Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/PfkUuZKHxMMbbGv5Zg3MSlydod0.roa
File: PfkUuZKHxMMbbGv5Zg3MSlydod0.roa (raw, json)
Hash identifier: dB8bYTzTZN+pxhI6g5xA7z5/YoUbgv9ruHz6IIJCA3M=
Subject key identifier: 3D:F9:14:B9:92:87:C4:C3:1B:6C:6B:F9:66:0D:CC:4A:5C:9D:A1:DD
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 01885248D423C486114B3577BC9538B60880
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/PfkUuZKHxMMbbGv5Zg3MSlydod0.roa
Signing time: Thu 25 May 2023 09:41:24 +0000
ROA not before: Thu 25 May 2023 09:41:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
188.191.225.0/24 maxlen: 24
188.191.226.0/24 maxlen: 24
188.191.228.0/24 maxlen: 24
188.191.229.0/24 maxlen: 24
188.191.227.0/24 maxlen: 24
188.191.230.0/24 maxlen: 24
185.175.34.0/23 maxlen: 23
185.175.32.0/22 maxlen: 22
185.175.32.0/23 maxlen: 23
89.208.128.0/21 maxlen: 21
185.184.246.0/23 maxlen: 23
89.208.135.0/24 maxlen: 24
185.184.244.0/23 maxlen: 23
185.184.244.0/22 maxlen: 22
89.208.134.0/23 maxlen: 24
185.149.253.0/24 maxlen: 24
185.149.252.0/22 maxlen: 22
185.149.252.0/24 maxlen: 24
185.149.254.0/24 maxlen: 24
185.149.255.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.100.0/22 maxlen: 24
185.167.110.0/24 maxlen: 24
185.167.108.0/23 maxlen: 23
185.167.108.0/24 maxlen: 24
185.167.108.0/22 maxlen: 22
185.167.109.0/24 maxlen: 24
185.167.111.0/24 maxlen: 24
147.236.176.0/20 maxlen: 20
147.236.183.0/24 maxlen: 24
147.234.23.0/24 maxlen: 24
217.175.92.0/22 maxlen: 22
217.175.95.0/24 maxlen: 24
185.182.77.0/24 maxlen: 24
185.182.78.0/24 maxlen: 24
185.182.76.0/22 maxlen: 22
185.182.76.0/24 maxlen: 24
217.175.82.0/24 maxlen: 24
217.175.80.0/20 maxlen: 20
217.175.80.0/22 maxlen: 22
217.175.80.0/24 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/22 maxlen: 22
147.236.116.0/22 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.125.0/24 maxlen: 24
147.236.144.0/22 maxlen: 24
147.236.144.0/21 maxlen: 21
147.236.144.0/20 maxlen: 20
147.236.148.0/22 maxlen: 22
141.226.121.0/24 maxlen: 24
141.226.120.0/22 maxlen: 23
147.236.152.0/23 maxlen: 23
147.236.152.0/22 maxlen: 22
147.236.152.0/21 maxlen: 21
147.236.154.0/23 maxlen: 23
147.236.156.0/22 maxlen: 24
147.236.156.0/24 maxlen: 24
147.236.157.0/24 maxlen: 24
185.182.79.0/24 maxlen: 24
185.108.82.0/24 maxlen: 24
185.108.80.0/24 maxlen: 24
185.108.80.0/22 maxlen: 23
185.108.83.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:52:48:d4:23:c4:86:11:4b:35:77:bc:95:38:b6:08:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: May 25 09:41:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=3df914b99287c4c31b6c6bf9660dcc4a5c9da1dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d2:ee:62:44:24:c7:ca:ab:87:06:1c:76:70:
3d:b6:58:b3:c8:e5:aa:1c:1a:d7:ee:3c:04:fe:cc:
f8:c0:ef:94:15:9c:d6:b0:f2:e8:2d:f7:1d:01:e3:
6b:a0:98:7b:9f:0f:32:0d:15:42:bd:1c:3b:7f:94:
7e:95:47:3b:33:f6:b1:c8:f9:84:8e:b7:3b:8d:05:
61:04:48:17:9e:11:57:b8:b6:2f:82:ae:c6:57:2e:
74:e4:0e:9d:c0:d2:9d:15:5c:cf:b1:78:1e:15:fe:
