Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/XzhArbzAv0DSFw4dV5ofHvgLWhU.roa
File: XzhArbzAv0DSFw4dV5ofHvgLWhU.roa (raw, json)
Hash identifier: LwE2ODyD2ZnkHSYQaIiCvVf5QrykBlv61CVPWkj0Y8g=
Subject key identifier: 5F:38:40:AD:BC:C0:BF:40:D2:17:0E:1D:57:9A:1F:1E:F8:0B:5A:15
Certificate issuer: /CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Certificate serial: 33870E73
Authority key identifier: AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/XzhArbzAv0DSFw4dV5ofHvgLWhU.roa
Signing time: Fri 18 Feb 2022 15:32:26 +0000
ROA not before: Fri 18 Feb 2022 15:32:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21219
IP address blocks: 46.164.128.0/18 maxlen: 24
195.225.52.0/23 maxlen: 24
194.110.79.0/24 maxlen: 24
193.238.96.0/22 maxlen: 24
185.46.248.0/22 maxlen: 24
94.232.72.0/21 maxlen: 24
195.114.128.0/19 maxlen: 24
80.77.32.0/20 maxlen: 24
194.146.196.0/22 maxlen: 24
91.237.152.0/24 maxlen: 24
193.109.164.0/22 maxlen: 24
93.183.192.0/18 maxlen: 24
195.69.176.0/22 maxlen: 24
176.241.128.0/19 maxlen: 24
91.197.220.0/22 maxlen: 24
176.241.104.0/21 maxlen: 24
91.204.92.0/22 maxlen: 24
194.29.60.0/22 maxlen: 24
176.102.32.0/19 maxlen: 24
77.88.200.0/21 maxlen: 24
77.88.208.0/20 maxlen: 24
176.112.0.0/19 maxlen: 24
5.1.0.0/19 maxlen: 24
88.81.224.0/19 maxlen: 24
188.247.96.0/19 maxlen: 24
193.109.80.0/24 maxlen: 24
217.112.208.0/20 maxlen: 24
91.193.68.0/22 maxlen: 24
77.88.214.0/23 maxlen: 23
77.88.240.0/20 maxlen: 24
185.8.40.0/22 maxlen: 24
178.213.168.0/21 maxlen: 24
188.0.64.0/19 maxlen: 24
31.128.64.0/23 maxlen: 24
31.128.68.0/22 maxlen: 24
31.128.72.0/21 maxlen: 24
31.128.80.0/20 maxlen: 24
31.3.192.0/20 maxlen: 24
193.108.48.0/22 maxlen: 24
195.114.133.0/24 maxlen: 24
77.222.128.0/19 maxlen: 24
109.206.32.0/19 maxlen: 24
80.91.160.0/20 maxlen: 24
85.159.0.0/21 maxlen: 24
193.108.128.0/23 maxlen: 24
80.91.176.0/20 maxlen: 24
193.41.48.0/22 maxlen: 24
213.111.192.0/18 maxlen: 24
80.249.224.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 864489075 (0x33870e73)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abc8dbe52083ad335c9f1fde6016ec8b49293140
Validity
Not Before: Feb 18 15:32:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f3840adbcc0bf40d2170e1d579a1f1ef80b5a15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:30:6a:cf:b9:d7:8d:c2:5e:66:fc:cc:0c:45:
59:7b:cc:75:2a:be:51:2c:a5:d3:5c:38:36:b3:9f:
09:3b:a5:56:19:b1:f4:5c:50:37:56:93:c5:32:b4:
