Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/AT0KX9go2r9VjK-8o9pWSQBswW8.roa
File: AT0KX9go2r9VjK-8o9pWSQBswW8.roa (raw, json)
Hash identifier: XsyJ3GEJy4tLjPvmgamGjnRtGmEHF8jLobRZ+PAwycI=
Subject key identifier: 01:3D:0A:5F:D8:28:DA:BF:55:8C:AF:BC:A3:DA:56:49:00:6C:C1:6F
Certificate issuer: /CN=292d120970515846360ea223e9a0e6a3c3896934
Certificate serial: 2365E080
Authority key identifier: 29:2D:12:09:70:51:58:46:36:0E:A2:23:E9:A0:E6:A3:C3:89:69:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/AT0KX9go2r9VjK-8o9pWSQBswW8.roa
Signing time: Sat 01 Jan 2022 16:10:51 +0000
ROA not before: Sat 01 Jan 2022 16:10:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56550
IP address blocks: 89.34.161.0/24 maxlen: 24
89.33.133.0/24 maxlen: 24
89.36.228.0/24 maxlen: 24
86.105.177.0/24 maxlen: 24
95.142.208.0/21 maxlen: 21
185.8.24.0/22 maxlen: 22
93.117.152.0/23 maxlen: 23
93.117.172.0/23 maxlen: 23
185.163.172.0/22 maxlen: 22
31.177.40.0/21 maxlen: 21
89.42.25.0/24 maxlen: 24
46.102.188.0/23 maxlen: 23
109.230.212.0/24 maxlen: 24
31.14.28.0/24 maxlen: 24
89.32.168.0/23 maxlen: 23
94.177.127.0/24 maxlen: 24
85.204.119.0/24 maxlen: 24
89.32.186.0/23 maxlen: 23
93.115.62.0/23 maxlen: 23
31.214.153.0/24 maxlen: 24
188.241.154.0/24 maxlen: 24
85.204.147.0/24 maxlen: 24
128.0.123.0/24 maxlen: 24
128.0.122.0/23 maxlen: 23
128.0.124.0/22 maxlen: 22
185.157.52.0/22 maxlen: 22
2a03:1140::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 593879168 (0x2365e080)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=292d120970515846360ea223e9a0e6a3c3896934
Validity
Not Before: Jan 1 16:10:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=013d0a5fd828dabf558cafbca3da5649006cc16f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:51:27:cf:8d:71:11:7c:c2:05:2c:37:50:d3:
d7:dc:42:65:51:f0:94:68:82:0c:f8:1f:df:f4:19:
fd:b2:12:d4:de:50:6c:86:83:ca:a8:4d:62:3f:7d:
b4:bd:cb:ac:8f:2b:66:92:ad:b0:bf:a6:12:d9:13:
22:b6:7f:1b:96:19:c4:c6:89:0d:87:f1:79:08:14:
c3:3a:6a:bd:e2:8e:82:bc:95:08:f8:53:d3:5f:78:
6a:a2:95:0f:92:c4:66:0b:21:18:c3:05:f3:44:aa:
29:50:4d:98:85:2a:3c:08:44:9b:40:82:51:b2:50:
d0:4a:97:ac:a8:bd:80:08:83:5b:b2:83:68:b2:4b:
4a:42:8d:b8:af:bd:b2:b9:f7:eb:2d:17:ef:31:86:
2d:fa:7a:fa:d0:8f:c3:e4:29:67:92:90:ff:dd:f9:
ad:d7:de:a3:49:da:b5:aa:3f:c0:5f:94:fb:88:77:
f5:c5:a5:a4:db:42:59:b2:a6:19:71:60:63:a4:ef:
32:c7:86:68:a4:d6:95:13:bd:70:de:d3:72:90:99:
56:ed:6d:93:44:ba:b1:80:63:70:44:67:b2:ab:e2:
7c:6a:6e:bb:ef:05:eb:7f:d3:b9:ab:3e:4d:52:97:
46:45:91:bf:7e:77:ec:65:7d:3a:81:a0:ea:9c:67:
80:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:3D:0A:5F:D8:28:DA:BF:55:8C:AF:BC:A3:DA:56:49:00:6C:C1:6F
X509v3 Authority Key Identifier:
keyid:29:2D:12:09:70:51:58:46:36:0E:A2:23:E9:A0:E6:A3:C3:89:69:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/AT0KX9go2r9VjK-8o9pWSQBswW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/de9139-a9d0-493a-9260-ed0f256a5fe3/1/KS0SCXBRWEY2DqIj6aDmo8OJaTQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.28.0/24
31.177.40.0/21
31.214.153.0/24
46.102.188.0/23
85.204.119.0/24
85.204.147.0/24
86.105.177.0/24
