Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/xzrawBg8d4Tgbsa399QHX1Ok958.roa
File: xzrawBg8d4Tgbsa399QHX1Ok958.roa (raw, json)
Hash identifier: 6H7cnMsemCJlM/kOB77SF0L2X7ONUuhjTdFWo+zDGSw=
Subject key identifier: C7:3A:DA:C0:18:3C:77:84:E0:6E:C6:B7:F7:D4:07:5F:53:A4:F7:9F
Certificate issuer: /CN=01335442514d5249b5143cfdf821216bb5c52940
Certificate serial: 0572C550
Authority key identifier: 01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/xzrawBg8d4Tgbsa399QHX1Ok958.roa
Signing time: Wed 15 Jun 2022 21:19:44 +0000
ROA not before: Wed 15 Jun 2022 21:19:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39134
IP address blocks: 185.206.100.0/22 maxlen: 24
185.206.100.0/24 maxlen: 24
88.212.220.0/22 maxlen: 24
88.212.224.0/22 maxlen: 24
88.212.229.0/24 maxlen: 24
88.212.228.0/22 maxlen: 24
88.212.230.0/23 maxlen: 23
88.212.192.0/24 maxlen: 24
88.212.192.0/20 maxlen: 24
88.212.196.0/24 maxlen: 24
88.212.204.0/24 maxlen: 24
88.212.208.0/22 maxlen: 24
2a02:2100::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 91407696 (0x572c550)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01335442514d5249b5143cfdf821216bb5c52940
Validity
Not Before: Jun 15 21:19:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c73adac0183c7784e06ec6b7f7d4075f53a4f79f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:56:e8:75:e0:15:79:b5:a2:d1:39:33:ec:fc:
12:7a:35:60:0d:c0:2b:e2:28:72:0d:3d:2c:11:a9:
01:30:e0:02:ad:43:bb:0c:a6:b8:e0:ce:6d:d9:4c:
29:ce:5e:0e:14:fd:72:df:b9:23:aa:44:cf:87:3b:
51:6f:37:b9:17:34:26:c7:d4:a1:20:a9:07:fc:86:
9c:d2:7b:ef:92:08:8a:a5:03:01:94:10:13:f0:87:
7e:65:85:7b:0c:6b:a3:21:e0:88:0f:ba:b0:3c:16:
a1:24:30:ea:7e:82:d0:3c:34:f1:05:46:43:51:be:
0f:78:e5:37:f4:58:88:e9:16:bc:fb:71:7f:2a:f7:
da:66:a9:fa:04:16:c7:8c:ed:2c:a3:c7:fe:be:92:
97:9b:ae:39:34:dd:d6:c3:c9:f3:8f:ab:e8:20:bb:
99:4b:7e:ac:46:dd:4d:c2:c3:85:b7:8d:56:ba:8e:
38:54:6a:e1:17:74:fc:73:c3:94:99:1e:09:0a:ea:
26:10:b9:5c:d7:91:99:1c:01:a9:e9:d6:b5:54:f4:
67:8b:59:8b:ed:d0:fc:dc:40:98:71:13:2d:ff:6b:
db:8b:4c:6b:c7:e0:fd:9f:ae:a3:5f:a7:c0:8a:91:
c0:09:49:32:9b:ff:0b:80:55:5d:0a:58:ce:58:59:
7e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:3A:DA:C0:18:3C:77:84:E0:6E:C6:B7:F7:D4:07:5F:53:A4:F7:9F
X509v3 Authority Key Identifier:
keyid:01:33:54:42:51:4D:52:49:B5:14:3C:FD:F8:21:21:6B:B5:C5:29:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ATNUQlFNUkm1FDz9-CEha7XFKUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/xzrawBg8d4Tgbsa399QHX1Ok958.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/c7a68f-7bf8-4f80-a9a2-815d2c026646/1/ATNUQlFNUkm1FDz9-CEha7XFKUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.212.192.0-88.212.211.255
