Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/jGsACVYjWWyYTa1GzeWDd0j0dOs.roa
File: jGsACVYjWWyYTa1GzeWDd0j0dOs.roa (raw, json)
Hash identifier: gaMD31anNmllT/o+Qqj5+M7B2gy+tWBbs79KmCuxjo4=
Subject key identifier: 8C:6B:00:09:56:23:59:6C:98:4D:AD:46:CD:E5:83:77:48:F4:74:EB
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 018312C720E834F1C6DCD604B63A2D9D6F26
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/jGsACVYjWWyYTa1GzeWDd0j0dOs.roa
Signing time: Tue 06 Sep 2022 12:29:43 +0000
ROA not before: Tue 06 Sep 2022 12:29:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
188.191.225.0/24 maxlen: 24
188.191.226.0/24 maxlen: 24
188.191.228.0/24 maxlen: 24
188.191.229.0/24 maxlen: 24
188.191.227.0/24 maxlen: 24
188.191.230.0/24 maxlen: 24
185.175.34.0/23 maxlen: 23
185.175.32.0/22 maxlen: 22
185.175.32.0/23 maxlen: 23
89.208.128.0/21 maxlen: 21
185.184.246.0/23 maxlen: 23
89.208.135.0/24 maxlen: 24
185.184.244.0/23 maxlen: 23
185.184.244.0/22 maxlen: 22
89.208.134.0/23 maxlen: 24
185.149.253.0/24 maxlen: 24
185.149.252.0/22 maxlen: 22
185.149.252.0/24 maxlen: 24
185.149.254.0/24 maxlen: 24
185.149.255.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.100.0/22 maxlen: 22
185.167.110.0/24 maxlen: 24
185.167.108.0/23 maxlen: 23
185.167.108.0/24 maxlen: 24
185.167.108.0/22 maxlen: 22
185.167.109.0/24 maxlen: 24
185.167.111.0/24 maxlen: 24
147.236.176.0/20 maxlen: 20
217.175.92.0/22 maxlen: 22
217.175.95.0/24 maxlen: 24
185.182.77.0/24 maxlen: 24
185.182.78.0/24 maxlen: 24
185.182.76.0/22 maxlen: 22
185.182.76.0/24 maxlen: 24
217.175.82.0/24 maxlen: 24
217.175.80.0/20 maxlen: 20
217.175.80.0/22 maxlen: 22
217.175.80.0/24 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/22 maxlen: 22
147.236.116.0/22 maxlen: 22
147.236.120.0/21 maxlen: 21
147.236.144.0/22 maxlen: 24
147.236.144.0/21 maxlen: 21
147.236.144.0/20 maxlen: 20
147.236.148.0/22 maxlen: 22
141.226.120.0/23 maxlen: 23
141.226.120.0/22 maxlen: 22
147.236.152.0/23 maxlen: 23
147.236.152.0/22 maxlen: 22
147.236.152.0/21 maxlen: 21
141.226.122.0/23 maxlen: 23
147.236.154.0/23 maxlen: 23
147.236.156.0/24 maxlen: 24
147.236.156.0/22 maxlen: 24
147.236.157.0/24 maxlen: 24
185.182.79.0/24 maxlen: 24
185.108.82.0/23 maxlen: 23
185.108.82.0/24 maxlen: 24
185.108.80.0/23 maxlen: 23
185.108.80.0/22 maxlen: 22
185.108.83.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:12:c7:20:e8:34:f1:c6:dc:d6:04:b6:3a:2d:9d:6f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Sep 6 12:29:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8c6b00095623596c984dad46cde5837748f474eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:bc:f4:7c:d5:f9:04:1d:43:ce:65:c7:f3:a5:
2a:b8:77:18:53:28:b6:71:2a:50:4a:3b:b1:f7:d0:
17:98:23:9a:ae:38:30:22:94:8a:3a:c5:6c:c9:6b:
6a:65:9e:7f:17:d0:c8:ea:24:20:de:37:a7:c6:11:
a7:55:b3:5a:b0:e5:e9:e5:bc:45:8a:13:13:66:cc:
0f:2b:5b:d5:35:67:45:91:c2:8b:44:72:ae:0b:92:
08:64:6b:4e:b5:27:3f:7f:f1:e2:30:96:44:a1:3b:
a5:60:ee:f9:1f:d7:7b:a2:b6:c4:c0:bc:67:4b:f1:
