Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/sbXsXCSTWBIql5CgqQwaCwPvuY0.roa
File: sbXsXCSTWBIql5CgqQwaCwPvuY0.roa (raw, json)
Hash identifier: dnxy270idOGK4wXxSdIL9H/XMUMxBIFuPVbhQXtbZYc=
Subject key identifier: B1:B5:EC:5C:24:93:58:12:2A:97:90:A0:A9:0C:1A:0B:03:EF:B9:8D
Certificate issuer: /CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Certificate serial: 018709B9
Authority key identifier: 85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/sbXsXCSTWBIql5CgqQwaCwPvuY0.roa
Signing time: Sat 01 Jan 2022 11:54:22 +0000
ROA not before: Sat 01 Jan 2022 11:54:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48031
IP address blocks: 194.62.246.0/23 maxlen: 23
194.62.244.0/23 maxlen: 23
194.15.114.0/24 maxlen: 24
194.26.18.0/24 maxlen: 24
91.213.8.0/24 maxlen: 24
91.228.68.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 25627065 (0x18709b9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85dc9c55e1597e88564daf567e5a4665978c7b85
Validity
Not Before: Jan 1 11:54:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=b1b5ec5c249358122a9790a0a90c1a0b03efb98d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:25:49:35:e6:92:23:e4:64:8e:f7:79:c6:6e:
8a:c0:ee:32:35:6f:c1:f4:08:ea:f1:fd:a6:00:30:
57:1e:d0:e8:1e:da:3e:7d:1f:a9:cd:15:ba:60:8b:
6e:55:29:ef:fb:44:9e:54:a3:64:03:7b:f3:6c:47:
88:b2:9d:7c:32:cb:aa:98:d9:67:3c:2a:04:00:9d:
db:37:48:0c:3e:29:9f:31:db:de:50:a0:0f:04:1a:
0d:12:8e:70:a1:a6:4b:ac:c3:f1:06:4f:f7:6d:5c:
27:cb:b3:12:e6:e4:38:fa:5f:3e:90:5d:38:50:01:
06:6a:d9:42:bb:f9:35:a0:13:43:66:a7:d5:fa:76:
f2:e1:3b:eb:d4:88:70:eb:d5:3c:45:c6:48:3e:b1:
29:cd:0f:b2:d6:fc:c7:6c:10:06:9f:62:45:99:9a:
08:08:b6:4e:66:33:d6:ab:53:97:2b:5a:89:28:dc:
48:c9:0e:ba:14:7e:fe:67:91:7d:8a:ab:54:07:89:
ae:ae:80:21:34:16:40:0c:36:a3:01:44:f7:ef:63:
d1:b6:6f:43:cf:1c:55:46:9b:03:45:91:4c:53:1a:
1e:f3:d2:f9:96:54:c6:78:67:55:87:ac:6e:7e:d3:
e8:e1:c2:78:46:0f:c5:9c:1d:ca:f8:22:d5:73:61:
ec:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B5:EC:5C:24:93:58:12:2A:97:90:A0:A9:0C:1A:0B:03:EF:B9:8D
X509v3 Authority Key Identifier:
keyid:85:DC:9C:55:E1:59:7E:88:56:4D:AF:56:7E:5A:46:65:97:8C:7B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdycVeFZfohWTa9WflpGZZeMe4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/sbXsXCSTWBIql5CgqQwaCwPvuY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/f07fbc-4c32-4d87-a429-86ea19d29163/1/hdycVeFZfohWTa9WflpGZZeMe4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.8.0/24
91.228.68.0/22
194.15.114.0/24
194.26.18.0/24
194.62.244.0/22
Signature Algorithm: sha256WithRSAEncryption
