Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/88pDQIskeQqH3xKCPVvEfnGxb20.roa
File: 88pDQIskeQqH3xKCPVvEfnGxb20.roa (raw, json)
Hash identifier: pgs/hPKg72ON7Evbegb0fNriyuzhLA/+qcemiIPOE7A=
Subject key identifier: F3:CA:43:40:8B:24:79:0A:87:DF:12:82:3D:5B:C4:7E:71:B1:6F:6D
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0184E1B0C5EAFB2257E16605A27E25A3F645
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/88pDQIskeQqH3xKCPVvEfnGxb20.roa
Signing time: Mon 05 Dec 2022 09:49:29 +0000
ROA not before: Mon 05 Dec 2022 09:49:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3301
IP address blocks: 194.68.127.0/24 maxlen: 24
194.103.240.0/20 maxlen: 20
192.165.229.0/24 maxlen: 24
193.182.190.0/24 maxlen: 24
194.68.72.0/22 maxlen: 22
194.68.76.0/23 maxlen: 23
194.68.79.0/24 maxlen: 24
192.36.96.0/24 maxlen: 24
194.14.245.0/24 maxlen: 24
193.180.7.0/24 maxlen: 24
192.121.40.0/24 maxlen: 24
192.121.50.0/23 maxlen: 23
192.121.52.0/24 maxlen: 24
192.176.124.0/24 maxlen: 24
194.132.188.0/23 maxlen: 23
194.132.190.0/23 maxlen: 23
193.183.230.0/23 maxlen: 23
193.183.228.0/23 maxlen: 23
193.183.236.0/23 maxlen: 23
192.165.12.0/24 maxlen: 24
192.165.31.0/24 maxlen: 24
192.121.115.0/24 maxlen: 24
192.165.173.0/24 maxlen: 24
192.121.229.0/24 maxlen: 24
192.165.180.0/24 maxlen: 24
193.182.152.0/23 maxlen: 23
193.182.152.0/24 maxlen: 24
193.182.153.0/24 maxlen: 24
193.180.176.0/24 maxlen: 24
193.180.175.0/24 maxlen: 24
193.182.107.0/24 maxlen: 24
193.182.126.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e1:b0:c5:ea:fb:22:57:e1:66:05:a2:7e:25:a3:f6:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Dec 5 09:49:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3ca43408b24790a87df12823d5bc47e71b16f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:82:ae:04:3c:28:4f:ac:69:23:0a:78:2c:c3:
53:9e:09:c0:d9:c3:54:de:d9:34:32:48:32:77:fc:
2e:51:58:03:a5:a5:ee:9d:43:14:fe:02:e2:70:2a:
40:93:1a:63:d1:19:e4:68:8b:c4:31:cc:e9:25:45:
e5:33:25:8b:4e:83:66:6e:4e:90:b8:10:be:2d:45:
66:b8:d6:cc:df:47:b1:4f:ee:11:92:6e:8a:c1:9b:
11:a7:8a:29:d3:03:ef:92:ce:da:4c:17:3b:4a:15:
6a:b7:40:99:56:0d:06:fc:72:25:f7:d3:5e:36:41:
d7:57:99:ca:1a:8b:05:0a:0f:cb:d3:d3:16:e8:61:
6c:ad:b3:f8:e3:74:93:73:28:f4:8a:85:f1:67:23:
42:b1:f3:a2:b1:ea:c8:03:d8:dd:a4:3c:26:9e:0f:
b1:1c:66:be:2e:88:69:a0:de:83:aa:a0:45:69:cf:
a2:6e:9f:b2:db:49:e6:13:49:f0:46:56:ba:34:c9:
45:de:af:9d:40:44:c2:7d:10:9a:70:77:27:43:72:
1e:1d:db:03:30:6f:e1:63:a2:26:27:cf:46:70:e1:
26:86:75:b4:4e:ec:55:78:ee:3f:a7:67:5b:de:98:
95:a8:3c:e5:bf:32:4b:f8:53:e1:f3:c7:de:85:0b:
7d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CA:43:40:8B:24:79:0A:87:DF:12:82:3D:5B:C4:7E:71:B1:6F:6D
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/88pDQIskeQqH3xKCPVvEfnGxb20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.96.0/24
