Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/XgbwTMj6Rk8labh3XqNkk5YWKgY.roa
File: XgbwTMj6Rk8labh3XqNkk5YWKgY.roa (raw, json)
Hash identifier: rDNQrh3zhcodbvpybPwh/aOYTe2ubA9EkMyu+9i1z1U=
Subject key identifier: 5E:06:F0:4C:C8:FA:46:4F:25:69:B8:77:5E:A3:64:93:96:16:2A:06
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: 0184CCCF83FD45F86D36926E61E2716061CD
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/XgbwTMj6Rk8labh3XqNkk5YWKgY.roa
Signing time: Thu 01 Dec 2022 08:31:02 +0000
ROA not before: Thu 01 Dec 2022 08:31:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12963
IP address blocks: 94.232.208.0/24 maxlen: 24
94.232.209.0/24 maxlen: 24
94.232.210.0/24 maxlen: 24
94.232.211.0/24 maxlen: 24
94.232.212.0/24 maxlen: 24
176.97.3.0/24 maxlen: 24
176.97.4.0/22 maxlen: 22
176.97.0.0/23 maxlen: 23
176.97.2.0/24 maxlen: 24
91.218.72.0/24 maxlen: 24
91.218.73.0/24 maxlen: 24
91.218.74.0/24 maxlen: 24
91.218.75.0/24 maxlen: 24
94.232.214.0/24 maxlen: 24
91.197.168.0/24 maxlen: 24
91.197.169.0/24 maxlen: 24
91.197.170.0/24 maxlen: 24
91.197.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cc:cf:83:fd:45:f8:6d:36:92:6e:61:e2:71:60:61:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Dec 1 08:31:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e06f04cc8fa464f2569b8775ea3649396162a06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cb:41:ce:48:16:b7:6a:7b:d7:d8:35:a2:1a:
13:4c:ed:bc:54:aa:d2:eb:13:e8:8b:ff:e4:12:cf:
58:97:ea:52:f5:61:a0:a6:99:07:79:70:65:4a:cd:
32:d9:5e:29:ca:fb:3a:30:b8:15:a0:34:7a:49:39:
df:f2:55:2a:4d:b9:78:f4:41:5c:43:61:a5:09:9f:
c9:0a:99:c3:49:b0:e9:96:5c:eb:72:53:24:92:44:
34:9b:de:bf:e5:56:cb:be:89:41:66:38:a2:be:72:
fc:00:f5:95:58:3a:2b:20:de:45:62:51:d7:48:56:
46:b7:fc:32:c9:37:e4:6e:1c:6a:20:09:b5:69:a3:
39:de:56:4e:74:32:00:0e:c0:78:7f:e8:be:eb:fb:
a5:a3:e0:ac:80:29:ef:43:80:d2:7a:b7:e4:16:00:
68:61:b0:d0:4e:c1:b9:19:b8:85:6a:ff:a1:05:87:
35:38:41:44:df:30:89:f6:02:eb:1b:6c:b3:13:f8:
5f:15:bf:3f:a6:2b:92:32:5b:b3:f8:e1:30:fa:04:
9e:e2:1b:f2:81:ae:0d:23:be:04:ac:b5:b2:b7:84:
eb:19:35:76:8b:50:c2:93:4a:70:ee:9b:36:36:d2:
b7:63:6f:ec:1e:b8:84:2a:2d:3b:38:9f:c5:74:a7:
89:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:06:F0:4C:C8:FA:46:4F:25:69:B8:77:5E:A3:64:93:96:16:2A:06
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/XgbwTMj6Rk8labh3XqNkk5YWKgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.168.0/22
91.218.72.0/22
94.232.208.0-94.232.212.255
