Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xb-8OjX-wXvJmzRSl3yUczBPddQ.roa
File: xb-8OjX-wXvJmzRSl3yUczBPddQ.roa (raw, json)
Hash identifier: Nr9y6wgJONRts47DsFDMA4pf9zjViR8lITselAxY21o=
Subject key identifier: C5:BF:BC:3A:35:FE:C1:7B:C9:9B:34:52:97:7C:94:73:30:4F:75:D4
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 1AEFA4F6
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xb-8OjX-wXvJmzRSl3yUczBPddQ.roa
Signing time: Tue 03 May 2022 17:01:38 +0000
ROA not before: Tue 03 May 2022 17:01:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8708
IP address blocks: 217.156.14.0/24 maxlen: 24
193.231.227.0/24 maxlen: 24
193.231.233.0/24 maxlen: 24
193.231.236.0/24 maxlen: 24
193.231.238.0/24 maxlen: 24
193.231.252.0/24 maxlen: 24
193.231.184.0/24 maxlen: 24
193.231.187.0/24 maxlen: 24
193.231.188.0/24 maxlen: 24
193.231.189.0/24 maxlen: 24
194.102.134.0/24 maxlen: 24
80.97.149.0/24 maxlen: 24
80.97.147.0/24 maxlen: 24
80.97.148.0/24 maxlen: 24
81.180.27.0/24 maxlen: 24
81.181.128.0/24 maxlen: 24
81.181.167.0/24 maxlen: 24
80.96.67.0/24 maxlen: 24
80.96.79.0/24 maxlen: 24
80.96.12.0/24 maxlen: 24
194.102.229.0/24 maxlen: 24
80.96.51.0/24 maxlen: 24
80.96.47.0/24 maxlen: 24
193.231.108.0/24 maxlen: 24
193.226.116.0/24 maxlen: 24
193.226.127.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 451912950 (0x1aefa4f6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: May 3 17:01:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5bfbc3a35fec17bc99b3452977c9473304f75d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:eb:34:77:5a:dd:45:e9:3c:f7:ef:67:82:37:
9a:89:61:aa:9e:b7:a5:1f:7c:39:6c:ac:4d:74:c4:
0b:10:9b:e3:32:f8:55:02:80:20:6c:a7:02:ed:94:
0f:3d:58:8d:13:f2:b2:9d:91:c7:f5:ed:45:45:91:
f0:f0:0e:b4:26:47:78:69:79:8d:41:8b:7c:ef:58:
c3:c2:35:d2:cb:99:ef:75:b6:67:41:c0:88:24:e4:
dd:55:c5:47:26:86:cb:86:0a:42:65:31:99:d9:7d:
1b:a6:f0:b8:e0:91:86:0c:78:fc:d9:8e:6f:4c:22:
0e:1d:55:e0:8a:7e:d1:68:69:75:25:ac:86:4e:03:
b5:7d:f8:01:39:c7:75:0f:a7:9f:c6:e7:00:2d:9e:
29:ca:b4:c6:e0:fd:83:37:b8:6d:f8:5a:a3:18:4a:
1d:50:18:b9:82:06:64:4f:d3:83:ef:d1:4c:3b:61:
c1:a6:07:1e:c8:ce:d5:c3:86:a4:c2:37:ff:bc:86:
5f:83:bf:f0:cb:1e:e5:a5:5b:2d:c8:72:6a:97:e9:
5e:a9:84:f4:b1:09:57:68:2d:69:c5:da:14:fa:39:
b4:a5:94:1c:9c:f6:ff:65:9e:a9:8f:da:08:0a:b5:
57:79:65:d0:6f:ba:c5:47:66:a0:f9:a2:9b:0a:cd:
47:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:BF:BC:3A:35:FE:C1:7B:C9:9B:34:52:97:7C:94:73:30:4F:75:D4
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/xb-8OjX-wXvJmzRSl3yUczBPddQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.12.0/24
80.96.47.0/24
80.96.51.0/24
80.96.67.0/24
80.96.79.0/24
80.97.147.0-80.97.149.255