05:d4:07:49:5b:ca:cf:1f:39:1a:b3:c0:d5:9e:de:
07:1c:b2:68:b8:ad:62:a7:68:44:a2:5c:9a:f7:9b:
37:36:c0:1b:fc:a0:fb:0d:2f:be:10:79:51:3c:3d:
fe:9c:cc:3b:04:fc:1d:01:af:84:bc:1a:9f:88:cd:
46:de:ef:4f:24:11:ee:9e:0d:0f:64:7a:14:ae:22:
d3:5a:61:e8:28:22:49:21:02:9b:6b:9b:17:e5:4c:
c2:bb:5d:d3:2e:3a:d6:a9:ab:36:01:98:fb:35:2e:
18:e7:83:93:8a:59:2d:92:61:10:a0:5d:06:46:fb:
ad:d2:ec:d1:c2:e7:23:93:41:a1:8d:72:e4:04:f1:
0a:90:8a:3b:d1:1f:49:a7:c7:63:ab:88:85:26:d2:
b4:ac:d0:35:d0:05:21:ca:0f:7f:91:7f:b5:c6:3f:
15:6b:8e:63:2f:30:db:f1:2a:b2:62:00:6d:72:f9:
49:00:f6:b0:af:0a:b2:79:b5:e8:a0:ec:3e:01:81:
31:f1:91:0e:c4:a3:64:1f:d7:f7:6f:7e:be:1c:b3:
d6:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:38:40:AD:BC:C0:BF:40:D2:17:0E:1D:57:9A:1F:1E:F8:0B:5A:15
X509v3 Authority Key Identifier:
keyid:AB:C8:DB:E5:20:83:AD:33:5C:9F:1F:DE:60:16:EC:8B:49:29:31:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q8jb5SCDrTNcnx_eYBbsi0kpMUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/XzhArbzAv0DSFw4dV5ofHvgLWhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/ce6ccb-25cf-4917-b3cd-3056af9a335e/1/q8jb5SCDrTNcnx_eYBbsi0kpMUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.0.0/19
31.3.192.0/20
31.128.64.0/23
31.128.68.0-31.128.95.255
46.164.128.0/18
77.88.200.0-77.88.223.255
77.88.240.0/20
77.222.128.0/19
80.77.32.0/20
80.91.160.0/19
80.249.224.0/20
85.159.0.0/21
88.81.224.0/19
91.193.68.0/22
91.197.220.0/22
91.204.92.0/22
91.237.152.0/24
93.183.192.0/18
94.232.72.0/21
109.206.32.0/19
176.102.32.0/19
176.112.0.0/19
176.241.104.0/21
176.241.128.0/19
178.213.168.0/21
185.8.40.0/22
185.46.248.0/22
188.0.64.0/19
188.247.96.0/19
193.41.48.0/22
193.108.48.0/22
193.108.128.0/23
193.109.80.0/24
193.109.164.0/22
193.238.96.0/22
194.29.60.0/22
194.110.79.0/24
194.146.196.0/22
195.69.176.0/22
195.114.128.0/19
195.225.52.0/23
213.111.192.0/18
217.112.208.0/20
Signature Algorithm: sha256WithRSAEncryption
07:6b:05:ff:74:9a:31:f4:30:a2:4a:08:de:46:16:02:5e:e2:
53:83:da:09:42:a4:6e:b8:c1:c0:4f:f9:af:99:b4:db:50:2d:
fd:e8:9e:ab:1e:c1:61:88:21:86:b0:6d:32:54:5d:8d:9d:c8:
9e:ee:ba:75:b5:35:25:b6:48:6d:60:87:56:84:c9:7a:25:16:
2a:34:6f:90:09:b7:31:05:a5:c0:d4:65:ad:13:d8:e5:84:97:
be:45:e5:07:34:e9:1d:1c:bd:6d:10:93:2d:b6:82:86:c9:2c:
40:ce:70:96:1f:01:31:16:a5:74:05:fc:a6:de:fb:54:b0:31:
a5:1c:6b:d0:d9:6b:27:5b:75:d5:f4:71:61:03:5c:d5:1b:0a:
72:a6:1e:f2:7f:a9:d0:a5:87:ed:da:89:5f:05:bf:33:24:0c:
bf:6a:3c:7b:ad:72:f5:c7:40:28:83:b2:9b:87:87:9e:51:a6:
f0:7b:2a:15:e3:24:4b:ab:9c:ca:8a:c3:53:43:21:f6:a0:80:
68:16:15:26:00:21:43:4f:1d:49:49:30:bb:32:33:8e:91:ea:
0c:e7:72:13:70:0b:0e:42:15:24:af:92:cc:8f:e1:66:cc:95:
ee:69:4a:83:e8:29:6b:09:06:44:b3:17:35:c9:15:be:dd:4f:
a7:64:2e:d5
-----BEGIN CERTIFICATE-----
MIIGBTCCBO2gAwIBAgIEM4cOczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmM4ZGJlNTIwODNhZDMzNWM5ZjFmZGU2MDE2ZWM4YjQ5MjkzMTQwMB4XDTIyMDIx
ODE1MzIyNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYzODQwYWRiY2Mw
YmY0MGQyMTcwZTFkNTc5YTFmMWVmODBiNWExNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQwas+5143CXmb8zAxFWXvMdSq+USyl01w4NrOfCTulVhmx
9FxQN1aTxTK0BdQHSVvKzx85GrPA1Z7eBxyyaLitYqdoRKJcmvebNzbAG/yg+w0v
vhB5UTw9/pzMOwT8HQGvhLwan4jNRt7vTyQR7p4ND2R6FK4i01ph6CgiSSECm2ub
F+VMwrtd0y461qmrNgGY+zUuGOeDk4pZLZJhEKBdBkb7rdLs0cLnI5NBoY1y5ATx
CpCKO9EfSafHY6uIhSbStKzQNdAFIcoPf5F/tcY/FWuOYy8w2/EqsmIAbXL5SQD2
sK8Ksnm16KDsPgGBMfGRDsSjZB/X929+vhyz1lECAwEAAaOCAx8wggMbMB0GA1Ud
DgQWBBRfOECtvMC/QNIXDh1Xmh8e+AtaFTAfBgNVHSMEGDAWgBSryNvlIIOtM1yf
H95gFuyLSSkxQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E4amI1U0NEclROY254X2VZQmJzaTBrcE1VQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2UvY2U2Y2NiLTI1Y2YtNDkxNy1iM2NkLTMwNTZhZjlhMzM1ZS8x
L1h6aEFyYnpBdjBEU0Z3NGRWNW9mSHZnTFdoVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Uv
Y2U2Y2NiLTI1Y2YtNDkxNy1iM2NkLTMwNTZhZjlhMzM1ZS8xL3E4amI1U0NEclRO
Y254X2VZQmJzaTBrcE1VQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
ATMGCCsGAQUFBwEHAQH/BIIBIjCCAR4wggEaBAIAATCCARIDBAUFAQADBAQfA8AD
BAEfgEAwDAMEAh+ARAMEBR+AQAMEBi6kgDAMAwQDTVjIAwQFTVjAAwQETVjwAwQF
Td6AAwQEUE0gAwQFUFugAwQEUPngAwQDVZ8AAwQFWFHgAwQCW8FEAwQCW8XcAwQC
W8xcAwQAW+2YAwQGXbfAAwQDXuhIAwQFbc4gAwQFsGYgAwQFsHAAAwQDsPFoAwQF
sPGAAwQDstWoAwQCuQgoAwQCuS74AwQFvABAAwQFvPdgAwQCwSkwAwQCwWwwAwQB
wWyAAwQAwW1QAwQCwW2kAwQCwe5gAwQCwh08AwQAwm5PAwQCwpLEAwQCw0WwAwQF
w3KAAwQBw+E0AwQG1W/AAwQE2XDQMA0GCSqGSIb3DQEBCwUAA4IBAQAHawX/dJox
9DCiSgjeRhYCXuJTg9oJQqRuuMHAT/mvmbTbUC396J6rHsFhiCGGsG0yVF2Nncie
7rp1tTUltkhtYIdWhMl6JRYqNG+QCbcxBaXA1GWtE9jlhJe+ReUHNOkdHL1tEJMt
toKGySxAznCWHwExFqV0Bfym3vtUsDGlHGvQ2WsnW3XV9HFhA1zVGwpyph7yf6nQ
pYft2olfBb8zJAy/ajx7rXL1x0Aog7Kbh4eeUabweyoV4yRLq5zKisNTQyH2oIBo
FhUmACFDTx1JSTC7MjOOkeoM53ITcAsOQhUkr5LMj+FmzJXuaUqD6ClrCQZEsxc1
yRW+3U+nZC7V
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:36:32 2024 by rpki-client on console-fra.rpki-client.org