Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/xdp4bVAhBLIVdT8RQfa9-ecSTMc.roa
File: xdp4bVAhBLIVdT8RQfa9-ecSTMc.roa (raw, json)
Hash identifier: GH952J+oAyaUMssVG+YYDPBvDi9i6SpDAlLaQ03itpg=
Subject key identifier: C5:DA:78:6D:50:21:04:B2:15:75:3F:11:41:F6:BD:F9:E7:12:4C:C7
Certificate issuer: /CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Certificate serial: 073612EC
Authority key identifier: 30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/xdp4bVAhBLIVdT8RQfa9-ecSTMc.roa
Signing time: Sat 01 Jan 2022 12:05:59 +0000
ROA not before: Sat 01 Jan 2022 12:05:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8916
IP address blocks: 213.5.88.0/21 maxlen: 21
188.246.192.0/19 maxlen: 19
185.87.56.0/22 maxlen: 22
193.108.199.0/24 maxlen: 24
2a03:9800::/29 maxlen: 29
2001:67c:1b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 120984300 (0x73612ec)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3027a631bb6738eb68bb6ea6c424ef4a7d14c3cb
Validity
Not Before: Jan 1 12:05:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5da786d502104b215753f1141f6bdf9e7124cc7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:2e:6e:e8:60:c0:87:fe:71:e7:00:d8:d2:37:
49:10:01:71:95:78:48:d6:da:7a:9d:f5:a3:52:33:
bb:78:fc:1c:a5:b7:05:bf:e8:03:92:be:1e:26:9a:
ca:5b:71:f0:dd:21:f7:16:31:13:d3:39:e2:a4:74:
7d:4a:46:36:90:9c:b4:78:d3:92:39:87:b5:80:62:
f9:87:6a:04:35:d0:44:2e:32:2d:a4:90:2f:19:e7:
b6:2f:81:63:30:b5:4e:5d:1f:e4:33:06:54:c7:52:
4a:e7:12:03:f6:16:28:fb:86:d0:96:44:b9:e4:06:
8c:ab:15:b0:40:b8:b6:3a:43:2b:9c:9d:e6:76:1d:
22:84:34:fd:1d:a2:ef:70:50:72:24:59:20:79:be:
7b:49:5c:e6:20:cf:23:94:52:31:d2:80:64:13:9b:
30:0f:a4:b2:e9:13:e4:28:a6:4f:3b:bf:bc:d7:78:
16:bf:4f:ba:84:9f:61:a4:da:dd:68:c0:64:54:48:
2b:60:b4:b6:c1:76:72:36:81:8c:87:25:1a:ec:73:
8b:21:4f:ca:22:02:17:31:72:bf:88:e6:4c:12:e8:
aa:ef:27:16:e8:16:86:63:17:c1:6f:62:83:28:73:
13:39:c5:5c:97:b7:a1:bd:8b:7d:76:57:f1:20:eb:
53:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DA:78:6D:50:21:04:B2:15:75:3F:11:41:F6:BD:F9:E7:12:4C:C7
X509v3 Authority Key Identifier:
keyid:30:27:A6:31:BB:67:38:EB:68:BB:6E:A6:C4:24:EF:4A:7D:14:C3:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MCemMbtnOOtou26mxCTvSn0Uw8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/xdp4bVAhBLIVdT8RQfa9-ecSTMc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/8d78eb-2832-4083-ae1f-1dd6d281c88a/1/MCemMbtnOOtou26mxCTvSn0Uw8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.87.56.0/22
188.246.192.0/19
193.108.199.0/24
213.5.88.0/21
IPv6:
2001:67c:1b8::/48
2a03:9800::/29
Signature Algorithm: sha256WithRSAEncryption
