Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xML7XBgeCBCeHBQNVXnlPu5ZgmY.roa
File: xML7XBgeCBCeHBQNVXnlPu5ZgmY.roa (raw, json)
Hash identifier: jJOzHSx5mwFp9gURFfdSFb+GtZ0FtXhBiG7XqBkpYJg=
Subject key identifier: C4:C2:FB:5C:18:1E:08:10:9E:1C:14:0D:55:79:E5:3E:EE:59:82:66
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01850BED36C7525BA292AC7C72E434890D54
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xML7XBgeCBCeHBQNVXnlPu5ZgmY.roa
Signing time: Tue 13 Dec 2022 14:39:33 +0000
ROA not before: Tue 13 Dec 2022 14:39:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211252
IP address blocks: 85.217.145.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.66.230.0/24 maxlen: 24
80.76.51.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.246.220.0/24 maxlen: 24
109.206.241.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
185.254.37.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
79.110.62.0/24 maxlen: 24
79.110.63.0/24 maxlen: 24
194.180.48.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
37.139.129.0/24 maxlen: 24
84.21.172.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0b:ed:36:c7:52:5b:a2:92:ac:7c:72:e4:34:89:0d:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 13 14:39:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4c2fb5c181e08109e1c140d5579e53eee598266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9a:2e:e9:39:ff:22:c9:be:5e:5f:8a:df:19:
56:09:55:4f:ab:c2:f9:5a:34:e7:32:76:f5:4a:21:
be:5d:10:05:46:3e:81:29:51:29:2d:ed:1c:eb:ce:
51:a9:34:cf:1e:cd:ea:f7:b8:5e:38:20:62:52:42:
4a:3d:91:5f:3b:c6:11:69:17:a8:9b:44:09:6a:68:
62:5e:fc:67:b9:c2:d6:8f:b4:76:fd:d1:b2:00:a2:
86:1c:44:8c:a0:fb:d4:f0:74:55:d1:d0:1e:36:ee:
12:43:a8:7d:65:e0:42:b8:5c:33:8e:f1:d5:0f:09:
38:6f:8b:c5:52:e7:bb:7b:21:a7:d2:ab:4a:df:84:
e2:d1:0e:7a:b7:63:e8:84:00:df:79:ce:c2:f0:b6:
7c:a7:e2:25:52:70:36:e2:e0:44:51:11:89:ee:40:
a5:5a:b8:c0:49:e4:ab:a8:73:6d:a9:ea:dd:a4:79:
ab:c5:39:45:ab:3b:1a:b2:59:da:2d:cf:3d:55:09:
c5:43:1f:ba:7f:c4:16:4e:0f:d7:e3:cb:e8:9f:1e:
15:c7:d8:3a:a5:5b:60:9f:73:10:c6:41:59:b4:46:
c9:35:63:ab:f8:cd:8e:99:23:06:35:cd:9b:00:12:
8c:c4:0f:3e:9f:26:99:80:de:05:b2:d5:0c:f6:e3:
1d:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C2:FB:5C:18:1E:08:10:9E:1C:14:0D:55:79:E5:3E:EE:59:82:66
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/xML7XBgeCBCeHBQNVXnlPu5ZgmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.139.128.0/23
45.66.230.0/24
45.81.39.0/24
79.110.62.0/23
80.76.51.0/24
84.21.172.0/24
85.31.44.0/24
