Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/wHXfCaJT9NfZD-COKnxr3qAuv_Y.roa
File: wHXfCaJT9NfZD-COKnxr3qAuv_Y.roa (raw, json)
Hash identifier: CdiuWksneqbd/P7DjVpLyr3d34xE7Hi2zRfJXNi+m4I=
Subject key identifier: C0:75:DF:09:A2:53:F4:D7:D9:0F:E0:8E:2A:7C:6B:DE:A0:2E:BF:F6
Certificate issuer: /CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Certificate serial: 01845B3BE8AC4C2159E55E3C2598F67AABFC
Authority key identifier: E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/wHXfCaJT9NfZD-COKnxr3qAuv_Y.roa
Signing time: Wed 09 Nov 2022 07:12:43 +0000
ROA not before: Wed 09 Nov 2022 07:12:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202940
IP address blocks: 89.208.56.0/21 maxlen: 21
89.208.0.0/21 maxlen: 21
89.208.4.0/22 maxlen: 24
188.191.224.0/21 maxlen: 21
188.191.224.0/24 maxlen: 24
188.191.225.0/24 maxlen: 24
188.191.226.0/24 maxlen: 24
188.191.228.0/24 maxlen: 24
188.191.229.0/24 maxlen: 24
188.191.227.0/24 maxlen: 24
188.191.230.0/24 maxlen: 24
185.175.34.0/23 maxlen: 23
185.175.32.0/22 maxlen: 22
185.175.32.0/23 maxlen: 23
89.208.128.0/21 maxlen: 21
185.184.246.0/23 maxlen: 23
89.208.135.0/24 maxlen: 24
185.184.244.0/23 maxlen: 23
185.184.244.0/22 maxlen: 22
89.208.134.0/23 maxlen: 24
185.149.253.0/24 maxlen: 24
185.149.252.0/22 maxlen: 22
185.149.252.0/24 maxlen: 24
185.149.254.0/24 maxlen: 24
185.149.255.0/24 maxlen: 24
185.180.102.0/24 maxlen: 24
185.180.103.0/24 maxlen: 24
185.180.100.0/24 maxlen: 24
185.180.100.0/22 maxlen: 22
185.167.110.0/24 maxlen: 24
185.167.108.0/23 maxlen: 23
185.167.108.0/24 maxlen: 24
185.167.108.0/22 maxlen: 22
185.167.109.0/24 maxlen: 24
185.167.111.0/24 maxlen: 24
147.236.176.0/20 maxlen: 20
217.175.92.0/22 maxlen: 22
217.175.95.0/24 maxlen: 24
185.182.77.0/24 maxlen: 24
185.182.78.0/24 maxlen: 24
185.182.76.0/22 maxlen: 22
185.182.76.0/24 maxlen: 24
217.175.82.0/24 maxlen: 24
217.175.80.0/20 maxlen: 20
217.175.80.0/22 maxlen: 22
217.175.80.0/24 maxlen: 24
217.175.84.0/22 maxlen: 22
217.175.88.0/22 maxlen: 22
147.236.116.0/22 maxlen: 24
147.236.120.0/21 maxlen: 21
147.236.144.0/22 maxlen: 24
147.236.144.0/21 maxlen: 21
147.236.144.0/20 maxlen: 20
147.236.148.0/22 maxlen: 22
141.226.120.0/22 maxlen: 23
147.236.152.0/23 maxlen: 23
147.236.152.0/22 maxlen: 22
147.236.152.0/21 maxlen: 21
141.226.122.0/23 maxlen: 23
147.236.154.0/23 maxlen: 23
147.236.156.0/22 maxlen: 24
147.236.156.0/24 maxlen: 24
