Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/xlb6EcqnIYMKWhl2pIcCgvb6a08.roa
File: xlb6EcqnIYMKWhl2pIcCgvb6a08.roa (raw, json)
Hash identifier: W6Nx061b92NGelgawzC2kkbRLta/vtMigj0LKrh9cUQ=
Subject key identifier: C6:56:FA:11:CA:A7:21:83:0A:5A:19:76:A4:87:02:82:F6:FA:6B:4F
Certificate issuer: /CN=7238fbfea5768479c86300906e74eb254dcb5c69
Certificate serial: 018409274340058E6BE69C2B9AE12343AA8A
Authority key identifier: 72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/xlb6EcqnIYMKWhl2pIcCgvb6a08.roa
Signing time: Mon 24 Oct 2022 08:41:18 +0000
ROA not before: Mon 24 Oct 2022 08:41:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210333
IP address blocks: 185.202.98.0/23 maxlen: 23
185.202.96.0/23 maxlen: 23
213.109.144.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:09:27:43:40:05:8e:6b:e6:9c:2b:9a:e1:23:43:aa:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7238fbfea5768479c86300906e74eb254dcb5c69
Validity
Not Before: Oct 24 08:41:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c656fa11caa721830a5a1976a4870282f6fa6b4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:df:38:0c:bd:cc:9c:56:fc:96:31:91:e0:a4:
12:d5:8f:67:ec:a8:ae:7c:85:e9:f0:01:c6:71:57:
bd:ac:21:6e:81:bc:9a:9c:98:8e:c1:45:4e:b1:77:
9a:b8:2a:a4:03:fc:d3:aa:8d:1a:e1:ff:38:37:33:
b2:d8:13:53:68:95:6b:49:ee:1b:1a:a1:ed:a2:0e:
5d:34:a5:c8:ab:19:59:55:bf:7f:1e:cb:61:22:4c:
19:26:59:7a:a7:7d:98:01:f7:ee:5b:8b:a1:04:59:
90:4f:9f:eb:ff:e0:6c:d4:65:4e:eb:57:b6:d6:56:
92:18:c2:78:43:75:d8:eb:b3:b9:95:b3:fa:3f:5f:
3f:42:dd:89:41:48:e9:36:35:72:6b:37:d8:31:0d:
67:f9:3a:08:0f:61:22:91:30:bd:a8:be:11:03:25:
10:18:b8:db:1b:25:77:63:32:da:b1:9a:87:98:12:
3b:51:17:3a:86:57:49:38:a5:26:e8:df:82:f4:82:
b0:9c:98:7e:ef:75:db:00:e8:c2:db:fb:f8:89:12:
34:7c:06:cf:fa:6b:a7:e6:bd:50:7e:3d:d3:6a:47:
26:a3:34:d7:bd:38:a1:7b:f6:f3:2e:3b:23:df:ce:
71:b6:d6:03:71:6f:1d:69:65:b7:2e:64:fc:cc:a6:
0c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:56:FA:11:CA:A7:21:83:0A:5A:19:76:A4:87:02:82:F6:FA:6B:4F
X509v3 Authority Key Identifier:
keyid:72:38:FB:FE:A5:76:84:79:C8:63:00:90:6E:74:EB:25:4D:CB:5C:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cjj7_qV2hHnIYwCQbnTrJU3LXGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/xlb6EcqnIYMKWhl2pIcCgvb6a08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/fb22ab-b546-4071-beb1-be10e8b4a00e/1/cjj7_qV2hHnIYwCQbnTrJU3LXGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.96.0/22
