Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/KxzglyZCwHHMZhxb2FPgsU8xsjw.roa
File: KxzglyZCwHHMZhxb2FPgsU8xsjw.roa (raw, json)
Hash identifier: WfvVFuWQhX9/8zQ98HVlaGhBbwEyw9TMgJvG+iw0tP4=
Subject key identifier: 2B:1C:E0:97:26:42:C0:71:CC:66:1C:5B:D8:53:E0:B1:4F:31:B2:3C
Certificate issuer: /CN=cbdfce3a5355f861fdc48c32012c78c9daf9a5a4
Certificate serial: 0603C203
Authority key identifier: CB:DF:CE:3A:53:55:F8:61:FD:C4:8C:32:01:2C:78:C9:DA:F9:A5:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9_OOlNV-GH9xIwyASx4ydr5paQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/KxzglyZCwHHMZhxb2FPgsU8xsjw.roa
Signing time: Sat 01 Jan 2022 06:56:54 +0000
ROA not before: Sat 01 Jan 2022 06:56:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 31655
IP address blocks: 88.215.0.0/18 maxlen: 29
89.213.16.0/20 maxlen: 24
89.213.32.0/21 maxlen: 24
213.218.192.0/20 maxlen: 24
5.2.96.0/19 maxlen: 24
195.162.96.0/19 maxlen: 24
185.21.208.0/22 maxlen: 24
89.213.8.0/21 maxlen: 24
80.252.64.0/20 maxlen: 24
185.4.196.0/22 maxlen: 24
188.66.64.0/18 maxlen: 24
5.144.156.0/22 maxlen: 24
2a02:c1c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 100909571 (0x603c203)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbdfce3a5355f861fdc48c32012c78c9daf9a5a4
Validity
Not Before: Jan 1 06:56:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=2b1ce0972642c071cc661c5bd853e0b14f31b23c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:0e:25:34:ca:4c:e1:16:c4:96:f1:46:f9:eb:
f9:55:92:7e:ef:dc:b1:2f:90:db:99:c9:e2:82:23:
15:6a:b3:d2:fa:31:e3:9c:08:14:1a:c7:02:c2:b2:
02:08:37:67:da:95:10:5d:44:dc:a6:03:8b:14:98:
b8:c8:1c:20:9a:af:49:72:ce:a5:71:c3:fe:1b:fa:
25:10:9a:eb:57:d3:c2:94:1f:30:08:54:64:4d:09:
6e:05:2d:05:1a:d3:65:30:cf:fb:68:6f:31:20:83:
d6:ed:10:d8:09:41:c5:b8:c0:57:f6:0f:2a:a5:c3:
27:83:f6:b5:15:0e:3e:1b:b0:b5:d6:e4:6f:84:66:
74:bb:d5:c3:8a:bf:2c:40:d3:cd:9c:d6:83:ae:33:
78:4b:7c:de:53:d6:4b:c2:c1:2a:35:a4:a8:e9:ed:
99:74:de:e0:c8:ea:00:ea:01:38:d4:d6:60:23:0e:
53:4e:50:21:c0:f9:4b:57:d3:0c:77:d0:93:8c:81:
d9:06:1a:ab:ed:f8:d6:84:cb:7a:41:64:12:e9:c2:
25:19:5b:1e:77:e2:4a:fb:49:68:13:9f:89:5d:bc:
de:a8:da:59:66:90:08:a5:06:ae:ed:2f:6f:7f:63:
bd:1b:9d:34:4a:2e:fa:3d:f7:69:df:14:d1:c4:69:
5e:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:1C:E0:97:26:42:C0:71:CC:66:1C:5B:D8:53:E0:B1:4F:31:B2:3C
X509v3 Authority Key Identifier:
keyid:CB:DF:CE:3A:53:55:F8:61:FD:C4:8C:32:01:2C:78:C9:DA:F9:A5:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9_OOlNV-GH9xIwyASx4ydr5paQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/KxzglyZCwHHMZhxb2FPgsU8xsjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/74a1b5-3c2e-48e2-90fd-b49d89e30ddd/1/y9_OOlNV-GH9xIwyASx4ydr5paQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.96.0/19
5.144.156.0/22
80.252.64.0/20
