Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XctT8YBm-rDIWlgNK5dXAveMizc.roa
File: XctT8YBm-rDIWlgNK5dXAveMizc.roa (raw, json)
Hash identifier: PYQ3St7RU9Xo+/NNxXTOA4zdj6eIXHCbGwGwgbWKMyc=
Subject key identifier: 5D:CB:53:F1:80:66:FA:B0:C8:5A:58:0D:2B:97:57:02:F7:8C:8B:37
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 1E909912
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XctT8YBm-rDIWlgNK5dXAveMizc.roa
Signing time: Fri 20 May 2022 13:50:21 +0000
ROA not before: Fri 20 May 2022 13:50:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209371
IP address blocks: 185.218.139.0/24 maxlen: 24
37.139.131.0/24 maxlen: 24
37.139.130.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
178.215.224.0/24 maxlen: 24
178.215.225.0/24 maxlen: 24
178.215.227.0/24 maxlen: 24
178.215.239.0/24 maxlen: 24
185.252.176.0/24 maxlen: 24
193.47.60.0/24 maxlen: 24
193.47.63.0/24 maxlen: 24
193.47.62.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
194.48.251.0/24 maxlen: 24
194.55.184.0/24 maxlen: 24
194.48.248.0/24 maxlen: 24
194.55.185.0/24 maxlen: 24
194.48.249.0/24 maxlen: 24
194.55.187.0/24 maxlen: 24
185.216.68.0/24 maxlen: 24
79.110.48.0/24 maxlen: 24
79.110.49.0/24 maxlen: 24
79.110.50.0/24 maxlen: 24
79.110.51.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
83.219.96.0/24 maxlen: 24
83.219.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 512792850 (0x1e909912)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: May 20 13:50:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dcb53f18066fab0c85a580d2b975702f78c8b37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9d:92:d0:00:49:97:80:cf:fa:45:92:be:f5:
36:fc:95:41:71:61:70:d1:75:50:a8:bb:0d:14:cf:
0e:fe:b9:b3:c7:92:4d:2a:5c:bd:05:e5:19:ab:1b:
6d:44:85:e3:19:9b:72:7b:fb:65:7e:3c:81:70:d1:
0f:5b:29:58:b7:60:ae:9f:fc:42:c5:c5:a9:f9:41:
25:da:dc:d9:15:24:c4:29:e0:ae:dd:9f:1b:eb:01:
1b:10:9c:ff:51:2f:42:c0:85:43:25:8b:33:1d:f7:
92:06:9d:61:19:5e:45:84:62:b9:ad:0a:6e:7d:fb:
b1:f6:44:e9:03:c8:e3:8e:8b:ea:01:55:34:15:ef:
38:d6:62:a0:ba:62:9d:63:f4:0f:8d:8a:8a:6e:6d:
28:2e:37:db:24:cd:86:89:fb:29:20:18:33:4a:ae:
6d:4a:20:18:1c:f7:e4:6a:ec:2b:27:a4:cb:dd:0e:
64:a7:6d:c3:4c:87:31:ad:5b:f4:94:83:16:ed:cd:
f8:6d:8e:56:26:b7:7e:9a:fe:44:1d:66:9a:a2:f6:
94:fd:15:09:5c:a7:95:63:60:16:49:69:25:20:fe:
85:ad:5e:6b:9a:83:b6:0d:43:fa:04:15:35:ce:c3:
fc:a1:6d:79:2b:31:31:76:38:5b:d4:b0:32:8e:36:
ea:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CB:53:F1:80:66:FA:B0:C8:5A:58:0D:2B:97:57:02:F7:8C:8B:37
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XctT8YBm-rDIWlgNK5dXAveMizc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.130.0/23
79.110.48.0/22
83.219.96.0/22
87.120.84.0/24
