Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/89PZPnIudRQU5lmgNfTJoxDsSpY.roa
File: 89PZPnIudRQU5lmgNfTJoxDsSpY.roa (raw, json)
Hash identifier: CuZ1Rw0HZphLRYZ0vKyw20B93ltW9pksA2LG8gLlA0Y=
Subject key identifier: F3:D3:D9:3E:72:2E:75:14:14:E6:59:A0:35:F4:C9:A3:10:EC:4A:96
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0183198D22C9BB8C23E50E3946872AF1573D
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/89PZPnIudRQU5lmgNfTJoxDsSpY.roa
Signing time: Wed 07 Sep 2022 20:03:43 +0000
ROA not before: Wed 07 Sep 2022 20:03:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8359
IP address blocks: 212.188.0.0/17 maxlen: 17
213.87.0.0/16 maxlen: 16
178.141.0.0/16 maxlen: 16
217.74.244.0/22 maxlen: 22
217.74.248.0/21 maxlen: 21
213.87.128.0/19 maxlen: 19
213.87.64.0/22 maxlen: 22
213.87.70.0/23 maxlen: 23
213.87.76.0/23 maxlen: 23
213.87.80.0/20 maxlen: 20
213.87.200.0/22 maxlen: 22
213.87.204.0/22 maxlen: 22
213.87.208.0/23 maxlen: 23
195.34.0.0/19 maxlen: 19
213.87.240.0/22 maxlen: 22
195.34.15.0/24 maxlen: 24
213.87.244.0/23 maxlen: 23
213.87.248.0/22 maxlen: 22
213.87.160.0/22 maxlen: 22
82.96.192.0/18 maxlen: 18
195.34.38.0/24 maxlen: 24
195.34.32.0/19 maxlen: 19
195.34.36.0/24 maxlen: 24
195.34.42.0/24 maxlen: 24
2a00:1fa0::/33 maxlen: 33
2a00:1fa0:8000::/33 maxlen: 33
2a02:28:1::/48 maxlen: 48
2a00:1fa2::/33 maxlen: 33
2a02:28::/29 maxlen: 29
2a00:1fa3::/33 maxlen: 33
2a00:1fa0::/29 maxlen: 29
2a02:28::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:19:8d:22:c9:bb:8c:23:e5:0e:39:46:87:2a:f1:57:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Sep 7 20:03:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3d3d93e722e751414e659a035f4c9a310ec4a96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:88:cd:66:c3:34:f9:7a:7b:dd:2a:cb:ec:
bb:9b:37:a3:df:d5:5c:b0:b2:dc:7f:1a:8c:85:8c:
3b:2a:d7:e4:8d:39:30:a7:1f:42:48:93:a6:e2:bd:
c6:8a:ed:17:95:93:42:20:61:52:86:de:fb:1d:82:
6e:8f:e8:df:7c:8a:b1:0e:9b:c6:ab:cd:e9:18:a2:
e3:d2:d9:ed:b4:f0:c0:99:25:74:7a:b3:e6:cc:98:
ae:8b:fd:cc:27:cc:15:36:ec:03:ef:34:2d:6a:c9:
58:40:79:6d:45:0b:81:15:50:8e:63:bd:3c:8d:78:
53:6f:87:4f:fb:6e:79:ab:8f:a1:8a:9d:43:aa:a6:
7f:20:a6:d4:db:d7:7b:b6:d9:22:f4:e6:ef:ee:88:
e8:cf:e5:f9:63:97:e4:85:f5:a3:3d:cd:45:34:73:
40:be:81:7d:58:89:eb:55:17:2a:b9:2b:2d:68:6c:
f2:d3:ec:48:ac:c3:ec:54:93:7a:9f:55:8e:2e:02:
b6:e0:16:3b:ff:c8:e6:bf:c0:fc:2c:94:30:61:da:
05:62:4e:0b:ce:6a:81:1a:66:c5:ed:74:b7:04:3e:
11:3b:28:55:ad:de:07:ae:39:d1:e3:b3:1c:95:e6:
41:8b:64:29:c4:9e:25:95:28:54:10:61:fa:af:2e:
a2:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D3:D9:3E:72:2E:75:14:14:E6:59:A0:35:F4:C9:A3:10:EC:4A:96