88.215.0.0/18
89.213.8.0-89.213.39.255
185.4.196.0/22
185.21.208.0/22
188.66.64.0/18
195.162.96.0/19
213.218.192.0/20
IPv6:
2a02:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
67:b9:21:05:9f:3d:1c:94:a1:0a:5a:66:66:80:06:b8:49:34:
27:1f:5b:b8:b6:6d:a4:53:cb:af:cd:db:72:3e:36:94:79:39:
66:4b:9b:0b:36:08:c9:28:78:b2:d9:38:0b:36:89:94:a2:98:
40:d5:80:7f:dc:6f:d6:20:33:62:dd:35:48:b5:05:f3:ed:91:
54:7b:11:63:b9:ef:29:d2:6c:73:dd:fe:ac:80:d0:cc:b3:94:
16:37:29:0f:00:e0:68:88:86:0f:8e:b2:07:54:b0:8b:ef:8c:
c1:16:9c:bb:c6:0b:2e:52:0f:6d:68:3a:fd:2a:03:eb:0e:48:
b7:51:ca:40:79:35:16:8b:83:30:68:20:99:15:14:6a:48:b4:
ae:f6:ce:ef:df:c6:24:8b:c7:b6:a5:32:92:80:96:fe:e1:dc:
fc:4b:22:0a:25:08:e2:4a:56:98:5d:7d:b1:23:2b:c0:50:51:
1f:64:e7:38:9f:74:07:99:fe:ee:61:d0:56:79:cb:b1:4e:e9:
be:72:db:57:7f:64:d5:20:72:93:b7:e6:95:8d:94:31:dd:0e:
30:c8:1e:5f:b2:36:80:d2:47:6a:2e:33:38:8c:8e:66:82:3d:
bf:77:fc:f4:74:91:6f:db:b7:82:a2:8b:63:b6:33:7b:77:a1:
61:d4:9c:30
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIEBgPCAzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
YmRmY2UzYTUzNTVmODYxZmRjNDhjMzIwMTJjNzhjOWRhZjlhNWE0MB4XDTIyMDEw
MTA2NTY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMmIxY2UwOTcyNjQy
YzA3MWNjNjYxYzViZDg1M2UwYjE0ZjMxYjIzYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOcOJTTKTOEWxJbxRvnr+VWSfu/csS+Q25nJ4oIjFWqz0vox
45wIFBrHAsKyAgg3Z9qVEF1E3KYDixSYuMgcIJqvSXLOpXHD/hv6JRCa61fTwpQf
MAhUZE0JbgUtBRrTZTDP+2hvMSCD1u0Q2AlBxbjAV/YPKqXDJ4P2tRUOPhuwtdbk
b4RmdLvVw4q/LEDTzZzWg64zeEt83lPWS8LBKjWkqOntmXTe4MjqAOoBONTWYCMO
U05QIcD5S1fTDHfQk4yB2QYaq+341oTLekFkEunCJRlbHnfiSvtJaBOfiV283qja
WWaQCKUGru0vb39jvRudNEou+j33ad8U0cRpXg0CAwEAAaOCAlYwggJSMB0GA1Ud
DgQWBBQrHOCXJkLAccxmHFvYU+CxTzGyPDAfBgNVHSMEGDAWgBTL3846U1X4Yf3E
jDIBLHjJ2vmlpDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3k5X09PbE5WLUdIOXhJd3lBU3g0eWRyNXBhUS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvNzRhMWI1LTNjMmUtNDhlMi05MGZkLWI0OWQ4OWUzMGRkZC8x
L0t4emdseVpDd0hITVpoeGIyRlBnc1U4eHNqdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
NzRhMWI1LTNjMmUtNDhlMi05MGZkLWI0OWQ4OWUzMGRkZC8xL3k5X09PbE5WLUdI
OXhJd3lBU3g0eWRyNXBhUS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBs
BggrBgEFBQcBBwEB/wRdMFswSgQCAAEwRAMEBQUCYAMEAgWQnAMEBFD8QAMEBljX
ADAMAwQDWdUIAwQDWdUgAwQCuQTEAwQCuRXQAwQGvEJAAwQFw6JgAwQE1drAMA0E
AgACMAcDBQMqAsHAMA0GCSqGSIb3DQEBCwUAA4IBAQBnuSEFnz0clKEKWmZmgAa4
STQnH1u4tm2kU8uvzdtyPjaUeTlmS5sLNgjJKHiy2TgLNomUophA1YB/3G/WIDNi
3TVItQXz7ZFUexFjue8p0mxz3f6sgNDMs5QWNykPAOBoiIYPjrIHVLCL74zBFpy7
xgsuUg9taDr9KgPrDki3UcpAeTUWi4MwaCCZFRRqSLSu9s7v38Yki8e2pTKSgJb+
4dz8SyIKJQjiSlaYXX2xIyvAUFEfZOc4n3QHmf7uYdBWecuxTum+cttXf2TVIHKT
t+aVjZQx3Q4wyB5fsjaA0kdqLjM4jI5mgj2/d/z0dJFv27eCootjtjN7d6Fh1Jww
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:10 2023 by rpki-client on console-fra.rpki-client.org