147.236.157.0/24 maxlen: 24
185.182.79.0/24 maxlen: 24
185.108.82.0/23 maxlen: 23
185.108.82.0/24 maxlen: 24
185.108.80.0/22 maxlen: 23
185.108.83.0/24 maxlen: 24
147.236.104.0/21 maxlen: 21
2a00:7c40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:5b:3b:e8:ac:4c:21:59:e5:5e:3c:25:98:f6:7a:ab:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a851ddae5a64cc38825395be9a507da95ab7cf
Validity
Not Before: Nov 9 07:12:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c075df09a253f4d7d90fe08e2a7c6bdea02ebff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:52:a0:fc:66:bf:82:8c:ae:e5:dc:f7:e3:28:
dc:3e:72:ca:9b:72:09:8a:1a:80:4a:25:e8:c9:7e:
ff:b2:f1:c6:59:4c:ad:4a:02:9d:54:c4:69:f4:10:
02:f8:df:e0:a9:77:0d:44:a8:4c:55:28:49:36:30:
41:9a:a9:d8:8e:64:f4:cd:61:0d:fb:6c:fd:97:ce:
02:28:cd:4d:f5:8c:aa:4a:18:f5:8e:6e:fa:17:c2:
d4:66:dc:ed:7d:af:5f:d3:16:2a:b4:ca:5d:c0:1e:
23:8e:fd:5b:02:ba:d8:8b:65:22:c6:d5:40:77:4f:
35:85:81:52:f3:b1:a2:e6:81:48:d9:29:8e:7c:3d:
11:99:4b:a9:29:c6:bf:0c:78:89:ec:36:38:b0:a0:
82:1c:73:9d:07:85:e5:54:b4:05:2b:99:1e:15:fb:
1d:31:3d:aa:be:04:b9:2b:3a:e7:d5:d0:eb:74:15:
1d:20:06:00:e5:66:2c:6d:bc:94:85:94:44:52:8f:
c2:50:54:59:ee:44:90:36:4d:c3:e0:13:bb:ea:26:
7a:b1:d0:c5:ad:3c:bb:c3:ab:b2:5b:1e:5e:b7:07:
2f:04:ad:34:dd:35:2b:3b:03:a8:70:ef:65:b7:e0:
f1:99:57:8e:08:0f:8c:88:d6:c2:a4:5b:5a:19:97:
8b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:75:DF:09:A2:53:F4:D7:D9:0F:E0:8E:2A:7C:6B:DE:A0:2E:BF:F6
X509v3 Authority Key Identifier:
keyid:E8:A8:51:DD:AE:5A:64:CC:38:82:53:95:BE:9A:50:7D:A9:5A:B7:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KhR3a5aZMw4glOVvppQfalat88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/wHXfCaJT9NfZD-COKnxr3qAuv_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/3638d7-3ec3-4595-a631-110c878dcd29/1/6KhR3a5aZMw4glOVvppQfalat88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.0.0/21
89.208.56.0/21
89.208.128.0/21
141.226.120.0/22
147.236.104.0/21
147.236.116.0-147.236.127.255
147.236.144.0/20
147.236.176.0/20
185.108.80.0/22
185.149.252.0/22
185.167.108.0/22
185.175.32.0/22
185.180.100.0/22
185.182.76.0/22
185.184.244.0/22
188.191.224.0/21
217.175.80.0/20
IPv6:
2a00:7c40::/32
Signature Algorithm: sha256WithRSAEncryption
42:88:53:5b:f7:bb:48:60:0f:4e:b4:a6:05:04:80:af:4e:ef:
42:4a:3f:03:99:89:54:0f:28:5b:e1:f5:dc:ec:e4:f9:b3:8f:
59:45:a7:21:39:60:28:5c:c7:91:b8:90:e3:23:34:a3:9c:a6:
