Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/DldTnq_9_8_GIlY03LOVR8zjTwA.roa
File: DldTnq_9_8_GIlY03LOVR8zjTwA.roa (raw, json)
Hash identifier: 4yT7PMrdrPsKVGdsOJ//Y1HY9yFJc+Z87Cm0DLmZGCk=
Subject key identifier: 0E:57:53:9E:AF:FD:FF:CF:C6:22:56:34:DC:B3:95:47:CC:E3:4F:00
Certificate issuer: /CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Certificate serial: 07844ED7
Authority key identifier: BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/DldTnq_9_8_GIlY03LOVR8zjTwA.roa
Signing time: Sat 01 Jan 2022 11:59:47 +0000
ROA not before: Sat 01 Jan 2022 11:59:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48287
IP address blocks: 185.26.112.0/22 maxlen: 22
109.70.24.0/21 maxlen: 24
91.217.21.0/24 maxlen: 24
91.217.20.0/24 maxlen: 24
89.104.80.0/21 maxlen: 24
178.210.64.0/19 maxlen: 24
89.111.130.0/24 maxlen: 24
89.111.128.0/24 maxlen: 24
89.111.132.0/23 maxlen: 23
31.177.64.0/22 maxlen: 24
89.111.144.0/22 maxlen: 24
195.24.64.0/22 maxlen: 22
195.24.68.0/22 maxlen: 22
195.24.68.0/23 maxlen: 23
195.24.71.0/24 maxlen: 24
195.24.70.0/24 maxlen: 24
185.76.144.0/22 maxlen: 22
91.189.114.0/23 maxlen: 23
91.189.112.0/21 maxlen: 21
91.189.116.0/22 maxlen: 22
31.177.68.0/22 maxlen: 22
31.177.72.0/21 maxlen: 24
31.177.80.0/21 maxlen: 24
89.111.164.0/24 maxlen: 24
31.177.88.0/21 maxlen: 22
2a02:2090:e800::/48 maxlen: 48
2a02:2090:ec00::/48 maxlen: 48
2a02:2090::/48 maxlen: 48
2a02:2090:1::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 126111447 (0x7844ed7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdfad23e11cf0d24a477594eba09f99acc6f1fff
Validity
Not Before: Jan 1 11:59:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e57539eaffdffcfc6225634dcb39547cce34f00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:85:2e:12:09:23:2d:1e:a3:12:8b:8c:20:fb:
ae:aa:7a:28:9b:ca:51:0f:8a:ea:cd:f5:53:e7:a1:
05:d8:84:1a:cc:30:22:2f:0e:30:40:be:2e:9a:a1:
41:b9:ec:fa:06:00:ec:93:b2:1b:85:59:1f:15:98:
32:e6:d9:28:26:d7:5e:ee:5f:55:03:77:3c:53:3a:
5e:df:f1:c3:23:3a:c1:22:72:9e:41:b9:6a:39:51:
ad:4e:43:d4:3c:94:83:e1:a5:73:57:cc:d3:af:97:
2f:94:59:74:f8:f6:e1:83:b3:00:d2:55:cd:0d:bf:
c2:7d:51:ad:82:e6:69:a5:5a:c0:36:f0:65:70:ac:
d5:75:5f:b1:29:ac:64:5c:5f:4d:74:56:2d:61:a9:
51:56:69:9e:5e:b8:71:b3:d9:cb:55:f3:ba:65:3e:
18:06:f7:25:89:18:1d:14:86:d0:87:77:d5:1c:d8:
8c:80:22:7e:94:50:25:f8:86:10:aa:b4:68:44:ba:
b1:86:1d:45:e8:fc:eb:53:c4:97:6f:bd:b7:1d:31:
d2:94:b5:e8:1d:82:aa:bc:c8:e5:99:34:c1:39:86:
e1:d2:73:18:55:25:5b:ca:85:6d:6a:76:0e:47:a5:
8a:fe:46:61:e7:43:e1:b8:94:d0:e8:fb:fa:64:19:
f7:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:57:53:9E:AF:FD:FF:CF:C6:22:56:34:DC:B3:95:47:CC:E3:4F:00
X509v3 Authority Key Identifier:
keyid:BD:FA:D2:3E:11:CF:0D:24:A4:77:59:4E:BA:09:F9:9A:CC:6F:1F:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vfrSPhHPDSSkd1lOugn5msxvH_8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/DldTnq_9_8_GIlY03LOVR8zjTwA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/e25239-6ab0-4919-a76a-4f4e71e32084/1/vfrSPhHPDSSkd1lOugn5msxvH_8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.177.64.0/19
