Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/PS9RtwsxQT-sPPx4mBZ0BYjnWH0.roa
File: PS9RtwsxQT-sPPx4mBZ0BYjnWH0.roa (raw, json)
Hash identifier: rvUEfj4gJJRgyoY5plWabvl0CWvPGQoJo8w4hMGxHpE=
Subject key identifier: 3D:2F:51:B7:0B:31:41:3F:AC:3C:FC:78:98:16:74:05:88:E7:58:7D
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 0183A91D4E9A552EA68569B24228ACC11000
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/PS9RtwsxQT-sPPx4mBZ0BYjnWH0.roa
Signing time: Wed 05 Oct 2022 17:06:53 +0000
ROA not before: Wed 05 Oct 2022 17:06:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203120
IP address blocks: 89.37.96.0/24 maxlen: 24
89.33.254.0/24 maxlen: 24
188.172.176.0/20 maxlen: 20
188.209.120.0/23 maxlen: 23
89.34.102.0/24 maxlen: 24
93.115.59.0/24 maxlen: 24
93.119.120.0/23 maxlen: 23
86.106.10.0/24 maxlen: 24
46.102.180.0/24 maxlen: 24
86.105.176.0/24 maxlen: 24
89.37.130.0/23 maxlen: 23
89.41.190.0/23 maxlen: 23
86.105.6.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:a9:1d:4e:9a:55:2e:a6:85:69:b2:42:28:ac:c1:10:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Oct 5 17:06:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=3d2f51b70b31413fac3cfc789816740588e7587d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:cb:bc:b7:6b:8f:34:d4:2b:af:82:cd:e1:5e:
8a:cc:48:10:6d:34:d7:08:92:c4:b2:9b:a1:dc:b8:
1f:aa:31:ef:1f:14:46:d5:4d:a9:76:c1:4a:01:ab:
9d:dc:7a:b4:a8:4e:b7:b1:e4:f6:d0:df:77:fc:a4:
ca:f2:6b:cd:13:d5:9c:f6:ca:5f:f3:2e:f5:4a:56:
e4:96:70:96:6e:0a:ba:35:c8:94:23:27:9c:18:a1:
5c:03:09:31:b6:42:7d:d7:26:06:e6:3f:bc:ba:a0:
4c:84:49:4f:03:22:17:32:98:10:32:7c:3c:b8:56:
61:c1:79:30:80:e9:58:b6:45:36:c9:bf:32:41:4a:
33:74:b7:64:ba:87:88:7b:e9:ed:89:c5:5d:2d:40:
76:49:ce:75:47:99:1f:77:25:87:1e:62:7f:da:88:
0f:93:60:27:73:02:9b:b2:d0:4e:fc:6d:0d:bf:85:
86:12:db:89:18:f4:b4:9f:b8:7f:fe:8f:0d:6a:9a:
f1:6b:50:f6:2b:24:69:33:80:70:9c:06:77:2a:04:
5b:18:40:72:fc:0a:16:a5:5f:ea:3c:f4:28:a1:4a:
ea:28:fa:90:52:79:26:79:7a:54:29:7f:1e:5b:f8:
35:2f:e7:5a:bd:e6:39:ef:48:67:d4:25:9b:8a:88:
1d:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2F:51:B7:0B:31:41:3F:AC:3C:FC:78:98:16:74:05:88:E7:58:7D
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/PS9RtwsxQT-sPPx4mBZ0BYjnWH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.180.0/24
86.105.6.0/24
86.105.176.0/24
86.106.10.0/24
89.33.254.0/24
89.34.102.0/24
89.37.96.0/24
