Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/Dmm1DvNeSWoBxCL_y_88lNlVBto.roa
File: Dmm1DvNeSWoBxCL_y_88lNlVBto.roa (raw, json)
Hash identifier: aFTfEkTgnoC2ARgq4uQvjnfHffSWsdYHCQhlvY/Ujno=
Subject key identifier: 0E:69:B5:0E:F3:5E:49:6A:01:C4:22:FF:CB:FF:3C:94:D9:55:06:DA
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 0183373D07928C1FC7B37322C59D9AC29E46
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/Dmm1DvNeSWoBxCL_y_88lNlVBto.roa
Signing time: Tue 13 Sep 2022 14:24:49 +0000
ROA not before: Tue 13 Sep 2022 14:24:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200088
IP address blocks: 94.228.122.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:37:3d:07:92:8c:1f:c7:b3:73:22:c5:9d:9a:c2:9e:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Sep 13 14:24:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0e69b50ef35e496a01c422ffcbff3c94d95506da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:b7:6c:66:5b:a0:9e:5f:3b:89:6f:b1:2b:b2:
a8:a8:22:5f:43:2f:16:e6:0f:5f:59:81:69:4a:69:
b6:7a:0e:09:7b:d9:a3:8d:ce:65:d0:d5:30:93:7e:
9f:d1:50:bf:90:ec:ba:80:cc:e8:bf:c9:bc:ec:a9:
ee:5f:3b:6f:21:f8:45:2e:67:50:07:ab:97:81:98:
8a:8e:0c:92:a1:77:a5:eb:03:a3:ea:01:97:18:3e:
ea:c6:29:7d:9e:10:4b:01:68:54:0a:b4:07:f8:cd:
ac:df:79:fa:3d:31:34:28:e2:01:df:c1:c9:e1:cb:
ef:cd:82:2a:7e:06:46:d7:4f:c7:79:08:74:ac:4b:
fb:bc:18:b7:ae:7b:17:78:97:29:0d:68:40:c2:09:
c4:9b:63:8b:e7:cb:aa:2c:44:fc:b8:09:b1:b8:b2:
bc:f2:46:3b:00:a2:81:a1:61:d2:d8:a7:9f:da:aa:
79:43:e9:2a:06:20:0f:36:56:2e:34:b1:4a:02:fe:
f3:f7:56:01:5c:2a:f8:76:3c:f1:b5:a2:36:55:63:
68:cd:86:ac:82:0c:1a:5c:e7:23:67:4c:2d:dc:65:
ca:bc:25:4b:39:f7:c0:a6:20:97:45:af:d8:e1:1a:
18:17:fd:af:83:de:eb:0e:94:a2:ad:d3:46:bd:90:
26:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:69:B5:0E:F3:5E:49:6A:01:C4:22:FF:CB:FF:3C:94:D9:55:06:DA
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/Dmm1DvNeSWoBxCL_y_88lNlVBto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
87.249.50.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
217.25.91.0/24
217.25.95.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
08:f0:f8:bf:43:87:e7:ec:bf:65:c4:71:a9:74:6e:03:97:c0:
05:73:a7:c4:9a:5a:b9:35:60:73:62:81:da:65:08:a1:27:68:
a1:26:91:ec:aa:4a:dd:84:a0:7e:e8:a7:bb:93:a8:b5:53:fc:
26:3d:97:99:bd:a3:2f:98:af:17:92:d5:c5:ae:20:43:cd:20:
4b:26:04:de:05:6c:00:e8:e3:2f:27:db:41:73:9a:b5:d9:b0:
df:c4:87:a2:22:02:fd:93:df:8a:73:40:22:76:bd:57:35:53:
e1:e4:0a:8a:37:1f:04:7e:02:66:90:eb:79:e2:3f:1f:60:a6:
5a:e3:d1:d3:b1:e0:99:22:1e:00:86:4a:c8:65:48:b8:b6:00:
55:6e:de:4e:c9:df:b7:1a:62:5a:65:d7:17:63:1a:77:73:f6:
e0:e0:62:70:27:8f:73:d7:5a:68:22:8a:91:c8:b9:41:49:7a:
3d:fa:5e:9c:a9:d8:a6:7b:f1:a4:27:53:c8:44:8f:98:71:9b:
b8:03:72:ab:ab:7b:3f:f6:b2:d3:d9:98:1f:8d:76:10:36:5a:
5b:5e:70:42:8b:17:c7:70:67:e9:28:ee:99:a9:a6:4c:75:3e:
50:01:50:3f:a6:e7:0b:8e:27:20:9e:81:99:ef:14:7f:a7:e5:
8d:f1:05:f6
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYM3PQeSjB/Hs3MixZ2awp5GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIwOTEzMTQyNDQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTY5YjUwZWYzNWU0OTZhMDFjNDIyZmZjYmZmM2M5NGQ5NTUwNmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkbdsZlugnl87iW+xK7KoqCJfQy8W
5g9fWYFpSmm2eg4Je9mjjc5l0NUwk36f0VC/kOy6gMzov8m87KnuXztvIfhFLmdQ
B6uXgZiKjgySoXel6wOj6gGXGD7qxil9nhBLAWhUCrQH+M2s33n6PTE0KOIB38HJ
4cvvzYIqfgZG10/HeQh0rEv7vBi3rnsXeJcpDWhAwgnEm2OL58uqLET8uAmxuLK8
8kY7AKKBoWHS2Kef2qp5Q+kqBiAPNlYuNLFKAv7z91YBXCr4djzxtaI2VWNozYas
ggwaXOcjZ0wt3GXKvCVLOffApiCXRa/Y4RoYF/2vg97rDpSirdNGvZAmmwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFA5ptQ7zXklqAcQi/8v/PJTZVQbaMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvRG1tMUR2TmVTV29CeENMX3lfODhsTmxWQnRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQATijYAwQA
V/kyAwQAXuR6AwQAsDndAwQAuWhwAwQAuWhzAwQA2RlbAwQA2RlfMA8EAgACMAkD
BwAqA28AAAgwDQYJKoZIhvcNAQELBQADggEBAAjw+L9Dh+fsv2XEcal0bgOXwAVz
p8SaWrk1YHNigdplCKEnaKEmkeyqSt2EoH7op7uTqLVT/CY9l5m9oy+YrxeS1cWu
IEPNIEsmBN4FbADo4y8n20FzmrXZsN/Eh6IiAv2T34pzQCJ2vVc1U+HkCoo3HwR+
AmaQ63niPx9gplrj0dOx4JkiHgCGSshlSLi2AFVu3k7J37caYlpl1xdjGndz9uDg
YnAnj3PXWmgiipHIuUFJej36Xpyp2KZ78aQnU8hEj5hxm7gDcqurez/2stPZmB+N
dhA2WltecEKLF8dwZ+ko7pmppkx1PlABUD+m5wuOJyCegZnvFH+n5Y3xBfY=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:49 2023 by rpki-client on console-fra.rpki-client.org