Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/aBz3HuCBx0jiWUeCt6l6e0leSXw.roa
File: aBz3HuCBx0jiWUeCt6l6e0leSXw.roa (raw, json)
Hash identifier: iciZGVKrB5Xn62s3Ac7TKJf0iNE4HJbtaQYw5kJ9G+k=
Subject key identifier: 68:1C:F7:1E:E0:81:C7:48:E2:59:47:82:B7:A9:7A:7B:49:5E:49:7C
Certificate issuer: /CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Certificate serial: 0184E66FAA7D81E51C1CF7AE0EDD53B1EBB6
Authority key identifier: 48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/aBz3HuCBx0jiWUeCt6l6e0leSXw.roa
Signing time: Tue 06 Dec 2022 07:56:28 +0000
ROA not before: Tue 06 Dec 2022 07:56:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208808
IP address blocks: 94.156.26.0/23 maxlen: 23
212.73.152.0/23 maxlen: 23
212.73.152.0/24 maxlen: 24
31.13.210.0/24 maxlen: 24
87.120.203.0/24 maxlen: 24
78.138.26.0/23 maxlen: 23
78.138.28.0/23 maxlen: 23
92.243.94.0/23 maxlen: 23
185.201.76.0/22 maxlen: 22
78.138.42.0/23 maxlen: 23
45.140.196.0/22 maxlen: 22
213.255.210.0/23 maxlen: 23
213.255.216.0/23 maxlen: 23
213.255.224.0/23 maxlen: 23
92.243.71.0/24 maxlen: 24
87.120.80.0/23 maxlen: 23
92.243.68.0/24 maxlen: 24
213.255.244.0/23 maxlen: 23
92.243.86.0/23 maxlen: 23
78.138.18.0/23 maxlen: 23
92.243.90.0/23 maxlen: 23
2a0a:bd40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e6:6f:aa:7d:81:e5:1c:1c:f7:ae:0e:dd:53:b1:eb:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4866d4027de3c27e897d72adb2c86d87ab7e5ac2
Validity
Not Before: Dec 6 07:56:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=681cf71ee081c748e2594782b7a97a7b495e497c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:da:12:30:60:84:de:23:fb:78:e8:5f:4a:a2:
ad:56:a7:4e:2a:39:6a:16:2a:4f:a5:a1:6e:67:97:
64:9f:a2:76:b2:72:89:8a:6d:ae:a8:95:4c:13:31:
77:fa:ce:a4:d9:6c:a2:98:4f:d8:02:ce:95:17:47:
6b:2a:18:13:37:31:17:63:99:a1:eb:fb:00:4a:23:
31:4e:17:46:af:05:54:fb:f8:b5:79:34:bd:82:60:
36:53:6f:74:19:b0:87:2b:b8:c0:4c:2b:17:4c:e3:
72:67:66:a9:08:d0:34:05:7e:63:87:52:bc:d1:50:
dc:2f:56:f5:f6:f9:73:e4:06:b2:b4:29:ec:56:f7:
5c:c1:e4:62:61:1d:10:47:4e:d3:31:c4:44:ba:22:
78:65:4e:e9:b4:f4:aa:f8:36:ee:50:e4:24:2e:9c:
7f:a1:2e:43:d8:96:be:f1:5e:bb:5b:a5:1f:b3:eb:
90:19:b8:fa:65:69:cf:c6:f5:9d:5d:6f:52:48:42:
4f:5b:81:21:34:e7:93:d1:c8:3f:13:d3:ec:f4:59:
f2:46:ba:a9:58:6b:82:8d:1f:e9:c3:55:80:ba:ac:
29:d9:23:1e:0e:ab:a7:b3:8d:da:9c:31:f6:9a:ec:
7e:35:ea:77:20:e6:51:c0:ec:bd:03:2a:2e:bc:d8:
79:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:1C:F7:1E:E0:81:C7:48:E2:59:47:82:B7:A9:7A:7B:49:5E:49:7C
X509v3 Authority Key Identifier:
keyid:48:66:D4:02:7D:E3:C2:7E:89:7D:72:AD:B2:C8:6D:87:AB:7E:5A:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SGbUAn3jwn6JfXKtsshth6t-WsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/aBz3HuCBx0jiWUeCt6l6e0leSXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/556ad5-2e6b-4d51-856c-61c9c29c275d/1/SGbUAn3jwn6JfXKtsshth6t-WsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.210.0/24