87.120.87.0/24
178.215.224.0/22
178.215.239.0/24
185.216.68.0/24
185.218.139.0/24
185.252.176.0/24
193.35.18.0/24
193.47.60.0/24
193.47.62.0/23
194.48.248.0/22
194.55.184.0/23
194.55.187.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:e3:69:8d:e1:f4:8c:3d:b5:5c:95:e0:95:1d:5d:64:42:f5:
41:d7:b6:62:93:cb:8c:cf:9f:41:a5:58:9b:74:6d:27:b8:0f:
af:48:57:c7:45:b9:10:fb:84:4e:28:61:c9:a3:6e:f6:00:a4:
b8:d2:f0:12:52:82:7f:01:8b:ab:10:59:25:b9:a6:28:e1:2d:
d1:b2:3b:46:b7:1d:41:c9:a6:40:2c:ac:85:0e:9d:17:8e:41:
b9:25:08:6a:64:f2:5b:6b:af:00:8c:d0:10:8d:f9:53:c9:34:
b5:29:75:80:d9:f2:bd:11:ff:4a:ec:dc:a2:a3:4c:19:f6:a5:
84:66:fe:18:d6:61:2a:37:3d:11:57:be:21:94:c8:c1:f6:68:
8a:f6:13:66:4f:df:dd:48:dc:d6:6b:b9:c6:25:88:a3:30:9c:
96:7e:62:ac:81:62:83:03:2f:fd:48:79:55:98:9c:6c:f6:c0:
2e:d0:ac:a6:50:fa:a7:ee:58:d0:6e:53:2f:ae:e0:75:4a:fa:
a2:b0:d7:c9:f4:e0:ce:df:ff:0e:a1:ed:71:ff:ce:03:b0:61:
bf:ed:7f:79:39:cc:0e:d1:a0:4e:8c:37:91:c9:05:96:7c:bc:
52:5b:d0:8a:dd:b3:93:95:a3:e4:c0:d9:35:e2:20:db:18:9d:
4b:02:25:d1
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIEHpCZEjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MmM0YWMzZTNjNDNkNzBkMDUzNDljODE1YmFhZGQzOGFkNzc1ZTlkMB4XDTIyMDUy
MDEzNTAyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRjYjUzZjE4MDY2
ZmFiMGM4NWE1ODBkMmI5NzU3MDJmNzhjOGIzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKCdktAASZeAz/pFkr71NvyVQXFhcNF1UKi7DRTPDv65s8eS
TSpcvQXlGasbbUSF4xmbcnv7ZX48gXDRD1spWLdgrp/8QsXFqflBJdrc2RUkxCng
rt2fG+sBGxCc/1EvQsCFQyWLMx33kgadYRleRYRiua0Kbn37sfZE6QPI446L6gFV
NBXvONZioLpinWP0D42Kim5tKC432yTNhon7KSAYM0qubUogGBz35GrsKyeky90O
ZKdtw0yHMa1b9JSDFu3N+G2OVia3fpr+RB1mmqL2lP0VCVynlWNgFklpJSD+ha1e
a5qDtg1D+gQVNc7D/KFteSsxMXY4W9SwMo426lECAwEAAaOCAmMwggJfMB0GA1Ud
DgQWBBRdy1PxgGb6sMhaWA0rl1cC94yLNzAfBgNVHSMEGDAWgBQixKw+PEPXDQU0
nIFbqt04rXdenTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8x
L1hjdFQ4WUJtLXJESVdsZ05LNWRYQXZlTWl6Yy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
OTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcxMi8xL0lzU3NQanhEMXcw
Rk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB5
BggrBgEFBQcBBwEB/wRqMGgwZgQCAAEwYAMEASWLggMEAk9uMAMEAlPbYAMEAFd4
VAMEAFd4VwMEArLX4AMEALLX7wMEALnYRAMEALnaiwMEALn8sAMEAMEjEgMEAMEv
PAMEAcEvPgMEAsIw+AMEAcI3uAMEAMI3uzANBgkqhkiG9w0BAQsFAAOCAQEACuNp
jeH0jD21XJXglR1dZEL1Qde2YpPLjM+fQaVYm3RtJ7gPr0hXx0W5EPuETihhyaNu
9gCkuNLwElKCfwGLqxBZJbmmKOEt0bI7RrcdQcmmQCyshQ6dF45BuSUIamTyW2uv
AIzQEI35U8k0tSl1gNnyvRH/SuzcoqNMGfalhGb+GNZhKjc9EVe+IZTIwfZoivYT
Zk/f3Ujc1mu5xiWIozCcln5irIFigwMv/Uh5VZicbPbALtCsplD6p+5Y0G5TL67g
dUr6orDXyfTgzt//DqHtcf/OA7Bhv+1/eTnMDtGgTow3kckFlny8UlvQit2zk5Wj
5MDZNeIg2xidSwIl0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org