Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/DouQrbFdjhTzv5ZdDGeQ6ruOrYg.roa
File: DouQrbFdjhTzv5ZdDGeQ6ruOrYg.roa (raw, json)
Hash identifier: C5anjWgHolefsFgX6nd0FCsVuXjR8zKGvyWdVr6L1us=
Subject key identifier: 0E:8B:90:AD:B1:5D:8E:14:F3:BF:96:5D:0C:67:90:EA:BB:8E:AD:88
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 06CC394C
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/DouQrbFdjhTzv5ZdDGeQ6ruOrYg.roa
Signing time: Sat 01 Jan 2022 05:58:47 +0000
ROA not before: Sat 01 Jan 2022 05:58:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51490
IP address blocks: 89.36.138.0/24 maxlen: 24
89.36.139.0/24 maxlen: 24
193.254.48.0/21 maxlen: 24
193.254.56.0/21 maxlen: 24
93.119.124.0/24 maxlen: 24
46.102.179.0/24 maxlen: 24
46.102.177.0/24 maxlen: 24
46.102.178.0/24 maxlen: 24
86.104.0.0/23 maxlen: 24
37.156.64.0/24 maxlen: 24
37.156.65.0/24 maxlen: 24
176.223.161.0/24 maxlen: 24
89.33.255.0/24 maxlen: 24
86.106.114.0/23 maxlen: 24
89.40.209.0/24 maxlen: 24
188.208.220.0/23 maxlen: 23
188.208.222.0/23 maxlen: 23
89.33.198.0/23 maxlen: 24
89.33.200.0/23 maxlen: 24
89.40.141.0/24 maxlen: 24
188.209.122.0/23 maxlen: 23
188.209.126.0/23 maxlen: 23
89.41.28.0/23 maxlen: 24
193.30.254.0/24 maxlen: 24
89.36.38.0/24 maxlen: 24
176.126.194.0/24 maxlen: 24
77.81.84.0/23 maxlen: 23
89.42.152.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 114047308 (0x6cc394c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jan 1 05:58:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e8b90adb15d8e14f3bf965d0c6790eabb8ead88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:8b:b3:36:ce:36:c7:9d:ad:55:c1:0c:78:fc:
db:cf:0a:dc:05:13:7e:7b:99:e1:50:13:fb:c3:31:
00:37:3a:6f:00:e3:80:64:e1:3b:30:a9:95:0d:15:
42:a3:24:50:e2:1c:98:4e:e0:6d:bd:9b:0f:08:1f:
ff:47:39:27:a9:43:96:bf:42:39:7b:f0:a0:90:af:
90:ce:97:fb:43:a8:50:c5:d0:d2:e1:f7:83:da:53:
52:05:28:aa:c5:e2:34:f0:8d:ca:28:f2:89:43:2f:
d0:3c:92:70:67:cf:0a:df:27:16:15:0f:fc:3a:98:
f9:4e:b0:ca:02:86:4e:94:a5:c0:a2:e8:2e:0b:fa:
fc:d9:e9:bf:dd:82:29:fb:a3:89:1a:d7:8d:24:10:
1a:bf:65:b9:c9:ef:d0:9f:65:e5:41:f7:ea:dc:c0:
50:07:85:27:d7:c6:e9:c9:07:94:59:9d:82:bd:4d:
3a:77:b0:84:52:72:d9:1c:32:78:b3:ba:98:1e:a3:
d8:b0:cf:41:05:f9:f8:37:f0:9b:1d:ff:be:79:f2:
fa:a7:5d:c7:23:19:be:8c:7e:b3:f8:66:16:1f:53:
d6:28:a5:74:39:13:bf:09:fe:3a:18:46:0e:fb:09:
7d:6f:e5:ec:1a:3c:a9:3d:7f:2e:a0:6a:ea:b9:89:
f1:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8B:90:AD:B1:5D:8E:14:F3:BF:96:5D:0C:67:90:EA:BB:8E:AD:88
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/DouQrbFdjhTzv5ZdDGeQ6ruOrYg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.64.0/23
46.102.177.0-46.102.179.255
77.81.84.0/23
86.104.0.0/23
86.106.114.0/23
89.33.198.0-89.33.201.255
89.33.255.0/24
89.36.38.0/24
89.36.138.0/23
89.40.141.0/24
89.40.209.0/24
89.41.28.0/23
89.42.152.0/23
93.119.124.0/24
176.126.194.0/24
