Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XttVlbE9bY066sl7FdfKsDss6lc.roa
File: XttVlbE9bY066sl7FdfKsDss6lc.roa (raw, json)
Hash identifier: u30FIF0YfvHPuzcnoQ4sUnfpAI2adNPLNrcPm0aNlh0=
Subject key identifier: 5E:DB:55:95:B1:3D:6D:8D:3A:EA:C9:7B:15:D7:CA:B0:3B:2C:EA:57
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018226FE1C610D654D1EE6B47921562E097C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XttVlbE9bY066sl7FdfKsDss6lc.roa
Signing time: Fri 22 Jul 2022 17:39:23 +0000
ROA not before: Fri 22 Jul 2022 17:39:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 22773
IP address blocks: 5.182.28.0/22 maxlen: 22
194.50.200.0/23 maxlen: 23
195.138.96.0/19 maxlen: 24
194.50.206.0/23 maxlen: 23
91.242.105.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.120.0/21 maxlen: 21
185.173.244.0/22 maxlen: 24
45.88.124.0/22 maxlen: 22
91.242.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:26:fe:1c:61:0d:65:4d:1e:e6:b4:79:21:56:2e:09:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 22 17:39:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5edb5595b13d6d8d3aeac97b15d7cab03b2cea57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:d7:2f:bb:e4:1c:21:3a:20:c4:e5:25:d1:04:
b5:88:e0:df:f6:8d:93:3a:d7:37:79:20:4e:b7:2c:
70:ec:e5:28:e4:5b:5d:91:2e:b6:9f:3b:3b:84:7c:
b4:f6:da:62:03:06:35:8d:61:97:87:28:3b:c6:28:
32:ef:d1:32:c0:0a:ce:82:30:4c:1f:d8:77:99:df:
c8:7c:e0:50:19:8c:86:fe:54:3e:41:d8:08:37:dd:
83:07:e4:ac:70:4f:a1:eb:2c:6c:81:9b:b4:10:ae:
66:e5:f8:76:7d:ff:f4:e0:e2:37:08:a0:45:ad:fa:
02:0a:01:1c:ca:99:b5:50:c4:65:4c:c0:f4:48:a5:
f8:39:7a:a2:94:34:de:c5:18:73:fc:02:e3:58:2a:
50:83:e7:80:91:03:61:ac:29:18:55:73:26:80:11:
97:75:36:00:93:90:2a:e8:d4:11:f5:e4:42:22:4e:
54:65:ca:e5:33:24:18:cc:34:75:48:35:7a:d8:33:
ae:7f:18:59:16:5a:fe:b0:ba:81:9c:de:43:3e:76:
46:56:98:8e:ec:5e:18:d7:34:71:a7:58:8d:ac:52:
0c:69:26:ef:24:6f:88:86:cc:be:ca:2f:d1:52:b6:
74:e3:31:86:8d:14:8d:39:05:17:9a:dd:5c:50:78:
23:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:DB:55:95:B1:3D:6D:8D:3A:EA:C9:7B:15:D7:CA:B0:3B:2C:EA:57
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/XttVlbE9bY066sl7FdfKsDss6lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.88.124.0/22
91.242.64.0/22
91.242.105.0/24
91.242.108.0/22
91.242.120.0/21
185.173.244.0/22
194.50.200.0/23
194.50.206.0/23
195.138.96.0/19
Signature Algorithm: sha256WithRSAEncryption
0d:7a:40:4a:98:83:41:94:36:3c:3b:bd:37:1a:d7:0f:06:2d:
84:28:7e:8a:ce:f6:b7:3a:97:99:5a:54:b7:58:b6:10:0c:b3:
19:3b:de:55:82:6f:9d:9a:50:4f:37:4d:7b:f3:a1:69:4b:10:
66:61:ec:9b:f3:8d:5a:b3:9c:02:62:37:94:36:0d:a3:6b:32:
ff:0a:1f:22:dc:b1:f5:86:95:70:fd:d4:6a:2a:b6:bd:99:c4:
63:7d:a5:cb:72:27:b5:b1:c6:9c:09:0e:70:38:e7:20:3b:ac:
3a:7e:d7:ca:8e:75:54:ad:f5:86:22:21:fc:26:ea:40:23:05:
f5:73:8e:34:a9:7b:8b:b7:bd:88:0e:33:a0:59:5a:33:89:88:
4c:cf:85:32:c1:86:41:94:bb:48:56:67:31:cb:79:34:27:d3:
41:00:85:88:30:f0:f0:67:5f:8d:b2:2b:6f:83:54:43:bd:36:
52:5a:57:8e:11:cd:e5:45:9a:3c:c0:88:f8:06:04:0c:ce:8e:
d2:a9:f7:6f:3e:11:a6:60:f2:97:26:3b:1f:84:a9:b1:4f:b8:
61:d8:3f:f6:68:48:8d:11:f5:c9:97:21:2b:f4:fc:18:fc:fd:
04:03:97:eb:81:18:22:af:5c:8a:4d:9d:01:e4:2f:4e:d1:30:
ea:bd:14:e9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYIm/hxhDWVNHua0eSFWLgl8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIwNzIyMTczOTIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWRiNTU5NWIxM2Q2ZDhkM2FlYWM5N2IxNWQ3Y2FiMDNiMmNlYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApNcvu+QcITogxOUl0QS1iODf9o2T
Otc3eSBOtyxw7OUo5FtdkS62nzs7hHy09tpiAwY1jWGXhyg7xigy79EywArOgjBM
H9h3md/IfOBQGYyG/lQ+QdgIN92DB+SscE+h6yxsgZu0EK5m5fh2ff/04OI3CKBF
rfoCCgEcypm1UMRlTMD0SKX4OXqilDTexRhz/ALjWCpQg+eAkQNhrCkYVXMmgBGX
dTYAk5Aq6NQR9eRCIk5UZcrlMyQYzDR1SDV62DOufxhZFlr+sLqBnN5DPnZGVpiO
7F4Y1zRxp1iNrFIMaSbvJG+Ihsy+yi/RUrZ04zGGjRSNOQUXmt1cUHgjywIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFF7bVZWxPW2NOurJexXXyrA7LOpXMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvWHR0VmxiRTliWTA2NnNsN0ZkZktzRHNzNmxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCBbYcAwQC
LVh8AwQCW/JAAwQAW/JpAwQCW/JsAwQDW/J4AwQCua30AwQBwjLIAwQBwjLOAwQF
w4pgMA0GCSqGSIb3DQEBCwUAA4IBAQANekBKmINBlDY8O703GtcPBi2EKH6Kzva3
OpeZWlS3WLYQDLMZO95Vgm+dmlBPN01786FpSxBmYeyb841as5wCYjeUNg2jazL/
Ch8i3LH1hpVw/dRqKra9mcRjfaXLcie1scacCQ5wOOcgO6w6ftfKjnVUrfWGIiH8
JupAIwX1c440qXuLt72IDjOgWVoziYhMz4UywYZBlLtIVmcxy3k0J9NBAIWIMPDw
Z1+Nsitvg1RDvTZSWleOEc3lRZo8wIj4BgQMzo7SqfdvPhGmYPKXJjsfhKmxT7hh
2D/2aEiNEfXJlyEr9PwY/P0EA5frgRgir1yKTZ0B5C9O0TDqvRTp
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:49:36 2023 by rpki-client on console-ams.rpki-client.org