88.212.220.0-88.212.231.255
185.206.100.0/22
IPv6:
2a02:2100::/32
Signature Algorithm: sha256WithRSAEncryption
1f:cd:1e:8f:95:3c:72:0f:04:b0:8d:10:d1:02:2d:10:0a:ad:
28:42:c3:b7:70:20:2c:69:8b:99:06:50:c0:d3:d9:27:8f:dd:
26:07:9e:94:21:39:b7:52:5b:df:d0:cd:d9:71:62:ce:de:53:
fe:b3:93:db:0b:72:6b:6d:33:a1:f5:5c:86:b7:f5:07:42:d5:
34:04:a7:4d:89:d7:cd:43:2e:4a:7d:58:9b:68:33:51:f3:81:
59:98:00:65:55:1a:9e:c9:dc:fd:3c:d7:8b:b2:d4:a1:9b:88:
26:05:c7:ff:20:c5:42:43:d2:1e:16:89:6a:48:78:91:52:21:
25:fd:81:ae:9c:8f:ff:84:b3:9a:30:50:03:cb:f1:3d:56:85:
e9:07:5c:40:2c:1a:57:38:08:63:c1:ba:53:90:e4:42:9e:47:
bb:ab:d4:92:7a:10:31:35:ef:5b:a9:fc:14:71:b9:e9:e0:e1:
c8:ed:f9:1b:14:9d:0a:6d:9f:20:31:d8:2d:c7:2b:d1:0d:ad:
57:51:53:10:af:da:7a:24:0b:64:53:f7:5a:d1:66:9d:da:2f:
7f:76:4b:76:0c:a9:06:ad:7c:26:ce:69:42:61:e7:10:5f:a9:
7a:d3:10:41:a6:92:0a:b9:ab:38:ed:92:b2:12:de:dc:e7:e3:
ba:6c:6f:27
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEBXLFUDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTMzNTQ0MjUxNGQ1MjQ5YjUxNDNjZmRmODIxMjE2YmI1YzUyOTQwMB4XDTIyMDYx
NTIxMTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzczYWRhYzAxODNj
Nzc4NGUwNmVjNmI3ZjdkNDA3NWY1M2E0Zjc5ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVW6HXgFXm1otE5M+z8Eno1YA3AK+Iocg09LBGpATDgAq1D
uwymuODObdlMKc5eDhT9ct+5I6pEz4c7UW83uRc0JsfUoSCpB/yGnNJ775IIiqUD
AZQQE/CHfmWFewxroyHgiA+6sDwWoSQw6n6C0Dw08QVGQ1G+D3jlN/RYiOkWvPtx
fyr32map+gQWx4ztLKPH/r6Sl5uuOTTd1sPJ84+r6CC7mUt+rEbdTcLDhbeNVrqO
OFRq4Rd0/HPDlJkeCQrqJhC5XNeRmRwBqenWtVT0Z4tZi+3Q/NxAmHETLf9r24tM
a8fg/Z+uo1+nwIqRwAlJMpv/C4BVXQpYzlhZfpMCAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBTHOtrAGDx3hOBuxrf31AdfU6T3nzAfBgNVHSMEGDAWgBQBM1RCUU1SSbUU
PP34ISFrtcUpQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FUTlVRbEZOVWttMUZEejktQ0VoYTdYRktVQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvYzdhNjhmLTdiZjgtNGY4MC1hOWEyLTgxNWQyYzAyNjY0Ni8x
L3h6cmF3Qmc4ZDRUZ2JzYTM5OVFIWDFPazk1OC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
YzdhNjhmLTdiZjgtNGY4MC1hOWEyLTgxNWQyYzAyNjY0Ni8xL0FUTlVRbEZOVWtt
MUZEejktQ0VoYTdYRktVQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwKAQCAAEwIjAMAwQGWNTAAwQCWNTQMAwDBAJY1NwD
BANY1OADBAK5zmQwDQQCAAIwBwMFACoCIQAwDQYJKoZIhvcNAQELBQADggEBAB/N
Ho+VPHIPBLCNENECLRAKrShCw7dwICxpi5kGUMDT2SeP3SYHnpQhObdSW9/Qzdlx
Ys7eU/6zk9sLcmttM6H1XIa39QdC1TQEp02J181DLkp9WJtoM1HzgVmYAGVVGp7J
3P0814uy1KGbiCYFx/8gxUJD0h4WiWpIeJFSISX9ga6cj/+Es5owUAPL8T1WhekH
XEAsGlc4CGPBulOQ5EKeR7ur1JJ6EDE171up/BRxueng4cjt+RsUnQptnyAx2C3H
K9ENrVdRUxCv2nokC2RT91rRZp3aL392S3YMqQatfCbOaUJh5xBfqXrTEEGmkgq5
qzjtkrIS3tzn47psbyc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:10 2024 by rpki-client on console-fra.rpki-client.org