Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xkooZaISvZ90zR30jVvv74gb0do.roa
File: xkooZaISvZ90zR30jVvv74gb0do.roa (raw, json)
Hash identifier: mIslpQ82A4HtJ95g9W2FOdCZrsNS6DGbaHmaAKuj4uA=
Subject key identifier: C6:4A:28:65:A2:12:BD:9F:74:CD:1D:F4:8D:5B:EF:EF:88:1B:D1:DA
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 01851537C1B9C2A08AFFBEAF109A6330BF20
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xkooZaISvZ90zR30jVvv74gb0do.roa
Signing time: Thu 15 Dec 2022 09:57:33 +0000
ROA not before: Thu 15 Dec 2022 09:57:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61317
IP address blocks: 91.186.200.0/22 maxlen: 24
91.186.214.0/23 maxlen: 24
94.241.168.0/21 maxlen: 24
94.241.176.0/21 maxlen: 24
83.147.216.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
83.147.222.0/23 maxlen: 24
83.147.232.0/22 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:15:37:c1:b9:c2:a0:8a:ff:be:af:10:9a:63:30:bf:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Dec 15 09:57:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c64a2865a212bd9f74cd1df48d5befef881bd1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ca:9b:7d:ec:97:4e:e5:3b:e0:07:0e:58:09:
6e:75:57:40:c2:dd:de:da:ad:31:98:ab:31:02:d6:
a6:1c:64:de:a7:ec:f1:c7:05:b8:1d:e6:e9:e6:8d:
a1:05:0a:69:a8:b3:23:fb:4f:6d:1f:10:e7:90:36:
74:f8:3b:22:70:5e:5d:51:41:0e:eb:22:d0:cc:62:
fe:db:73:59:39:46:35:80:34:b1:12:5f:53:cc:fc:
09:a5:c9:5c:54:ca:5b:35:80:47:8f:20:a5:f1:e7:
32:e4:66:10:a3:55:28:35:4d:6f:c8:94:66:56:a4:
27:67:73:06:98:dc:9d:16:f6:4b:63:62:9c:80:bc:
58:df:4c:8c:04:9b:da:cb:e9:64:8e:44:f1:4c:d0:
26:87:44:e5:63:19:76:2f:44:b4:d7:c9:0d:c4:30:
52:cb:6d:c9:0e:60:eb:cd:a5:b6:5b:8b:4a:de:01:
6c:ee:c8:64:80:16:75:48:85:83:f7:43:22:ae:90:
d2:71:01:6d:46:23:86:80:0c:13:f1:09:5b:2b:ac:
45:f3:76:e1:b9:a9:43:88:f9:8c:44:cc:66:c9:c9:
4a:36:ca:40:71:51:ac:0b:7d:69:0e:5c:60:1f:65:
28:9b:2c:77:df:38:cc:53:c6:ea:fe:68:5e:8a:07:
b2:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4A:28:65:A2:12:BD:9F:74:CD:1D:F4:8D:5B:EF:EF:88:1B:D1:DA
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/xkooZaISvZ90zR30jVvv74gb0do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
83.147.222.0/23
83.147.232.0/22
91.186.200.0/22
91.186.214.0/23
94.241.168.0-94.241.183.255
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
06:42:88:38:68:c0:ce:0f:ed:dc:b5:02:7a:31:84:fa:4d:a6:
45:79:ec:47:26:3b:08:16:f0:66:38:02:86:2a:43:08:d0:9d:
b7:d2:4c:a0:d6:a1:1a:71:37:08:ef:6a:07:98:c4:af:0b:b7:
dd:2e:66:5a:f1:e2:78:66:d0:ae:f2:61:15:57:d6:d5:bc:da:
02:c4:8f:42:a9:70:f8:e9:a8:9f:07:53:7c:9b:d6:d4:26:34:
8a:30:cc:ec:1a:c3:13:9f:9d:32:4e:f1:6c:32:cf:5c:3c:4d:
3a:f0:f1:b8:53:70:ff:32:b2:f9:87:b2:dd:6f:48:17:0f:9c:
7e:de:df:c5:3b:02:1c:e4:8c:f9:05:b5:9f:f2:5c:64:2c:22:
2b:49:0e:2b:31:0b:b5:32:a0:0e:c6:b3:bd:6c:4f:d9:5a:41:
77:53:35:05:95:46:38:ab:7a:3d:64:1f:b1:8c:7e:da:d7:16:
de:71:41:1a:8f:da:8c:05:11:1f:54:74:9e:b5:c2:19:76:78:
fc:21:b6:1f:b1:c7:e3:a2:5f:b5:41:c4:85:7a:a2:dd:21:c2:
9e:8b:2c:51:de:b0:e3:41:54:8b:20:30:05:55:e1:af:dd:66:
81:45:2c:9d:e1:c3:22:16:da:98:a3:d5:78:70:82:2d:25:a8:
71:e3:24:81
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAYUVN8G5wqCK/76vEJpjML8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjIxMjE1MDk1NzMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRhMjg2NWEyMTJiZDlmNzRjZDFkZjQ4ZDViZWZlZjg4MWJkMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8qbfeyXTuU74AcOWAludVdAwt3e
2q0xmKsxAtamHGTep+zxxwW4Hebp5o2hBQppqLMj+09tHxDnkDZ0+DsicF5dUUEO
6yLQzGL+23NZOUY1gDSxEl9TzPwJpclcVMpbNYBHjyCl8ecy5GYQo1UoNU1vyJRm
VqQnZ3MGmNydFvZLY2KcgLxY30yMBJvay+lkjkTxTNAmh0TlYxl2L0S018kNxDBS
y23JDmDrzaW2W4tK3gFs7shkgBZ1SIWD90MirpDScQFtRiOGgAwT8QlbK6xF83bh
ualDiPmMRMxmyclKNspAcVGsC31pDlxgH2Uomyx33zjMU8bq/mheigeyDwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFMZKKGWiEr2fdM0d9I1b7++IG9HaMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEveGtvb1phSVN2WjkwelIzMGpWdnY3NGdiMGRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQBU5PYAwQB
U5PeAwQCU5PoAwQCW7rIAwQBW7rWMAwDBANe8agDBANe8bADBACy/R8DBAGy/TQw
DQYJKoZIhvcNAQELBQADggEBAAZCiDhowM4P7dy1AnoxhPpNpkV57EcmOwgW8GY4
AoYqQwjQnbfSTKDWoRpxNwjvageYxK8Lt90uZlrx4nhm0K7yYRVX1tW82gLEj0Kp
cPjpqJ8HU3yb1tQmNIowzOwawxOfnTJO8Wwyz1w8TTrw8bhTcP8ysvmHst1vSBcP
nH7e38U7AhzkjPkFtZ/yXGQsIitJDisxC7UyoA7Gs71sT9laQXdTNQWVRjirej1k
H7GMftrXFt5xQRqP2owFER9UdJ61whl2ePwhth+xx+OiX7VBxIV6ot0hwp6LLFHe
sONBVIsgMAVV4a/dZoFFLJ3hwyIW2pij1Xhwgi0lqHHjJIE=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:45 2023 by rpki-client on console-fra.rpki-client.org