c9:7f:c7:e8:5f:5e:1a:51:ac:a7:a7:50:71:68:f7:
3e:35:e3:95:c7:6e:7c:4d:02:36:ae:b3:a1:ab:27:
70:68:c4:0c:0c:75:2b:da:a2:06:c8:0f:7a:c9:61:
2f:f4:a9:4d:65:b5:f6:48:4c:3b:4c:3d:6c:40:11:
f1:8c:8a:a0:59:e8:b7:29:f2:34:41:4e:a1:dd:0d:
a5:94:2d:d9:62:e6:26:a0:f6:f0:56:c5:a6:d4:06:
d0:f2:9c:5c:d3:41:4c:f1:1c:fb:54:58:30:a7:7c:
0c:65:b3:d5:60:50:c3:7a:b4:20:f5:56:0d:49:15:
a1:de:8b:2c:bf:92:ca:e7:3b:f7:e7:02:da:1f:f8:
86:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:6B:00:09:56:23:59:6C:98:4D:AD:46:CD:E5:83:77:48:F4:74:EB
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/jGsACVYjWWyYTa1GzeWDd0j0dOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.236.104.0/21
147.236.116.0-147.236.127.255
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
70:d4:76:5b:6a:4e:1d:cb:47:5c:9e:c6:e5:8a:18:25:4a:a4:
28:4b:ea:29:26:8a:4c:e6:36:f4:c9:be:58:27:1d:f3:cd:00:
dd:63:d2:40:ce:d5:74:05:85:d0:dc:10:1a:05:f9:f9:d5:99:
0e:39:d1:21:9b:e3:ff:a1:9b:c4:72:39:88:0a:59:a9:f6:87:
91:db:a5:ed:83:0c:73:38:fd:c9:86:a9:57:ec:5a:5a:45:3a:
cd:8d:bd:93:1d:20:a1:b3:4f:16:4f:64:87:f8:5a:9a:f6:e8:
19:0d:10:73:fa:7f:c4:69:d8:98:6a:d6:c1:66:f2:1f:91:15:
f0:ab:42:87:ed:a7:60:f0:d5:c2:b6:7b:0d:6d:6d:4b:29:b3:
d6:2b:2f:87:b5:9d:73:90:12:af:de:0c:f6:84:3a:c3:7e:db:
1a:cb:a3:bb:93:08:06:69:3d:9c:58:d3:8b:91:1b:37:c3:86:
31:1d:1c:1c:e4:57:6a:78:9f:fa:53:91:ce:ad:6d:b9:d7:b0:
a4:27:1b:62:e9:ee:15:58:a9:02:96:19:28:ba:70:48:00:08:
69:b7:b4:8d:e7:4d:8f:a1:a4:c7:5f:b9:6d:6e:71:32:1f:33:
94:8e:06:6d:99:01:7d:7b:77:4d:5a:42:a2:ad:8b:62:c1:5c:
75:e7:e5:c9
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYMSxyDoNPHG3NYEtjotnW8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjIwOTA2MTIyOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzZiMDAwOTU2MjM1OTZjOTg0ZGFkNDZjZGU1ODM3NzQ4ZjQ3NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA57z0fNX5BB1DzmXH86UquHcYUyi2
cSpQSjux99AXmCOarjgwIpSKOsVsyWtqZZ5/F9DI6iQg3jenxhGnVbNasOXp5bxF
ihMTZswPK1vVNWdFkcKLRHKuC5IIZGtOtSc/f/HiMJZEoTulYO75H9d7orbEwLxn
S/HJf8foX14aUaynp1BxaPc+NeOVx258TQI2rrOhqydwaMQMDHUr2qIGyA96yWEv
9KlNZbX2SEw7TD1sQBHxjIqgWei3KfI0QU6h3Q2llC3ZYuYmoPbwVsWm1AbQ8pxc
00FM8Rz7VFgwp3wMZbPVYFDDerQg9VYNSRWh3ossv5LK5zv35wLaH/iGbQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFIxrAAlWI1lsmE2tRs3lg3dI9HTrMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvakdzQUNWWWpXV3lZVGExR3plV0RkMGowZE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQDk+xoMAwDBAKT7HQDBAeT7AADBAST7JADBAST
7LADBAK5bFADBAK5lfwDBAK5p2wDBAK5ryADBAK5tGQDBAK5tkwDBAK5uPQDBAO8
v+ADBATZr1AwDQQCAAIwBwMFACoAfEAwDQYJKoZIhvcNAQELBQADggEBAHDUdltq
Th3LR1yexuWKGCVKpChL6ikmikzmNvTJvlgnHfPNAN1j0kDO1XQFhdDcEBoF+fnV
mQ450SGb4/+hm8RyOYgKWan2h5Hbpe2DDHM4/cmGqVfsWlpFOs2NvZMdIKGzTxZP
ZIf4Wpr26BkNEHP6f8Rp2Jhq1sFm8h+RFfCrQoftp2Dw1cK2ew1tbUsps9YrL4e1
nXOQEq/eDPaEOsN+2xrLo7uTCAZpPZxY04uRGzfDhjEdHBzkV2p4n/pTkc6tbbnX
sKQnG2Lp7hVYqQKWGSi6cEgACGm3tI3nTY+hpMdfuW1ucTIfM5SOBm2ZAX17d01a
QqKti2LBXHXn5ck=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:29 2023 by rpki-client on console-fra.rpki-client.org