94.232.214.0/24
176.97.0.0/21
Signature Algorithm: sha256WithRSAEncryption
5e:9c:8f:31:4f:af:d6:87:03:a4:d9:c8:ef:2d:de:82:58:d0:
06:55:67:fa:27:6c:62:2a:3e:cb:63:8d:f2:e8:9a:ca:c9:04:
06:51:84:01:be:84:2c:e0:7c:b6:a7:55:4a:30:6b:1c:a9:3c:
ac:c5:8c:42:b5:ea:72:30:9f:23:72:b8:a6:ab:76:19:a6:42:
ef:2e:dc:8e:42:c1:15:d5:e9:32:ec:da:79:b7:bc:07:64:05:
58:6c:20:cf:c0:82:55:5a:b5:41:7a:71:22:23:11:62:91:f9:
e5:a5:f0:78:86:54:1e:32:0d:8e:d4:46:86:2f:70:ab:ce:5d:
9a:21:83:61:18:94:da:5b:8c:b1:f9:fe:8f:0f:99:60:ec:79:
db:84:9c:0e:21:fd:2c:32:c2:14:53:17:d4:18:18:1a:68:c6:
78:3d:2e:6f:37:05:40:ed:ed:a7:35:b9:18:ef:5a:f6:1c:e2:
c9:9f:aa:28:86:01:d2:12:ef:76:a5:c6:e9:bc:da:39:65:1c:
ab:ac:6f:eb:cd:10:02:4b:24:10:9f:c7:b7:4d:b8:fa:37:4f:
66:48:1a:51:c5:5a:55:94:6d:26:73:4e:f4:3f:d5:f2:48:39:
d7:9e:55:3f:9d:d5:31:0b:8b:c9:9f:f1:56:9f:61:34:5a:b1:
50:f7:cb:f4
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYTMz4P9RfhtNpJuYeJxYGHNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGMwYTc0ZjQ3MzEyZGYyOThhNDYwOTVlNDc1MjVkNTE1
ODU0YTEwHhcNMjIxMjAxMDgzMTAyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTA2ZjA0Y2M4ZmE0NjRmMjU2OWI4Nzc1ZWEzNjQ5Mzk2MTYyYTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuctBzkgWt2p719g1ohoTTO28VKrS
6xPoi//kEs9Yl+pS9WGgppkHeXBlSs0y2V4pyvs6MLgVoDR6STnf8lUqTbl49EFc
Q2GlCZ/JCpnDSbDpllzrclMkkkQ0m96/5VbLvolBZjiivnL8APWVWDorIN5FYlHX
SFZGt/wyyTfkbhxqIAm1aaM53lZOdDIADsB4f+i+6/ulo+CsgCnvQ4DSerfkFgBo
YbDQTsG5GbiFav+hBYc1OEFE3zCJ9gLrG2yzE/hfFb8/piuSMluz+OEw+gSe4hvy
ga4NI74ErLWyt4TrGTV2i1DCk0pw7ps2NtK3Y2/sHriEKi07OJ/FdKeJRwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF4G8EzI+kZPJWm4d16jZJOWFioGMB8GA1UdIwQY
MBaAFL6MCnT0cxLfKYpGCV5HUl1RWFShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMt
MjhlNDE2Y2YxMWNmLzEvWGdid1RNajZSazhsYWJoM1hxTmtrNVlXS2dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMtMjhlNDE2Y2YxMWNm
LzEvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCW8WoAwQC
W9pIMAwDBARe6NADBABe6NQDBABe6NYDBAOwYQAwDQYJKoZIhvcNAQELBQADggEB
AF6cjzFPr9aHA6TZyO8t3oJY0AZVZ/onbGIqPstjjfLomsrJBAZRhAG+hCzgfLan
VUowaxypPKzFjEK16nIwnyNyuKardhmmQu8u3I5CwRXV6TLs2nm3vAdkBVhsIM/A
glVatUF6cSIjEWKR+eWl8HiGVB4yDY7URoYvcKvOXZohg2EYlNpbjLH5/o8PmWDs
eduEnA4h/SwywhRTF9QYGBpoxng9Lm83BUDt7ac1uRjvWvYc4smfqiiGAdIS73al
xum82jllHKusb+vNEAJLJBCfx7dNuPo3T2ZIGlHFWlWUbSZzTvQ/1fJIOdeeVT+d
1TELi8mf8VafYTRasVD3y/Q=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:51 2023 by rpki-client on console-fra.rpki-client.org