176.223.161.0/24
188.208.220.0/22
188.209.122.0/23
188.209.126.0/23
193.30.254.0/24
193.254.48.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:5f:3f:e0:63:63:db:8f:71:67:96:5c:f1:0b:b2:b6:89:55:
2b:12:73:55:12:fc:4f:4d:93:c9:b4:5e:04:39:ed:20:98:63:
8f:e1:03:d1:ef:c1:ea:e1:ad:3b:a1:19:40:bf:48:2a:a8:c6:
ba:22:4c:e7:cb:b9:d4:fa:eb:2d:af:83:17:aa:c4:76:f3:25:
d1:7a:42:5e:4e:82:11:cc:04:22:9a:2a:1a:98:ac:1a:5b:fd:
15:62:ed:94:d3:a8:16:c7:f3:f1:51:4f:f7:16:0c:0b:5f:54:
1c:3f:93:7b:41:76:7d:39:11:5c:7e:15:de:68:82:be:d2:f5:
d3:f2:af:2e:e8:a8:f2:6b:ed:74:b6:9d:d7:64:3e:27:d9:82:
ff:3b:18:40:18:12:b3:b3:66:c6:8b:35:23:db:e1:af:35:76:
b9:5e:c4:86:0c:92:d6:e3:db:bb:d6:a3:cd:28:ff:e0:98:31:
39:b1:48:0e:6a:b1:e1:4f:96:e0:b8:b4:43:d8:a3:5e:a1:4a:
b1:ec:d1:1d:b3:f2:18:38:e3:79:e8:e2:81:c8:9c:da:57:18:
34:6f:cf:b8:bb:c0:83:02:8a:6f:88:12:13:5b:a9:c1:5c:9c:
e2:57:e0:2d:25:01:2e:97:35:e5:e1:e7:c3:80:37:6b:d1:00:
93:98:94:ba
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIEBsw5TDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGY4MjRkMzJkZjFhNTExM2Q4MjEwMTM0NWQ3ODVhMzhhZGRiZGU1MB4XDTIyMDEw
MTA1NTg0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGU4YjkwYWRiMTVk
OGUxNGYzYmY5NjVkMGM2NzkwZWFiYjhlYWQ4ODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJmLszbONsedrVXBDHj8288K3AUTfnuZ4VAT+8MxADc6bwDj
gGThOzCplQ0VQqMkUOIcmE7gbb2bDwgf/0c5J6lDlr9COXvwoJCvkM6X+0OoUMXQ
0uH3g9pTUgUoqsXiNPCNyijyiUMv0DyScGfPCt8nFhUP/DqY+U6wygKGTpSlwKLo
Lgv6/Nnpv92CKfujiRrXjSQQGr9lucnv0J9l5UH36tzAUAeFJ9fG6ckHlFmdgr1N
OnewhFJy2RwyeLO6mB6j2LDPQQX5+Dfwmx3/vnny+qddxyMZvox+s/hmFh9T1iil
dDkTvwn+OhhGDvsJfW/l7Bo8qT1/LqBq6rmJ8asCAwEAAaOCApYwggKSMB0GA1Ud
DgQWBBQOi5CtsV2OFPO/ll0MZ5Dqu46tiDAfBgNVHSMEGDAWgBSE+CTTLfGlET2C
EBNF14Wjit295TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQZ2sweTN4cFJFOWdoQVRSZGVGbzRyZHZlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvOWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8x
L0RvdVFyYkZkamhUenY1WmRER2VRNnJ1T3JZZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
OWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8xL2hQZ2sweTN4cFJF
OWdoQVRSZGVGbzRyZHZlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
qwYIKwYBBQUHAQcBAf8EgZswgZgwgZUEAgABMIGOAwQBJZxAMAwDBAAuZrEDBAIu
ZrADBAFNUVQDBAFWaAADBAFWanIwDAMEAVkhxgMEAVkhyAMEAFkh/wMEAFkkJgME
AVkkigMEAFkojQMEAFko0QMEAVkpHAMEAVkqmAMEAF13fAMEALB+wgMEALDfoQME
ArzQ3AMEAbzRegMEAbzRfgMEAMEe/gMEBMH+MDANBgkqhkiG9w0BAQsFAAOCAQEA
S18/4GNj249xZ5Zc8QuytolVKxJzVRL8T02TybReBDntIJhjj+ED0e/B6uGtO6EZ
QL9IKqjGuiJM58u51PrrLa+DF6rEdvMl0XpCXk6CEcwEIpoqGpisGlv9FWLtlNOo
Fsfz8VFP9xYMC19UHD+Te0F2fTkRXH4V3miCvtL10/KvLuio8mvtdLad12Q+J9mC
/zsYQBgSs7Nmxos1I9vhrzV2uV7EhgyS1uPbu9ajzSj/4JgxObFIDmqx4U+W4Li0
Q9ijXqFKsezRHbPyGDjjeejigcic2lcYNG/PuLvAgwKKb4gSE1upwVyc4lfgLSUB
Lpc15eHnw4A3a9EAk5iUug==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:26 2023 by rpki-client on console-ams.rpki-client.org