Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/RbzEnvYGA4YFIzWzZE4GlJBsMZU.roa
File: RbzEnvYGA4YFIzWzZE4GlJBsMZU.roa (raw, json)
Hash identifier: 4mgT9lcYsVdEBtYsJ9dhRDogeRF/mCRiNbvYyMzBQqE=
Subject key identifier: 45:BC:C4:9E:F6:06:03:86:05:23:35:B3:64:4E:06:94:90:6C:31:95
Certificate issuer: /CN=5cbe9e43024ecc692c335398bb2d967116aac2d9
Certificate serial: 018282B9A8FB0FE85196788180EADF8D0210
Authority key identifier: 5C:BE:9E:43:02:4E:CC:69:2C:33:53:98:BB:2D:96:71:16:AA:C2:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL6eQwJOzGksM1OYuy2WcRaqwtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/RbzEnvYGA4YFIzWzZE4GlJBsMZU.roa
Signing time: Tue 09 Aug 2022 13:09:41 +0000
ROA not before: Tue 09 Aug 2022 13:09:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29588
IP address blocks: 91.247.248.0/22 maxlen: 22
91.247.248.0/24 maxlen: 24
91.247.249.0/24 maxlen: 24
91.247.250.0/24 maxlen: 24
91.247.251.0/24 maxlen: 24
213.108.136.0/24 maxlen: 24
213.108.137.0/24 maxlen: 24
213.108.136.0/21 maxlen: 21
213.108.138.0/24 maxlen: 24
213.108.139.0/24 maxlen: 24
213.108.142.0/24 maxlen: 24
213.108.143.0/24 maxlen: 24
213.108.140.0/24 maxlen: 24
213.108.141.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:b9:a8:fb:0f:e8:51:96:78:81:80:ea:df:8d:02:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbe9e43024ecc692c335398bb2d967116aac2d9
Validity
Not Before: Aug 9 13:09:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=45bcc49ef6060386052335b3644e0694906c3195
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:8b:c3:a8:6a:d8:64:0e:27:76:a2:b0:b4:8b:
42:8a:d0:8c:61:89:34:53:93:49:9a:0b:e8:d1:eb:
8f:24:fd:a6:98:a7:20:b1:9a:77:02:be:df:e6:3f:
23:15:11:98:1a:69:8a:54:b3:6a:2e:7a:62:4c:e1:
16:6b:a2:44:51:41:c4:39:f8:73:5d:97:59:7d:e8:
78:cb:b3:4b:03:0c:1d:e2:dd:10:b9:da:59:6b:37:
3f:33:d2:9d:9a:4a:e4:09:da:05:7a:1a:d9:18:bc:
dd:40:86:d9:28:5a:4d:af:08:75:df:e0:4d:cf:5b:
d9:a7:21:0d:26:97:81:16:3a:d3:1d:15:c3:d1:e1:
ee:aa:fb:c5:d2:6b:df:07:fd:c1:bd:97:e6:9e:b7:
d8:ac:91:39:f1:0a:bd:09:82:ae:bd:d5:4e:41:28:
ed:60:cb:fe:81:a6:db:34:65:4d:a7:39:c3:33:02:
a7:92:aa:d9:50:f8:6f:f5:71:53:34:f4:e5:22:1f:
af:07:5b:2c:b2:2b:30:9c:c6:10:9a:b3:f2:a5:6a:
4f:75:f7:75:ee:15:c3:5f:5c:ca:d1:37:f8:0e:3f:
40:c1:74:00:6f:bb:a9:43:8a:df:be:f8:93:38:9a:
7c:39:ca:5b:03:4e:78:b1:77:0e:4d:f7:a8:ce:e1:
7a:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:BC:C4:9E:F6:06:03:86:05:23:35:B3:64:4E:06:94:90:6C:31:95
X509v3 Authority Key Identifier:
keyid:5C:BE:9E:43:02:4E:CC:69:2C:33:53:98:BB:2D:96:71:16:AA:C2:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL6eQwJOzGksM1OYuy2WcRaqwtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/RbzEnvYGA4YFIzWzZE4GlJBsMZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/XL6eQwJOzGksM1OYuy2WcRaqwtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.248.0/22
