Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/9byzOuDJiwkHNTCJExiwibZPI8Y.roa
File: 9byzOuDJiwkHNTCJExiwibZPI8Y.roa (raw, json)
Hash identifier: N8wOHK13yOECAOA/d8OeQzbHac1I/OQvOL1ScuseD5U=
Subject key identifier: F5:BC:B3:3A:E0:C9:8B:09:07:35:30:89:13:18:B0:89:B6:4F:23:C6
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 08019E9C
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/9byzOuDJiwkHNTCJExiwibZPI8Y.roa
Signing time: Wed 11 May 2022 10:59:01 +0000
ROA not before: Wed 11 May 2022 10:59:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209574
IP address blocks: 86.106.114.0/23 maxlen: 24
89.40.207.0/24 maxlen: 24
188.213.252.0/22 maxlen: 22
188.213.248.0/22 maxlen: 22
188.208.48.0/22 maxlen: 22
89.35.90.0/24 maxlen: 24
91.218.238.0/23 maxlen: 23
91.218.236.0/23 maxlen: 23
185.80.112.0/23 maxlen: 24
188.208.109.0/24 maxlen: 24
185.80.114.0/23 maxlen: 24
86.104.224.0/23 maxlen: 23
86.104.222.0/23 maxlen: 23
86.106.140.0/23 maxlen: 23
188.214.94.0/24 maxlen: 24
93.114.51.0/24 maxlen: 24
93.114.52.0/23 maxlen: 23
93.114.54.0/24 maxlen: 24
89.39.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 134323868 (0x8019e9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: May 11 10:59:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f5bcb33ae0c98b09073530891318b089b64f23c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:54:47:eb:d3:52:cb:64:f2:66:f9:e5:af:65:
1a:e5:fa:d6:df:c5:12:d8:14:80:ee:4c:d3:b0:a3:
7b:07:5d:16:d7:dc:49:0c:34:02:bc:f7:07:8f:14:
38:99:bd:22:75:7e:65:bb:23:1b:9b:ce:19:e3:44:
f2:35:44:d5:c2:18:df:2e:85:7e:0e:ae:27:2b:11:
99:5e:24:83:57:c0:04:a1:65:88:e3:43:fd:1a:20:
b8:9f:cd:d0:65:e6:32:b8:f0:fa:85:4e:fe:58:b5:
27:bb:f0:cb:01:25:7b:c8:ab:77:f5:6a:50:47:a1:
be:12:c8:91:f9:e9:5f:6a:49:bd:21:44:0c:ba:8d:
28:c2:7b:9a:ae:5c:b1:8e:65:76:d4:55:d9:92:f6:
15:9e:e1:75:f2:65:91:84:b4:e9:a8:83:d8:53:f7:
ba:b8:a0:b4:98:3b:40:9e:ac:5e:85:bb:3d:d0:aa:
cc:44:38:b2:03:25:e7:74:c5:5a:4c:da:3d:f0:69:
e2:55:8d:8a:88:50:9d:12:54:53:7d:4e:9f:ad:73:
b8:23:7d:f0:01:cc:e9:7c:37:92:c3:0d:25:c6:5f:
a7:7e:c4:28:87:53:90:e2:a1:80:bd:a1:1a:a0:2b:
f3:41:db:12:98:f5:7f:e9:73:41:b3:2a:16:b5:de:
11:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:BC:B3:3A:E0:C9:8B:09:07:35:30:89:13:18:B0:89:B6:4F:23:C6
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/9byzOuDJiwkHNTCJExiwibZPI8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.222.0-86.104.225.255
86.106.114.0/23
86.106.140.0/23
89.35.90.0/24
89.39.69.0/24
89.40.207.0/24
91.218.236.0/22
93.114.51.0-93.114.54.255
185.80.112.0/22
188.208.48.0/22
188.208.109.0/24
188.213.248.0/21
188.214.94.0/24
Signature Algorithm: sha256WithRSAEncryption
