Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/AgJV4ir8XhCcVSo73JVV38QQ1Go.roa
File: AgJV4ir8XhCcVSo73JVV38QQ1Go.roa (raw, json)
Hash identifier: zcCpOx5A4Ev6VFhDBP5dzcVZGNugoRwOxCklFM9NOcw=
Subject key identifier: 02:02:55:E2:2A:FC:5E:10:9C:55:2A:3B:DC:95:55:DF:C4:10:D4:6A
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0182588E65440A55B08E0F9BB430F24AA5C6
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/AgJV4ir8XhCcVSo73JVV38QQ1Go.roa
Signing time: Mon 01 Aug 2022 08:38:23 +0000
ROA not before: Mon 01 Aug 2022 08:38:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203120
IP address blocks: 89.37.96.0/24 maxlen: 24
89.33.254.0/24 maxlen: 24
188.172.176.0/20 maxlen: 20
188.209.120.0/23 maxlen: 23
89.34.102.0/24 maxlen: 24
93.115.59.0/24 maxlen: 24
93.119.120.0/23 maxlen: 23
86.106.10.0/24 maxlen: 24
46.102.180.0/24 maxlen: 24
86.105.176.0/24 maxlen: 24
89.37.130.0/23 maxlen: 23
89.41.190.0/23 maxlen: 23
89.37.134.0/24 maxlen: 24
77.81.90.0/23 maxlen: 23
86.105.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:58:8e:65:44:0a:55:b0:8e:0f:9b:b4:30:f2:4a:a5:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Aug 1 08:38:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=020255e22afc5e109c552a3bdc9555dfc410d46a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:1a:98:32:26:c1:6a:a9:b5:3a:68:1d:93:0f:
2e:90:5e:e6:c6:47:6b:96:9b:00:9f:13:10:14:14:
b7:86:30:34:7c:2b:eb:67:f0:77:5e:0f:08:51:ba:
d7:a9:dd:6d:31:83:10:36:c3:c3:0e:e5:d4:09:62:
7f:9f:50:46:12:c9:55:db:89:23:5f:35:55:aa:f2:
3e:6f:22:98:4c:65:0e:82:9c:bd:20:0c:f0:76:44:
2d:0f:96:34:93:4e:57:9e:c9:7b:d7:f0:38:a4:7b:
69:2d:a2:ae:2a:25:60:8f:63:a1:d0:bb:8a:bd:ee:
97:35:09:87:12:07:e7:e2:61:19:54:57:95:5d:a8:
f1:bd:13:7c:4c:14:89:aa:8b:60:05:75:24:7f:33:
b1:80:d7:e9:fe:0c:01:83:1a:ed:32:2a:66:b2:00:
4a:17:7a:2d:41:a0:7e:12:ad:df:d6:f9:dc:a2:30:
82:96:1d:91:39:fe:73:35:a9:bb:5b:b5:19:c8:a7:
5c:2f:5f:dc:5d:d8:41:48:9f:52:dd:8e:46:9a:af:
52:4b:64:0c:99:e0:31:a9:01:3f:a3:55:53:99:4a:
28:9f:08:e3:75:3d:52:f8:3d:61:30:2f:ad:03:e7:
1c:9b:b5:80:59:97:d5:de:b0:6b:c7:3f:65:9d:ff:
a5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:02:55:E2:2A:FC:5E:10:9C:55:2A:3B:DC:95:55:DF:C4:10:D4:6A
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/AgJV4ir8XhCcVSo73JVV38QQ1Go.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.180.0/24
77.81.90.0/23
86.105.6.0/24
86.105.176.0/24
86.106.10.0/24
89.33.254.0/24
89.34.102.0/24