89.37.130.0/23
89.41.190.0/23
93.115.59.0/24
93.119.120.0/23
188.172.176.0/20
188.209.120.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:40:3c:42:02:49:0d:81:5b:70:b3:c2:a6:c8:dd:92:60:d8:
59:4b:a3:4f:69:c5:3c:62:00:87:40:f7:c9:3c:e2:57:14:8c:
75:aa:ab:d1:ab:cd:bb:79:14:e3:c0:ee:87:2a:bf:7b:35:2a:
0e:4a:30:99:51:5f:0b:08:c5:b4:f0:23:54:25:2d:d9:f0:97:
44:22:b2:a4:25:85:9a:41:f9:b7:86:d2:e8:05:ad:b4:80:79:
0d:5a:95:01:2a:fd:e3:11:bf:b7:af:82:e7:29:c3:cc:e2:5b:
59:8a:89:aa:8f:36:2f:51:ba:91:30:07:ff:b3:b4:5d:ab:0c:
0b:af:c7:90:9e:05:18:b3:a9:2c:f2:ff:49:47:35:b3:d8:11:
d0:33:ad:1a:9e:4d:18:c5:7f:a7:9a:55:49:66:c0:df:3e:7e:
4d:46:dc:17:38:0a:f2:71:7e:57:42:2c:61:61:0d:76:11:52:
14:7d:e3:05:63:b0:7b:03:56:16:c7:d6:5e:b6:de:82:43:15:
bb:26:ea:7f:47:38:5e:02:fc:1e:e6:12:84:4f:69:a9:1d:7d:
29:94:b7:c5:24:f5:a3:52:92:50:2a:2f:08:2b:ba:52:77:56:
08:72:88:59:20:43:1e:21:45:fd:7d:9d:fa:79:a6:b0:36:7a:
cd:13:83:97
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYOpHU6aVS6mhWmyQiiswRAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjIxMDA1MTcwNjUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDJmNTFiNzBiMzE0MTNmYWMzY2ZjNzg5ODE2NzQwNTg4ZTc1ODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsu8t2uPNNQrr4LN4V6KzEgQbTTX
CJLEspuh3LgfqjHvHxRG1U2pdsFKAaud3Hq0qE63seT20N93/KTK8mvNE9Wc9spf
8y71SlbklnCWbgq6NciUIyecGKFcAwkxtkJ91yYG5j+8uqBMhElPAyIXMpgQMnw8
uFZhwXkwgOlYtkU2yb8yQUozdLdkuoeIe+nticVdLUB2Sc51R5kfdyWHHmJ/2ogP
k2AncwKbstBO/G0Nv4WGEtuJGPS0n7h//o8Naprxa1D2KyRpM4BwnAZ3KgRbGEBy
/AoWpV/qPPQooUrqKPqQUnkmeXpUKX8eW/g1L+daveY570hn1CWbiogd6QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFD0vUbcLMUE/rDz8eJgWdAWI51h9MB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvUFM5UnR3c3hRVC1zUFB4NG1CWjBCWWpuV0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALma0AwQA
VmkGAwQAVmmwAwQAVmoKAwQAWSH+AwQAWSJmAwQAWSVgAwQBWSWCAwQBWSm+AwQA
XXM7AwQBXXd4AwQEvKywAwQBvNF4MA0GCSqGSIb3DQEBCwUAA4IBAQCeQDxCAkkN
gVtws8KmyN2SYNhZS6NPacU8YgCHQPfJPOJXFIx1qqvRq827eRTjwO6HKr97NSoO
SjCZUV8LCMW08CNUJS3Z8JdEIrKkJYWaQfm3htLoBa20gHkNWpUBKv3jEb+3r4Ln
KcPM4ltZiomqjzYvUbqRMAf/s7RdqwwLr8eQngUYs6ks8v9JRzWz2BHQM60ank0Y
xX+nmlVJZsDfPn5NRtwXOArycX5XQixhYQ12EVIUfeMFY7B7A1YWx9Zett6CQxW7
Jup/RzheAvwe5hKET2mpHX0plLfFJPWjUpJQKi8IK7pSd1YIcohZIEMeIUX9fZ36
eaawNnrNE4OX
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:34 2023 by rpki-client on console-fra.rpki-client.org