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/89PZPnIudRQU5lmgNfTJoxDsSpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.96.192.0/18
178.141.0.0/16
195.34.0.0/18
212.188.0.0/17
213.87.0.0/16
217.74.244.0-217.74.255.255
IPv6:
2a00:1fa0::/29
2a02:28::/29
Signature Algorithm: sha256WithRSAEncryption
25:27:3b:2c:49:41:02:37:32:ca:c3:48:bc:e7:d1:8b:a5:36:
6b:f1:33:b0:19:97:9b:84:04:bb:a1:dd:be:b5:5f:e6:e2:32:
f8:cc:3a:0c:29:4b:36:59:86:66:6e:87:0b:f9:4a:b6:f3:26:
e9:88:88:68:b1:94:8e:e0:0b:7b:97:30:00:da:a8:da:e5:ac:
ef:44:73:b7:1c:50:1a:a7:11:21:0f:a6:1c:6b:76:59:c1:92:
d3:e2:d0:a9:21:ec:b4:20:96:05:c9:0e:e7:8c:cf:25:63:1c:
ed:c3:75:bd:cf:c9:e9:18:e6:63:32:99:fc:a6:6a:d3:89:8b:
31:bf:2d:c3:ea:49:97:22:4f:2c:14:bd:4e:93:eb:4e:57:b8:
d6:55:72:c3:6a:cb:03:cc:76:40:89:02:0c:d6:a1:95:4a:32:
66:b1:bd:8a:87:40:d0:65:df:49:45:13:a7:7a:57:11:71:48:
fc:1f:dc:e5:73:47:9d:f3:84:77:f8:de:8f:44:44:7c:b4:d0:
52:5c:9a:26:c8:de:b6:09:4a:d3:99:b1:52:50:13:e6:62:ec:
73:54:ea:5b:ac:0c:83:b5:bc:b0:f1:95:ec:f8:db:6e:7f:b5:
ae:98:52:58:37:48:ff:49:6d:c8:7c:9e:b9:73:6e:0b:eb:d9:
a3:9e:79:ae
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYMZjSLJu4wj5Q45Rocq8Vc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjIwOTA3MjAwMzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2QzZDkzZTcyMmU3NTE0MTRlNjU5YTAzNWY0YzlhMzEwZWM0YTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnGIzWbDNPl6e90qy+y7mzej39Vc
sLLcfxqMhYw7KtfkjTkwpx9CSJOm4r3Giu0XlZNCIGFSht77HYJuj+jffIqxDpvG
q83pGKLj0tnttPDAmSV0erPmzJiui/3MJ8wVNuwD7zQtaslYQHltRQuBFVCOY708
jXhTb4dP+255q4+hip1DqqZ/IKbU29d7ttki9Obv7ojoz+X5Y5fkhfWjPc1FNHNA
voF9WInrVRcquSstaGzy0+xIrMPsVJN6n1WOLgK24BY7/8jmv8D8LJQwYdoFYk4L
zmqBGmbF7XS3BD4ROyhVrd4HrjnR47McleZBi2QpxJ4llShUEGH6ry6i5wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFPPT2T5yLnUUFOZZoDX0yaMQ7EqWMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvODlQWlBuSXVkUlFVNWxtZ05mVEpveERzU3BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzAvBAIAATApAwQGUmDAAwMA
so0DBAbDIgADBAfUvAADAwDVVzALAwQC2Ur0AwMA2UowFAQCAAIwDgMFAyoAH6AD
BQMqAgAoMA0GCSqGSIb3DQEBCwUAA4IBAQAlJzssSUECNzLKw0i859GLpTZr8TOw
GZebhAS7od2+tV/m4jL4zDoMKUs2WYZmbocL+Uq28ybpiIhosZSO4At7lzAA2qja
5azvRHO3HFAapxEhD6Yca3ZZwZLT4tCpIey0IJYFyQ7njM8lYxztw3W9z8npGOZj
Mpn8pmrTiYsxvy3D6kmXIk8sFL1Ok+tOV7jWVXLDassDzHZAiQIM1qGVSjJmsb2K
h0DQZd9JRROnelcRcUj8H9zlc0ed84R3+N6PRER8tNBSXJomyN62CUrTmbFSUBPm
YuxzVOpbrAyDtbyw8ZXs+Ntuf7WumFJYN0j/SW3IfJ65c24L69mjnnmu
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:25:44 2024 by rpki-client on console-fra.rpki-client.org