45.140.196.0/22
78.138.18.0/23
78.138.26.0-78.138.29.255
78.138.42.0/23
87.120.80.0/23
87.120.203.0/24
92.243.68.0/24
92.243.71.0/24
92.243.86.0/23
92.243.90.0/23
92.243.94.0/23
94.156.26.0/23
185.201.76.0/22
212.73.152.0/23
213.255.210.0/23
213.255.216.0/23
213.255.224.0/23
213.255.244.0/23
IPv6:
2a0a:bd40::/29
Signature Algorithm: sha256WithRSAEncryption
01:9b:b8:6c:4a:d2:0a:61:55:a0:d6:90:6e:dd:6a:f4:c6:b2:
5e:c1:4f:ee:5d:b2:a5:cd:be:8b:c6:b5:95:38:a3:39:cb:9c:
46:d6:ad:bd:15:22:dd:69:93:b8:db:ee:45:48:0e:49:57:a0:
9e:e6:bf:61:d2:e9:bc:49:e4:65:1a:ee:cf:1c:24:81:4a:b5:
c7:f9:cb:56:47:b7:88:89:ac:f8:18:33:35:7a:65:b9:21:50:
7f:1a:10:d3:b8:4f:ca:e6:e8:42:72:34:7b:6c:d2:3d:69:ad:
dc:78:17:81:20:88:5f:2f:e3:1a:9f:1b:e1:77:48:1e:35:4a:
b8:bc:59:a9:6e:01:a7:dd:80:fa:48:3c:ff:49:91:cf:5c:2b:
e8:2a:b7:d7:dd:6f:23:2b:12:23:e0:31:4f:77:90:cb:f9:07:
f5:64:7f:9a:f9:50:5d:91:ec:15:52:38:f7:16:aa:b2:5e:e0:
ff:3a:05:2e:13:1e:bd:c8:e0:e8:fa:4d:7d:97:6d:63:f7:33:
ed:e9:f8:d8:6e:f9:74:ae:29:ca:69:95:39:8c:55:c4:d8:24:
cd:52:3d:2f:97:c1:bf:57:af:03:a7:c5:8b:b6:30:57:41:15:
30:f9:f5:95:91:14:b2:45:1b:cf:39:82:6a:83:c3:dc:fa:c1:
06:64:f1:4e
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAYTmb6p9geUcHPeuDt1Tseu2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4NjZkNDAyN2RlM2MyN2U4OTdkNzJhZGIyYzg2ZDg3YWI3
ZTVhYzIwHhcNMjIxMjA2MDc1NjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODFjZjcxZWUwODFjNzQ4ZTI1OTQ3ODJiN2E5N2E3YjQ5NWU0OTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9oSMGCE3iP7eOhfSqKtVqdOKjlq
FipPpaFuZ5dkn6J2snKJim2uqJVMEzF3+s6k2WyimE/YAs6VF0drKhgTNzEXY5mh
6/sASiMxThdGrwVU+/i1eTS9gmA2U290GbCHK7jATCsXTONyZ2apCNA0BX5jh1K8
0VDcL1b19vlz5AaytCnsVvdcweRiYR0QR07TMcREuiJ4ZU7ptPSq+DbuUOQkLpx/
oS5D2Ja+8V67W6Ufs+uQGbj6ZWnPxvWdXW9SSEJPW4EhNOeT0cg/E9Ps9FnyRrqp
WGuCjR/pw1WAuqwp2SMeDquns43anDH2mux+Nep3IOZRwOy9AyouvNh5JwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFGgc9x7ggcdI4llHgrepentJXkl8MB8GA1UdIwQY
MBaAFEhm1AJ948J+iX1yrbLIbYerflrCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMt
NjFjOWMyOWMyNzVkLzEvYUJ6M0h1Q0J4MGppV1VlQ3Q2bDZlMGxlU1h3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni81NTZhZDUtMmU2Yi00ZDUxLTg1NmMtNjFjOWMyOWMyNzVk
LzEvU0diVUFuM2p3bjZKZlhLdHNzaHRoNnQtV3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBgAQCAAEwegMEAB8N
0gMEAi2MxAMEAU6KEjAMAwQBTooaAwQBToocAwQBTooqAwQBV3hQAwQAV3jLAwQA
XPNEAwQAXPNHAwQBXPNWAwQBXPNaAwQBXPNeAwQBXpwaAwQCuclMAwQB1EmYAwQB
1f/SAwQB1f/YAwQB1f/gAwQB1f/0MA0EAgACMAcDBQMqCr1AMA0GCSqGSIb3DQEB
CwUAA4IBAQABm7hsStIKYVWg1pBu3Wr0xrJewU/uXbKlzb6LxrWVOKM5y5xG1q29
FSLdaZO42+5FSA5JV6Ce5r9h0um8SeRlGu7PHCSBSrXH+ctWR7eIiaz4GDM1emW5
IVB/GhDTuE/K5uhCcjR7bNI9aa3ceBeBIIhfL+Manxvhd0geNUq4vFmpbgGn3YD6
SDz/SZHPXCvoKrfX3W8jKxIj4DFPd5DL+Qf1ZH+a+VBdkewVUjj3FqqyXuD/OgUu
Ex69yODo+k19l21j9zPt6fjYbvl0rinKaZU5jFXE2CTNUj0vl8G/V68Dp8WLtjBX
QRUw+fWVkRSyRRvPOYJqg8Pc+sEGZPFO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:28 2023 by rpki-client on console-ams.rpki-client.org