81.180.27.0/24
81.181.128.0/24
81.181.167.0/24
193.226.116.0/24
193.226.127.0/24
193.231.108.0/24
193.231.184.0/24
193.231.187.0-193.231.189.255
193.231.227.0/24
193.231.233.0/24
193.231.236.0/24
193.231.238.0/24
193.231.252.0/24
194.102.134.0/24
194.102.229.0/24
217.156.14.0/24
Signature Algorithm: sha256WithRSAEncryption
42:66:63:5c:2e:90:0d:98:21:e1:50:03:95:f8:31:38:d7:51:
ce:5f:8d:2c:3c:fb:cb:4d:5f:b4:76:06:29:e9:b8:73:b9:9e:
c5:e3:0a:05:6c:4d:18:36:16:d6:84:d6:8b:d8:55:4d:38:e9:
3a:f7:d7:7a:03:2e:2f:f3:79:f6:3d:df:d4:9a:c1:c1:6d:ad:
b3:2c:45:b7:a2:41:75:ab:2a:66:c1:e9:a4:d4:01:9d:8e:19:
fe:e2:b4:d7:9d:86:2c:25:c0:9a:dd:af:b2:49:27:2e:1b:3e:
ee:0a:cd:65:23:82:95:8b:58:24:c6:f2:29:bc:52:27:65:0d:
71:2f:d0:87:e8:ae:7b:1e:49:95:3d:72:27:27:ab:74:a1:a9:
0c:60:4c:12:1b:53:ff:6d:b7:e9:24:65:4a:29:bb:15:ca:e8:
0c:f5:a9:9e:61:ee:09:90:71:81:26:dd:37:49:4a:2c:95:c9:
7c:3a:5c:95:f6:b8:96:f2:7f:c3:fe:8b:c4:cd:22:98:29:9c:
c6:4c:91:e8:fe:3f:d4:54:c6:28:80:c0:37:e5:fa:35:32:0f:
c3:5b:53:4e:45:84:d8:11:65:f5:50:cd:a9:18:2c:88:37:de:
f7:21:d3:63:b3:b8:d1:58:89:4f:61:0f:13:60:14:89:bc:1b:
04:8b:b1:df
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgIEGu+k9jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDUw
MzE3MDEzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzViZmJjM2EzNWZl
YzE3YmM5OWIzNDUyOTc3Yzk0NzMzMDRmNzVkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALfrNHda3UXpPPfvZ4I3molhqp63pR98OWysTXTECxCb4zL4
VQKAIGynAu2UDz1YjRPysp2Rx/XtRUWR8PAOtCZHeGl5jUGLfO9Yw8I10suZ73W2
Z0HAiCTk3VXFRyaGy4YKQmUxmdl9G6bwuOCRhgx4/NmOb0wiDh1V4Ip+0WhpdSWs
hk4DtX34ATnHdQ+nn8bnAC2eKcq0xuD9gze4bfhaoxhKHVAYuYIGZE/Tg+/RTDth
waYHHsjO1cOGpMI3/7yGX4O/8Mse5aVbLchyapfpXqmE9LEJV2gtacXaFPo5tKWU
HJz2/2WeqY/aCAq1V3ll0G+6xUdmoPmimwrNR80CAwEAAaOCApwwggKYMB0GA1Ud
DgQWBBTFv7w6Nf7Be8mbNFKXfJRzME911DAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L3hiLThPalgtd1h2Sm16UlNsM3lVY3pCUGRkUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
sQYIKwYBBQUHAQcBAf8EgaEwgZ4wgZsEAgABMIGUAwQAUGAMAwQAUGAvAwQAUGAz
AwQAUGBDAwQAUGBPMAwDBABQYZMDBAFQYZQDBABRtBsDBABRtYADBABRtacDBADB
4nQDBADB4n8DBADB52wDBADB57gwDAMEAMHnuwMEAcHnvAMEAMHn4wMEAMHn6QME
AMHn7AMEAMHn7gMEAMHn/AMEAMJmhgMEAMJm5QMEANmcDjANBgkqhkiG9w0BAQsF
AAOCAQEAQmZjXC6QDZgh4VADlfgxONdRzl+NLDz7y01ftHYGKem4c7mexeMKBWxN
GDYW1oTWi9hVTTjpOvfXegMuL/N59j3f1JrBwW2tsyxFt6JBdasqZsHppNQBnY4Z
/uK0152GLCXAmt2vskknLhs+7grNZSOClYtYJMbyKbxSJ2UNcS/Qh+iuex5JlT1y
JyerdKGpDGBMEhtT/2236SRlSim7FcroDPWpnmHuCZBxgSbdN0lKLJXJfDpclfa4
lvJ/w/6LxM0imCmcxkyR6P4/1FTGKIDAN+X6NTIPw1tTTkWE2BFl9VDNqRgsiDfe
9yHTY7O40ViJT2EPE2AUibwbBIux3w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:22 2024 by rpki-client on console-fra.rpki-client.org