192.121.40.0/24
192.121.50.0-192.121.52.255
192.121.115.0/24
192.121.229.0/24
192.165.12.0/24
192.165.31.0/24
192.165.173.0/24
192.165.180.0/24
192.165.229.0/24
192.176.124.0/24
193.180.7.0/24
193.180.175.0-193.180.176.255
193.182.107.0/24
193.182.126.0/24
193.182.152.0/23
193.182.190.0/24
193.183.228.0/22
193.183.236.0/23
194.14.245.0/24
194.68.72.0-194.68.77.255
194.68.79.0/24
194.68.127.0/24
194.103.240.0/20
194.132.188.0/22
Signature Algorithm: sha256WithRSAEncryption
54:22:31:56:2f:0e:96:12:12:db:86:31:6a:97:bc:2e:0d:c5:
ca:5f:1f:41:e4:a0:2a:9c:1e:dc:ec:75:9d:f6:12:41:28:a5:
14:1d:0a:63:16:c2:b8:f8:e9:77:1f:73:09:96:c7:cf:68:be:
6d:df:29:dc:8e:b4:a9:19:29:6b:d1:63:5c:85:5b:79:f9:b0:
37:6d:d4:98:40:70:10:8a:6f:b8:bb:39:54:85:51:c3:60:ca:
48:ff:6b:fe:66:d0:f8:f2:86:6f:94:7a:0f:a3:80:cb:3b:e5:
b5:ea:a6:af:74:47:53:2b:5a:28:66:34:03:21:ce:91:51:96:
98:e9:e4:1c:3e:9d:4e:ec:41:f2:a9:59:f8:6f:96:fa:14:2b:
c5:33:b2:59:1d:5d:0d:b2:a5:43:b4:da:9e:4d:fd:23:28:8f:
41:10:87:42:cd:d3:8c:62:a7:50:5b:e4:fd:3f:a5:2a:72:54:
80:0a:12:9e:30:63:c6:9e:57:b7:2a:f6:bf:ce:42:3a:e9:71:
90:a8:43:9a:e8:17:81:28:c3:39:0c:85:40:d5:16:7b:60:b1:
1e:b6:7d:e1:17:bc:72:eb:cb:d6:50:cf:44:a6:86:06:c5:53:
09:9e:54:9a:cf:c4:15:59:aa:ad:ec:1d:09:fa:fd:f4:21:81:
5e:ab:47:8c
-----BEGIN CERTIFICATE-----
MIIFqjCCBJKgAwIBAgISAYThsMXq+yJX4WYFon4lo/ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjIxMjA1MDk0OTI5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NhNDM0MDhiMjQ3OTBhODdkZjEyODIzZDViYzQ3ZTcxYjE2ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgYKuBDwoT6xpIwp4LMNTngnA2cNU
3tk0Mkgyd/wuUVgDpaXunUMU/gLicCpAkxpj0RnkaIvEMczpJUXlMyWLToNmbk6Q
uBC+LUVmuNbM30exT+4Rkm6KwZsRp4op0wPvks7aTBc7ShVqt0CZVg0G/HIl99Ne
NkHXV5nKGosFCg/L09MW6GFsrbP443STcyj0ioXxZyNCsfOiserIA9jdpDwmng+x
HGa+LohpoN6DqqBFac+ibp+y20nmE0nwRla6NMlF3q+dQETCfRCacHcnQ3IeHdsD
MG/hY6ImJ89GcOEmhnW0TuxVeO4/p2db3piVqDzlvzJL+FPh88fehQt9pQIDAQAB
o4ICtjCCArIwHQYDVR0OBBYEFPPKQ0CLJHkKh98Sgj1bxH5xsW9tMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvODhwRFFJc2tlUXFIM3hLQ1BWdkVmbkd4YjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHLBggrBgEFBQcBBwEB/wSBuzCBuDCBtQQCAAEwga4DBADA
JGADBADAeSgwDAMEAcB5MgMEAMB5NAMEAMB5cwMEAMB55QMEAMClDAMEAMClHwME
AMClrQMEAMCltAMEAMCl5QMEAMCwfAMEAMG0BzAMAwQAwbSvAwQAwbSwAwQAwbZr
AwQAwbZ+AwQBwbaYAwQAwba+AwQCwbfkAwQBwbfsAwQAwg71MAwDBAPCREgDBAHC
REwDBADCRE8DBADCRH8DBATCZ/ADBALChLwwDQYJKoZIhvcNAQELBQADggEBAFQi
MVYvDpYSEtuGMWqXvC4NxcpfH0HkoCqcHtzsdZ32EkEopRQdCmMWwrj46XcfcwmW
x89ovm3fKdyOtKkZKWvRY1yFW3n5sDdt1JhAcBCKb7i7OVSFUcNgykj/a/5m0Pjy
hm+Ueg+jgMs75bXqpq90R1MrWihmNAMhzpFRlpjp5Bw+nU7sQfKpWfhvlvoUK8Uz
slkdXQ2ypUO02p5N/SMoj0EQh0LN04xip1Bb5P0/pSpyVIAKEp4wY8aeV7cq9r/O
QjrpcZCoQ5roF4EowzkMhUDVFntgsR62feEXvHLry9ZQz0SmhgbFUwmeVJrPxBVZ
qq3sHQn6/fQhgV6rR4w=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org