213.108.136.0/21
Signature Algorithm: sha256WithRSAEncryption
2f:24:55:eb:43:9a:1b:4c:98:e4:be:0e:da:43:3a:20:6c:85:
02:bd:c5:5d:d2:0e:3f:31:86:e2:44:06:62:31:57:90:d0:a9:
dd:bd:1d:9d:17:e3:b3:4a:14:17:67:9d:72:65:ba:0f:a2:0c:
b6:6f:22:5d:1c:0d:17:a7:a0:18:bb:68:bf:a4:2f:05:6a:14:
be:08:34:41:52:04:d0:72:c8:33:cc:90:7f:7a:ce:fc:4c:6e:
6a:8d:07:6b:3d:17:0d:fc:8f:88:51:db:64:20:a4:50:db:21:
bb:14:32:26:b5:1e:12:27:3d:0d:f8:54:fa:08:4d:8a:2a:d6:
f7:55:34:c2:16:13:b1:0b:36:eb:dc:81:74:f0:b5:21:d1:1e:
2b:dd:d5:ef:fc:77:a6:70:80:d1:89:73:1a:39:05:67:dc:f8:
3a:df:14:a6:ae:dd:05:cd:b5:08:67:22:1d:6d:a5:1c:80:9e:
83:8e:b4:4d:6c:ad:84:26:b0:9e:19:d2:00:dd:37:9b:92:05:
f6:8c:20:91:ec:e6:2d:94:6a:06:91:cc:78:23:3e:f5:e2:47:
8e:d3:b0:70:3a:86:cc:e0:f5:9d:07:7b:fb:9f:b9:ee:98:e1:
1a:fc:26:64:77:ab:68:5f:4c:37:81:db:cc:8f:74:b2:4e:aa:
4a:df:be:c4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYKCuaj7D+hRlniBgOrfjQIQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmU5ZTQzMDI0ZWNjNjkyYzMzNTM5OGJiMmQ5NjcxMTZh
YWMyZDkwHhcNMjIwODA5MTMwOTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWJjYzQ5ZWY2MDYwMzg2MDUyMzM1YjM2NDRlMDY5NDkwNmMzMTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkIvDqGrYZA4ndqKwtItCitCMYYk0
U5NJmgvo0euPJP2mmKcgsZp3Ar7f5j8jFRGYGmmKVLNqLnpiTOEWa6JEUUHEOfhz
XZdZfeh4y7NLAwwd4t0QudpZazc/M9KdmkrkCdoFehrZGLzdQIbZKFpNrwh13+BN
z1vZpyENJpeBFjrTHRXD0eHuqvvF0mvfB/3BvZfmnrfYrJE58Qq9CYKuvdVOQSjt
YMv+gabbNGVNpznDMwKnkqrZUPhv9XFTNPTlIh+vB1sssiswnMYQmrPypWpPdfd1
7hXDX1zK0Tf4Dj9AwXQAb7upQ4rfvviTOJp8OcpbA054sXcOTfeozuF6NQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEW8xJ72BgOGBSM1s2ROBpSQbDGVMB8GA1UdIwQY
MBaAFFy+nkMCTsxpLDNTmLstlnEWqsLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEw2ZVF3Sk96R2tzTTFPWXV5MldjUmFxd3RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xYjA4OWMtZDc0Yi00OWE3LTg5Zjct
MjhhNTZlYTVjZjBiLzEvUmJ6RW52WUdBNFlGSXpXelpFNEdsSkJzTVpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xYjA4OWMtZDc0Yi00OWE3LTg5ZjctMjhhNTZlYTVjZjBi
LzEvWEw2ZVF3Sk96R2tzTTFPWXV5MldjUmFxd3RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW/f4AwQD
1WyIMA0GCSqGSIb3DQEBCwUAA4IBAQAvJFXrQ5obTJjkvg7aQzogbIUCvcVd0g4/
MYbiRAZiMVeQ0KndvR2dF+OzShQXZ51yZboPogy2byJdHA0Xp6AYu2i/pC8FahS+
CDRBUgTQcsgzzJB/es78TG5qjQdrPRcN/I+IUdtkIKRQ2yG7FDImtR4SJz0N+FT6
CE2KKtb3VTTCFhOxCzbr3IF08LUh0R4r3dXv/HemcIDRiXMaOQVn3Pg63xSmrt0F
zbUIZyIdbaUcgJ6DjrRNbK2EJrCeGdIA3TebkgX2jCCR7OYtlGoGkcx4Iz714keO
07BwOobM4PWdB3v7n7numOEa/CZkd6toX0w3gdvMj3SyTqpK377E
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:33 2023 by rpki-client on console-ams.rpki-client.org