Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/_-X0Dt_xJLC5flHLnwFpGcf43tU.roa
File: _-X0Dt_xJLC5flHLnwFpGcf43tU.roa (raw, json)
Hash identifier: dhixx+vFCDq0v0vhgfP0s70Sse3rMGijvrAu7JUruUA=
Subject key identifier: FF:E5:F4:0E:DF:F1:24:B0:B9:7E:51:CB:9F:01:69:19:C7:F8:DE:D5
Certificate issuer: /CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Certificate serial: 0184EBF963F4300E83121F390413C56FBD63
Authority key identifier: E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/_-X0Dt_xJLC5flHLnwFpGcf43tU.roa
Signing time: Wed 07 Dec 2022 09:45:00 +0000
ROA not before: Wed 07 Dec 2022 09:45:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15594
IP address blocks: 217.116.112.0/20 maxlen: 25
217.10.64.0/20 maxlen: 25
82.116.96.0/19 maxlen: 25
95.174.128.0/19 maxlen: 25
212.9.32.0/19 maxlen: 25
2001:ab7:f000::/36 maxlen: 49
2001:ab7:3000::/36 maxlen: 49
2001:ab7:2000::/36 maxlen: 49
2001:ab7:1000::/36 maxlen: 49
2001:ab7::/36 maxlen: 49
2001:ab7:4000::/36 maxlen: 49
2001:ab0::/29 maxlen: 48
2001:ab0::/36 maxlen: 49
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:f9:63:f4:30:0e:83:12:1f:39:04:13:c5:6f:bd:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3f70706f6c0cfbd9c73a7f3d83023240a42f50d
Validity
Not Before: Dec 7 09:45:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ffe5f40edff124b0b97e51cb9f016919c7f8ded5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b4:f5:3d:a9:43:a6:c0:b5:a5:08:66:76:46:
ea:97:7b:53:f7:ac:07:4b:1e:1d:be:9a:37:27:6e:
c8:50:95:d4:dc:6c:37:4c:02:e2:f5:78:62:53:a3:
8c:8b:a1:de:3c:5c:4e:54:6e:43:cb:d9:02:aa:8c:
bf:72:00:af:af:c3:b5:e4:7d:29:78:1c:dc:ab:23:
a7:82:3d:c5:7a:a6:d8:30:8f:81:80:78:b3:8a:c1:
d2:b1:71:be:37:f2:58:c0:02:00:44:21:a3:85:2e:
6e:d7:a0:a1:c4:c2:95:5b:31:8c:d0:7b:3b:0e:f3:
bf:5f:04:ef:f9:21:b9:cb:dd:1b:f5:94:e4:73:01:
65:2a:e5:66:58:67:35:56:86:bc:c4:df:74:8b:8e:
fa:ad:42:42:4e:b3:bc:bf:c2:b7:a7:03:60:66:36:
09:4e:6a:6f:81:47:8c:b1:8a:04:ff:2b:36:0d:ba:
e8:80:73:da:6b:cc:06:d4:69:96:98:6c:4d:ba:60:
19:8f:a1:9b:bc:4f:6a:8b:16:33:b4:82:55:73:f6:
2a:16:37:75:3c:59:12:59:37:88:f9:d8:92:12:b6:
e5:b0:36:49:72:2c:14:99:2d:c6:0f:a7:d4:91:a1:
db:b3:be:c7:ad:77:c1:dd:28:08:41:2d:14:54:e8:
ac:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:E5:F4:0E:DF:F1:24:B0:B9:7E:51:CB:9F:01:69:19:C7:F8:DE:D5
X509v3 Authority Key Identifier:
keyid:E3:F7:07:06:F6:C0:CF:BD:9C:73:A7:F3:D8:30:23:24:0A:42:F5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4_cHBvbAz72cc6fz2DAjJApC9Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/_-X0Dt_xJLC5flHLnwFpGcf43tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/286d47-6434-41bd-9aa2-09ff79308bbe/1/4_cHBvbAz72cc6fz2DAjJApC9Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.116.96.0/19
