Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/qgYsO0xO2cEvT-NyVsCnMdLW_xI.roa
File: qgYsO0xO2cEvT-NyVsCnMdLW_xI.roa (raw, json)
Hash identifier: w/Mt6YmWJu6pbpqru2vtNPoDAGd8vQ5Jdt4BAR0iask=
Subject key identifier: AA:06:2C:3B:4C:4E:D9:C1:2F:4F:E3:72:56:C0:A7:31:D2:D6:FF:12
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 0181FB77EE5311E9929E6ED1BE384ED43263
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/qgYsO0xO2cEvT-NyVsCnMdLW_xI.roa
Signing time: Thu 14 Jul 2022 06:49:09 +0000
ROA not before: Thu 14 Jul 2022 06:49:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
188.191.225.0/24 maxlen: 24
188.191.226.0/24 maxlen: 24
188.191.228.0/24 maxlen: 24
188.191.229.0/24 maxlen: 24
188.191.227.0/24 maxlen: 24
188.191.230.0/24 maxlen: 24
185.175.34.0/23 maxlen: 23
185.175.32.0/22 maxlen: 22
185.175.32.0/23 maxlen: 23
89.208.128.0/21 maxlen: 21
185.184.246.0/23 maxlen: 23
89.208.135.0/24 maxlen: 24
185.184.244.0/23 maxlen: 23
185.184.244.0/22 maxlen: 22
89.208.134.0/23 maxlen: 24
185.149.253.0/24 maxlen: 24
185.149.252.0/22 maxlen: 22
185.149.252.0/24 maxlen: 24
185.149.254.0/24 maxlen: 24
185.149.255.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.100.0/22 maxlen: 22
185.167.110.0/24 maxlen: 24
185.167.108.0/23 maxlen: 23
185.167.108.0/24 maxlen: 24
185.167.108.0/22 maxlen: 22
185.167.109.0/24 maxlen: 24
185.167.111.0/24 maxlen: 24
147.236.176.0/20 maxlen: 20
217.175.92.0/22 maxlen: 22
217.175.95.0/24 maxlen: 24
185.182.77.0/24 maxlen: 24
185.182.78.0/24 maxlen: 24
185.182.76.0/22 maxlen: 22
185.182.76.0/24 maxlen: 24
217.175.82.0/24 maxlen: 24
217.175.80.0/20 maxlen: 20
217.175.80.0/22 maxlen: 22
217.175.80.0/24 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/22 maxlen: 22
147.236.116.0/22 maxlen: 22
147.236.120.0/21 maxlen: 21
147.236.144.0/22 maxlen: 24
147.236.144.0/21 maxlen: 21
147.236.144.0/20 maxlen: 20
147.236.148.0/22 maxlen: 22
141.226.120.0/23 maxlen: 23
141.226.120.0/22 maxlen: 22
147.236.152.0/23 maxlen: 23
147.236.152.0/22 maxlen: 22
147.236.152.0/21 maxlen: 21
141.226.122.0/23 maxlen: 23
147.236.154.0/23 maxlen: 23
147.236.156.0/22 maxlen: 22
147.236.156.0/24 maxlen: 24
147.236.157.0/24 maxlen: 24
185.182.79.0/24 maxlen: 24
185.108.82.0/23 maxlen: 23
185.108.82.0/24 maxlen: 24
185.108.80.0/23 maxlen: 23
185.108.80.0/22 maxlen: 22
185.108.83.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:81:fb:77:ee:53:11:e9:92:9e:6e:d1:be:38:4e:d4:32:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Jul 14 06:49:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=aa062c3b4c4ed9c12f4fe37256c0a731d2d6ff12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:6b:6f:b4:70:c7:a9:94:ff:6f:c7:97:3e:23:
86:83:30:eb:d8:a4:8c:d3:df:9c:bd:0a:f3:11:e3:
3e:06:33:fd:71:5f:62:54:57:95:d5:fa:56:dd:6b:
8c:92:39:41:e2:ab:4c:50:91:53:8e:d3:06:f6:53:
31:02:4b:62:a9:ce:91:4c:51:fc:dd:fe:4e:cb:61:
1d:b0:93:cd:6c:59:35:21:fb:c6:e2:7c:59:6f:cb:
69:b2:c5:96:60:76:cd:5b:f8:c3:ec:10:f3:09:54:
72:13:9a:88:ef:8d:57:cd:50:a1:32:eb:b9:ad:24:
