Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/88625w5bovsq9q_TvzU7WwqJU7E.roa
File: 88625w5bovsq9q_TvzU7WwqJU7E.roa (raw, json)
Hash identifier: 5+V2yJ3m3kutKLb1m+Y006HzJCCT79cyiP6aSc5LPtY=
Subject key identifier: F3:CE:B6:E7:0E:5B:A2:FB:2A:F6:AF:D3:BF:35:3B:5B:0A:89:53:B1
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 0183D682C11398773793238E0AB2C38207C8
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/88625w5bovsq9q_TvzU7WwqJU7E.roa
Signing time: Fri 14 Oct 2022 12:40:36 +0000
ROA not before: Fri 14 Oct 2022 12:40:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42864
IP address blocks: 88.209.227.0/24 maxlen: 24
178.210.224.0/21 maxlen: 21
83.137.159.0/24 maxlen: 24
193.138.125.0/24 maxlen: 24
178.248.200.0/21 maxlen: 21
45.9.171.0/24 maxlen: 24
45.9.170.0/24 maxlen: 24
45.9.169.0/24 maxlen: 24
178.210.236.0/24 maxlen: 24
77.242.144.0/20 maxlen: 20
88.209.192.0/21 maxlen: 24
88.209.208.0/20 maxlen: 24
88.209.226.0/24 maxlen: 24
88.209.225.0/24 maxlen: 24
88.209.224.0/24 maxlen: 24
92.52.219.0/24 maxlen: 24
45.14.10.0/24 maxlen: 24
45.14.8.0/24 maxlen: 24
92.52.212.0/22 maxlen: 24
92.52.210.0/23 maxlen: 23
92.52.209.0/24 maxlen: 24
92.52.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d6:82:c1:13:98:77:37:93:23:8e:0a:b2:c3:82:07:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Oct 14 12:40:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=f3ceb6e70e5ba2fb2af6afd3bf353b5b0a8953b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ad:df:7f:0d:54:e0:e9:d3:a5:85:92:65:76:
f4:64:d4:3e:b1:96:2f:23:8e:61:4f:fc:97:86:28:
fe:7e:4b:f5:67:53:cf:fe:b9:4d:c4:79:12:96:36:
ea:54:a3:0e:8d:8a:03:de:0f:ea:3d:25:2d:b4:79:
8d:17:4b:37:26:cf:8c:8b:c1:15:fb:33:d2:a9:d7:
2e:a0:3a:f9:83:00:83:4e:f1:ed:8f:2b:9c:2b:dc:
91:92:6f:80:ed:f7:3e:3e:2a:32:8a:a7:65:f9:94:
73:68:2d:1c:0d:f6:79:fd:c2:02:77:af:1f:6f:b5:
6f:1a:42:9b:74:19:b1:ad:2b:1d:e0:2f:04:02:8c:
bd:85:21:b3:f8:95:9b:74:d2:c6:6b:b1:77:e6:d8:
29:63:1b:1c:2e:38:98:21:e2:10:22:d2:12:83:1c:
29:3b:68:c8:6a:b9:1e:eb:dc:84:21:80:77:28:01:
e3:e4:fd:a8:3f:ff:98:ba:a0:1a:c5:e0:8d:f7:48:
2b:a1:ec:e2:d2:7d:d5:61:e7:36:bb:5a:71:41:bb:
49:a5:81:04:7d:8e:63:e1:eb:c2:a5:99:00:9f:59:
28:f1:24:3e:1d:75:8b:2d:79:e9:96:c4:0e:a5:5f:
8a:23:06:fb:ee:79:bd:d5:8d:4f:c2:05:a3:e1:cf:
9f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CE:B6:E7:0E:5B:A2:FB:2A:F6:AF:D3:BF:35:3B:5B:0A:89:53:B1
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/88625w5bovsq9q_TvzU7WwqJU7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.169.0-45.9.171.255