89.32.168.0/23
89.32.186.0/23
89.33.133.0/24
89.34.161.0/24
89.36.228.0/24
89.42.25.0/24
93.115.62.0/23
93.117.152.0/23
93.117.172.0/23
94.177.127.0/24
95.142.208.0/21
109.230.212.0/24
128.0.122.0-128.0.127.255
185.8.24.0/22
185.157.52.0/22
185.163.172.0/22
188.241.154.0/24
IPv6:
2a03:1140::/32
Signature Algorithm: sha256WithRSAEncryption
97:0a:6a:3f:95:36:73:45:76:e6:92:ca:3c:a7:b3:2a:d3:12:
58:6b:55:b9:51:96:18:2f:5b:cb:1f:cc:dc:a5:5e:6b:1e:a9:
ec:66:a6:c4:ba:38:e7:3b:ec:a0:00:e8:e7:44:2e:93:1b:c7:
f2:5e:e4:5a:56:df:32:24:f8:8c:25:e3:22:5b:93:d5:f8:8c:
95:eb:7b:ff:94:6e:17:3c:1b:bf:9f:15:00:d2:0b:99:05:b1:
99:e1:54:7a:06:82:41:00:2e:93:55:1d:71:3d:7b:3c:d0:5b:
80:71:02:0b:26:79:f9:23:ce:f8:b4:c7:cd:92:ce:f0:c7:60:
5a:40:c7:8a:1f:c5:e7:f1:86:38:b8:64:21:9e:7c:60:6c:97:
2e:46:e5:bd:d8:12:ef:7e:e9:e9:6c:bc:93:19:9c:50:56:a9:
8a:92:91:be:be:1c:14:b6:8c:4c:e6:09:8a:88:8c:e8:e8:5d:
f5:09:33:40:7a:ea:c1:5b:8f:05:62:ae:54:28:ea:48:40:7b:
ef:58:88:e4:cf:e5:dc:c6:dd:79:87:ff:98:fd:d2:15:51:05:
4f:3f:03:9c:5b:10:6a:4a:4f:09:f1:d0:6d:1f:0f:20:30:66:
4a:eb:5c:e0:19:e8:11:01:0f:e6:89:b0:58:fb:6b:56:5a:f3:
99:6a:68:c1
-----BEGIN CERTIFICATE-----
MIIFlTCCBH2gAwIBAgIEI2XggDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
OTJkMTIwOTcwNTE1ODQ2MzYwZWEyMjNlOWEwZTZhM2MzODk2OTM0MB4XDTIyMDEw
MTE2MTA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDEzZDBhNWZkODI4
ZGFiZjU1OGNhZmJjYTNkYTU2NDkwMDZjYzE2ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANZRJ8+NcRF8wgUsN1DT19xCZVHwlGiCDPgf3/QZ/bIS1N5Q
bIaDyqhNYj99tL3LrI8rZpKtsL+mEtkTIrZ/G5YZxMaJDYfxeQgUwzpqveKOgryV
CPhT0194aqKVD5LEZgshGMMF80SqKVBNmIUqPAhEm0CCUbJQ0EqXrKi9gAiDW7KD
aLJLSkKNuK+9srn36y0X7zGGLfp6+tCPw+QpZ5KQ/935rdfeo0natao/wF+U+4h3
9cWlpNtCWbKmGXFgY6TvMseGaKTWlRO9cN7TcpCZVu1tk0S6sYBjcERnsqvifGpu
u+8F63/Tuas+TVKXRkWRv3537GV9OoGg6pxngO8CAwEAAaOCAq8wggKrMB0GA1Ud
DgQWBBQBPQpf2Cjav1WMr7yj2lZJAGzBbzAfBgNVHSMEGDAWgBQpLRIJcFFYRjYO
oiPpoOajw4lpNDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0tTMFNDWEJSV0VZMkRxSWo2YURtbzhPSmFUUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2UvZGU5MTM5LWE5ZDAtNDkzYS05MjYwLWVkMGYyNTZhNWZlMy8x
L0FUMEtYOWdvMnI5VmpLLThvOXBXU1FCc3dXOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Uv
ZGU5MTM5LWE5ZDAtNDkzYS05MjYwLWVkMGYyNTZhNWZlMy8xL0tTMFNDWEJSV0VZ
MkRxSWo2YURtbzhPSmFUUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
xAYIKwYBBQUHAQcBAf8EgbQwgbEwgZ8EAgABMIGYAwQAHw4cAwQDH7EoAwQAH9aZ
AwQBLma8AwQAVcx3AwQAVcyTAwQAVmmxAwQBWSCoAwQBWSC6AwQAWSGFAwQAWSKh
AwQAWSTkAwQAWSoZAwQBXXM+AwQBXXWYAwQBXXWsAwQAXrF/AwQDX47QAwQAbebU
MAwDBAGAAHoDBAeAAAADBAK5CBgDBAK5nTQDBAK5o6wDBAC88ZowDQQCAAIwBwMF
ACoDEUAwDQYJKoZIhvcNAQELBQADggEBAJcKaj+VNnNFduaSyjynsyrTElhrVblR
lhgvW8sfzNylXmseqexmpsS6OOc77KAA6OdELpMbx/Je5FpW3zIk+Iwl4yJbk9X4
jJXre/+Ubhc8G7+fFQDSC5kFsZnhVHoGgkEALpNVHXE9ezzQW4BxAgsmefkjzvi0
x82SzvDHYFpAx4ofxefxhji4ZCGefGBsly5G5b3YEu9+6elsvJMZnFBWqYqSkb6+
HBS2jEzmCYqIjOjoXfUJM0B66sFbjwVirlQo6khAe+9YiOTP5dzG3XmH/5j90hVR
BU8/A5xbEGpKTwnx0G0fDyAwZkrrXOAZ6BEBD+aJsFj7a1Za85lqaME=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:02 2023 by rpki-client on console-ams.rpki-client.org