Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/vBUwV3udQ43gV5z97MbNEfhsmzc.roa
File: vBUwV3udQ43gV5z97MbNEfhsmzc.roa (raw, json)
Hash identifier: DGhJrfrg2th45lbhDbury3rBpgiM5Isso1sLbCiGNFs=
Subject key identifier: BC:15:30:57:7B:9D:43:8D:E0:57:9C:FD:EC:C6:CD:11:F8:6C:9B:37
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 01847A836CD7E22D803403DAB0A5152FBEE9
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/vBUwV3udQ43gV5z97MbNEfhsmzc.roa
Signing time: Tue 15 Nov 2022 08:59:04 +0000
ROA not before: Tue 15 Nov 2022 08:59:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
188.191.225.0/24 maxlen: 24
188.191.226.0/24 maxlen: 24
188.191.228.0/24 maxlen: 24
188.191.229.0/24 maxlen: 24
188.191.227.0/24 maxlen: 24
188.191.230.0/24 maxlen: 24
185.175.34.0/23 maxlen: 23
185.175.32.0/22 maxlen: 22
185.175.32.0/23 maxlen: 23
89.208.128.0/21 maxlen: 21
185.184.246.0/23 maxlen: 23
89.208.135.0/24 maxlen: 24
185.184.244.0/23 maxlen: 23
185.184.244.0/22 maxlen: 22
89.208.134.0/23 maxlen: 24
185.149.253.0/24 maxlen: 24
185.149.252.0/22 maxlen: 22
185.149.252.0/24 maxlen: 24
185.149.254.0/24 maxlen: 24
185.149.255.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.100.0/22 maxlen: 22
185.167.110.0/24 maxlen: 24
185.167.108.0/23 maxlen: 23
185.167.108.0/24 maxlen: 24
185.167.108.0/22 maxlen: 22
185.167.109.0/24 maxlen: 24
185.167.111.0/24 maxlen: 24
147.236.176.0/20 maxlen: 20
147.234.23.0/24 maxlen: 24
217.175.92.0/22 maxlen: 22
217.175.95.0/24 maxlen: 24
185.182.77.0/24 maxlen: 24
185.182.78.0/24 maxlen: 24
185.182.76.0/22 maxlen: 22
185.182.76.0/24 maxlen: 24
217.175.82.0/24 maxlen: 24
217.175.80.0/20 maxlen: 20
217.175.80.0/22 maxlen: 22
217.175.80.0/24 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/22 maxlen: 22
147.236.116.0/22 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.144.0/22 maxlen: 24
147.236.144.0/21 maxlen: 21
147.236.144.0/20 maxlen: 20
147.236.148.0/22 maxlen: 22
141.226.120.0/22 maxlen: 23
147.236.152.0/23 maxlen: 23
147.236.152.0/22 maxlen: 22
147.236.152.0/21 maxlen: 21
141.226.122.0/23 maxlen: 23
147.236.154.0/23 maxlen: 23
147.236.156.0/24 maxlen: 24
147.236.156.0/22 maxlen: 24
147.236.157.0/24 maxlen: 24
185.182.79.0/24 maxlen: 24
185.108.82.0/23 maxlen: 23
185.108.82.0/24 maxlen: 24
185.108.80.0/22 maxlen: 23
185.108.83.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:83:6c:d7:e2:2d:80:34:03:da:b0:a5:15:2f:be:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Nov 15 08:59:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bc1530577b9d438de0579cfdecc6cd11f86c9b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:65:66:a2:d7:0e:4e:05:a2:5f:16:b5:4b:c5:
05:b9:b5:19:9b:39:0e:6c:4f:97:26:d8:7f:75:10:
46:64:42:46:0e:c2:45:ec:62:1b:51:fa:b9:5e:11:
43:00:e9:d5:bb:4e:53:d4:69:9e:74:8a:3e:b5:4b:
9e:85:f7:d8:7e:e1:e8:69:ac:1c:ea:94:98:ea:b1:
83:0a:87:a5:ff:63:9c:cf:85:86:1a:11:d3:66:88:
34:2b:5b:4f:82:14:3c:82:4f:38:cd:bd:8e:88:55:
d2:18:df:64:78:a2:7b:4b:2a:19:d5:13:ac:3b:6e:
8a:ac:06:b4:26:d5:ef:2d:42:56:d4:78:0f:48:68:
ef:f7:6a:4b:97:aa:8e:ca:ed:13:fa:27:59:00:78:
