Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/KIzm52D2jTCFXdTRofRCLAAGZAs.roa
File: KIzm52D2jTCFXdTRofRCLAAGZAs.roa (raw, json)
Hash identifier: GYDbo7/HFuiXUve4AMhWhX2BFwG/hrjMd5UWwFTD900=
Subject key identifier: 28:8C:E6:E7:60:F6:8D:30:85:5D:D4:D1:A1:F4:42:2C:00:06:64:0B
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 01851058CF0D1DA3882C6F920F0351BB4EBB
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/KIzm52D2jTCFXdTRofRCLAAGZAs.roa
Signing time: Wed 14 Dec 2022 11:15:33 +0000
ROA not before: Wed 14 Dec 2022 11:15:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200088
IP address blocks: 188.225.14.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:10:58:cf:0d:1d:a3:88:2c:6f:92:0f:03:51:bb:4e:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Dec 14 11:15:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=288ce6e760f68d30855dd4d1a1f4422c0006640b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f4:a9:bb:e8:48:64:46:0e:73:c1:ae:08:3f:
63:43:a4:f6:3a:f0:4f:bf:8e:f7:c5:2a:2d:80:6c:
ef:c8:a2:02:23:8d:4a:13:01:6b:79:94:85:8e:1f:
43:c7:eb:3e:b5:d3:d1:dd:e4:a7:c5:65:43:c7:51:
62:ea:3e:58:14:7a:dd:10:f0:ea:81:87:22:5e:8e:
00:e5:0d:96:50:86:18:f1:6c:48:5f:c0:eb:c2:cd:
c2:55:5d:0b:56:1d:2f:e4:59:de:06:a0:01:75:ce:
eb:45:74:fb:ff:88:9c:6a:a8:d0:a9:07:c8:d2:86:
02:ad:de:6c:e2:5b:d9:b8:0b:de:03:b7:4c:26:c0:
9e:4c:c9:01:50:a9:46:5e:75:3e:35:ee:00:db:bf:
01:b9:22:e7:9f:bf:d8:48:7a:38:6c:50:dc:2b:54:
f8:7b:a7:ba:a6:e4:e1:02:23:4c:58:b8:74:08:9d:
5f:e7:2a:a3:c1:d4:57:f7:ac:3a:09:48:79:e9:ab:
eb:32:9b:c9:b0:d7:54:e0:d8:45:64:1b:88:c5:ca:
bc:ac:18:55:92:4c:dc:f0:93:ab:d2:86:3f:dd:59:
e3:62:11:fd:b6:ec:79:19:79:75:69:4b:d1:a5:e5:
fd:8e:5f:49:10:72:e6:bf:2f:ff:f1:d0:9f:81:cd:
a7:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:8C:E6:E7:60:F6:8D:30:85:5D:D4:D1:A1:F4:42:2C:00:06:64:0B
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/KIzm52D2jTCFXdTRofRCLAAGZAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
188.225.14.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
89:65:6d:49:c6:82:f8:b4:0b:b2:c4:b5:da:fd:c5:8b:0d:80:
58:6a:fc:7f:e1:5a:90:01:6f:3c:9d:86:47:b3:51:46:84:e8:
c5:30:99:a8:f6:8f:13:93:56:a9:aa:0f:ee:92:61:55:ef:3f:
59:fb:7a:c9:b0:c9:97:fa:71:64:c0:f2:e2:84:21:74:4b:3c:
26:0d:0e:8f:c0:5e:c2:9c:2f:15:f4:46:cc:da:15:71:92:27:
f2:47:12:18:92:a4:fc:2b:51:0c:78:d5:ab:fa:d1:ae:a5:d7:
a6:54:cb:f1:2b:ea:27:88:37:9d:e6:b8:f6:c3:04:74:7c:1a:
02:15:db:3c:8d:10:70:74:61:85:8f:8b:4b:2f:05:0d:6f:8f:
da:40:85:21:3e:4c:9f:4a:c9:b4:7d:7c:90:6f:5d:03:83:44:
ca:3a:29:21:c3:57:03:24:2c:95:09:88:2c:40:f0:b8:1d:8a:
f6:a4:7c:16:73:8e:9b:c5:e5:92:f2:a3:a4:7a:c3:97:7b:d5:
9b:6c:e0:4c:be:c9:33:b2:85:bc:a8:d8:b7:7e:22:1a:43:c9:
c5:17:99:ca:a6:0b:26:69:62:a7:ab:68:72:8d:24:67:bc:27:
45:c6:dd:2f:1e:38:01:9c:5e:69:e0:42:31:3d:38:bb:58:12:
c0:1e:cc:30
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAYUQWM8NHaOILG+SDwNRu067MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIxMjE0MTExNTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODhjZTZlNzYwZjY4ZDMwODU1ZGQ0ZDFhMWY0NDIyYzAwMDY2NDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/Spu+hIZEYOc8GuCD9jQ6T2OvBP
v473xSotgGzvyKICI41KEwFreZSFjh9Dx+s+tdPR3eSnxWVDx1Fi6j5YFHrdEPDq
gYciXo4A5Q2WUIYY8WxIX8Drws3CVV0LVh0v5FneBqABdc7rRXT7/4icaqjQqQfI
0oYCrd5s4lvZuAveA7dMJsCeTMkBUKlGXnU+Ne4A278BuSLnn7/YSHo4bFDcK1T4
e6e6puThAiNMWLh0CJ1f5yqjwdRX96w6CUh56avrMpvJsNdU4NhFZBuIxcq8rBhV
kkzc8JOr0oY/3VnjYhH9tux5GXl1aUvRpeX9jl9JEHLmvy//8dCfgc2nYQIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFCiM5udg9o0whV3U0aH0QiwABmQLMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvS0l6bTUyRDJqVENGWGRUUm9mUkNMQUFHWkFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MGwEAgABMGYDBABOKNgD
BAFVwVwDBABVwV8DBABX+TIDBABanOcDBABe5HoDBACwOd0DBAC5aHADBAC5aHMD
BAC84Q4DBAC84TwDBADByXMDBALCI3QDBADZGVsDBADZGV8DBADZl+UDBADZl+cw
DwQCAAIwCQMHACoDbwAACDANBgkqhkiG9w0BAQsFAAOCAQEAiWVtScaC+LQLssS1
2v3Fiw2AWGr8f+FakAFvPJ2GR7NRRoToxTCZqPaPE5NWqaoP7pJhVe8/Wft6ybDJ
l/pxZMDy4oQhdEs8Jg0Oj8BewpwvFfRGzNoVcZIn8kcSGJKk/CtRDHjVq/rRrqXX
plTL8SvqJ4g3nea49sMEdHwaAhXbPI0QcHRhhY+LSy8FDW+P2kCFIT5Mn0rJtH18
kG9dA4NEyjopIcNXAyQslQmILEDwuB2K9qR8FnOOm8XlkvKjpHrDl3vVm2zgTL7J
M7KFvKjYt34iGkPJxReZyqYLJmlip6toco0kZ7wnRcbdLx44AZxeaeBCMT04u1gS
wB7MMA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:49 2023 by rpki-client on console-fra.rpki-client.org