45.14.8.0/24
45.14.10.0/24
77.242.144.0/20
83.137.159.0/24
88.209.192.0/21
88.209.208.0-88.209.227.255
92.52.208.0/21
92.52.219.0/24
178.210.224.0/21
178.210.236.0/24
178.248.200.0/21
193.138.125.0/24
Signature Algorithm: sha256WithRSAEncryption
82:c6:99:c4:4a:da:55:06:d9:7a:fa:91:64:15:09:2d:ce:81:
04:c3:a4:4c:0b:ef:2f:49:f8:36:32:f7:ce:90:cb:35:85:c4:
fc:89:f5:17:fd:7c:ef:5f:7b:48:f0:0d:ef:86:8f:c7:16:ae:
8d:21:0c:46:1d:23:51:26:7f:71:f9:a2:48:11:e1:6c:fd:0c:
d6:08:52:35:b7:4b:93:bc:44:08:e2:37:71:37:d2:50:8e:23:
e2:95:0b:be:6f:aa:ee:70:52:2b:e0:86:a1:3b:24:fd:56:82:
ff:a9:5f:9d:78:52:f0:21:49:d2:9a:fa:27:24:2e:d6:fc:9a:
23:cc:0b:6a:ba:f1:76:11:7f:af:fb:65:9a:56:fb:5f:1d:7f:
48:79:d3:45:a3:a6:49:c0:7a:b2:fc:33:1f:c0:51:0b:dd:0a:
33:cd:b4:8e:49:f5:be:cb:1f:c9:76:a9:8a:a9:d3:3d:79:35:
d1:f0:24:db:d9:82:dd:e3:a8:2d:75:58:e1:ab:0b:31:2a:00:
a8:0a:65:58:30:43:94:5a:4b:bf:b3:2e:ce:8d:eb:b6:28:50:
64:db:ce:b9:45:ef:0e:4f:99:e8:a4:cf:42:95:72:ae:cf:ab:
f2:40:a9:77:a4:5f:71:70:05:e9:47:88:7b:90:8c:12:3b:98:
fc:96:76:62
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAYPWgsETmHc3kyOOCrLDggfIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIxMDE0MTI0MDM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2NlYjZlNzBlNWJhMmZiMmFmNmFmZDNiZjM1M2I1YjBhODk1M2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgK3ffw1U4OnTpYWSZXb0ZNQ+sZYv
I45hT/yXhij+fkv1Z1PP/rlNxHkSljbqVKMOjYoD3g/qPSUttHmNF0s3Js+Mi8EV
+zPSqdcuoDr5gwCDTvHtjyucK9yRkm+A7fc+Pioyiqdl+ZRzaC0cDfZ5/cICd68f
b7VvGkKbdBmxrSsd4C8EAoy9hSGz+JWbdNLGa7F35tgpYxscLjiYIeIQItISgxwp
O2jIarke69yEIYB3KAHj5P2oP/+YuqAaxeCN90groezi0n3VYec2u1pxQbtJpYEE
fY5j4evCpZkAn1ko8SQ+HXWLLXnplsQOpV+KIwb77nm91Y1PwgWj4c+fpwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFPPOtucOW6L7Kvav0781O1sKiVOxMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvODg2MjV3NWJvdnNxOXFfVHZ6VTdXd3FKVTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeMAwDBAAtCakD
BAItCagDBAAtDggDBAAtDgoDBARN8pADBABTiZ8DBANY0cAwDAMEBFjR0AMEAljR
4AMEA1w00AMEAFw02wMEA7LS4AMEALLS7AMEA7L4yAMEAMGKfTANBgkqhkiG9w0B
AQsFAAOCAQEAgsaZxEraVQbZevqRZBUJLc6BBMOkTAvvL0n4NjL3zpDLNYXE/In1
F/187197SPAN74aPxxaujSEMRh0jUSZ/cfmiSBHhbP0M1ghSNbdLk7xECOI3cTfS
UI4j4pULvm+q7nBSK+CGoTsk/VaC/6lfnXhS8CFJ0pr6JyQu1vyaI8wLarrxdhF/
r/tlmlb7Xx1/SHnTRaOmScB6svwzH8BRC90KM820jkn1vssfyXapiqnTPXk10fAk
29mC3eOoLXVY4asLMSoAqAplWDBDlFpLv7Muzo3rtihQZNvOuUXvDk+Z6KTPQpVy
rs+r8kCpd6RfcXAF6UeIe5CMEjuY/JZ2Yg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:00 2023 by rpki-client on console-fra.rpki-client.org