85.31.46.0/24
85.217.145.0/24
109.206.240.0/23
109.206.243.0/24
185.216.71.0/24
185.225.73.0/24
185.246.220.0/23
185.252.178.0/24
185.254.37.0/24
193.47.61.0/24
194.55.186.0/24
194.180.48.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:0d:9b:1d:f3:93:0d:03:08:95:a5:60:ff:85:6e:05:d6:6f:
a5:b1:5a:1b:d4:df:d9:0b:e7:37:63:57:5a:6f:6e:9a:ac:f4:
10:7c:4a:1a:f2:4f:19:58:1a:83:34:c1:e5:a0:c1:ea:eb:a4:
9d:7f:38:4c:04:71:53:13:fb:1b:5b:18:93:a6:60:8f:08:9f:
d9:97:30:53:b5:0a:22:51:a5:e6:c5:11:e9:1f:68:39:ec:10:
89:26:fe:ab:86:65:78:52:c3:d7:c5:95:43:85:e9:15:01:0a:
21:b4:70:c6:3a:ad:9f:12:51:6a:09:d2:5d:95:a0:4f:32:e0:
ad:ed:58:3e:e1:14:ea:43:70:9f:da:3a:ed:fc:9b:20:24:d0:
42:df:ac:9d:8d:92:fe:6b:63:8d:99:fa:7b:12:8f:af:b8:d8:
d5:6d:16:7a:ed:2a:16:33:dc:c3:57:e1:c3:d8:69:e0:17:e5:
dd:07:94:e2:25:65:6c:fe:db:91:01:5e:56:7a:aa:89:c4:00:
45:10:30:d3:80:df:e6:d4:36:2b:01:b2:67:03:a2:c8:99:9e:
0b:12:4b:80:4b:a3:f2:8b:24:b5:12:7d:c1:ec:d1:93:12:3e:
09:96:70:e8:d5:b0:a8:e7:8a:eb:d9:65:ec:57:50:11:e1:3d:
8c:a8:82:8f
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAYUL7TbHUluikqx8cuQ0iQ1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMjEzMTQzOTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGMyZmI1YzE4MWUwODEwOWUxYzE0MGQ1NTc5ZTUzZWVlNTk4MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJou6Tn/Ism+Xl+K3xlWCVVPq8L5
WjTnMnb1SiG+XRAFRj6BKVEpLe0c685RqTTPHs3q97heOCBiUkJKPZFfO8YRaReo
m0QJamhiXvxnucLWj7R2/dGyAKKGHESMoPvU8HRV0dAeNu4SQ6h9ZeBCuFwzjvHV
Dwk4b4vFUue7eyGn0qtK34Ti0Q56t2PohADfec7C8LZ8p+IlUnA24uBEURGJ7kCl
WrjASeSrqHNtqerdpHmrxTlFqzsaslnaLc89VQnFQx+6f8QWTg/X48vonx4Vx9g6
pVtgn3MQxkFZtEbJNWOr+M2OmSMGNc2bABKMxA8+nyaZgN4FstUM9uMdOQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFMTC+1wYHggQnhwUDVV55T7uWYJmMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEveE1MN1hCZ2VDQkNlSEJRTlZYbmxQdTVaZ21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEASWLgAME
AC1C5gMEAC1RJwMEAU9uPgMEAFBMMwMEAFQVrAMEAFUfLAMEAFUfLgMEAFXZkQME
AW3O8AMEAG3O8wMEALnYRwMEALnhSQMEAbn23AMEALn8sgMEALn+JQMEAMEvPQME
AMI3ugMEAMK0MDANBgkqhkiG9w0BAQsFAAOCAQEAjA2bHfOTDQMIlaVg/4VuBdZv
pbFaG9Tf2QvnN2NXWm9umqz0EHxKGvJPGVgagzTB5aDB6uuknX84TARxUxP7G1sY
k6Zgjwif2ZcwU7UKIlGl5sUR6R9oOewQiSb+q4ZleFLD18WVQ4XpFQEKIbRwxjqt
nxJRagnSXZWgTzLgre1YPuEU6kNwn9o67fybICTQQt+snY2S/mtjjZn6exKPr7jY
1W0Weu0qFjPcw1fhw9hp4Bfl3QeU4iVlbP7bkQFeVnqqicQARRAw04Df5tQ2KwGy
ZwOiyJmeCxJLgEuj8osktRJ9wezRkxI+CZZw6NWwqOeK69ll7FdQEeE9jKiCjw==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:43 2023 by rpki-client on console-ams.rpki-client.org