213.109.144.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:07:bd:05:29:9e:65:e6:2e:eb:97:a2:0c:89:92:54:f4:bf:
98:18:09:87:c4:40:9c:b5:f0:8d:0f:8b:1d:9a:d3:3c:cf:ff:
f3:a4:38:a5:75:ef:34:57:0d:9f:94:b5:f8:6d:dc:67:0b:b3:
f7:4c:73:5a:92:0a:a7:a7:6b:f9:e0:e7:d6:db:8e:dc:ff:98:
6c:af:ff:17:0c:6e:af:eb:60:6e:4b:e9:4f:b1:8c:b7:65:be:
5d:82:05:f4:2e:15:af:06:94:64:6b:0a:9a:c6:e6:09:64:a9:
22:b2:d9:eb:87:88:15:3c:b0:ae:c0:e4:29:b0:b3:36:66:dc:
d2:86:22:c4:1b:e0:8b:11:9b:12:c1:8b:58:a9:45:cf:0d:a8:
1f:48:29:32:d0:8a:7e:d1:25:90:69:eb:b4:c6:ae:b9:1d:0e:
4a:2b:48:bf:54:d4:20:6b:04:61:03:b9:81:5b:68:64:1a:d2:
9d:f6:92:20:3e:10:af:d8:cc:3d:c9:27:11:a4:ff:2c:2c:30:
9f:31:57:3d:a7:07:11:2a:93:3b:f1:0d:ce:0c:d1:19:75:ca:
91:dc:14:9b:b1:c1:49:44:96:7d:ba:07:df:87:fc:01:90:07:
bc:64:1d:02:23:d1:ac:21:b4:64:fb:9e:35:52:bd:c3:36:a4:
b3:87:e1:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYQJJ0NABY5r5pwrmuEjQ6qKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMzhmYmZlYTU3Njg0NzljODYzMDA5MDZlNzRlYjI1NGRj
YjVjNjkwHhcNMjIxMDI0MDg0MTE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjU2ZmExMWNhYTcyMTgzMGE1YTE5NzZhNDg3MDI4MmY2ZmE2YjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t84DL3MnFb8ljGR4KQS1Y9n7Kiu
fIXp8AHGcVe9rCFugbyanJiOwUVOsXeauCqkA/zTqo0a4f84NzOy2BNTaJVrSe4b
GqHtog5dNKXIqxlZVb9/HsthIkwZJll6p32YAffuW4uhBFmQT5/r/+Bs1GVO61e2
1laSGMJ4Q3XY67O5lbP6P18/Qt2JQUjpNjVyazfYMQ1n+ToID2EikTC9qL4RAyUQ
GLjbGyV3YzLasZqHmBI7URc6hldJOKUm6N+C9IKwnJh+73XbAOjC2/v4iRI0fAbP
+mun5r1Qfj3TakcmozTXvTihe/bzLjsj385xttYDcW8daWW3LmT8zKYM6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMZW+hHKpyGDCloZdqSHAoL2+mtPMB8GA1UdIwQY
MBaAFHI4+/6ldoR5yGMAkG506yVNy1xpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEt
YmUxMGU4YjRhMDBlLzEveGxiNkVjcW5JWU1LV2hsMnBJY0NndmI2YTA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9mYjIyYWItYjU0Ni00MDcxLWJlYjEtYmUxMGU4YjRhMDBl
LzEvY2pqN19xVjJoSG5JWXdDUWJuVHJKVTNMWEdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCucpgAwQA
1W2QMA0GCSqGSIb3DQEBCwUAA4IBAQC/B70FKZ5l5i7rl6IMiZJU9L+YGAmHxECc
tfCND4sdmtM8z//zpDilde80Vw2flLX4bdxnC7P3THNakgqnp2v54OfW247c/5hs
r/8XDG6v62BuS+lPsYy3Zb5dggX0LhWvBpRkawqaxuYJZKkistnrh4gVPLCuwOQp
sLM2ZtzShiLEG+CLEZsSwYtYqUXPDagfSCky0Ip+0SWQaeu0xq65HQ5KK0i/VNQg
awRhA7mBW2hkGtKd9pIgPhCv2Mw9yScRpP8sLDCfMVc9pwcRKpM78Q3ODNEZdcqR
3BSbscFJRJZ9ugffh/wBkAe8ZB0CI9GsIbRk+541Ur3DNqSzh+FO
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:44 2023 by rpki-client on console-ams.rpki-client.org