Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jZ5A6YcS6rhIAH42Qru9TX-_THw.roa
File: jZ5A6YcS6rhIAH42Qru9TX-_THw.roa (raw, json)
Hash identifier: krd4Qz2hG5/p/8mQcXKf+3XCeFBYgb+rwoey/waAg1k=
Subject key identifier: 8D:9E:40:E9:87:12:EA:B8:48:00:7E:36:42:BB:BD:4D:7F:BF:4C:7C
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 0184A8E6EEE2A2226F5A3D9991777A6488BA
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jZ5A6YcS6rhIAH42Qru9TX-_THw.roa
Signing time: Thu 24 Nov 2022 09:10:17 +0000
ROA not before: Thu 24 Nov 2022 09:10:17 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200088
IP address blocks: 94.228.122.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:a8:e6:ee:e2:a2:22:6f:5a:3d:99:91:77:7a:64:88:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Nov 24 09:10:17 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8d9e40e98712eab848007e3642bbbd4d7fbf4c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:47:1d:78:24:f2:70:96:91:e0:96:25:b7:58:
c9:0b:c4:6b:79:44:78:52:d8:da:16:10:c7:09:c1:
ad:2b:d9:9e:f2:fa:a6:5d:1c:4f:62:3d:ff:c2:6c:
89:20:71:38:8c:18:c1:47:84:7b:ee:6c:51:7e:35:
e1:50:9d:e8:78:34:bc:f1:f4:66:da:5b:fd:5c:85:
b0:5e:f6:d1:da:b7:40:ba:20:cf:43:50:36:85:11:
9f:a5:aa:33:24:cc:9e:72:79:d8:1f:45:cd:d2:41:
42:65:41:5f:f6:78:b8:09:56:14:b4:5f:29:55:b4:
b1:52:cb:39:49:40:f7:ee:94:05:1b:65:42:72:c8:
9f:de:59:95:8f:01:05:4c:25:c9:f3:85:24:71:2a:
ab:20:a9:49:13:5d:5f:e4:4a:69:fd:fd:35:9e:e4:
7e:db:a5:6f:cf:56:e8:93:d5:26:0a:52:00:ed:1f:
6d:a4:d5:99:c1:a3:94:7a:b7:3c:c5:99:1f:f6:33:
77:58:fe:84:ef:16:bc:1c:14:6c:67:a5:dc:c7:d7:
6e:f2:ae:83:d3:56:34:28:e9:90:80:39:c3:fb:2f:
42:dc:84:8f:e2:05:c1:5d:03:12:88:93:98:e5:7d:
e0:95:6e:3c:4d:29:72:14:f0:c7:69:13:fd:96:0e:
02:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:9E:40:E9:87:12:EA:B8:48:00:7E:36:42:BB:BD:4D:7F:BF:4C:7C
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/jZ5A6YcS6rhIAH42Qru9TX-_THw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
aa:59:04:4a:4c:11:b5:85:e8:fd:0a:59:a7:18:bd:3d:33:db:
05:71:6f:c1:7d:85:64:43:40:10:a7:df:56:38:37:51:30:8f:
47:74:b5:58:1b:37:d8:aa:e8:e7:4e:e7:78:9c:e6:ba:e6:71:
64:fd:5f:b2:17:98:5b:0f:96:4d:60:6e:38:82:81:db:c9:46:
fe:03:b5:c6:d1:b6:e4:d3:60:8a:8a:8e:de:92:de:1a:96:ee:
a0:05:f3:4c:7a:72:5f:c7:c5:b7:2c:0e:9b:dc:bc:cf:8c:4f:
ab:66:69:cb:2a:63:47:41:0c:da:24:8c:63:bc:35:7f:83:eb:
4f:aa:1f:1a:1e:32:6f:55:76:a6:9d:f2:dd:66:88:a4:8b:ab:
4e:c3:12:10:db:5a:f0:fa:a0:98:5b:04:bb:04:2f:7c:57:35:
2a:f5:49:93:6d:81:f8:3c:cf:9d:a5:f6:4c:f8:b3:80:bf:bb:
80:47:48:9b:27:81:51:1a:db:2d:f1:a5:b7:4f:ae:83:bc:dd:
c6:13:b1:bc:02:96:a7:2b:2b:7c:11:78:f7:7f:b6:c5:4e:f2:
19:38:db:1b:43:37:0f:75:a1:e1:b4:d6:ab:59:93:64:bd:a1:
da:8d:56:d5:9e:d8:4c:07:d3:ad:b3:4d:1e:ed:18:3d:35:4f:
f8:d2:64:cc
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYSo5u7ioiJvWj2ZkXd6ZIi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjIxMTI0MDkxMDE3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDllNDBlOTg3MTJlYWI4NDgwMDdlMzY0MmJiYmQ0ZDdmYmY0YzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1UcdeCTycJaR4JYlt1jJC8RreUR4
UtjaFhDHCcGtK9me8vqmXRxPYj3/wmyJIHE4jBjBR4R77mxRfjXhUJ3oeDS88fRm
2lv9XIWwXvbR2rdAuiDPQ1A2hRGfpaozJMyecnnYH0XN0kFCZUFf9ni4CVYUtF8p
VbSxUss5SUD37pQFG2VCcsif3lmVjwEFTCXJ84UkcSqrIKlJE11f5Epp/f01nuR+
26Vvz1bok9UmClIA7R9tpNWZwaOUerc8xZkf9jN3WP6E7xa8HBRsZ6Xcx9du8q6D
01Y0KOmQgDnD+y9C3ISP4gXBXQMSiJOY5X3glW48TSlyFPDHaRP9lg4CgQIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFI2eQOmHEuq4SAB+NkK7vU1/v0x8MB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvalo1QTZZY1M2cmhJQUg0MlFydTlUWC1fVEh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYAQCAAEwWgMEAE4o2AME
AVXBXAMEAFXBXwMEAFf5MgMEAF7kegMEALA53QMEALlocAMEALlocwMEALzhPAME
AMHJcwMEAsIjdAMEANkZWwMEANkZXwMEANmX5QMEANmX5zAPBAIAAjAJAwcAKgNv
AAAIMA0GCSqGSIb3DQEBCwUAA4IBAQCqWQRKTBG1hej9ClmnGL09M9sFcW/BfYVk
Q0AQp99WODdRMI9HdLVYGzfYqujnTud4nOa65nFk/V+yF5hbD5ZNYG44goHbyUb+
A7XG0bbk02CKio7ekt4alu6gBfNMenJfx8W3LA6b3LzPjE+rZmnLKmNHQQzaJIxj
vDV/g+tPqh8aHjJvVXamnfLdZoiki6tOwxIQ21rw+qCYWwS7BC98VzUq9UmTbYH4
PM+dpfZM+LOAv7uAR0ibJ4FRGtst8aW3T66DvN3GE7G8ApanKyt8EXj3f7bFTvIZ
ONsbQzcPdaHhtNarWZNkvaHajVbVnthMB9Ots00e7Rg9NU/40mTM
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:50 2023 by rpki-client on console-fra.rpki-client.org