Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xM8rpy6csK7-VS_SLf_9bu78SyI.roa
File: xM8rpy6csK7-VS_SLf_9bu78SyI.roa (raw, json)
Hash identifier: 8S9zqengxs7OKtoEQfU58VU97X4xn1kKcwHM6bzSN7w=
Subject key identifier: C4:CF:2B:A7:2E:9C:B0:AE:FE:55:2F:D2:2D:FF:FD:6E:EE:FC:4B:22
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01841504C904B81501FE29A68DE5F2701B42
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xM8rpy6csK7-VS_SLf_9bu78SyI.roa
Signing time: Wed 26 Oct 2022 15:59:05 +0000
ROA not before: Wed 26 Oct 2022 15:59:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208485
IP address blocks: 85.209.123.0/24 maxlen: 24
85.209.122.0/24 maxlen: 24
45.9.30.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.188.0/24 maxlen: 24
194.15.53.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.88.137.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:15:04:c9:04:b8:15:01:fe:29:a6:8d:e5:f2:70:1b:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 26 15:59:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4cf2ba72e9cb0aefe552fd22dfffd6eeefc4b22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:08:97:0e:ac:6e:fb:59:cf:b8:e5:0c:1e:54:
13:3a:90:40:0a:2c:b3:c0:8e:6a:96:27:8e:9e:15:
b3:6c:5a:73:41:02:e7:6f:fb:c7:ae:47:a0:db:18:
bb:c7:ce:3b:ac:3b:0e:57:bf:eb:11:6d:26:01:ea:
ea:b3:51:95:a1:d9:ba:36:27:e6:9e:f1:0e:90:2b:
fb:29:f8:16:30:27:b1:4e:fe:65:73:30:cd:77:e4:
f2:f3:18:ae:04:fb:53:cc:66:b3:b3:bf:81:0f:41:
54:b1:46:f5:f6:1e:74:43:22:82:24:d5:52:75:fa:
f3:b2:d2:ea:9f:9d:4b:91:dc:bb:aa:1c:62:ab:0f:
75:b9:cf:3c:c8:b6:e3:90:93:ad:af:42:e2:8a:f7:
46:49:19:8f:0c:51:71:66:0e:33:55:75:09:d0:31:
73:6c:ce:57:5f:0a:9c:33:06:2e:40:0d:b4:58:28:
f0:6d:a8:dd:ee:47:20:a0:2e:a0:ab:14:38:41:3f:
41:52:f3:65:46:1e:f2:4b:37:ca:f4:32:2e:43:e6:
24:5f:01:f3:6a:9c:fb:ee:ce:51:4c:43:f3:34:9b:
ff:44:35:fb:d3:1f:42:ca:8b:a1:cf:95:95:d6:18:
eb:85:c1:e7:8c:7c:44:27:27:58:37:b7:54:8d:ed:
a4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:CF:2B:A7:2E:9C:B0:AE:FE:55:2F:D2:2D:FF:FD:6E:EE:FC:4B:22
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/xM8rpy6csK7-VS_SLf_9bu78SyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.30.0/24
45.13.188.0/23
45.88.137.0/24
45.132.180.0/24
85.209.122.0/23
194.15.52.0/23
Signature Algorithm: sha256WithRSAEncryption
13:23:ba:25:6a:61:c0:0a:cd:08:47:40:e9:a8:2a:a3:ee:1f:
a6:75:2f:e9:4c:3a:6b:61:53:6d:e5:39:64:0d:9d:cc:df:0c:
b7:88:e1:af:fd:fc:8d:f3:a1:fd:a9:cb:7f:a2:f9:1f:6e:10:
da:78:72:43:7a:7d:cd:c7:20:e0:7f:5a:d7:3b:58:aa:34:58:
74:fe:a1:67:83:e4:a6:ca:a9:47:dc:a9:d4:32:73:64:1b:ca:
2a:b6:41:df:42:f8:40:a9:d9:09:58:e1:30:a1:5e:61:31:85:
65:60:3d:72:b0:73:2d:2d:24:41:6f:df:70:3d:46:fb:30:0d:
bf:9a:b9:0a:bb:22:26:26:d5:c9:2d:e6:4c:81:e6:db:3c:8d:
54:31:ce:54:f2:2f:bb:8e:c9:ba:a6:59:8d:ec:37:b9:21:4a:
df:ea:8c:6f:a2:57:7a:a1:e6:ce:a7:0b:d4:ce:68:b9:bb:75:
39:66:62:c4:6d:7c:58:f6:e2:12:b2:19:7c:08:ce:bb:be:39:
fc:16:e6:a5:98:2d:ab:b6:be:b0:87:d3:4f:e4:32:8a:f4:8e:
bb:e8:92:ef:12:f9:93:23:61:ff:5a:cb:86:7b:e0:ed:6f:c7:
54:6f:21:38:8f:8d:a3:d9:72:25:7d:8c:1c:4b:18:70:2e:eb:
61:28:6f:ca
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYQVBMkEuBUB/immjeXycBtCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjIxMDI2MTU1OTA1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGNmMmJhNzJlOWNiMGFlZmU1NTJmZDIyZGZmZmQ2ZWVlZmM0YjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAiXDqxu+1nPuOUMHlQTOpBACiyz
wI5qlieOnhWzbFpzQQLnb/vHrkeg2xi7x847rDsOV7/rEW0mAerqs1GVodm6Nifm
nvEOkCv7KfgWMCexTv5lczDNd+Ty8xiuBPtTzGazs7+BD0FUsUb19h50QyKCJNVS
dfrzstLqn51Lkdy7qhxiqw91uc88yLbjkJOtr0LiivdGSRmPDFFxZg4zVXUJ0DFz
bM5XXwqcMwYuQA20WCjwbajd7kcgoC6gqxQ4QT9BUvNlRh7ySzfK9DIuQ+YkXwHz
apz77s5RTEPzNJv/RDX70x9Cyouhz5WV1hjrhcHnjHxEJydYN7dUje2kUQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMTPK6cunLCu/lUv0i3//W7u/EsiMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEveE04cnB5NmNzSzctVlNfU0xmXzlidTc4U3lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQkeAwQB
LQ28AwQALViJAwQALYS0AwQBVdF6AwQBwg80MA0GCSqGSIb3DQEBCwUAA4IBAQAT
I7olamHACs0IR0DpqCqj7h+mdS/pTDprYVNt5TlkDZ3M3wy3iOGv/fyN86H9qct/
ovkfbhDaeHJDen3NxyDgf1rXO1iqNFh0/qFng+SmyqlH3KnUMnNkG8oqtkHfQvhA
qdkJWOEwoV5hMYVlYD1ysHMtLSRBb99wPUb7MA2/mrkKuyImJtXJLeZMgebbPI1U
Mc5U8i+7jsm6plmN7De5IUrf6oxvold6oebOpwvUzmi5u3U5ZmLEbXxY9uISshl8
CM67vjn8FualmC2rtr6wh9NP5DKK9I676JLvEvmTI2H/WsuGe+Dtb8dUbyE4j42j
2XIlfYwcSxhwLuthKG/K
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:33 2023 by rpki-client on console-fra.rpki-client.org