Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/D4IquC7X4wo99ia-SdTxcw-kXhY.roa
File: D4IquC7X4wo99ia-SdTxcw-kXhY.roa (raw, json)
Hash identifier: nuIzokAZqSGf4V3F1OcQoKIZmsFJVgZoRzFUn/TwQq0=
Subject key identifier: 0F:82:2A:B8:2E:D7:E3:0A:3D:F6:26:BE:49:D4:F1:73:0F:A4:5E:16
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0183EC27C1FCF7A5C93203A69BF17E1A16A7
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/D4IquC7X4wo99ia-SdTxcw-kXhY.roa
Signing time: Tue 18 Oct 2022 17:32:52 +0000
ROA not before: Tue 18 Oct 2022 17:32:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61971
IP address blocks: 93.119.104.0/24 maxlen: 24
93.119.107.0/24 maxlen: 24
188.240.210.0/24 maxlen: 24
188.240.221.0/24 maxlen: 24
89.33.192.0/22 maxlen: 22
89.33.192.0/24 maxlen: 24
89.33.193.0/24 maxlen: 24
89.33.194.0/24 maxlen: 24
89.33.195.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:ec:27:c1:fc:f7:a5:c9:32:03:a6:9b:f1:7e:1a:16:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Oct 18 17:32:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0f822ab82ed7e30a3df626be49d4f1730fa45e16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:6d:b3:2a:f5:b8:09:b9:a5:b7:78:46:d3:ab:
65:5f:5c:02:20:77:8f:8e:1f:a2:42:1a:3b:95:81:
2c:70:3e:02:50:98:26:39:b2:0c:6b:0e:30:d4:0c:
46:31:22:a5:8a:1e:81:6c:f5:ed:bd:36:2e:36:72:
01:7d:f2:89:dd:eb:77:8b:4d:ba:41:ed:2d:31:8b:
cb:b8:68:7c:e6:a0:46:df:3f:6f:19:a5:1d:64:91:
70:9c:13:ed:a6:ad:3b:df:20:08:68:eb:bd:3f:51:
9b:69:47:7f:75:cc:16:30:80:5e:12:48:12:2b:99:
17:8d:45:4a:9f:3f:ea:f6:5d:b2:8b:3f:63:2d:e8:
c2:ac:8e:20:16:d6:1c:41:d7:76:18:89:7d:ad:03:
a1:f4:90:37:5f:7d:07:6f:d5:20:21:b0:95:4a:f9:
36:0a:20:b6:bb:3f:02:52:a2:db:74:1f:d7:63:0d:
cc:cf:2b:c6:9c:22:a0:26:d2:6b:a7:b1:17:0c:05:
1e:b9:68:22:27:e3:06:72:35:46:72:15:cb:2d:fc:
71:fb:cb:51:72:dd:04:95:cd:00:31:c6:b8:57:ff:
b7:00:bf:41:16:21:5a:29:56:46:7a:03:2c:1d:89:
fa:c9:d7:20:a2:d5:eb:88:74:8a:63:fd:a3:c7:41:
14:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:82:2A:B8:2E:D7:E3:0A:3D:F6:26:BE:49:D4:F1:73:0F:A4:5E:16
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/D4IquC7X4wo99ia-SdTxcw-kXhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.192.0/22
93.119.104.0/24
93.119.107.0/24
188.240.210.0/24
188.240.221.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:17:03:a5:f9:ad:35:34:d0:38:c7:da:52:59:0f:08:f4:b3:
01:f1:62:58:53:68:a9:63:fc:7d:93:9b:f7:0d:03:2a:bb:f4:
bb:0e:5a:58:ce:8d:cf:aa:74:99:8d:42:b2:0d:34:9c:2a:b4:
20:80:32:05:a6:8d:88:6b:29:9e:99:ed:8b:88:ac:9b:ea:4d:
e9:45:82:4d:3f:ab:6c:8d:88:49:6c:70:df:79:16:5b:40:bb:
ea:1d:57:c3:f0:67:ce:07:7e:98:e1:10:21:36:87:a6:af:56:
7f:51:09:ec:67:3c:e4:56:ba:6c:76:c9:73:0b:c0:34:bf:03:
5a:50:2a:76:96:cb:1b:a2:ef:62:45:a7:dc:9d:cc:aa:4c:58:
5d:96:a9:1b:03:80:47:28:1f:a9:f1:ee:c1:8e:8c:33:0d:c3:
22:82:30:54:70:89:4e:4c:a2:97:d5:e0:2b:cb:de:24:75:98:
77:11:cf:eb:f7:89:1c:a8:82:98:ce:80:8f:1f:9b:1a:be:c2:
40:c1:3b:55:e7:d7:65:8a:36:69:3e:0e:6d:b9:00:e4:3c:f2:
75:72:e3:82:35:42:7e:1a:cc:17:30:96:e4:6c:a4:89:6b:60:
1d:ac:cf:19:f9:b0:8e:84:08:7b:06:3f:e3:63:d8:41:31:0a:
e9:20:00:0c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYPsJ8H896XJMgOmm/F+GhanMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjIxMDE4MTczMjUyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjgyMmFiODJlZDdlMzBhM2RmNjI2YmU0OWQ0ZjE3MzBmYTQ1ZTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjm2zKvW4Cbmlt3hG06tlX1wCIHeP
jh+iQho7lYEscD4CUJgmObIMaw4w1AxGMSKlih6BbPXtvTYuNnIBffKJ3et3i026
Qe0tMYvLuGh85qBG3z9vGaUdZJFwnBPtpq073yAIaOu9P1GbaUd/dcwWMIBeEkgS
K5kXjUVKnz/q9l2yiz9jLejCrI4gFtYcQdd2GIl9rQOh9JA3X30Hb9UgIbCVSvk2
CiC2uz8CUqLbdB/XYw3MzyvGnCKgJtJrp7EXDAUeuWgiJ+MGcjVGchXLLfxx+8tR
ct0Elc0AMca4V/+3AL9BFiFaKVZGegMsHYn6ydcgotXriHSKY/2jx0EUkwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFA+CKrgu1+MKPfYmvknU8XMPpF4WMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvRDRJcXVDN1g0d285OWlhLVNkVHhjdy1rWGhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCWSHAAwQA
XXdoAwQAXXdrAwQAvPDSAwQAvPDdMA0GCSqGSIb3DQEBCwUAA4IBAQBuFwOl+a01
NNA4x9pSWQ8I9LMB8WJYU2ipY/x9k5v3DQMqu/S7DlpYzo3PqnSZjUKyDTScKrQg
gDIFpo2Iaymeme2LiKyb6k3pRYJNP6tsjYhJbHDfeRZbQLvqHVfD8GfOB36Y4RAh
Noemr1Z/UQnsZzzkVrpsdslzC8A0vwNaUCp2lssbou9iRafcncyqTFhdlqkbA4BH
KB+p8e7BjowzDcMigjBUcIlOTKKX1eAry94kdZh3Ec/r94kcqIKYzoCPH5savsJA
wTtV59dlijZpPg5tuQDkPPJ1cuOCNUJ+GswXMJbkbKSJa2AdrM8Z+bCOhAh7Bj/j
Y9hBMQrpIAAM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:56 2023 by rpki-client on console-ams.rpki-client.org