51:d0:fb:d1:9a:42:a7:d3:b6:42:36:ab:fe:ad:14:83:d9:25:
1e:70:62:17:a6:16:1a:59:7a:55:8a:15:91:c9:18:0c:56:e2:
17:56:c1:7f:c0:79:05:5e:3e:54:d8:47:f2:81:4e:8b:69:35:
41:2a:67:60:d5:af:b6:4e:09:dd:e3:a8:3c:af:ac:ba:20:79:
1e:e5:a8:9e:a7:95:c5:6b:71:c5:8e:8a:5c:7a:27:4b:5b:a8:
67:ba:8a:0e:9e:63:f9:c1:b3:3c:50:9c:09:05:e9:2d:a7:24:
31:c9:9d:5f:70:ae:63:3d:66:ba:b8:1d:16:dc:44:71:a6:fc:
0d:86:cc:95:c3:75:db:cf:f7:a1:2a:0e:e8:8e:a6:ee:eb:8c:
68:73:31:42:8e:85:f4:c1:06:52:86:e0:3e:e5:b6:94:bf:50:
f0:3b:3e:b9:33:d5:38:90:52:e1:3d:e7:5c:95:d2:3c:33:20:
f9:c5:5f:ff:b8:4c:7a:e6:80:26:61:62:2d:0e:bc:cd:1a:d1:
fb:9d:ce:e6
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAYRbO+isTCFZ5V48JZj2eqv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTg1MWRkYWU1YTY0Y2MzODgyNTM5NWJlOWE1MDdkYTk1
YWI3Y2YwHhcNMjIxMTA5MDcxMjQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDc1ZGYwOWEyNTNmNGQ3ZDkwZmUwOGUyYTdjNmJkZWEwMmViZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAylKg/Ga/goyu5dz34yjcPnLKm3IJ
ihqASiXoyX7/svHGWUytSgKdVMRp9BAC+N/gqXcNRKhMVShJNjBBmqnYjmT0zWEN
+2z9l84CKM1N9YyqShj1jm76F8LUZtztfa9f0xYqtMpdwB4jjv1bArrYi2UixtVA
d081hYFS87Gi5oFI2SmOfD0RmUupKca/DHiJ7DY4sKCCHHOdB4XlVLQFK5keFfsd
MT2qvgS5Kzrn1dDrdBUdIAYA5WYsbbyUhZREUo/CUFRZ7kSQNk3D4BO76iZ6sdDF
rTy7w6uyWx5etwcvBK003TUrOwOocO9lt+DxmVeOCA+MiNbCpFtaGZeL5wIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFMB13wmiU/TX2Q/gjip8a96gLr/2MB8GA1UdIwQY
MBaAFOioUd2uWmTMOIJTlb6aUH2pWrfPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEt
MTEwYzg3OGRjZDI5LzEvd0hYZkNhSlQ5TmZaRC1DT0tueHIzcUF1dl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8zNjM4ZDctM2VjMy00NTk1LWE2MzEtMTEwYzg3OGRjZDI5
LzEvNktoUjNhNWFaTXc0Z2xPVnZwcFFmYWxhdDg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTB0BAIAATBuAwQDWdAA
AwQDWdA4AwQDWdCAAwQCjeJ4AwQDk+xoMAwDBAKT7HQDBAeT7AADBAST7JADBAST
7LADBAK5bFADBAK5lfwDBAK5p2wDBAK5ryADBAK5tGQDBAK5tkwDBAK5uPQDBAO8
v+ADBATZr1AwDQQCAAIwBwMFACoAfEAwDQYJKoZIhvcNAQELBQADggEBAEKIU1v3
u0hgD060pgUEgK9O70JKPwOZiVQPKFvh9dzs5Pmzj1lFpyE5YChcx5G4kOMjNKOc
plHQ+9GaQqfTtkI2q/6tFIPZJR5wYhemFhpZelWKFZHJGAxW4hdWwX/AeQVePlTY
R/KBTotpNUEqZ2DVr7ZOCd3jqDyvrLogeR7lqJ6nlcVrccWOilx6J0tbqGe6ig6e
Y/nBszxQnAkF6S2nJDHJnV9wrmM9Zrq4HRbcRHGm/A2GzJXDddvP96EqDuiOpu7r
jGhzMUKOhfTBBlKG4D7ltpS/UPA7Prkz1TiQUuE951yV0jwzIPnFX/+4THrmgCZh
Yi0OvM0a0fudzuY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:11 2023 by rpki-client on console-ams.rpki-client.org