Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/iXL3TwFnZ8_NzacpZlNA1-5AIjo.roa
File: iXL3TwFnZ8_NzacpZlNA1-5AIjo.roa (raw, json)
Hash identifier: suT3WsNnJ3mpex6id0ClT6LNT5oPwegcJ4jqALR1NuA=
Subject key identifier: 89:72:F7:4F:01:67:67:CF:CD:CD:A7:29:66:53:40:D7:EE:40:22:3A
Certificate issuer: /CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Certificate serial: 0184588E2F84FD45A598309D2E3087977B18
Authority key identifier: BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/iXL3TwFnZ8_NzacpZlNA1-5AIjo.roa
Signing time: Tue 08 Nov 2022 18:43:43 +0000
ROA not before: Tue 08 Nov 2022 18:43:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 34219
IP address blocks: 178.255.16.0/22 maxlen: 22
178.255.22.0/24 maxlen: 24
178.255.20.0/23 maxlen: 23
159.253.116.0/23 maxlen: 23
93.94.4.0/23 maxlen: 23
185.2.56.0/22 maxlen: 22
2a03:1e00::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:58:8e:2f:84:fd:45:a5:98:30:9d:2e:30:87:97:7b:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb493457b2f02e69b85f718dcc16a9a9ef0fcd1
Validity
Not Before: Nov 8 18:43:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=8972f74f016767cfcdcda729665340d7ee40223a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2e:b6:b8:90:11:10:1f:82:f6:df:93:05:29:
e5:f2:03:b2:f6:76:90:5c:c7:c6:d7:e1:e8:a1:74:
ca:14:f2:c1:23:90:2d:64:ad:16:e8:9f:e8:48:bc:
3b:c7:20:57:f4:d4:21:0c:95:1e:1d:10:e1:af:a1:
40:27:c4:0e:5e:ed:e5:48:5c:20:5c:73:6f:cb:30:
da:a5:32:e6:78:43:0f:6c:72:7e:4e:d1:43:44:ba:
18:96:47:4a:fd:d6:b2:d5:8c:b2:84:17:0b:33:93:
ae:32:82:50:be:86:0c:ef:53:7d:06:b4:c5:4d:43:
7c:69:3c:72:78:8e:2e:9f:e9:a6:2f:ff:fc:8c:fe:
5b:7b:2f:dd:b3:4a:ee:8b:65:c3:84:ee:7e:29:6d:
09:13:6a:5c:56:ac:e6:df:d5:f4:8e:7b:35:a4:67:
0a:26:1d:57:05:e2:c4:17:02:bc:25:75:be:ce:57:
dc:8a:fe:49:ba:16:69:49:a8:1f:96:bb:42:50:b2:
7f:98:e3:ca:71:e9:01:e4:ec:9e:fd:9d:b2:ac:f7:
7b:44:a6:5b:11:ec:d7:89:2e:b6:06:27:52:fd:d6:
00:72:ff:5e:4b:6c:41:ab:fb:00:1b:d7:09:2c:6f:
93:1f:fc:bb:a2:7d:53:d7:6f:a2:87:6d:66:38:f0:
1a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:72:F7:4F:01:67:67:CF:CD:CD:A7:29:66:53:40:D7:EE:40:22:3A
X509v3 Authority Key Identifier:
keyid:BF:B4:93:45:7B:2F:02:E6:9B:85:F7:18:DC:C1:6A:9A:9E:F0:FC:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7STRXsvAuabhfcY3MFqmp7w_NE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/iXL3TwFnZ8_NzacpZlNA1-5AIjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/a4141d-8498-42f4-b2f3-1f6409848150/1/v7STRXsvAuabhfcY3MFqmp7w_NE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.94.4.0/23
159.253.116.0/23
