82BxzAJMz9SymClAg+Ah9XDKQdB3X7vzoXxfXPWWA4lYCrtPtn/8
qwHsFSAcj6q5Km+UlAm3YKQWy0bjrs8cwfrxsjcCAwEAAaOCAnkwggJ1MB0GA1Ud
DgQWBBQ/50D3XWBXW7TG872WEn1opFUrEjAfBgNVHSMEGDAWgBQIo02qqIfZilNI
w6Rgoh/IThGk5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NLTk5xcWlIMllwVFNNT2tZS0lmeUU0UnBPWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzMvZjQzM2MzLTEzMmYtNGQ2Ni1iZDMwLWM2MmNmMjBhNWVjOS8x
L1AtZEE5MTFnVjF1MHh2TzlsaEo5YUtSVkt4SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzMv
ZjQzM2MzLTEzMmYtNGQ2Ni1iZDMwLWM2MmNmMjBhNWVjOS8xL0NLTk5xcWlIMllw
VFNNT2tZS0lmeUU0UnBPWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jgYIKwYBBQUHAQcBAf8EfzB9MGwEAgABMGYDBAMfDrgDBAFZIJgDBAFZKOoDBABd
cqoDBABdcvUDBABdc9IDBAK5EhgDBAK5pzQDBAC81RADBAO81SgDBAC88CoDBAG8
8CwDBAC88ZkDBAC88boDBAC88fsDBAHBsuADBAHDAtowDQQCAAIwBwMFACoD8UAw
DQYJKoZIhvcNAQELBQADggEBADQEpXzp4tX6Vi/84O1O2EX67N2RtDh73VZikb6y
GoPMrySOsJYMFdJiVTBe5Blwhn+qXmxC7r+QJog2mWg/6bJ691SEjxpQi1kvO+hs
/b5+sxRoDMWmrftWNNQ0Hf0Tm4xx2fFfAAdtTff6/WK09/dNORgaPTw3j2+pfbGd
SLjTMauv4vbS7PmyvPaTQOkE4UqgVmp7HojS6QJisSFiYQcKF78clRrx3E1Qc85i
NDLv3GVRa1V/BJFfuBA8329SaJbHPOMX8e3E/z5xl1g9n2xMOhPb7aPS9QvnWpSZ
n5cJ/SShl2wmPuVAFqxaMyjaYAb6mNvaY6p87j8bxR0WiJE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:58 2025 by rpki-client