1e:8c:be:c3:8f:b5:23:21:1a:65:32:31:67:3b:ef:06:9b:d1:
f6:97:14:4f:88:77:e0:84:e6:b7:82:cb:27:14:65:61:16:3c:
f1:54:a2:79:b4:c8:09:2f:09:00:b8:66:a8:98:e8:24:94:4f:
7b:05:c5:61:b6:08:d4:8b:0d:1a:32:8e:8e:c1:ec:6d:26:55:
4d:08:b3:be:73:e7:84:fa:3b:73:08:c4:fa:af:8e:24:3c:cd:
4d:5a:74:9d:9a:31:ab:63:31:c0:ab:92:26:c9:d7:df:8d:69:
70:18:06:69:fc:2b:18:fe:30:b6:70:33:79:af:f9:d3:46:bc:
88:25:ec:8a:34:19:52:2e:23:65:f7:07:71:f2:c5:7a:cf:bd:
73:ad:81:27:ba:e4:5b:a8:2b:61:a3:e3:67:16:57:8b:fb:82:
81:0a:64:48:a7:c2:a5:be:ed:d4:41:15:06:48:2f:ae:7a:5e:
3c:bc:9e:1d:7e:ad:2b:be:02:a3:f7:70:3e:30:0c:8d:5d:85:
a8:c4:fd:a3:3b:16:3f:fa:91:6e:08:2b:af:83:f4:73:9a:cb:
be:15:c2:20:7f:5f:05:64:e5:0f:22:be:1a:db:3e:eb:8e:23:
c2:a1:8a:38:bb:78:03:07:c3:c6:b2:d7:4a:4b:af:5b:4f:76:
32:3e:5a:8a
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEAYcJuTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
NWRjOWM1NWUxNTk3ZTg4NTY0ZGFmNTY3ZTVhNDY2NTk3OGM3Yjg1MB4XDTIyMDEw
MTExNTQyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYjFiNWVjNWMyNDkz
NTgxMjJhOTc5MGEwYTkwYzFhMGIwM2VmYjk4ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUlSTXmkiPkZI73ecZuisDuMjVvwfQI6vH9pgAwVx7Q6B7a
Pn0fqc0VumCLblUp7/tEnlSjZAN782xHiLKdfDLLqpjZZzwqBACd2zdIDD4pnzHb
3lCgDwQaDRKOcKGmS6zD8QZP921cJ8uzEubkOPpfPpBdOFABBmrZQrv5NaATQ2an
1fp28uE769SIcOvVPEXGSD6xKc0Pstb8x2wQBp9iRZmaCAi2TmYz1qtTlytaiSjc
SMkOuhR+/meRfYqrVAeJrq6AITQWQAw2owFE9+9j0bZvQ88cVUabA0WRTFMaHvPS
+ZZUxnhnVYesbn7T6OHCeEYPxZwdyvgi1XNh7LsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBSxtexcJJNYEiqXkKCpDBoLA++5jTAfBgNVHSMEGDAWgBSF3JxV4Vl+iFZN
r1Z+WkZll4x7hTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2hkeWNWZUZaZm9oV1RhOVdmbHBHWlplTWU0VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGYvZjA3ZmJjLTRjMzItNGQ4Ny1hNDI5LTg2ZWExOWQyOTE2My8x
L3NiWHNYQ1NUV0JJcWw1Q2dxUXdhQ3dQdnVZMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGYv
ZjA3ZmJjLTRjMzItNGQ4Ny1hNDI5LTg2ZWExOWQyOTE2My8xL2hkeWNWZUZaZm9o
V1RhOVdmbHBHWlplTWU0VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFvVCAMEAlvkRAMEAMIPcgMEAMIa
EgMEAsI+9DANBgkqhkiG9w0BAQsFAAOCAQEAHoy+w4+1IyEaZTIxZzvvBpvR9pcU
T4h34ITmt4LLJxRlYRY88VSiebTICS8JALhmqJjoJJRPewXFYbYI1IsNGjKOjsHs
bSZVTQizvnPnhPo7cwjE+q+OJDzNTVp0nZoxq2MxwKuSJsnX341pcBgGafwrGP4w
tnAzea/500a8iCXsijQZUi4jZfcHcfLFes+9c62BJ7rkW6grYaPjZxZXi/uCgQpk
SKfCpb7t1EEVBkgvrnpePLyeHX6tK74Co/dwPjAMjV2FqMT9ozsWP/qRbggrr4P0
c5rLvhXCIH9fBWTlDyK+Gts+644jwqGKOLt4AwfDxrLXSkuvW092Mj5aig==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:48:30 2024 by rpki-client on console-ams.rpki-client.org