Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vn2A42EYEu6TtJETeUrDkRLEnEQ.roa
File: Vn2A42EYEu6TtJETeUrDkRLEnEQ.roa (raw, json)
Hash identifier: 8V0oZ8wOYR4qCu8LOaxQbu6aeXPtdwXaF3tfLVa/LKU=
Subject key identifier: 56:7D:80:E3:61:18:12:EE:93:B4:91:13:79:4A:C3:91:12:C4:9C:44
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01831C7DB3AC188918E493A1ABBC7AF4DB95
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vn2A42EYEu6TtJETeUrDkRLEnEQ.roa
Signing time: Thu 08 Sep 2022 09:45:43 +0000
ROA not before: Thu 08 Sep 2022 09:45:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 88.209.231.0/24 maxlen: 24
88.209.232.0/22 maxlen: 22
83.137.152.0/24 maxlen: 24
83.137.154.0/23 maxlen: 24
178.210.252.0/24 maxlen: 24
88.151.61.0/24 maxlen: 24
88.151.63.0/24 maxlen: 24
88.209.204.0/22 maxlen: 24
88.209.200.0/22 maxlen: 32
88.209.205.0/24 maxlen: 24
88.209.206.0/24 maxlen: 24
88.209.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:1c:7d:b3:ac:18:89:18:e4:93:a1:ab:bc:7a:f4:db:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Sep 8 09:45:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=567d80e3611812ee93b49113794ac39112c49c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:b8:a2:83:ef:f5:e7:90:9d:dd:58:14:a2:f6:
fa:57:44:a8:49:75:04:d2:6f:bc:39:96:de:47:05:
e0:75:33:1a:94:bf:51:98:74:a9:58:2d:18:2f:2e:
a2:d7:9f:31:11:65:b1:e7:11:cc:05:18:f4:ad:61:
e2:99:b0:ca:4b:89:d7:db:9a:59:89:eb:11:03:f4:
06:a9:54:16:fc:5d:2a:7c:99:65:7a:a2:9a:62:68:
20:04:c5:6f:3a:ef:1b:78:87:b1:27:d8:ba:59:8d:
c7:21:7b:8d:c2:73:4f:80:83:91:8a:df:68:ad:d6:
81:00:34:8e:53:8a:5a:4f:4c:45:09:3d:23:68:c0:
3d:a6:77:77:9d:61:ff:93:98:8c:69:17:2d:39:29:
02:5c:17:f2:bb:28:26:ff:33:8b:53:28:e2:b9:ed:
ba:8c:93:f4:bf:e7:8a:72:5f:bc:a5:f7:85:60:58:
31:fb:05:06:e2:66:1e:18:c1:32:76:4c:20:64:24:
c5:72:c0:4f:fb:d2:ff:77:eb:ff:38:fb:b1:4f:dd:
a9:c6:07:ad:24:d1:2d:1b:34:cf:3a:6b:ba:7a:a2:
64:0f:b3:0b:f4:56:d2:8e:a7:16:c3:4c:d2:03:39:
95:bc:59:05:b3:63:c9:23:5a:8b:a1:27:54:63:81:
b5:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:7D:80:E3:61:18:12:EE:93:B4:91:13:79:4A:C3:91:12:C4:9C:44
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Vn2A42EYEu6TtJETeUrDkRLEnEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.137.152.0/24
83.137.154.0/23
88.151.61.0/24
88.151.63.0/24
88.209.200.0/21
88.209.231.0-88.209.235.255
178.210.252.0/24
Signature Algorithm: sha256WithRSAEncryption
44:d7:2f:33:73:6a:8a:8b:16:42:85:40:a6:70:9a:2e:d0:49:
7c:b4:67:9d:42:b5:3d:dc:fc:27:1f:aa:22:3b:80:a7:48:48:
ec:22:f1:44:e2:04:47:9a:80:b1:22:90:91:88:d4:15:fd:f9:
59:18:bc:0c:54:50:53:08:f5:ff:a5:ba:14:38:f4:d6:0b:40:
38:3a:2a:ec:15:7b:e4:7c:7a:92:57:db:ff:4e:25:ba:b5:87:
92:9a:3e:d2:54:b7:8c:0d:08:56:ec:7a:1b:0d:66:f7:33:d8:
dc:a2:1d:e8:f6:67:b4:17:f3:44:3d:f7:d0:e0:7d:e0:65:2d:
b1:76:f3:2c:9e:69:52:c1:82:ae:c2:0c:6c:c6:15:69:77:a8:
d9:90:94:2d:41:7d:93:41:74:d7:f7:86:ae:5d:8c:ca:bb:d0:
92:93:f0:b0:d3:e1:f0:d1:c3:57:fd:5c:99:6b:c0:ff:e9:59:
7e:80:6f:ea:ff:fa:cc:22:f1:09:a9:d8:e8:d7:e0:52:c3:38:
57:4c:e6:2c:22:f9:91:6b:8e:e3:42:be:1f:0b:2b:70:94:6f:
37:df:9a:77:ac:b5:b9:27:b8:65:5a:7e:a8:43:dc:aa:79:0f:
82:cb:d8:85:18:47:23:30:96:e0:77:5b:73:9f:c9:11:76:ea:
b7:99:c3:20
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYMcfbOsGIkY5JOhq7x69NuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwOTA4MDk0NTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjdkODBlMzYxMTgxMmVlOTNiNDkxMTM3OTRhYzM5MTEyYzQ5YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl7iig+/155Cd3VgUovb6V0SoSXUE
0m+8OZbeRwXgdTMalL9RmHSpWC0YLy6i158xEWWx5xHMBRj0rWHimbDKS4nX25pZ
iesRA/QGqVQW/F0qfJlleqKaYmggBMVvOu8beIexJ9i6WY3HIXuNwnNPgIORit9o
rdaBADSOU4paT0xFCT0jaMA9pnd3nWH/k5iMaRctOSkCXBfyuygm/zOLUyjiue26
jJP0v+eKcl+8pfeFYFgx+wUG4mYeGMEydkwgZCTFcsBP+9L/d+v/OPuxT92pxget
JNEtGzTPOmu6eqJkD7ML9FbSjqcWw0zSAzmVvFkFs2PJI1qLoSdUY4G17wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFFZ9gONhGBLuk7SRE3lKw5ESxJxEMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvVm4yQTQyRVlFdTZUdEpFVGVVckRrUkxFbkVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAU4mYAwQB
U4maAwQAWJc9AwQAWJc/AwQDWNHIMAwDBABY0ecDBAJY0egDBACy0vwwDQYJKoZI
hvcNAQELBQADggEBAETXLzNzaoqLFkKFQKZwmi7QSXy0Z51CtT3c/CcfqiI7gKdI
SOwi8UTiBEeagLEikJGI1BX9+VkYvAxUUFMI9f+luhQ49NYLQDg6KuwVe+R8epJX
2/9OJbq1h5KaPtJUt4wNCFbsehsNZvcz2NyiHej2Z7QX80Q999DgfeBlLbF28yye
aVLBgq7CDGzGFWl3qNmQlC1BfZNBdNf3hq5djMq70JKT8LDT4fDRw1f9XJlrwP/p
WX6Ab+r/+swi8Qmp2OjX4FLDOFdM5iwi+ZFrjuNCvh8LK3CUbzffmnestbknuGVa
fqhD3Kp5D4LL2IUYRyMwluB3W3OfyRF26reZwyA=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:01 2023 by rpki-client on console-fra.rpki-client.org