Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/xZMh0NDXm8TlPY3dg1h6v_iKJC8.roa
File: xZMh0NDXm8TlPY3dg1h6v_iKJC8.roa (raw, json)
Hash identifier: +YPN4TF964vVvjwOBuFsdjAHeAg91/jbEkWBDPAgBZs=
Subject key identifier: C5:93:21:D0:D0:D7:9B:C4:E5:3D:8D:DD:83:58:7A:BF:F8:8A:24:2F
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 01850FD322A0A6B1613E82B8A66F175A2B91
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/xZMh0NDXm8TlPY3dg1h6v_iKJC8.roa
Signing time: Wed 14 Dec 2022 08:49:33 +0000
ROA not before: Wed 14 Dec 2022 08:49:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202422
IP address blocks: 95.85.76.0/24 maxlen: 24
92.223.102.0/24 maxlen: 24
80.93.209.0/24 maxlen: 24
80.93.210.0/24 maxlen: 24
5.188.36.0/24 maxlen: 24
80.93.219.0/24 maxlen: 24
80.93.218.0/24 maxlen: 24
80.93.214.0/24 maxlen: 24
80.93.215.0/24 maxlen: 24
80.93.217.0/24 maxlen: 24
80.93.223.0/24 maxlen: 24
92.38.148.0/24 maxlen: 24
92.38.155.0/24 maxlen: 24
92.38.173.0/24 maxlen: 24
5.188.148.0/24 maxlen: 24
92.38.186.0/23 maxlen: 24
92.38.181.0/24 maxlen: 24
92.38.186.0/24 maxlen: 24
92.38.180.0/24 maxlen: 24
5.8.24.0/24 maxlen: 24
78.111.105.0/24 maxlen: 24
78.111.99.0/24 maxlen: 24
78.111.102.0/24 maxlen: 24
78.111.101.0/24 maxlen: 24
103.215.218.0/24 maxlen: 24
217.195.193.0/24 maxlen: 24
92.38.187.0/24 maxlen: 24
5.188.169.0/24 maxlen: 24
5.188.168.0/24 maxlen: 24
5.188.190.0/24 maxlen: 24
146.185.236.0/24 maxlen: 24
146.185.237.0/24 maxlen: 24
37.9.33.0/24 maxlen: 24
37.9.32.0/24 maxlen: 24
146.185.248.0/24 maxlen: 24
217.195.205.0/24 maxlen: 24
146.185.216.0/24 maxlen: 24
146.185.217.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:0f:d3:22:a0:a6:b1:61:3e:82:b8:a6:6f:17:5a:2b:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Dec 14 08:49:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c59321d0d0d79bc4e53d8ddd83587abff88a242f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:c8:59:14:18:01:ef:c5:67:b2:19:ce:aa:62:
2b:dd:d4:1c:48:d3:7f:60:e5:34:38:63:e5:fd:22:
4e:4b:8b:d1:06:29:4a:92:d0:21:6e:11:3f:3a:c2:
d6:58:89:7d:b8:54:3f:60:c5:8f:a1:e4:7e:c7:97:
91:3d:57:13:08:85:8b:d7:04:fd:90:b8:e1:c7:a9:
e9:52:98:a6:b2:ee:d0:b6:4f:e1:42:58:d0:d5:a8:
23:1b:35:be:c3:28:a9:eb:e3:1d:8b:c7:a5:68:7e:
94:87:87:ea:09:3b:0b:07:9d:42:05:3b:21:eb:44:
9a:b6:1c:bd:14:c5:c0:9b:e7:ad:cf:15:73:44:a0:
84:dc:12:35:d8:de:16:69:5f:7c:00:f7:e7:16:57:
10:92:b0:ac:61:61:eb:9d:2d:eb:1b:38:9c:6d:5a:
56:a1:68:f9:ee:88:52:1e:bb:df:9b:2c:99:85:4f:
7b:53:e0:5f:60:66:29:4e:06:85:6f:60:83:f3:f0:
98:9d:a0:7c:59:2c:96:49:60:56:ab:3c:13:32:f6:
8c:bb:42:96:07:ef:38:c7:82:e9:82:b6:63:1e:0f:
0b:84:ea:39:47:7d:14:be:7d:87:f6:32:53:0f:91:
1e:13:9e:94:7d:45:5f:bc:b5:3f:a2:3a:c2:f7:e8:
73:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:93:21:D0:D0:D7:9B:C4:E5:3D:8D:DD:83:58:7A:BF:F8:8A:24:2F
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/xZMh0NDXm8TlPY3dg1h6v_iKJC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.24.0/24