178.255.16.0-178.255.22.255
185.2.56.0/22
IPv6:
2a03:1e00::/32
Signature Algorithm: sha256WithRSAEncryption
a8:1d:28:73:95:e6:16:8a:f5:7f:6d:e2:73:72:13:61:61:bb:
f7:51:3e:e8:44:ea:82:42:f4:42:ae:e5:73:1c:dc:83:19:60:
e5:03:b7:c7:2c:ac:1f:2d:f3:3f:f4:81:86:e7:31:8b:db:a0:
a1:ec:0d:7f:9f:60:89:bf:38:e6:4b:9f:f7:1e:18:de:74:30:
93:9c:7b:15:cb:bd:89:57:f8:54:8e:7e:e6:a5:23:0b:88:70:
15:4d:72:99:79:0e:33:f8:b9:cf:d4:6b:3f:8f:8e:cd:b4:88:
64:92:86:b9:e3:47:71:64:69:76:43:c2:39:51:ba:50:c2:62:
c1:98:80:cd:73:57:2e:0f:42:c4:92:e8:d3:88:f4:ab:c9:13:
38:86:fb:04:54:81:61:ff:80:7e:ac:d9:24:64:fc:2f:09:9c:
9a:d5:e8:7d:2f:37:63:68:54:eb:0d:24:d0:42:62:ca:c9:c3:
f8:38:6e:80:58:e6:e5:40:04:32:ee:1e:1e:ab:44:aa:ad:2a:
f0:39:ee:ae:95:c3:b5:ed:42:70:d7:f4:af:ff:09:71:f1:48:
61:85:6c:ac:9a:b7:17:99:1b:5f:3f:91:06:4f:2d:a0:5a:38:
99:d3:01:4b:6f:ed:2b:bb:eb:75:86:f7:64:ec:5f:71:4e:a5:
51:b2:35:c3
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYRYji+E/UWlmDCdLjCHl3sYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjQ5MzQ1N2IyZjAyZTY5Yjg1ZjcxOGRjYzE2YTlhOWVm
MGZjZDEwHhcNMjIxMTA4MTg0MzQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTcyZjc0ZjAxNjc2N2NmY2RjZGE3Mjk2NjUzNDBkN2VlNDAyMjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqi62uJAREB+C9t+TBSnl8gOy9naQ
XMfG1+HooXTKFPLBI5AtZK0W6J/oSLw7xyBX9NQhDJUeHRDhr6FAJ8QOXu3lSFwg
XHNvyzDapTLmeEMPbHJ+TtFDRLoYlkdK/day1YyyhBcLM5OuMoJQvoYM71N9BrTF
TUN8aTxyeI4un+mmL//8jP5bey/ds0rui2XDhO5+KW0JE2pcVqzm39X0jns1pGcK
Jh1XBeLEFwK8JXW+zlfciv5JuhZpSagflrtCULJ/mOPKcekB5Oye/Z2yrPd7RKZb
EezXiS62BidS/dYAcv9eS2xBq/sAG9cJLG+TH/y7on1T12+ih21mOPAawwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFIly908BZ2fPzc2nKWZTQNfuQCI6MB8GA1UdIwQY
MBaAFL+0k0V7LwLmm4X3GNzBapqe8PzRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMt
MWY2NDA5ODQ4MTUwLzEvaVhMM1R3Rm5aOF9OemFjcFpsTkExLTVBSWpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hNDE0MWQtODQ5OC00MmY0LWIyZjMtMWY2NDA5ODQ4MTUw
LzEvdjdTVFJYc3ZBdWFiaGZjWTNNRnFtcDd3X05FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQBXV4EAwQB
n/10MAwDBASy/xADBACy/xYDBAK5AjgwDQQCAAIwBwMFACoDHgAwDQYJKoZIhvcN
AQELBQADggEBAKgdKHOV5haK9X9t4nNyE2Fhu/dRPuhE6oJC9EKu5XMc3IMZYOUD
t8csrB8t8z/0gYbnMYvboKHsDX+fYIm/OOZLn/ceGN50MJOcexXLvYlX+FSOfual
IwuIcBVNcpl5DjP4uc/Uaz+Pjs20iGSShrnjR3FkaXZDwjlRulDCYsGYgM1zVy4P
QsSS6NOI9KvJEziG+wRUgWH/gH6s2SRk/C8JnJrV6H0vN2NoVOsNJNBCYsrJw/g4
boBY5uVABDLuHh6rRKqtKvA57q6Vw7XtQnDX9K//CXHxSGGFbKyatxeZG18/kQZP
LaBaOJnTAUtv7Su763WG92TsX3FOpVGyNcM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:30 2024 by rpki-client on console-fra.rpki-client.org