Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/iAx1DI5yBKR89OXfLADz96O1ZlQ.roa
File: iAx1DI5yBKR89OXfLADz96O1ZlQ.roa (raw, json)
Hash identifier: 1AQWu7tQtZVDuNTQqbs+qgJcREcRV5RSIi1n1ET6Y5w=
Subject key identifier: 88:0C:75:0C:8E:72:04:A4:7C:F4:E5:DF:2C:00:F3:F7:A3:B5:66:54
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01854ED5F072815FFB48DC7FC1AC45356F97
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/iAx1DI5yBKR89OXfLADz96O1ZlQ.roa
Signing time: Mon 26 Dec 2022 14:28:41 +0000
ROA not before: Mon 26 Dec 2022 14:28:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 7018
IP address blocks: 45.88.124.0/22 maxlen: 22
194.56.152.0/23 maxlen: 24
91.242.81.0/24 maxlen: 24
185.212.11.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.107.0/24 maxlen: 24
45.89.44.0/22 maxlen: 24
194.242.28.0/23 maxlen: 24
193.46.211.0/24 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
5.182.28.0/22 maxlen: 22
45.140.32.0/22 maxlen: 22
80.94.81.0/24 maxlen: 24
80.94.80.0/23 maxlen: 23
80.94.80.0/24 maxlen: 24
45.67.117.0/24 maxlen: 24
45.15.64.0/24 maxlen: 24
45.15.64.0/22 maxlen: 22
45.15.66.0/24 maxlen: 24
45.15.67.0/24 maxlen: 24
45.15.65.0/24 maxlen: 24
45.150.180.0/22 maxlen: 22
194.213.10.0/24 maxlen: 24
185.173.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:4e:d5:f0:72:81:5f:fb:48:dc:7f:c1:ac:45:35:6f:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Dec 26 14:28:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=880c750c8e7204a47cf4e5df2c00f3f7a3b56654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b6:ee:c6:4f:55:8c:d6:74:4c:ca:04:c3:fa:
3b:38:f9:be:60:38:28:3f:a5:83:81:3b:58:c7:6b:
41:b8:af:c3:ad:72:06:3a:e1:80:3e:22:6c:cc:68:
51:57:31:7d:6b:7f:a5:14:15:41:8a:0e:51:fe:25:
e9:b9:56:f1:2c:43:0d:80:21:cd:0c:b7:e3:fb:a9:
8d:07:38:4f:4e:ec:09:8d:15:82:ca:20:9d:0b:2d:
d5:3d:f2:e2:4a:35:db:28:1e:11:cb:22:bd:fe:26:
8f:e1:51:f9:73:62:1d:fc:f0:2f:55:ed:c3:1e:07:
71:4d:4c:5b:63:58:d8:79:24:83:fd:3b:c2:0e:6b:
56:ce:23:85:92:1d:3e:cc:58:3a:1a:33:f2:ae:db:
77:33:bf:ea:bb:bb:e6:f8:e1:cf:04:e0:3f:9f:d0:
05:28:c4:47:19:c4:a2:30:cf:8b:e1:08:32:8b:e6:
a2:06:f2:32:a9:6a:03:2a:cb:0a:1c:ae:42:8d:72:
e1:0f:eb:84:66:bc:ab:d5:1c:ed:70:67:5e:bd:9e:
31:d4:ea:0d:f8:19:a6:ac:59:c5:17:fa:94:ca:21:
29:04:fd:18:67:ac:b7:82:34:43:c6:ee:93:e7:4d:
f8:9b:fd:a9:76:c9:35:92:c1:79:e1:58:f4:ab:b9:
c9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:0C:75:0C:8E:72:04:A4:7C:F4:E5:DF:2C:00:F3:F7:A3:B5:66:54
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/iAx1DI5yBKR89OXfLADz96O1ZlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.15.64.0/22
