Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/XebiYXAs1ROWfPRACNTMRbQWK6U.roa
File: XebiYXAs1ROWfPRACNTMRbQWK6U.roa (raw, json)
Hash identifier: zgfF4CdGc3s/MpwTKN8WPCDCh0p/3sFRky/XDzNtFTs=
Subject key identifier: 5D:E6:E2:61:70:2C:D5:13:96:7C:F4:40:08:D4:CC:45:B4:16:2B:A5
Certificate issuer: /CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Certificate serial: 0183E554ECDFB9CC073E4B503F58CA788968
Authority key identifier: BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/XebiYXAs1ROWfPRACNTMRbQWK6U.roa
Signing time: Mon 17 Oct 2022 09:44:51 +0000
ROA not before: Mon 17 Oct 2022 09:44:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57112
IP address blocks: 185.72.160.0/22 maxlen: 22
185.82.192.0/22 maxlen: 22
45.92.224.0/22 maxlen: 22
45.91.56.0/22 maxlen: 22
217.76.16.0/21 maxlen: 21
217.76.16.0/20 maxlen: 20
217.76.24.0/21 maxlen: 21
185.103.236.0/22 maxlen: 22
185.133.108.0/22 maxlen: 22
5.104.112.0/20 maxlen: 20
185.87.156.0/22 maxlen: 22
185.70.236.0/22 maxlen: 22
185.87.104.0/22 maxlen: 22
86.111.208.0/22 maxlen: 22
185.87.116.0/22 maxlen: 22
185.33.152.0/22 maxlen: 22
81.30.64.0/20 maxlen: 20
45.84.40.0/22 maxlen: 24
185.113.172.0/22 maxlen: 22
185.23.140.0/22 maxlen: 22
2a0e:9680::/29 maxlen: 29
2a0a:4980::/29 maxlen: 29
2a0e:c40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:54:ec:df:b9:cc:07:3e:4b:50:3f:58:ca:78:89:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfc470e9b58e557ea8c1dbedaeb9c6a5fc455125
Validity
Not Before: Oct 17 09:44:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5de6e261702cd513967cf44008d4cc45b4162ba5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:41:b9:d3:e4:61:97:e9:a4:73:bb:f7:89:4f:
4d:f8:bd:c4:ce:d7:cd:db:ae:98:46:41:bb:0e:8a:
fa:a8:a9:c4:e2:4f:9d:df:3a:19:64:7a:7d:74:aa:
19:66:2d:65:2e:28:05:93:94:41:a8:2f:93:aa:55:
55:36:4d:47:7e:ce:f4:52:a9:1a:13:6c:50:4a:75:
91:e3:e2:5a:3f:5e:37:67:3b:a7:74:9d:5f:2d:2c:
68:8d:11:71:bf:89:c5:ce:62:5e:54:a4:65:b0:4b:
f8:0c:e0:2e:43:c7:55:90:88:fc:b2:00:23:05:4d:
7a:8d:fa:4f:27:e0:41:e0:61:b5:1a:b4:9a:de:c9:
84:3a:be:52:36:b8:94:e0:4f:d7:c2:5a:b2:df:9c:
6f:1d:f5:a6:8d:1d:ce:3c:33:76:12:34:fb:d2:68:
12:85:eb:2a:b9:82:ac:b2:58:1b:e2:9c:4f:3a:bf:
ae:c3:dd:62:d5:b1:e4:71:76:fa:fa:f8:84:11:e9:
68:37:a4:f4:ca:da:c8:93:e4:fe:2a:69:df:0e:4b:
7f:30:f6:b7:c3:38:d8:d7:fa:a4:8b:30:79:5c:6b:
39:dd:b9:bf:32:ff:48:ef:73:50:76:63:5f:67:33:
f5:2e:40:0d:97:53:da:43:7d:08:97:f0:e5:74:38:
a3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E6:E2:61:70:2C:D5:13:96:7C:F4:40:08:D4:CC:45:B4:16:2B:A5
X509v3 Authority Key Identifier:
keyid:BF:C4:70:E9:B5:8E:55:7E:A8:C1:DB:ED:AE:B9:C6:A5:FC:45:51:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v8Rw6bWOVX6owdvtrrnGpfxFUSU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/XebiYXAs1ROWfPRACNTMRbQWK6U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/27b39b-0449-4c64-ba79-a2aa6540f875/1/v8Rw6bWOVX6owdvtrrnGpfxFUSU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.112.0/20
