Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/xBLrTA9VDHFXO2U4MV5mbb3NeDY.roa
File: xBLrTA9VDHFXO2U4MV5mbb3NeDY.roa (raw, json)
Hash identifier: BpLkbdcEXXB8w7dhKhUQPcLY1+xdtpkCsLsHuWIL6vw=
Subject key identifier: C4:12:EB:4C:0F:55:0C:71:57:3B:65:38:31:5E:66:6D:BD:CD:78:36
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 018480C68209CAC3B036746984F9618063A1
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/xBLrTA9VDHFXO2U4MV5mbb3NeDY.roa
Signing time: Wed 16 Nov 2022 14:10:03 +0000
ROA not before: Wed 16 Nov 2022 14:10:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201382
IP address blocks: 213.208.171.0/24 maxlen: 24
85.91.105.0/24 maxlen: 24
85.91.107.0/24 maxlen: 24
85.91.108.0/22 maxlen: 22
85.91.108.0/24 maxlen: 24
85.91.123.0/24 maxlen: 24
84.47.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:80:c6:82:09:ca:c3:b0:36:74:69:84:f9:61:80:63:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Nov 16 14:10:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c412eb4c0f550c71573b6538315e666dbdcd7836
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6b:81:df:7f:65:8f:9f:7d:7e:35:f6:99:92:
82:64:02:c4:b9:bd:68:2e:e8:ec:95:9f:98:15:dd:
a6:0d:18:78:d7:13:3e:33:ca:84:c4:ee:c4:6a:f7:
8f:fe:96:73:a0:2e:68:dd:8b:fd:73:4f:67:54:d5:
ab:d1:33:ff:73:d6:a3:20:2d:4c:42:52:ca:0a:36:
f7:15:11:1a:42:c8:d2:40:90:6b:2e:a3:93:09:fd:
fa:eb:86:db:75:31:9c:68:6a:53:22:92:0c:3e:77:
a6:15:be:67:55:cf:51:79:d9:a6:f5:81:1b:6f:ba:
df:41:60:18:a5:4d:cc:b1:14:1b:9d:ae:8d:55:00:
f5:5d:6f:d0:f3:3e:90:06:59:45:df:de:7e:28:10:
c7:e7:b9:05:67:6d:31:78:6b:44:61:34:42:86:ab:
62:a8:81:df:d1:33:be:ae:8a:f7:ec:bc:36:03:01:
58:66:b3:37:be:52:d8:7e:15:03:38:b3:03:fa:cf:
dc:8e:1b:d7:9a:17:74:36:05:6e:df:e4:8f:2b:2a:
fc:b2:a4:d9:13:dd:bc:ca:92:06:37:d7:4b:9c:8c:
00:f0:a1:fa:98:54:95:ab:d1:3b:11:91:07:aa:d9:
e8:f2:5d:24:9e:12:a0:5e:97:a0:bc:17:c8:74:59:
69:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:12:EB:4C:0F:55:0C:71:57:3B:65:38:31:5E:66:6D:BD:CD:78:36
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/xBLrTA9VDHFXO2U4MV5mbb3NeDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.189.0/24
85.91.105.0/24
85.91.107.0-85.91.111.255
85.91.123.0/24
213.208.171.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:fd:0d:20:19:8c:da:13:c9:34:61:04:f4:4c:e2:36:5e:e0:
d5:52:9e:d9:e6:5f:e6:1e:8f:c8:7a:c8:be:ef:99:79:db:0b:
60:07:f1:77:22:ed:be:09:f9:03:56:9d:27:66:ce:f6:f8:e4:
2b:a9:1d:e6:4d:fd:59:e9:26:f3:b4:86:70:10:3c:97:7d:41:
b6:98:79:14:2e:83:8b:20:68:ad:cd:dc:8e:5b:ab:73:38:17:
7b:08:8c:09:59:72:6d:fa:4c:c5:67:b1:bb:4f:6c:53:d3:3a:
5e:eb:11:78:16:dc:1e:21:59:bd:87:a9:2e:7c:14:4d:d9:b4:
b7:ae:89:ec:07:b8:ca:1c:4e:14:11:1f:c7:4b:a4:44:e6:d7:
f2:cf:fa:a5:49:7e:22:0e:c8:85:70:99:38:fe:f2:77:dd:b2:
f2:82:b4:24:a9:65:df:dd:78:dd:df:a6:01:a8:3a:1a:61:7d:
3b:27:eb:bf:28:d4:53:4b:21:48:21:46:17:b5:77:52:0a:87:
00:30:70:20:45:d0:a0:f5:2f:ee:6c:66:be:48:f6:3c:37:56:
25:58:a7:8b:9f:1f:78:9c:90:4c:b9:48:0c:28:42:18:cd:d6:
30:b0:1b:2c:58:a6:66:b0:e9:d7:35:af:92:73:73:b3:db:c0:
62:e2:be:1a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYSAxoIJysOwNnRphPlhgGOhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjIxMTE2MTQxMDAzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDEyZWI0YzBmNTUwYzcxNTczYjY1MzgzMTVlNjY2ZGJkY2Q3ODM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWuB339lj599fjX2mZKCZALEub1o
LujslZ+YFd2mDRh41xM+M8qExO7EaveP/pZzoC5o3Yv9c09nVNWr0TP/c9ajIC1M
QlLKCjb3FREaQsjSQJBrLqOTCf3664bbdTGcaGpTIpIMPnemFb5nVc9Redmm9YEb
b7rfQWAYpU3MsRQbna6NVQD1XW/Q8z6QBllF395+KBDH57kFZ20xeGtEYTRChqti
qIHf0TO+ror37Lw2AwFYZrM3vlLYfhUDOLMD+s/cjhvXmhd0NgVu3+SPKyr8sqTZ
E928ypIGN9dLnIwA8KH6mFSVq9E7EZEHqtno8l0knhKgXpegvBfIdFlp5QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFMQS60wPVQxxVztlODFeZm29zXg2MB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEveEJMclRBOVZESEZYTzJVNE1WNW1iYjNOZURZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVC+9AwQA
VVtpMAwDBABVW2sDBARVW2ADBABVW3sDBADV0KswDQYJKoZIhvcNAQELBQADggEB
AKD9DSAZjNoTyTRhBPRM4jZe4NVSntnmX+Yej8h6yL7vmXnbC2AH8Xci7b4J+QNW
nSdmzvb45CupHeZN/VnpJvO0hnAQPJd9QbaYeRQug4sgaK3N3I5bq3M4F3sIjAlZ
cm36TMVnsbtPbFPTOl7rEXgW3B4hWb2HqS58FE3ZtLeuiewHuMocThQRH8dLpETm
1/LP+qVJfiIOyIVwmTj+8nfdsvKCtCSpZd/deN3fpgGoOhphfTsn678o1FNLIUgh
Rhe1d1IKhwAwcCBF0KD1L+5sZr5I9jw3ViVYp4ufH3ickEy5SAwoQhjN1jCwGyxY
pmaw6dc1r5Jzc7PbwGLivho=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:33 2024 by rpki-client on console-fra.rpki-client.org