d3:d3:69:94:32:ff:65:31:f3:0f:60:82:aa:f3:46:
3d:be:0d:eb:99:2d:d5:11:97:75:fc:9e:c1:9c:9f:
c0:33:f6:65:4f:0d:96:58:84:2f:b4:ea:4f:bf:40:
57:a6:11:b7:2e:3b:bd:e8:f2:d0:1d:5d:2a:f8:1f:
f0:d9:c3:ef:4c:b5:9c:0f:3f:ef:71:38:da:3e:51:
ec:a8:a2:08:48:6a:0c:a3:e1:56:78:c9:f7:45:15:
79:5b:68:96:fb:ae:93:21:83:32:56:57:95:03:87:
11:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:15:30:57:7B:9D:43:8D:E0:57:9C:FD:EC:C6:CD:11:F8:6C:9B:37
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/vBUwV3udQ43gV5z97MbNEfhsmzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.234.23.0/24
147.236.104.0/21
147.236.116.0-147.236.127.255
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
2e:79:82:1b:6e:1f:86:66:6b:3d:c8:50:56:49:fb:95:58:e6:
ff:41:1a:7e:0c:2b:fc:36:7b:76:e9:8f:30:9a:0a:ce:84:11:
ca:eb:e6:51:08:51:a3:21:58:0a:47:97:8e:d6:45:69:29:6c:
1a:4b:6e:87:6e:72:c8:65:8d:97:42:c2:b9:8d:74:1f:d0:15:
df:4b:82:3e:49:34:9a:35:b7:d9:78:88:61:52:3d:b8:b4:e9:
0a:b0:40:54:25:3c:22:3d:5b:85:fc:9a:ea:7f:c1:8b:17:7f:
8c:2e:a3:77:57:69:b3:77:fd:79:e8:f1:7e:1b:36:f4:cb:6b:
c5:9f:7d:cb:67:70:40:6e:50:58:70:51:76:f1:28:65:f4:23:
7c:1e:d8:71:37:35:37:21:be:ba:b2:c8:5a:ab:ae:ca:5a:cb:
80:4f:ee:0c:a7:d6:76:50:91:8c:1b:63:32:50:88:92:bb:c5:
09:4c:4f:f8:f5:d3:e2:b3:a7:84:ae:41:31:46:90:4b:63:f2:
35:c7:47:d6:f7:23:67:08:49:b5:3e:be:eb:ed:90:f1:52:d9:
b3:cf:3e:b2:5a:5b:ca:3b:08:95:d1:75:9e:d6:9c:9d:7f:3f:
d2:bd:ed:98:48:d1:49:b5:5a:e1:6d:9f:80:67:c3:12:fe:5e:
74:95:fe:fd
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYR6g2zX4i2ANAPasKUVL77pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjIxMTE1MDg1OTA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzE1MzA1NzdiOWQ0MzhkZTA1NzljZmRlY2M2Y2QxMWY4NmM5YjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2GVmotcOTgWiXxa1S8UFubUZmzkO
bE+XJth/dRBGZEJGDsJF7GIbUfq5XhFDAOnVu05T1GmedIo+tUuehffYfuHoaawc
6pSY6rGDCoel/2Ocz4WGGhHTZog0K1tPghQ8gk84zb2OiFXSGN9keKJ7SyoZ1ROs
O26KrAa0JtXvLUJW1HgPSGjv92pLl6qOyu0T+idZAHjT02mUMv9lMfMPYIKq80Y9
vg3rmS3VEZd1/J7BnJ/AM/ZlTw2WWIQvtOpPv0BXphG3Lju96PLQHV0q+B/w2cPv
TLWcDz/vcTjaPlHsqKIISGoMo+FWeMn3RRV5W2iW+66TIYMyVleVA4cRqwIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFLwVMFd7nUON4Fec/ezGzRH4bJs3MB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvdkJVd1YzdWRRNDNnVjV6OTdNYk5FZmhzbXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB6BAIAATB0AwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQAk+oXAwQDk+xoMAwDBAKT7HQDBAeT7AADBAST
7JADBAST7LADBAK5bFADBAK5lfwDBAK5p2wDBAK5ryADBAK5tGQDBAK5tkwDBAK5
uPQDBAO8v+ADBATZr1AwDQQCAAIwBwMFACoAfEAwDQYJKoZIhvcNAQELBQADggEB
AC55ghtuH4Zmaz3IUFZJ+5VY5v9BGn4MK/w2e3bpjzCaCs6EEcrr5lEIUaMhWApH
l47WRWkpbBpLboducshljZdCwrmNdB/QFd9Lgj5JNJo1t9l4iGFSPbi06QqwQFQl
PCI9W4X8mup/wYsXf4wuo3dXabN3/Xno8X4bNvTLa8WffctncEBuUFhwUXbxKGX0
I3we2HE3NTchvrqyyFqrrspay4BP7gyn1nZQkYwbYzJQiJK7xQlMT/j10+Kzp4Su
QTFGkEtj8jXHR9b3I2cISbU+vuvtkPFS2bPPPrJaW8o7CJXRdZ7WnJ1/P9K97ZhI
0Um1WuFtn4BnwxL+XnSV/v0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:29 2023 by rpki-client on console-fra.rpki-client.org