Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/xKfbGiHqn2PHeIX7k38tesW00Yo.roa
File: xKfbGiHqn2PHeIX7k38tesW00Yo.roa (raw, json)
Hash identifier: EMrZZqmyhS+1P9xqBZYw5utxbvt7mQPmUOWrgCe4EFg=
Subject key identifier: C4:A7:DB:1A:21:EA:9F:63:C7:78:85:FB:93:7F:2D:7A:C5:B4:D1:8A
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 08846989
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/xKfbGiHqn2PHeIX7k38tesW00Yo.roa
Signing time: Tue 21 Jun 2022 17:48:46 +0000
ROA not before: Tue 21 Jun 2022 17:48:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209574
IP address blocks: 89.40.207.0/24 maxlen: 24
188.213.252.0/22 maxlen: 22
188.213.248.0/22 maxlen: 22
188.208.48.0/22 maxlen: 22
89.35.90.0/24 maxlen: 24
91.218.238.0/23 maxlen: 23
91.218.236.0/23 maxlen: 23
188.208.109.0/24 maxlen: 24
86.104.224.0/23 maxlen: 23
86.104.222.0/23 maxlen: 23
86.106.140.0/23 maxlen: 23
188.214.94.0/24 maxlen: 24
93.114.51.0/24 maxlen: 24
93.114.52.0/23 maxlen: 23
93.114.54.0/24 maxlen: 24
89.39.69.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 142895497 (0x8846989)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jun 21 17:48:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4a7db1a21ea9f63c77885fb937f2d7ac5b4d18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:4c:3a:aa:c1:23:25:72:8f:69:55:6d:de:ae:
27:b3:0e:5f:f9:a1:8f:97:24:d3:c9:78:d3:a7:ad:
1c:9b:f8:80:c3:aa:66:c5:f1:ed:c0:e5:21:65:b3:
66:f0:f7:95:ed:96:f9:8e:e0:61:aa:ff:6c:70:8c:
70:75:bc:f8:1a:6a:5e:09:10:f2:d1:36:79:37:fa:
a6:a8:e9:b9:ac:4e:4a:ef:c3:d8:70:9d:7a:1d:07:
75:4d:aa:b4:b5:a6:f5:92:9c:b6:9f:d3:f8:e5:ab:
08:d4:ba:ce:6e:e0:62:b5:fa:7a:e0:11:ee:97:f1:
70:0c:b5:a9:5e:41:4a:58:8b:d7:33:33:78:b1:d2:
0e:0f:24:0e:c7:93:9f:95:5f:a0:1a:a6:ee:a3:c6:
cf:cb:81:b4:03:83:43:0e:e0:52:cd:28:e4:4a:02:
43:ec:8d:0a:c3:50:f8:94:53:df:ef:bf:37:3b:b9:
2b:04:67:f7:18:2d:79:3e:eb:3b:7e:56:bf:44:df:
84:d0:84:7a:ff:87:32:9b:a7:72:d8:34:14:2f:cc:
84:45:08:38:ae:a4:9e:38:c8:e6:86:30:75:b3:92:
db:cd:a2:89:aa:e3:9a:7b:2f:70:69:68:f0:2c:cb:
56:19:de:0a:57:6e:88:08:4d:cc:ba:98:81:96:f6:
44:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A7:DB:1A:21:EA:9F:63:C7:78:85:FB:93:7F:2D:7A:C5:B4:D1:8A
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/xKfbGiHqn2PHeIX7k38tesW00Yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.222.0-86.104.225.255
86.106.140.0/23
89.35.90.0/24
89.39.69.0/24
89.40.207.0/24
91.218.236.0/22
93.114.51.0-93.114.54.255
188.208.48.0/22
188.208.109.0/24
188.213.248.0/21
188.214.94.0/24
Signature Algorithm: sha256WithRSAEncryption
41:c5:27:21:5d:e8:21:4d:a4:62:db:a3:e3:bb:e0:0a:ea:1a:
4b:28:56:8c:04:c7:bb:ab:2a:33:1d:ae:52:89:3a:f3:1e:14:
01:4e:b8:6c:ce:4f:16:25:6a:79:66:3c:76:5d:b8:e1:30:c7:
fa:62:60:2a:6b:88:0f:c4:5d:24:fe:48:ec:9f:5e:fb:03:0b:
ca:a3:09:f3:4a:9a:99:39:81:c2:83:16:ca:1a:95:0b:0c:4e:
b0:86:b1:41:f5:c8:e6:97:4f:eb:da:e0:36:91:6f:d4:2e:f5:
0a:41:83:f1:08:82:bf:7f:c1:74:6d:4e:9a:83:59:65:3e:47:
9a:26:d2:88:bb:9e:b0:bb:fd:8b:a5:a3:c1:b0:3a:10:7d:17:
a2:5a:09:be:44:98:8d:ae:56:ff:62:92:9a:05:2c:62:d5:4f:
71:9c:af:b6:d7:c9:ec:42:38:01:d4:8e:25:f2:5f:5a:c5:12:
44:21:97:ff:1b:31:27:53:4d:0c:e9:30:5f:cc:2d:df:ec:34:
f4:10:bf:29:8a:bd:52:2e:3b:d0:30:04:1b:0e:e7:1d:c5:61:
df:f2:ca:17:28:09:e7:fe:a9:77:af:e6:97:30:70:6a:98:c5:
de:1f:95:63:20:29:8d:20:77:5c:e7:d2:9b:6d:4e:15:df:7e:
15:dc:b1:9c
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgIECIRpiTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NGY4MjRkMzJkZjFhNTExM2Q4MjEwMTM0NWQ3ODVhMzhhZGRiZGU1MB4XDTIyMDYy
MTE3NDg0NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRhN2RiMWEyMWVh
OWY2M2M3Nzg4NWZiOTM3ZjJkN2FjNWI0ZDE4YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANdMOqrBIyVyj2lVbd6uJ7MOX/mhj5ck08l406etHJv4gMOq
ZsXx7cDlIWWzZvD3le2W+Y7gYar/bHCMcHW8+BpqXgkQ8tE2eTf6pqjpuaxOSu/D
2HCdeh0HdU2qtLWm9ZKctp/T+OWrCNS6zm7gYrX6euAR7pfxcAy1qV5BSliL1zMz
eLHSDg8kDseTn5VfoBqm7qPGz8uBtAODQw7gUs0o5EoCQ+yNCsNQ+JRT3++/Nzu5
KwRn9xgteT7rO35Wv0TfhNCEev+HMpunctg0FC/MhEUIOK6knjjI5oYwdbOS282i
iarjmnsvcGlo8CzLVhneClduiAhNzLqYgZb2RBsCAwEAAaOCAlUwggJRMB0GA1Ud
DgQWBBTEp9saIeqfY8d4hfuTfy16xbTRijAfBgNVHSMEGDAWgBSE+CTTLfGlET2C
EBNF14Wjit295TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hQZ2sweTN4cFJFOWdoQVRSZGVGbzRyZHZlVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTEvOWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8x
L3hLZmJHaUhxbjJQSGVJWDdrMzh0ZXNXMDBZby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTEv
OWQ2NWJiLWFiNGYtNDNhYS1iYmE4LTQzNzM5NDkzOGM1Mi8xL2hQZ2sweTN4cFJF
OWdoQVRSZGVGbzRyZHZlVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBr
BggrBgEFBQcBBwEB/wRcMFowWAQCAAEwUjAMAwQBVmjeAwQBVmjgAwQBVmqMAwQA
WSNaAwQAWSdFAwQAWSjPAwQCW9rsMAwDBABdcjMDBABdcjYDBAK80DADBAC80G0D
BAO81fgDBAC81l4wDQYJKoZIhvcNAQELBQADggEBAEHFJyFd6CFNpGLbo+O74Arq
GksoVowEx7urKjMdrlKJOvMeFAFOuGzOTxYlanlmPHZduOEwx/piYCpriA/EXST+
SOyfXvsDC8qjCfNKmpk5gcKDFsoalQsMTrCGsUH1yOaXT+va4DaRb9Qu9QpBg/EI
gr9/wXRtTpqDWWU+R5om0oi7nrC7/Yulo8GwOhB9F6JaCb5EmI2uVv9ikpoFLGLV
T3Gcr7bXyexCOAHUjiXyX1rFEkQhl/8bMSdTTQzpMF/MLd/sNPQQvymKvVIuO9Aw
BBsO5x3FYd/yyhcoCef+qXev5pcwcGqYxd4flWMgKY0gd1zn0pttThXffhXcsZw=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:35 2023 by rpki-client on console-fra.rpki-client.org