89.104.80.0/21
89.111.128.0/24
89.111.130.0/24
89.111.132.0/23
89.111.144.0/22
89.111.164.0/24
91.189.112.0/21
91.217.20.0/23
109.70.24.0/21
178.210.64.0/19
185.26.112.0/22
185.76.144.0/22
195.24.64.0/21
IPv6:
2a02:2090::/47
2a02:2090:e800::/48
2a02:2090:ec00::/48
Signature Algorithm: sha256WithRSAEncryption
15:5d:02:51:58:43:06:5f:d5:62:db:df:da:da:fd:94:96:e0:
46:de:e4:69:90:d1:4c:2c:03:a8:fd:96:59:5f:97:c8:b6:e8:
14:05:27:10:a0:72:f7:07:bf:66:81:16:88:56:ad:3b:8d:e8:
89:de:8b:a1:a3:8d:35:f6:87:2a:96:e1:46:fb:8c:b1:78:d8:
b5:da:31:41:d8:dd:11:ba:3c:af:27:94:0f:13:d4:7b:76:bc:
32:bc:73:f1:ce:ac:7f:c5:9e:ce:8f:41:1e:09:95:cd:0e:bf:
53:53:aa:ec:66:00:63:64:b8:c1:91:bb:46:a2:df:84:0f:f5:
53:d2:98:d9:20:97:f2:7d:dc:59:36:16:58:3e:98:0f:37:0c:
4c:a0:5e:27:04:ce:59:3e:46:d3:36:80:60:b0:66:65:78:a6:
64:b7:89:88:21:e4:29:c3:e7:61:48:9d:f2:9f:73:3e:c2:6e:
07:83:fa:95:0c:29:90:ac:0c:45:85:cf:d0:66:6a:05:61:11:
8c:bf:7d:bf:db:eb:33:56:7a:a8:ee:a2:5e:8c:a3:af:cc:ca:
5e:86:48:5d:06:78:d9:05:ad:c4:d4:68:97:42:31:54:65:0a:
b3:49:99:95:09:0c:74:92:1e:30:69:8c:f0:f9:08:f2:6c:80:
1b:20:2f:b3
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgIEB4RO1zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZGZhZDIzZTExY2YwZDI0YTQ3NzU5NGViYTA5Zjk5YWNjNmYxZmZmMB4XDTIyMDEw
MTExNTk0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGU1NzUzOWVhZmZk
ZmZjZmM2MjI1NjM0ZGNiMzk1NDdjY2UzNGYwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIeFLhIJIy0eoxKLjCD7rqp6KJvKUQ+K6s31U+ehBdiEGsww
Ii8OMEC+LpqhQbns+gYA7JOyG4VZHxWYMubZKCbXXu5fVQN3PFM6Xt/xwyM6wSJy
nkG5ajlRrU5D1DyUg+Glc1fM06+XL5RZdPj24YOzANJVzQ2/wn1RrYLmaaVawDbw
ZXCs1XVfsSmsZFxfTXRWLWGpUVZpnl64cbPZy1XzumU+GAb3JYkYHRSG0Id31RzY
jIAifpRQJfiGEKq0aES6sYYdRej861PEl2+9tx0x0pS16B2CqrzI5Zk0wTmG4dJz
GFUlW8qFbWp2Dkeliv5GYedD4biU0Oj7+mQZ94kCAwEAAaOCAnwwggJ4MB0GA1Ud
DgQWBBQOV1Oer/3/z8YiVjTcs5VHzONPADAfBgNVHSMEGDAWgBS9+tI+Ec8NJKR3
WU66CfmazG8f/zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZmclNQaEhQRFNTa2QxbE91Z241bXN4dkhfOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDMvZTI1MjM5LTZhYjAtNDkxOS1hNzZhLTRmNGU3MWUzMjA4NC8x
L0RsZFRucV85XzhfR0lsWTAzTE9WUjh6alR3QS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDMv
ZTI1MjM5LTZhYjAtNDkxOS1hNzZhLTRmNGU3MWUzMjA4NC8xL3ZmclNQaEhQRFNT
a2QxbE91Z241bXN4dkhfOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
kQYIKwYBBQUHAQcBAf8EgYEwfzBaBAIAATBUAwQFH7FAAwQDWWhQAwQAWW+AAwQA
WW+CAwQBWW+EAwQCWW+QAwQAWW+kAwQDW71wAwQBW9kUAwQDbUYYAwQFstJAAwQC
uRpwAwQCuUyQAwQDwxhAMCEEAgACMBsDBwEqAiCQAAADBwAqAiCQ6AADBwAqAiCQ
7AAwDQYJKoZIhvcNAQELBQADggEBABVdAlFYQwZf1WLb39ra/ZSW4Ebe5GmQ0Uws
A6j9lllfl8i26BQFJxCgcvcHv2aBFohWrTuN6Inei6GjjTX2hyqW4Ub7jLF42LXa
MUHY3RG6PK8nlA8T1Ht2vDK8c/HOrH/Fns6PQR4Jlc0Ov1NTquxmAGNkuMGRu0ai
34QP9VPSmNkgl/J93Fk2Flg+mA83DEygXicEzlk+RtM2gGCwZmV4pmS3iYgh5CnD
52FInfKfcz7CbgeD+pUMKZCsDEWFz9BmagVhEYy/fb/b6zNWeqjuol6Mo6/Myl6G
SF0GeNkFrcTUaJdCMVRlCrNJmZUJDHSSHjBpjPD5CPJsgBsgL7M=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:23 2023 by rpki-client on console-ams.rpki-client.org