a4:c4:4e:14:46:5b:d9:17:5a:1d:d7:93:66:34:2c:46:a7:fa:
bf:db:f4:2c:f0:50:88:e3:8b:3c:de:8e:7b:12:da:22:5c:16:
1c:38:6a:9d:74:72:58:3d:81:d2:77:ae:3f:07:fd:a1:50:fe:
2f:a4:0f:6e:d9:f4:b1:a2:3e:81:d8:9e:ae:6e:a2:f8:49:65:
07:e2:e1:ad:0a:3d:0a:33:ba:13:ab:76:38:d2:27:59:2c:87:
84:62:e7:25:c6:90:4b:db:75:05:ec:3d:35:74:f7:3e:da:39:
4c:91:e5:b8:d1:a7:27:a2:da:47:e5:39:27:2b:33:08:01:f9:
df:f5:06:c4:da:e6:e1:fa:a0:30:93:82:85:b6:38:52:de:1e:
06:51:1c:96:99:b6:99:a3:b3:9b:25:24:02:aa:14:3e:a5:26:
98:b6:7c:2b:06:94:a2:9c:d1:92:3a:52:11:0a:3b:9a:2e:98:
b1:d6:5b:79:63:64:c2:33:fe:75:32:6d:4c:66:84:2c:92:15:
83:76:6a:a8:9e:8b:05:7c:8c:70:67:cd:46:1a:92:d6:cc:89:
59:c6:b3:d1:94:a3:08:68:ba:62:0e:a7:1e:54:b0:62:19:ad:
58:74:0c:8d:3e:66:71:9e:c7:d9:35:21:11:11:e4:4d:3b:da:
44:66:d8:6c
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBzYS7DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MDI3YTYzMWJiNjczOGViNjhiYjZlYTZjNDI0ZWY0YTdkMTRjM2NiMB4XDTIyMDEw
MTEyMDU1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVkYTc4NmQ1MDIx
MDRiMjE1NzUzZjExNDFmNmJkZjllNzEyNGNjNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN0ubuhgwIf+cecA2NI3SRABcZV4SNbaep31o1Izu3j8HKW3
Bb/oA5K+Hiaayltx8N0h9xYxE9M54qR0fUpGNpCctHjTkjmHtYBi+YdqBDXQRC4y
LaSQLxnnti+BYzC1Tl0f5DMGVMdSSucSA/YWKPuG0JZEueQGjKsVsEC4tjpDK5yd
5nYdIoQ0/R2i73BQciRZIHm+e0lc5iDPI5RSMdKAZBObMA+ksukT5CimTzu/vNd4
Fr9PuoSfYaTa3WjAZFRIK2C0tsF2cjaBjIclGuxziyFPyiICFzFyv4jmTBLoqu8n
FugWhmMXwW9igyhzEznFXJe3ob2LfXZX8SDrU+ECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBTF2nhtUCEEshV1PxFB9r355xJMxzAfBgNVHSMEGDAWgBQwJ6Yxu2c462i7
bqbEJO9KfRTDyzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01DZW1NYnRuT090b3UyNm14Q1R2U24wVXc4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDEvOGQ3OGViLTI4MzItNDA4My1hZTFmLTFkZDZkMjgxYzg4YS8x
L3hkcDRiVkFoQkxJVmRUOFJRZmE5LWVjU1RNYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDEv
OGQ3OGViLTI4MzItNDA4My1hZTFmLTFkZDZkMjgxYzg4YS8xL01DZW1NYnRuT090
b3UyNm14Q1R2U24wVXc4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwHgQCAAEwGAMEArlXOAMEBbz2wAMEAMFsxwMEA9UF
WDAWBAIAAjAQAwcAIAEGfAG4AwUDKgOYADANBgkqhkiG9w0BAQsFAAOCAQEApMRO
FEZb2RdaHdeTZjQsRqf6v9v0LPBQiOOLPN6OexLaIlwWHDhqnXRyWD2B0neuPwf9
oVD+L6QPbtn0saI+gdierm6i+EllB+LhrQo9CjO6E6t2ONInWSyHhGLnJcaQS9t1
Bew9NXT3Pto5TJHluNGnJ6LaR+U5JyszCAH53/UGxNrm4fqgMJOChbY4Ut4eBlEc
lpm2maOzmyUkAqoUPqUmmLZ8KwaUopzRkjpSEQo7mi6YsdZbeWNkwjP+dTJtTGaE
LJIVg3ZqqJ6LBXyMcGfNRhqS1syJWcaz0ZSjCGi6Yg6nHlSwYhmtWHQMjT5mcZ7H
2TUhERHkTTvaRGbYbA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:37 2024 by rpki-client on console-fra.rpki-client.org