95.174.128.0/19
212.9.32.0/19
217.10.64.0/20
217.116.112.0/20
IPv6:
2001:ab0::/29
Signature Algorithm: sha256WithRSAEncryption
2f:1d:da:61:b5:10:51:62:3a:28:5d:ce:d4:f4:81:70:aa:d0:
28:9c:fc:fb:92:b9:ba:02:79:5e:0b:aa:93:fc:14:51:56:9f:
28:62:3f:8c:2e:60:be:2f:08:ca:79:d8:07:10:ff:12:0d:80:
a6:6b:42:93:2e:3c:77:01:26:9e:0b:ab:cf:53:c7:10:e5:39:
f9:98:6f:04:70:d9:aa:03:cf:88:91:73:19:0e:a6:ba:72:8b:
9b:e6:f3:7a:f4:aa:ac:26:d3:7b:51:39:df:0c:af:8a:c0:f7:
14:31:c9:68:84:44:58:a7:54:16:41:1b:b7:d2:62:18:8c:14:
13:a5:3d:84:cc:49:b8:02:d5:32:e8:6f:8f:92:3d:ff:c1:8e:
f6:7e:27:9a:c0:1e:04:3f:86:2a:fa:8a:d3:2d:90:0e:e4:ad:
d9:cc:fb:40:ba:f4:70:17:b0:ca:b4:01:bf:b6:37:4c:6f:3c:
6e:95:57:06:09:1f:25:88:5d:98:80:d4:93:b4:47:81:8c:77:
7a:db:c8:d6:e9:ba:b7:f1:ea:0f:23:1e:c5:0c:79:8b:0f:ba:
60:d6:75:c5:ad:71:d1:63:47:44:2f:67:7a:24:23:d6:c8:50:
92:2b:3c:31:58:7a:b3:a2:83:15:78:50:f6:b2:f6:5d:72:ff:
ed:af:c0:9b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYTr+WP0MA6DEh85BBPFb71jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzZjcwNzA2ZjZjMGNmYmQ5YzczYTdmM2Q4MzAyMzI0MGE0
MmY1MGQwHhcNMjIxMjA3MDk0NTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmU1ZjQwZWRmZjEyNGIwYjk3ZTUxY2I5ZjAxNjkxOWM3ZjhkZWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbT1PalDpsC1pQhmdkbql3tT96wH
Sx4dvpo3J27IUJXU3Gw3TALi9XhiU6OMi6HePFxOVG5Dy9kCqoy/cgCvr8O15H0p
eBzcqyOngj3FeqbYMI+BgHizisHSsXG+N/JYwAIARCGjhS5u16ChxMKVWzGM0Hs7
DvO/XwTv+SG5y90b9ZTkcwFlKuVmWGc1Voa8xN90i476rUJCTrO8v8K3pwNgZjYJ
TmpvgUeMsYoE/ys2DbrogHPaa8wG1GmWmGxNumAZj6GbvE9qixYztIJVc/YqFjd1
PFkSWTeI+diSErblsDZJciwUmS3GD6fUkaHbs77HrXfB3SgIQS0UVOisKwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP/l9A7f8SSwuX5Ry58BaRnH+N7VMB8GA1UdIwQY
MBaAFOP3Bwb2wM+9nHOn89gwIyQKQvUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTIt
MDlmZjc5MzA4YmJlLzEvXy1YMER0X3hKTEM1ZmxITG53RnBHY2Y0M3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yODZkNDctNjQzNC00MWJkLTlhYTItMDlmZjc5MzA4YmJl
LzEvNF9jSEJ2YkF6NzJjYzZmejJEQWpKQXBDOVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFUnRgAwQF
X66AAwQF1AkgAwQE2QpAAwQE2XRwMA0EAgACMAcDBQMgAQqwMA0GCSqGSIb3DQEB
CwUAA4IBAQAvHdphtRBRYjooXc7U9IFwqtAonPz7krm6AnleC6qT/BRRVp8oYj+M
LmC+LwjKedgHEP8SDYCma0KTLjx3ASaeC6vPU8cQ5Tn5mG8EcNmqA8+IkXMZDqa6
coub5vN69KqsJtN7UTnfDK+KwPcUMclohERYp1QWQRu30mIYjBQTpT2EzEm4AtUy
6G+Pkj3/wY72fieawB4EP4Yq+orTLZAO5K3ZzPtAuvRwF7DKtAG/tjdMbzxulVcG
CR8liF2YgNSTtEeBjHd628jW6bq38eoPIx7FDHmLD7pg1nXFrXHRY0dEL2d6JCPW
yFCSKzwxWHqzooMVeFD2svZdcv/tr8Cb
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:52 2023 by rpki-client on console-fra.rpki-client.org