5.188.36.0/24
5.188.148.0/24
5.188.168.0/23
5.188.190.0/24
37.9.32.0/23
78.111.99.0/24
78.111.101.0-78.111.102.255
78.111.105.0/24
80.93.209.0-80.93.210.255
80.93.214.0/23
80.93.217.0-80.93.219.255
80.93.223.0/24
92.38.148.0/24
92.38.155.0/24
92.38.173.0/24
92.38.180.0/23
92.38.186.0/23
92.223.102.0/24
95.85.76.0/24
103.215.218.0/24
146.185.216.0/23
146.185.236.0/23
146.185.248.0/24
217.195.193.0/24
217.195.205.0/24
Signature Algorithm: sha256WithRSAEncryption
92:e4:b3:8c:2a:e5:7c:e0:c7:b6:c4:83:92:42:38:64:40:b6:
64:c3:ca:11:9e:5b:f9:40:77:38:15:41:c2:ad:c1:58:b4:f3:
b9:2a:1f:76:bf:6d:d2:6e:7b:e6:b4:a1:e6:ff:dd:56:03:a7:
65:b8:14:84:c4:6c:e5:69:d5:86:d5:5e:a0:5a:58:80:0f:a8:
35:34:c3:3e:90:fc:7c:c7:7c:e6:cd:5e:a1:8f:9c:ac:57:56:
fd:58:87:d0:6c:08:86:75:6f:2a:de:eb:87:9c:e5:d4:79:f2:
1b:06:b7:c3:f7:15:74:e0:08:1e:5e:1e:f4:d8:83:52:6f:81:
60:8e:7c:a2:89:9e:36:9d:99:06:fc:01:6a:1c:d5:22:be:d9:
da:0f:75:fc:99:83:e1:a5:4a:e3:d9:d1:76:4d:87:ba:b8:18:
8f:29:f1:47:fd:1c:8c:41:33:67:96:04:ac:75:91:0f:67:01:
4d:5e:72:2d:80:f0:43:9b:26:f6:98:be:eb:74:38:e5:00:27:
79:f1:8a:ec:09:d7:3c:cf:72:08:dd:bd:f7:4d:94:a9:c0:c1:
6b:b2:a9:a7:02:91:6f:cf:26:64:ad:43:45:64:83:2d:8a:95:
ca:1d:e0:8f:a7:e8:87:fe:99:80:2a:8f:22:94:01:66:be:06:
9f:87:a3:2a
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAYUP0yKgprFhPoK4pm8XWiuRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjIxMjE0MDg0OTMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTkzMjFkMGQwZDc5YmM0ZTUzZDhkZGQ4MzU4N2FiZmY4OGEyNDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkchZFBgB78VnshnOqmIr3dQcSNN/
YOU0OGPl/SJOS4vRBilKktAhbhE/OsLWWIl9uFQ/YMWPoeR+x5eRPVcTCIWL1wT9
kLjhx6npUpimsu7Qtk/hQljQ1agjGzW+wyip6+Mdi8elaH6Uh4fqCTsLB51CBTsh
60Sathy9FMXAm+etzxVzRKCE3BI12N4WaV98APfnFlcQkrCsYWHrnS3rGzicbVpW
oWj57ohSHrvfmyyZhU97U+BfYGYpTgaFb2CD8/CYnaB8WSyWSWBWqzwTMvaMu0KW
B+84x4LpgrZjHg8LhOo5R30Uvn2H9jJTD5EeE56UfUVfvLU/ojrC9+hzrwIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFMWTIdDQ15vE5T2N3YNYer/4iiQvMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEveFpNaDBORFhtOFRsUFkzZGcxaDZ2X2lLSkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAAF
CBgDBAAFvCQDBAAFvJQDBAEFvKgDBAAFvL4DBAElCSADBABOb2MwDAMEAE5vZQME
AE5vZgMEAE5vaTAMAwQAUF3RAwQAUF3SAwQBUF3WMAwDBABQXdkDBAJQXdgDBABQ
Xd8DBABcJpQDBABcJpsDBABcJq0DBAFcJrQDBAFcJroDBABc32YDBABfVUwDBABn
19oDBAGSudgDBAGSuewDBACSufgDBADZw8EDBADZw80wDQYJKoZIhvcNAQELBQAD
ggEBAJLks4wq5Xzgx7bEg5JCOGRAtmTDyhGeW/lAdzgVQcKtwVi087kqH3a/bdJu
e+a0oeb/3VYDp2W4FITEbOVp1YbVXqBaWIAPqDU0wz6Q/HzHfObNXqGPnKxXVv1Y
h9BsCIZ1byre64ec5dR58hsGt8P3FXTgCB5eHvTYg1JvgWCOfKKJnjadmQb8AWoc
1SK+2doPdfyZg+GlSuPZ0XZNh7q4GI8p8Uf9HIxBM2eWBKx1kQ9nAU1eci2A8EOb
JvaYvut0OOUAJ3nxiuwJ1zzPcgjdvfdNlKnAwWuyqacCkW/PJmStQ0Vkgy2Klcod
4I+n6If+mYAqjyKUAWa+Bp+Hoyo=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:11 2023 by rpki-client on console-fra.rpki-client.org