Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/1d3ce5-c7ef-49ff-9d4e-596fdbb0edd9/1/xAb4bWzsEa0shi0TLMthavkBQc4.roa
File: xAb4bWzsEa0shi0TLMthavkBQc4.roa (raw, json)
Hash identifier: cKCm3L18gyBpi1sYdgmWvuDX5VdrsIzq1yrzlDnJ/zQ=
Subject key identifier: C4:06:F8:6D:6C:EC:11:AD:2C:86:2D:13:2C:CB:61:6A:F9:01:41:CE
Certificate issuer: /CN=df59083faf5f02bba66809a1a2272eaf26e8a378
Certificate serial: 0E3373BF
Authority key identifier: DF:59:08:3F:AF:5F:02:BB:A6:68:09:A1:A2:27:2E:AF:26:E8:A3:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/31kIP69fArumaAmhoicuryboo3g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/1d3ce5-c7ef-49ff-9d4e-596fdbb0edd9/1/xAb4bWzsEa0shi0TLMthavkBQc4.roa
Signing time: Sat 01 Jan 2022 10:55:30 +0000
ROA not before: Sat 01 Jan 2022 10:55:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8554
IP address blocks: 82.97.32.0/22 maxlen: 22
82.97.36.0/22 maxlen: 22
185.52.32.0/22 maxlen: 22
193.41.72.0/22 maxlen: 22
195.234.46.0/24 maxlen: 24
82.97.0.0/19 maxlen: 19
82.97.0.0/18 maxlen: 18
2001:1b38::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 238252991 (0xe3373bf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df59083faf5f02bba66809a1a2272eaf26e8a378
Validity
Not Before: Jan 1 10:55:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c406f86d6cec11ad2c862d132ccb616af90141ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:56:63:b8:4f:37:c6:37:65:f9:02:2a:cf:ee:
8d:98:d7:51:ce:05:5a:9c:7a:82:18:b1:a1:3e:6a:
21:91:fb:8a:e4:00:6f:4e:7f:58:e8:80:fb:1a:75:
c2:38:8a:9a:c9:97:3b:2e:96:73:bb:bb:68:4d:fc:
fc:5c:66:54:b2:5e:ad:33:73:44:e9:d6:9e:31:95:
ae:00:af:dd:22:a0:73:24:e2:fe:39:37:c9:ab:22:
a8:d2:0a:e7:c6:87:63:3f:05:92:46:27:ea:a9:60:
15:82:3c:d3:9c:f8:4d:6a:9a:a2:20:89:08:d6:da:
c8:76:b7:09:52:19:31:87:56:6a:49:21:51:07:26:
d7:36:1c:03:8b:80:af:91:4e:15:b1:79:6a:48:e0:
e4:78:bb:e6:80:c4:93:9c:57:b5:80:f9:4c:73:4c:
c8:70:4c:16:6b:46:c4:10:4d:e6:7e:19:2e:46:a4:
3b:e1:11:91:e9:fa:09:cf:ed:03:52:18:90:83:c5:
3f:e4:6e:94:b6:59:3f:80:c0:af:b5:76:d7:66:2e:
59:b5:98:0d:7f:39:59:c2:eb:c2:96:28:13:ac:fa:
8c:ce:ee:0f:b9:9c:80:76:d3:7f:ee:c1:fc:5b:2b:
bd:c5:5c:e2:0a:c6:00:eb:9a:16:5c:e4:03:f5:17:
c9:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:06:F8:6D:6C:EC:11:AD:2C:86:2D:13:2C:CB:61:6A:F9:01:41:CE
X509v3 Authority Key Identifier:
keyid:DF:59:08:3F:AF:5F:02:BB:A6:68:09:A1:A2:27:2E:AF:26:E8:A3:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/31kIP69fArumaAmhoicuryboo3g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/1d3ce5-c7ef-49ff-9d4e-596fdbb0edd9/1/xAb4bWzsEa0shi0TLMthavkBQc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/1d3ce5-c7ef-49ff-9d4e-596fdbb0edd9/1/31kIP69fArumaAmhoicuryboo3g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.97.0.0/18