45.67.117.0/24
45.88.124.0/22
45.89.44.0/22
45.140.32.0/22
45.150.180.0/22
80.94.80.0/23
91.242.70.0-91.242.75.255
91.242.81.0/24
91.242.103.0/24
91.242.107.0/24
185.173.247.0/24
185.212.11.0/24
193.46.211.0/24
194.56.152.0/23
194.213.10.0/24
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:f6:95:cf:3e:2d:b5:5b:0a:98:77:87:63:4f:bd:79:4f:ee:
35:9a:48:ba:b7:fc:1e:92:e3:85:3a:a5:50:a5:7d:a9:c4:b0:
57:c9:8e:a4:11:b8:58:e8:da:04:1a:b2:ba:ee:d3:0c:f3:0c:
9a:99:7f:d2:df:12:cc:16:ed:ba:0f:9b:53:71:1c:21:5d:68:
50:0e:85:d5:88:7e:df:ff:65:5e:30:69:18:c6:c7:13:b9:e9:
7c:ac:94:6d:2b:84:3b:b3:4e:28:d9:79:35:f5:07:7d:b1:fe:
0a:08:94:fb:91:d8:9a:37:80:8f:83:01:b6:ac:0e:f9:6d:d1:
76:42:3e:9f:c6:6e:f1:05:74:07:71:45:d6:56:81:5a:ed:06:
51:74:4a:03:03:22:8d:63:44:36:0b:e5:a7:4f:9d:9e:f4:b1:
52:18:ae:32:81:4f:20:8d:63:f8:aa:10:9f:44:69:0f:05:84:
df:c3:43:48:fa:bb:c0:58:d4:3b:c5:80:6a:05:53:42:6f:d3:
06:c0:2b:4c:ac:fb:23:51:9d:99:12:f4:55:ef:1b:4f:d3:f1:
41:73:10:49:a2:70:fc:27:8c:77:29:c2:e8:61:9c:9b:5c:fc:
81:f7:5c:28:e8:8b:63:1e:cc:91:18:79:62:15:da:28:96:05:
03:51:5c:9d
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYVO1fBygV/7SNx/waxFNW+XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjIxMjI2MTQyODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODBjNzUwYzhlNzIwNGE0N2NmNGU1ZGYyYzAwZjNmN2EzYjU2NjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7buxk9VjNZ0TMoEw/o7OPm+YDgo
P6WDgTtYx2tBuK/DrXIGOuGAPiJszGhRVzF9a3+lFBVBig5R/iXpuVbxLEMNgCHN
DLfj+6mNBzhPTuwJjRWCyiCdCy3VPfLiSjXbKB4RyyK9/iaP4VH5c2Id/PAvVe3D
HgdxTUxbY1jYeSSD/TvCDmtWziOFkh0+zFg6GjPyrtt3M7/qu7vm+OHPBOA/n9AF
KMRHGcSiMM+L4Qgyi+aiBvIyqWoDKssKHK5CjXLhD+uEZryr1RztcGdevZ4x1OoN
+BmmrFnFF/qUyiEpBP0YZ6y3gjRDxu6T5034m/2pdsk1ksF54Vj0q7nJgQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFIgMdQyOcgSkfPTl3ywA8/ejtWZUMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvaUF4MURJNXlCS1I4OU9YZkxBRHo5Nk8xWmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAgW2HAME
Ai0PQAMEAC1DdQMEAi1YfAMEAi1ZLAMEAi2MIAMEAi2WtAMEAVBeUDAMAwQBW/JG
AwQCW/JIAwQAW/JRAwQAW/JnAwQAW/JrAwQAua33AwQAudQLAwQAwS7TAwQBwjiY
AwQAwtUKAwQBwvIcMA0GCSqGSIb3DQEBCwUAA4IBAQCr9pXPPi21WwqYd4djT715
T+41mki6t/wekuOFOqVQpX2pxLBXyY6kEbhY6NoEGrK67tMM8wyamX/S3xLMFu26
D5tTcRwhXWhQDoXViH7f/2VeMGkYxscTuel8rJRtK4Q7s04o2Xk19Qd9sf4KCJT7
kdiaN4CPgwG2rA75bdF2Qj6fxm7xBXQHcUXWVoFa7QZRdEoDAyKNY0Q2C+WnT52e
9LFSGK4ygU8gjWP4qhCfRGkPBYTfw0NI+rvAWNQ7xYBqBVNCb9MGwCtMrPsjUZ2Z
EvRV7xtP0/FBcxBJonD8J4x3KcLoYZybXPyB91wo6ItjHsyRGHliFdoolgUDUVyd
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org