e5:b2:7d:9f:e4:da:9d:28:7a:0c:01:a6:a1:79:55:
8b:ab:e5:61:ab:a6:cb:ba:82:82:23:56:33:c7:c0:
6d:25:e3:22:24:c8:91:87:50:16:aa:0b:8a:90:c7:
b4:96:fa:bb:d6:78:19:c4:6b:e8:3d:4b:6d:cc:18:
d1:67:fe:2e:13:7d:0a:6c:2d:2a:4b:50:a6:1f:d7:
96:9f:00:57:f0:da:38:30:5e:59:9a:db:4b:c9:18:
91:c8:76:89:20:d9:3c:2d:d4:c2:19:e0:5f:93:0f:
81:ff:29:bf:2e:03:95:74:a1:fa:d6:c2:23:e8:8e:
15:12:f5:98:67:59:e9:93:da:f8:76:e6:0c:0f:47:
c2:7a:09:ca:70:55:bb:03:70:d8:8d:37:19:36:80:
fb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:F9:14:B9:92:87:C4:C3:1B:6C:6B:F9:66:0D:CC:4A:5C:9D:A1:DD
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/PfkUuZKHxMMbbGv5Zg3MSlydod0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0-147.236.127.255
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
13:f9:b2:b4:a5:a8:1e:59:8d:f4:b3:05:b6:cc:c8:76:c2:df:
19:b9:40:dd:03:b2:45:ed:2a:a2:5f:17:cf:aa:ee:44:fe:c3:
a1:b1:16:0c:62:43:ff:41:1c:25:29:89:4d:95:b7:37:5b:bf:
98:a4:33:d7:5f:63:fb:f6:c5:d2:4c:e6:72:73:4d:67:b2:99:
20:7d:b7:5f:5f:6c:10:26:bf:54:d3:77:f5:94:b4:81:15:27:
91:19:a3:87:7c:6a:9f:de:54:f0:f5:19:fe:07:2a:10:e2:ec:
65:ba:0b:3c:67:18:57:88:2d:44:fb:71:e6:33:8b:1b:32:67:
14:da:3f:e8:f0:82:fd:43:dc:8c:53:0e:11:00:c9:76:85:d6:
bc:37:b6:2b:dc:d5:ef:af:fe:b2:33:31:e3:bd:92:2f:6b:49:
e6:96:b4:f1:38:1f:7e:ff:15:92:ef:22:da:2f:6d:c8:28:7f:
60:a7:67:db:44:fa:95:22:18:05:6a:bf:b4:d3:16:b7:5c:d7:
b5:4d:ad:ed:4a:aa:6e:98:3f:04:9d:3e:19:e2:5a:ad:52:49:
64:ba:51:f0:1b:3e:27:51:42:c7:01:7c:21:c8:1c:49:40:20:
ad:66:c2:32:89:0b:dc:8c:c5:e9:74:6f:90:fc:49:70:8a:7c:
71:9c:58:d1
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYhSSNQjxIYRSzV3vJU4tgiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjMwNTI1MDk0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGY5MTRiOTkyODdjNGMzMWI2YzZiZjk2NjBkY2M0YTVjOWRhMWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNLuYkQkx8qrhwYcdnA9tlizyOWq
HBrX7jwE/sz4wO+UFZzWsPLoLfcdAeNroJh7nw8yDRVCvRw7f5R+lUc7M/axyPmE
jrc7jQVhBEgXnhFXuLYvgq7GVy505A6dwNKdFVzPsXgeFf7lsn2f5NqdKHoMAaah
eVWLq+Vhq6bLuoKCI1Yzx8BtJeMiJMiRh1AWqguKkMe0lvq71ngZxGvoPUttzBjR
Z/4uE30KbC0qS1CmH9eWnwBX8No4MF5ZmttLyRiRyHaJINk8LdTCGeBfkw+B/ym/
LgOVdKH61sIj6I4VEvWYZ1npk9r4duYMD0fCegnKcFW7A3DYjTcZNoD76QIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFD35FLmSh8TDG2xr+WYNzEpcnaHdMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvUGZrVXVaS0h4TU1iYkd2NVpnM01TbHlkb2QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQAk+oXAwQDk+xoMAwDBAKT7HQDBAeT7AADBAST
7JADBAST7LADBAK5bFADBAK5lfwDBAK5p2wDBAK5ryADBAK5tGQDBAK5tkwDBAK5
uPQDBAO8v+ADBATZr1AwDQQCAAIwBwMFACoAfEAwDQYJKoZIhvcNAQELBQADggEB
ABP5srSlqB5ZjfSzBbbMyHbC3xm5QN0DskXtKqJfF8+q7kT+w6GxFgxiQ/9BHCUp
iU2Vtzdbv5ikM9dfY/v2xdJM5nJzTWeymSB9t19fbBAmv1TTd/WUtIEVJ5EZo4d8
ap/eVPD1Gf4HKhDi7GW6CzxnGFeILUT7ceYzixsyZxTaP+jwgv1D3IxTDhEAyXaF
1rw3tivc1e+v/rIzMeO9ki9rSeaWtPE4H37/FZLvItovbcgof2CnZ9tE+pUiGAVq
v7TTFrdc17VNre1Kqm6YPwSdPhniWq1SSWS6UfAbPidRQscBfCHIHElAIK1mwjKJ
C9yMxel0b5D8SXCKfHGcWNE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:18:01 2025 by rpki-client