Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/mxCim3HFzjK2WhOAhS79feaw4yw.roa
File: mxCim3HFzjK2WhOAhS79feaw4yw.roa (raw, json)
Hash identifier: FVICuwhWoY3GPUeLExjiO5Zufp8jSytBhh3QVJsi0w4=
Subject key identifier: 9B:10:A2:9B:71:C5:CE:32:B6:5A:13:80:85:2E:FD:7D:E6:B0:E3:2C
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0781086F
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/mxCim3HFzjK2WhOAhS79feaw4yw.roa
Signing time: Sat 01 Jan 2022 01:03:16 +0000
ROA not before: Sat 01 Jan 2022 01:03:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 19905
IP address blocks: 213.205.0.0/19 maxlen: 24
82.85.16.0/24 maxlen: 24
82.85.24.0/24 maxlen: 24
82.85.18.0/24 maxlen: 24
82.85.28.0/24 maxlen: 24
82.85.27.0/24 maxlen: 24
82.85.61.0/24 maxlen: 24
195.130.248.0/22 maxlen: 24
213.205.32.0/24 maxlen: 24
213.205.32.0/19 maxlen: 24
213.205.33.0/24 maxlen: 24
213.205.34.0/24 maxlen: 24
213.205.36.0/24 maxlen: 24
213.205.37.0/24 maxlen: 24
82.85.154.0/24 maxlen: 24
94.32.64.0/20 maxlen: 24
94.32.80.0/21 maxlen: 24
212.123.79.0/24 maxlen: 24
212.123.84.0/23 maxlen: 24
212.123.82.0/23 maxlen: 24
94.32.96.0/23 maxlen: 24
94.32.100.0/22 maxlen: 24
94.32.102.0/24 maxlen: 24
94.32.104.0/21 maxlen: 24
212.123.93.0/24 maxlen: 24
217.133.170.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125896815 (0x781086f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Jan 1 01:03:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9b10a29b71c5ce32b65a1380852efd7de6b0e32c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:af:75:b4:d9:d4:89:64:4c:6a:17:c3:78:32:
3c:42:1a:ef:48:72:81:03:99:84:c5:b9:32:b9:ee:
6c:6b:b2:4a:d7:64:d5:f2:f7:59:0d:65:7b:d5:56:
14:e4:e0:83:3a:9c:2a:ec:a9:a3:9a:3f:92:74:dd:
61:fb:fd:55:3c:58:fb:45:ba:99:6f:fe:6b:80:4c:
5f:f8:5c:54:0e:27:87:65:a3:43:d5:38:3a:a4:76:
6f:51:70:a8:72:42:14:46:35:58:93:c1:46:1b:08:
aa:bf:b5:49:ea:fa:e7:ad:0f:a3:7b:a4:8c:fd:b9:
d1:2c:6a:35:36:90:20:94:90:f5:0d:b4:a4:74:66:
dc:7e:e1:00:f4:d1:15:80:05:04:48:9e:4a:37:72:
dc:55:56:2b:f3:d7:e8:31:45:ad:a0:e8:50:be:01:
65:3e:29:92:99:82:81:bc:36:e0:82:63:96:f5:77:
2b:31:f7:06:dc:4d:85:c9:99:11:16:75:5f:5f:34:
a5:1a:06:fa:6e:10:b2:34:e3:7f:17:b6:0d:32:81:
bb:84:ba:b2:2e:5d:a9:12:55:02:27:65:ad:cb:ab:
33:33:a8:cb:c3:c0:6b:e3:8d:2a:4a:d1:b1:20:0b:
97:e8:ae:a0:59:94:46:95:59:da:05:09:8d:d0:fd:
6b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:10:A2:9B:71:C5:CE:32:B6:5A:13:80:85:2E:FD:7D:E6:B0:E3:2C
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/mxCim3HFzjK2WhOAhS79feaw4yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.85.16.0/24
82.85.18.0/24
82.85.24.0/24
82.85.27.0-82.85.28.255
82.85.61.0/24
82.85.154.0/24
94.32.64.0-94.32.87.255
94.32.96.0/23
94.32.100.0-94.32.111.255
195.130.248.0/22
212.123.79.0/24
212.123.82.0-212.123.85.255
212.123.93.0/24