45.84.40.0/22
45.91.56.0/22
45.92.224.0/22
81.30.64.0/20
86.111.208.0/22
185.23.140.0/22
185.33.152.0/22
185.70.236.0/22
185.72.160.0/22
185.82.192.0/22
185.87.104.0/22
185.87.116.0/22
185.87.156.0/22
185.103.236.0/22
185.113.172.0/22
185.133.108.0/22
217.76.16.0/20
IPv6:
2a0a:4980::/29
2a0e:c40::/29
2a0e:9680::/29
Signature Algorithm: sha256WithRSAEncryption
37:d1:70:57:1a:9b:e6:c5:c4:b2:2f:54:de:15:fc:6e:c6:6c:
77:e5:00:f3:50:90:da:26:9a:4a:cc:f2:50:34:d2:29:86:f5:
cf:ef:42:73:50:72:81:55:2c:c3:72:f7:ac:f1:03:cb:0a:aa:
62:4e:d4:18:0c:6c:eb:28:98:91:71:f6:89:5e:5b:0b:ac:c5:
5a:ab:99:9f:50:4e:ec:fb:41:66:6e:0c:fa:26:b4:18:aa:fc:
51:10:0e:2b:47:56:f1:e8:3c:ef:02:a1:5c:9a:3d:29:9c:3d:
3b:6a:e8:82:cf:81:94:c5:34:81:e7:2d:b3:aa:83:08:89:3e:
71:be:46:53:22:27:55:14:f1:fb:d7:18:34:03:7e:94:5e:30:
9a:6e:cf:9a:6e:47:04:da:49:fe:ba:4b:dc:d5:27:6d:01:76:
10:44:5e:08:2c:b0:1b:ac:be:89:54:d9:5d:7d:33:b2:35:77:
9b:3f:00:ac:71:6b:3a:b8:5a:7d:15:e2:23:b2:cb:21:fb:53:
07:52:fd:98:14:41:30:e4:f7:c4:56:88:32:ca:94:8a:f6:9c:
cd:a0:83:82:bd:e8:35:e9:e6:5b:81:39:f0:93:36:e8:ee:7e:
f9:25:be:5f:64:6c:79:91:4f:03:b8:25:8d:05:38:46:8b:8f:
58:b3:7b:cf
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgISAYPlVOzfucwHPktQP1jKeIloMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYzQ3MGU5YjU4ZTU1N2VhOGMxZGJlZGFlYjljNmE1ZmM0
NTUxMjUwHhcNMjIxMDE3MDk0NDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU2ZTI2MTcwMmNkNTEzOTY3Y2Y0NDAwOGQ0Y2M0NWI0MTYyYmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUG50+Rhl+mkc7v3iU9N+L3EztfN
266YRkG7Dor6qKnE4k+d3zoZZHp9dKoZZi1lLigFk5RBqC+TqlVVNk1Hfs70Uqka
E2xQSnWR4+JaP143ZzundJ1fLSxojRFxv4nFzmJeVKRlsEv4DOAuQ8dVkIj8sgAj
BU16jfpPJ+BB4GG1GrSa3smEOr5SNriU4E/Xwlqy35xvHfWmjR3OPDN2EjT70mgS
hesquYKsslgb4pxPOr+uw91i1bHkcXb6+viEEeloN6T0ytrIk+T+KmnfDkt/MPa3
wzjY1/qkizB5XGs53bm/Mv9I73NQdmNfZzP1LkANl1PaQ30Il/DldDijjwIDAQAB
o4ICjzCCAoswHQYDVR0OBBYEFF3m4mFwLNUTlnz0QAjUzEW0FiulMB8GA1UdIwQY
MBaAFL/EcOm1jlV+qMHb7a65xqX8RVElMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzkt
YTJhYTY1NDBmODc1LzEvWGViaVlYQXMxUk9XZlBSQUNOVE1SYlFXSzZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi8yN2IzOWItMDQ0OS00YzY0LWJhNzktYTJhYTY1NDBmODc1
LzEvdjhSdzZiV09WWDZvd2R2dHJybkdwZnhGVVNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGkBggrBgEFBQcBBwEB/wSBlDCBkTByBAIAATBsAwQEBWhw
AwQCLVQoAwQCLVs4AwQCLVzgAwQEUR5AAwQCVm/QAwQCuReMAwQCuSGYAwQCuUbs
AwQCuUigAwQCuVLAAwQCuVdoAwQCuVd0AwQCuVecAwQCuWfsAwQCuXGsAwQCuYVs
AwQE2UwQMBsEAgACMBUDBQMqCkmAAwUDKg4MQAMFAyoOloAwDQYJKoZIhvcNAQEL
BQADggEBADfRcFcam+bFxLIvVN4V/G7GbHflAPNQkNommkrM8lA00imG9c/vQnNQ
coFVLMNy96zxA8sKqmJO1BgMbOsomJFx9oleWwusxVqrmZ9QTuz7QWZuDPomtBiq
/FEQDitHVvHoPO8CoVyaPSmcPTtq6ILPgZTFNIHnLbOqgwiJPnG+RlMiJ1UU8fvX
GDQDfpReMJpuz5puRwTaSf66S9zVJ20BdhBEXggssBusvolU2V19M7I1d5s/AKxx
azq4Wn0V4iOyyyH7UwdS/ZgUQTDk98RWiDLKlIr2nM2gg4K96DXp5luBOfCTNuju
fvklvl9kbHmRTwO4JY0FOEaLj1ize88=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:18 2023 by rpki-client on console-ams.rpki-client.org