185.52.32.0/22
193.41.72.0/22
195.234.46.0/24
IPv6:
2001:1b38::/32
Signature Algorithm: sha256WithRSAEncryption
3e:72:ce:fd:16:99:2d:af:3d:47:9e:6d:70:76:38:87:05:00:
3d:8d:b9:bf:6d:68:d1:bb:7d:45:66:7a:08:a9:f4:15:41:b5:
0d:31:6a:f3:41:d2:d7:31:fb:3d:d3:e1:09:e9:b8:97:6b:8b:
32:5d:8d:19:7f:2c:7e:89:e7:59:d4:65:62:5f:9c:a2:58:05:
5e:21:c6:9d:c2:d6:c5:f4:31:d5:ea:60:db:a3:49:12:40:c0:
a4:b6:8c:fc:ea:71:13:46:61:e7:8d:f4:fd:da:32:9a:81:05:
9a:71:be:41:98:d2:b4:99:58:fe:12:b1:eb:23:7a:ea:b6:8e:
15:b0:9a:ba:1d:a8:dd:92:01:c0:3d:d0:4d:61:87:f3:41:d8:
52:bb:19:1e:20:bb:12:3b:95:7b:71:25:fd:8b:fa:0a:ad:b5:
84:5e:12:36:94:67:d7:6b:a5:82:56:06:34:19:a5:d0:72:a2:
0f:83:de:c0:31:12:89:98:d3:d8:3c:c1:60:76:59:7f:33:a3:
a6:f7:f8:23:da:78:79:94:04:5c:a2:aa:01:b2:27:d7:8c:7b:
84:82:31:e2:13:23:55:f0:a3:87:c6:47:16:ae:ca:40:0c:39:
0b:2a:de:c9:12:21:b9:bc:68:2a:9e:be:c0:bb:4e:67:76:ce:
1e:ec:bc:a2
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEDjNzvzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZjU5MDgzZmFmNWYwMmJiYTY2ODA5YTFhMjI3MmVhZjI2ZThhMzc4MB4XDTIyMDEw
MTEwNTUzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQwNmY4NmQ2Y2Vj
MTFhZDJjODYyZDEzMmNjYjYxNmFmOTAxNDFjZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALpWY7hPN8Y3ZfkCKs/ujZjXUc4FWpx6ghixoT5qIZH7iuQA
b05/WOiA+xp1wjiKmsmXOy6Wc7u7aE38/FxmVLJerTNzROnWnjGVrgCv3SKgcyTi
/jk3yasiqNIK58aHYz8FkkYn6qlgFYI805z4TWqaoiCJCNbayHa3CVIZMYdWakkh
UQcm1zYcA4uAr5FOFbF5akjg5Hi75oDEk5xXtYD5THNMyHBMFmtGxBBN5n4ZLkak
O+ERken6Cc/tA1IYkIPFP+RulLZZP4DAr7V212YuWbWYDX85WcLrwpYoE6z6jM7u
D7mcgHbTf+7B/FsrvcVc4grGAOuaFlzkA/UXycECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTEBvhtbOwRrSyGLRMsy2Fq+QFBzjAfBgNVHSMEGDAWgBTfWQg/r18Cu6Zo
CaGiJy6vJuijeDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzMxa0lQNjlmQXJ1bWFBbWhvaWN1cnlib28zZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzYvMWQzY2U1LWM3ZWYtNDlmZi05ZDRlLTU5NmZkYmIwZWRkOS8x
L3hBYjRiV3pzRWEwc2hpMFRMTXRoYXZrQlFjNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzYv
MWQzY2U1LWM3ZWYtNDlmZi05ZDRlLTU5NmZkYmIwZWRkOS8xLzMxa0lQNjlmQXJ1
bWFBbWhvaWN1cnlib28zZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBlJhAAMEArk0IAMEAsEpSAMEAMPq
LjANBAIAAjAHAwUAIAEbODANBgkqhkiG9w0BAQsFAAOCAQEAPnLO/RaZLa89R55t
cHY4hwUAPY25v21o0bt9RWZ6CKn0FUG1DTFq80HS1zH7PdPhCem4l2uLMl2NGX8s
fonnWdRlYl+colgFXiHGncLWxfQx1epg26NJEkDApLaM/OpxE0Zh5430/doymoEF
mnG+QZjStJlY/hKx6yN66raOFbCauh2o3ZIBwD3QTWGH80HYUrsZHiC7EjuVe3El
/Yv6Cq21hF4SNpRn12ulglYGNBml0HKiD4PewDESiZjT2DzBYHZZfzOjpvf4I9p4
eZQEXKKqAbIn14x7hIIx4hMjVfCjh8ZHFq7KQAw5CyreyRIhubxoKp6+wLtOZ3bO
Huy8og==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:39 2023 by rpki-client on console-fra.rpki-client.org