Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Zbocvsupyq0cKpsVU3u_rbic_VA.roa
File: Zbocvsupyq0cKpsVU3u_rbic_VA.roa (raw, json)
Hash identifier: 6GFvdflelB7e1NHLVQ2xyIHgrMJtGWlH5KFVMCpCVdc=
Subject key identifier: 65:BA:1C:BE:CB:A9:CA:AD:1C:2A:9B:15:53:7B:BF:AD:B8:9C:FD:50
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 01821AD0BCA8BEBEB970AD293D5B43D92E07
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Zbocvsupyq0cKpsVU3u_rbic_VA.roa
Signing time: Wed 20 Jul 2022 08:54:23 +0000
ROA not before: Wed 20 Jul 2022 08:54:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 834
IP address blocks: 88.209.230.0/24 maxlen: 24
88.209.232.0/22 maxlen: 22
88.209.229.0/24 maxlen: 24
88.209.244.0/23 maxlen: 23
88.209.252.0/24 maxlen: 24
83.137.152.0/24 maxlen: 24
88.209.255.0/24 maxlen: 24
83.137.154.0/24 maxlen: 24
88.209.204.0/24 maxlen: 32
88.209.204.0/22 maxlen: 32
88.209.200.0/22 maxlen: 32
92.52.214.0/24 maxlen: 24
5.182.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1a:d0:bc:a8:be:be:b9:70:ad:29:3d:5b:43:d9:2e:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jul 20 08:54:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=65ba1cbecba9caad1c2a9b15537bbfadb89cfd50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:f3:d0:c1:a9:a6:04:65:3b:0b:0d:1e:b8:2c:
3b:41:d6:2c:e1:e7:a1:8c:7e:47:b1:76:d8:59:d6:
51:51:0a:19:0b:3f:0c:40:48:c8:03:db:a2:fd:71:
33:2e:ba:bd:ac:bb:3e:df:c8:02:fd:06:16:d2:16:
72:e5:39:83:b2:4c:18:b2:cc:2c:6f:11:79:b8:f2:
61:72:b0:6f:c9:86:40:1e:54:f4:6a:23:d5:ba:ef:
ee:7f:92:30:35:39:81:c3:f8:ca:3b:53:74:31:9f:
e7:b8:ee:0d:e1:7a:12:3c:fa:cd:89:4e:08:83:38:
a0:8a:84:49:86:62:1b:c4:9f:63:88:52:98:5f:2f:
b1:c1:18:58:d7:fe:6c:36:a1:6a:02:87:fe:cc:16:
fb:73:6b:08:bc:b2:aa:b8:cb:d1:01:4d:22:70:57:
d1:cf:3f:ac:7c:39:38:a5:b8:3a:38:e6:32:e4:c4:
35:b8:5f:f5:fb:fa:6f:c4:92:94:de:ed:5a:c5:e4:
7d:a1:63:36:cb:19:65:a7:fe:b9:08:1e:4b:b2:1f:
30:21:a6:20:bc:ce:1c:00:97:06:a4:a0:93:01:38:
ec:59:00:db:52:70:9d:5e:c0:e8:6c:3f:00:95:cb:
a4:e7:ee:7b:bb:0c:6d:05:bc:c8:03:d5:d0:ed:65:
84:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:BA:1C:BE:CB:A9:CA:AD:1C:2A:9B:15:53:7B:BF:AD:B8:9C:FD:50
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/Zbocvsupyq0cKpsVU3u_rbic_VA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.114.0/24
83.137.152.0/24
83.137.154.0/24
88.209.200.0/21
88.209.229.0-88.209.230.255