40:72:47:89:85:f6:f8:25:dc:7d:2b:ff:96:99:c3:0e:85:80:
60:5e:1c:43:6e:f2:9d:1b:03:5a:ba:08:f6:80:1a:c9:27:7e:
29:23:75:00:87:bb:d5:25:da:da:db:7e:94:2d:e5:0c:64:cf:
79:a3:df:3d:9a:16:c8:f4:84:a3:b4:0d:ee:00:50:03:91:d0:
cb:4f:8a:c7:05:3e:79:34:5d:5b:8b:79:52:15:67:7e:c4:d0:
19:3b:25:86:50:c3:d6:ad:e1:d1:a1:dd:b1:8b:82:d2:f8:91:
94:19:a2:70:b9:68:8a:7f:f1:60:ff:27:0c:97:c7:8c:c4:9e:
b4:f4:d8:d1:eb:b3:58:af:aa:2b:5a:52:10:d5:aa:02:0b:64:
65:89:eb:6c:7a:51:46:26:ba:af:42:f3:31:1e:f1:cd:19:ee:
ab:5c:34:9f:3d:19:fe:06:73:d6:4b:92:4b:9e:d0:c3:a6:84:
65:9a:89:df:27:c1:68:09:83:a6:d0:ac:01:df:6b:ed:76:df:
77:40:f2:39:6e:7e:84:d0:d1:1c:0d:9b:9c:f1:66:3e:94:ee:
c8:05:a6:5b:7e:3c:4a:a2:83:2e:89:e2:c6:0e:c9:af:ec:5f:
2f:82:f8:97:90:f6:d1:46:d3:78:61:66:9c:13:d6:ec:0b:c6:
18:62:a3:92
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIECAGenDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGY4MjRkMzJkZjFhNTExM2Q4MjEwMTM0NWQ3ODVhMzhhZGRiZGU1MB4XDTIyMDUx
MTEwNTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZjViY2IzM2FlMGM5
OGIwOTA3MzUzMDg5MTMxOGIwODliNjRmMjNjNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJBUR+vTUstk8mb55a9lGuX61t/FEtgUgO5M07CjewddFtfc
SQw0Arz3B48UOJm9InV+ZbsjG5vOGeNE8jVE1cIY3y6Ffg6uJysRmV4kg1fABKFl
iOND/RoguJ/N0GXmMrjw+oVO/li1J7vwywEle8ird/VqUEehvhLIkfnpX2pJvSFE
DLqNKMJ7mq5csY5ldtRV2ZL2FZ7hdfJlkYS06aiD2FP3urigtJg7QJ6sXoW7PdCq
zEQ4sgMl53TFWkzaPfBp4lWNiohQnRJUU31On61zuCN98AHM6Xw3ksMNJcZfp37E
KIdTkOKhgL2hGqAr80HbEpj1f+lzQbMqFrXeEQcCAwEAAaOCAmEwggJdMB0GA1Ud
DgQWBBT1vLM64MmLCQc1MIkTGLCJtk8jxjAfBgNVHSMEGDAWgBSE+CTTLfGlET2C
EBNF14Wjit295TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQZ2sweTN4cFJFOWdoQVRSZGVGbzRyZHZlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvOWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8x
LzlieXpPdURKaXdrSE5UQ0pFeGl3aWJaUEk4WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
OWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8xL2hQZ2sweTN4cFJF
OWdoQVRSZGVGbzRyZHZlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB3
BggrBgEFBQcBBwEB/wRoMGYwZAQCAAEwXjAMAwQBVmjeAwQBVmjgAwQBVmpyAwQB
VmqMAwQAWSNaAwQAWSdFAwQAWSjPAwQCW9rsMAwDBABdcjMDBABdcjYDBAK5UHAD
BAK80DADBAC80G0DBAO81fgDBAC81l4wDQYJKoZIhvcNAQELBQADggEBAEByR4mF
9vgl3H0r/5aZww6FgGBeHENu8p0bA1q6CPaAGsknfikjdQCHu9Ul2trbfpQt5Qxk
z3mj3z2aFsj0hKO0De4AUAOR0MtPiscFPnk0XVuLeVIVZ37E0Bk7JYZQw9at4dGh
3bGLgtL4kZQZonC5aIp/8WD/JwyXx4zEnrT02NHrs1ivqitaUhDVqgILZGWJ62x6
UUYmuq9C8zEe8c0Z7qtcNJ89Gf4Gc9ZLkkue0MOmhGWaid8nwWgJg6bQrAHfa+12
33dA8jlufoTQ0RwNm5zxZj6U7sgFplt+PEqigy6J4sYOya/sXy+C+JeQ9tFG03hh
ZpwT1uwLxhhio5I=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:26 2023 by rpki-client on console-ams.rpki-client.org