213.205.0.0/18
217.133.170.0/24
Signature Algorithm: sha256WithRSAEncryption
85:5b:71:cb:c7:91:c5:93:74:b9:25:71:34:1e:20:a8:b8:61:
a7:ee:b0:c1:c3:70:dc:64:ad:f6:b0:03:0b:7f:e4:e1:2a:a7:
54:69:f4:1c:67:da:42:90:7a:af:c2:f4:8b:14:92:da:29:62:
f0:24:97:ac:cd:03:48:2d:22:67:40:26:a9:be:3e:56:eb:e1:
1c:a9:d8:24:8e:e5:3a:af:5e:fe:d8:43:7b:1f:1d:09:98:ec:
98:a8:a5:ff:bf:bd:ea:fb:20:ae:da:fa:cb:b0:7c:92:5d:94:
60:a8:db:39:53:b7:76:d7:4e:4f:5b:a3:43:d7:e5:62:cc:1c:
09:f0:a6:38:8b:b8:5f:69:f2:3e:ad:57:7f:08:31:df:35:2b:
d7:27:74:1c:26:f7:49:5c:cd:ad:3b:9f:ff:04:d7:12:f9:71:
2c:82:df:dc:ce:e2:a0:44:c1:39:0c:02:fe:09:91:5c:9e:95:
65:9a:06:a8:20:61:49:48:0f:c5:1d:b1:a6:bc:87:30:bf:47:
e0:26:a7:40:07:ff:3e:16:97:e3:70:fa:cf:c4:73:7c:cf:f1:
87:60:0b:72:d1:8f:db:da:2b:8c:b2:a4:52:1c:b9:26:93:8a:
af:11:fb:cc:d6:26:93:ae:79:af:cf:1b:45:06:51:3b:36:25:
80:e7:91:a3
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIEB4EIbzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
ZWI4Njk4MzU0NzExMzM1OWJhZGUxZjNmMzgxMDQwOTFlM2E2NDM5MB4XDTIyMDEw
MTAxMDMxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWIxMGEyOWI3MWM1
Y2UzMmI2NWExMzgwODUyZWZkN2RlNmIwZTMyYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKivdbTZ1IlkTGoXw3gyPEIa70hygQOZhMW5MrnubGuyStdk
1fL3WQ1le9VWFOTggzqcKuypo5o/knTdYfv9VTxY+0W6mW/+a4BMX/hcVA4nh2Wj
Q9U4OqR2b1FwqHJCFEY1WJPBRhsIqr+1Ser6560Po3ukjP250SxqNTaQIJSQ9Q20
pHRm3H7hAPTRFYAFBEieSjdy3FVWK/PX6DFFraDoUL4BZT4pkpmCgbw24IJjlvV3
KzH3BtxNhcmZERZ1X180pRoG+m4QsjTjfxe2DTKBu4S6si5dqRJVAidlrcurMzOo
y8PAa+ONKkrRsSALl+iuoFmURpVZ2gUJjdD9a7ECAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBSbEKKbccXOMrZaE4CFLv195rDjLDAfBgNVHSMEGDAWgBTOuGmDVHETNZut
4fPzgQQJHjpkOTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3pyaHBnMVJ4RXpXYnJlSHo4NEVFQ1I0NlpEay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvZjM1MzlkLTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8x
L214Q2ltM0hGempLMldoT0FoUzc5ZmVhdzR5dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
ZjM1MzlkLTM4Y2QtNDY1ZS1hNTdkLWRlZTJmNjUwZGQ4Ni8xL3pyaHBnMVJ4RXpX
YnJlSHo4NEVFQ1I0NlpEay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwgYAEAgABMHoDBABSVRADBABSVRIDBABSVRgw
DAMEAFJVGwMEAFJVHAMEAFJVPQMEAFJVmjAMAwQGXiBAAwQDXiBQAwQBXiBgMAwD
BAJeIGQDBAReIGADBALDgvgDBADUe08wDAMEAdR7UgMEAdR7VAMEANR7XQMEBtXN
AAMEANmFqjANBgkqhkiG9w0BAQsFAAOCAQEAhVtxy8eRxZN0uSVxNB4gqLhhp+6w
wcNw3GSt9rADC3/k4SqnVGn0HGfaQpB6r8L0ixSS2ili8CSXrM0DSC0iZ0Amqb4+
VuvhHKnYJI7lOq9e/thDex8dCZjsmKil/7+96vsgrtr6y7B8kl2UYKjbOVO3dtdO
T1ujQ9flYswcCfCmOIu4X2nyPq1Xfwgx3zUr1yd0HCb3SVzNrTuf/wTXEvlxLILf
3M7ioETBOQwC/gmRXJ6VZZoGqCBhSUgPxR2xpryHML9H4CanQAf/PhaX43D6z8Rz
fM/xh2ALctGP29orjLKkUhy5JpOKrxH7zNYmk655r88bRQZROzYlgOeRow==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:52:07 2023 by rpki-client on console-ams.rpki-client.org