88.209.232.0/22
88.209.244.0/23
88.209.252.0/24
88.209.255.0/24
92.52.214.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:8a:36:7e:f5:26:5e:90:9b:da:5b:c7:07:90:56:50:29:4e:
eb:43:53:54:d2:03:16:e2:dc:70:0e:bf:53:6a:94:c4:8a:a4:
7d:9d:66:e1:a2:16:5f:ff:6f:ae:46:68:04:ea:42:bc:c6:62:
db:6b:ad:95:7f:08:29:60:ce:8f:8e:cf:8b:38:5b:e8:08:de:
a0:7e:9f:19:49:84:c2:c5:da:e5:5a:97:48:31:1d:ec:56:e5:
dd:be:95:10:d2:4d:21:2d:2e:6c:15:c7:0d:07:6e:fa:51:fc:
54:8f:43:19:95:1a:f5:6a:6e:c7:26:f9:cb:e4:50:75:e4:7d:
2c:e1:b5:ef:e2:c2:e5:5b:45:8b:3f:03:f7:11:d3:d7:11:0c:
f5:f2:53:11:24:cb:19:98:a1:29:55:b1:80:27:2c:cf:19:aa:
8d:fc:66:e1:06:fc:44:1f:cd:75:f9:9f:89:1e:25:e4:cc:3f:
fd:53:43:7c:2d:39:f3:49:45:97:58:32:05:22:9e:ab:f1:be:
e8:c9:6b:cf:84:6e:eb:67:fd:8e:2c:fc:85:9f:12:5d:ea:4c:
5e:75:dd:b3:8d:bb:ca:3b:62:93:29:e8:f2:00:da:1a:c0:09:
d0:7c:ff:c6:14:cc:14:db:84:44:f5:ea:24:07:c9:c6:33:d3:
cd:04:8f:3f
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAYIa0Lyovr65cK0pPVtD2S4HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjIwNzIwMDg1NDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWJhMWNiZWNiYTljYWFkMWMyYTliMTU1MzdiYmZhZGI4OWNmZDUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAovPQwammBGU7Cw0euCw7QdYs4eeh
jH5HsXbYWdZRUQoZCz8MQEjIA9ui/XEzLrq9rLs+38gC/QYW0hZy5TmDskwYssws
bxF5uPJhcrBvyYZAHlT0aiPVuu/uf5IwNTmBw/jKO1N0MZ/nuO4N4XoSPPrNiU4I
gzigioRJhmIbxJ9jiFKYXy+xwRhY1/5sNqFqAof+zBb7c2sIvLKquMvRAU0icFfR
zz+sfDk4pbg6OOYy5MQ1uF/1+/pvxJKU3u1axeR9oWM2yxllp/65CB5Lsh8wIaYg
vM4cAJcGpKCTATjsWQDbUnCdXsDobD8Alcuk5+57uwxtBbzIA9XQ7WWETQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFGW6HL7LqcqtHCqbFVN7v624nP1QMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvWmJvY3ZzdXB5cTBjS3BzVlUzdV9yYmljX1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQABbZyAwQA
U4mYAwQAU4maAwQDWNHIMAwDBABY0eUDBABY0eYDBAJY0egDBAFY0fQDBABY0fwD
BABY0f8DBABcNNYwDQYJKoZIhvcNAQELBQADggEBAE6KNn71Jl6Qm9pbxweQVlAp
TutDU1TSAxbi3HAOv1NqlMSKpH2dZuGiFl//b65GaATqQrzGYttrrZV/CClgzo+O
z4s4W+gI3qB+nxlJhMLF2uVal0gxHexW5d2+lRDSTSEtLmwVxw0HbvpR/FSPQxmV
GvVqbscm+cvkUHXkfSzhte/iwuVbRYs/A/cR09cRDPXyUxEkyxmYoSlVsYAnLM8Z
qo38ZuEG/EQfzXX5n4keJeTMP/1TQ3wtOfNJRZdYMgUinqvxvujJa8+Ebutn/Y4s
/IWfEl3qTF513bONu8o7YpMp6PIA2hrACdB8/8YUzBTbhET16iQHycYz080Ejz8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:01 2023 by rpki-client on console-fra.rpki-client.org