89.37.96.0/24
89.37.130.0/23
89.37.134.0/24
89.41.190.0/23
93.115.59.0/24
93.119.120.0/23
188.172.176.0/20
188.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
4f:13:9e:83:22:95:4f:dc:cf:b9:60:0f:b0:94:ea:69:29:3c:
d7:43:d7:40:07:f2:23:fb:d1:a0:c7:d4:69:33:d3:c2:3c:96:
d5:b3:f3:96:90:d0:3d:f0:38:06:a0:0d:75:ea:2b:c8:5c:f0:
d2:d3:4d:95:ec:d0:93:e0:8a:b8:62:68:6c:2d:15:19:b5:66:
cc:97:3f:c7:1a:d5:0a:50:da:56:34:08:3e:62:06:a9:6a:c6:
e0:ac:bd:c8:57:64:42:2b:56:d7:d5:08:90:e6:00:9e:c4:a4:
c5:7a:6d:9c:ba:31:94:f2:81:03:37:f8:6c:75:68:ed:88:c7:
7f:28:43:6a:bc:e0:2d:58:d6:8d:93:7b:30:e2:c4:62:9f:c9:
79:66:73:ea:bb:e0:5d:59:39:c1:c7:3e:10:3d:e0:80:5b:52:
c4:f7:b0:4b:9d:e7:3c:8d:9b:aa:81:bc:1a:a1:33:2d:b7:f2:
c4:c1:c5:a6:aa:0a:ab:12:8a:db:6b:d0:d1:0d:6e:c4:96:d9:
28:7c:e6:f5:3b:66:15:04:32:90:42:4d:27:02:85:c4:5a:f6:
40:57:cb:3c:7a:79:55:f9:e1:69:40:4f:e4:cc:23:ca:7c:be:
87:31:5a:94:22:8f:b7:60:1b:2c:de:fb:fc:57:ed:8f:96:5a:
99:cd:04:21
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYJYjmVEClWwjg+btDDySqXGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjIwODAxMDgzODIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjAyNTVlMjJhZmM1ZTEwOWM1NTJhM2JkYzk1NTVkZmM0MTBkNDZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBqYMibBaqm1Omgdkw8ukF7mxkdr
lpsAnxMQFBS3hjA0fCvrZ/B3Xg8IUbrXqd1tMYMQNsPDDuXUCWJ/n1BGEslV24kj
XzVVqvI+byKYTGUOgpy9IAzwdkQtD5Y0k05Xnsl71/A4pHtpLaKuKiVgj2Oh0LuK
ve6XNQmHEgfn4mEZVFeVXajxvRN8TBSJqotgBXUkfzOxgNfp/gwBgxrtMipmsgBK
F3otQaB+Eq3f1vncojCClh2ROf5zNam7W7UZyKdcL1/cXdhBSJ9S3Y5Gmq9SS2QM
meAxqQE/o1VTmUoonwjjdT1S+D1hMC+tA+ccm7WAWZfV3rBrxz9lnf+lgwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFAICVeIq/F4QnFUqO9yVVd/EENRqMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvQWdKVjRpcjhYaENjVlNvNzNKVlYzOFFRMUdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALma0AwQB
TVFaAwQAVmkGAwQAVmmwAwQAVmoKAwQAWSH+AwQAWSJmAwQAWSVgAwQBWSWCAwQA
WSWGAwQBWSm+AwQAXXM7AwQBXXd4AwQEvKywAwQBvNF4MA0GCSqGSIb3DQEBCwUA
A4IBAQBPE56DIpVP3M+5YA+wlOppKTzXQ9dAB/Ij+9Ggx9RpM9PCPJbVs/OWkNA9
8DgGoA116ivIXPDS002V7NCT4Iq4YmhsLRUZtWbMlz/HGtUKUNpWNAg+Ygapasbg
rL3IV2RCK1bX1QiQ5gCexKTFem2cujGU8oEDN/hsdWjtiMd/KENqvOAtWNaNk3sw
4sRin8l5ZnPqu+BdWTnBxz4QPeCAW1LE97BLnec8jZuqgbwaoTMtt/LEwcWmqgqr
Eorba9DRDW7EltkofOb1O2YVBDKQQk0nAoXEWvZAV8s8enlV+eFpQE/kzCPKfL6H
MVqUIo+3YBss3vv8V+2PllqZzQQh
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:56 2024 by rpki-client on console-fra.rpki-client.org