66:39:6e:e9:d3:49:8e:94:7c:0a:10:d5:3a:cb:b0:
91:07:c9:d8:61:33:22:a1:3a:8c:f2:cb:a0:40:e6:
00:28:8a:56:17:74:db:31:d9:6d:a4:1b:fd:5d:22:
5e:13:56:73:fb:af:0f:2f:48:cc:9e:eb:c2:c3:3c:
b9:fa:1d:bb:c5:c9:eb:c9:75:18:53:18:9f:92:93:
59:22:f0:4b:d3:2b:f8:08:c8:7c:1e:82:f5:6e:cd:
4a:5b:70:dc:f7:93:6f:15:0e:ab:c3:e0:8d:39:c8:
f3:80:64:53:ad:f9:d2:3b:fa:28:44:e7:4a:94:4e:
bc:d8:33:be:3a:dd:ea:75:df:21:8c:fe:cc:29:96:
9f:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:06:2C:3B:4C:4E:D9:C1:2F:4F:E3:72:56:C0:A7:31:D2:D6:FF:12
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/qgYsO0xO2cEvT-NyVsCnMdLW_xI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.236.104.0/21
147.236.116.0-147.236.127.255
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
bf:69:1d:61:1d:a8:08:4f:28:74:62:90:71:a7:b5:db:c8:27:
ec:e9:f1:47:c0:5a:20:92:57:03:50:00:bb:68:13:0f:49:73:
b2:f3:2d:9f:b8:bb:81:0e:37:d9:a7:bb:03:ef:3b:63:cb:da:
ee:2e:65:fb:00:75:0d:12:6e:9c:57:4b:29:9f:73:5c:2d:7b:
39:c4:c9:6a:8f:c0:ef:4b:5e:56:8b:74:b1:bc:50:30:9e:37:
50:bc:37:04:aa:bc:f6:0e:ba:6e:92:74:60:aa:1b:3b:c7:19:
69:29:24:14:ef:e2:b4:1f:6e:c5:ff:f2:5b:13:e2:30:49:ee:
58:60:0c:71:36:79:1b:b0:2d:33:a2:96:0b:b6:7c:bd:cb:e9:
8b:0e:ef:66:57:54:e7:40:98:30:ff:a6:f4:94:51:d5:3e:7d:
bf:09:f8:f4:9a:81:9c:66:00:32:3e:7d:ec:ee:a4:47:25:60:
06:34:5f:bd:98:af:60:06:b4:70:a5:29:38:f0:9f:7a:da:15:
04:c5:10:84:95:91:08:df:da:00:9a:e3:fe:2c:16:8e:0c:86:
6e:f6:71:51:bd:6b:88:4c:16:bf:fc:ac:e9:97:f8:24:d3:e0:
17:11:61:77:e3:f0:8a:25:e3:00:02:56:47:82:ee:a5:16:0e:
a0:bc:0e:8d
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYH7d+5TEemSnm7RvjhO1DJjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjIwNzE0MDY0OTA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTA2MmMzYjRjNGVkOWMxMmY0ZmUzNzI1NmMwYTczMWQyZDZmZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomtvtHDHqZT/b8eXPiOGgzDr2KSM
09+cvQrzEeM+BjP9cV9iVFeV1fpW3WuMkjlB4qtMUJFTjtMG9lMxAktiqc6RTFH8
3f5Oy2EdsJPNbFk1IfvG4nxZb8tpssWWYHbNW/jD7BDzCVRyE5qI741XzVChMuu5
rSRmOW7p00mOlHwKENU6y7CRB8nYYTMioTqM8sugQOYAKIpWF3TbMdltpBv9XSJe
E1Zz+68PL0jMnuvCwzy5+h27xcnryXUYUxifkpNZIvBL0yv4CMh8HoL1bs1KW3Dc
95NvFQ6rw+CNOcjzgGRTrfnSO/ooROdKlE682DO+Ot3qdd8hjP7MKZafCQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFKoGLDtMTtnBL0/jclbApzHS1v8SMB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvcWdZc08weE8yY0V2VC1OeVZzQ25NZExXX3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQDk+xoMAwDBAKT7HQDBAeT7AADBAST7JADBAST
7LADBAK5bFADBAK5lfwDBAK5p2wDBAK5ryADBAK5tGQDBAK5tkwDBAK5uPQDBAO8
v+ADBATZr1AwDQQCAAIwBwMFACoAfEAwDQYJKoZIhvcNAQELBQADggEBAL9pHWEd
qAhPKHRikHGntdvIJ+zp8UfAWiCSVwNQALtoEw9Jc7LzLZ+4u4EON9mnuwPvO2PL
2u4uZfsAdQ0SbpxXSymfc1wteznEyWqPwO9LXlaLdLG8UDCeN1C8NwSqvPYOum6S
dGCqGzvHGWkpJBTv4rQfbsX/8lsT4jBJ7lhgDHE2eRuwLTOilgu2fL3L6YsO72ZX
VOdAmDD/pvSUUdU+fb8J+PSagZxmADI+fezupEclYAY0X72Yr2AGtHClKTjwn3ra
FQTFEISVkQjf2gCa4/4sFo4Mhm72cVG9a4hMFr/8rOmX+CTT4BcRYXfj8Iol4wAC
VkeC7qUWDqC8Do0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:29 2023 by rpki-client on console-fra.rpki-client.org