Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/xo6fE9yCd8ngymsqsCUP5sb7TYE.roa
File: xo6fE9yCd8ngymsqsCUP5sb7TYE.roa (raw, json)
Hash identifier: hdreW/IGLXu7PB2pvVdhllF9q5Xk5LhhLdTPX4xLOI8=
Subject key identifier: C6:8E:9F:13:DC:82:77:C9:E0:CA:6B:2A:B0:25:0F:E6:C6:FB:4D:81
Certificate issuer: /CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Certificate serial: 0DFBAF5D
Authority key identifier: 99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/xo6fE9yCd8ngymsqsCUP5sb7TYE.roa
Signing time: Mon 07 Mar 2022 09:47:34 +0000
ROA not before: Mon 07 Mar 2022 09:47:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 28836
IP address blocks: 194.213.114.0/24 maxlen: 24
194.213.114.0/23 maxlen: 23
194.213.115.0/24 maxlen: 24
185.194.84.0/22 maxlen: 22
185.194.84.0/24 maxlen: 24
185.194.85.0/24 maxlen: 24
91.230.171.0/24 maxlen: 24
91.230.170.0/23 maxlen: 23
91.230.170.0/24 maxlen: 24
91.230.176.0/22 maxlen: 22
91.230.176.0/24 maxlen: 24
91.230.177.0/24 maxlen: 24
91.230.178.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 234598237 (0xdfbaf5d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99a2c2ecf58c44b35a0da2957ff4dca2e60b686a
Validity
Not Before: Mar 7 09:47:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c68e9f13dc8277c9e0ca6b2ab0250fe6c6fb4d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:59:73:cb:0b:4d:af:e1:ee:8e:8b:a9:68:65:
86:1d:26:a3:01:6f:59:77:95:4a:af:9c:f8:03:b5:
7d:6d:bc:99:17:6c:4d:b8:46:ff:e6:f3:0d:5b:c2:
bd:0a:d4:16:ed:ef:48:a4:a3:3e:1f:f6:ee:41:b3:
02:3f:24:8c:b7:d2:cc:93:41:23:d7:cd:ad:eb:f7:
30:7b:fc:e6:c2:94:ad:ff:0c:6f:ca:30:0c:d2:dc:
70:4c:74:20:70:8f:58:7f:83:7d:89:ec:ea:f2:29:
07:27:8a:68:a8:af:84:96:62:ed:d8:a9:20:de:76:
51:38:27:e8:e7:4a:d3:b4:bd:eb:46:b3:2f:25:aa:
e2:51:97:2a:85:8f:ec:eb:9b:44:6a:c3:49:f4:5d:
df:9f:7c:aa:28:64:23:12:d6:17:5b:21:e7:70:ca:
1b:90:4c:e7:fc:1e:58:b0:db:38:a9:21:90:52:aa:
0c:a7:4d:68:80:a6:e7:e7:2c:a5:94:6d:08:cf:13:
78:c4:ea:2d:e5:c9:2e:23:0b:51:9e:11:e0:1b:d2:
b1:b1:59:e1:f3:9d:2a:68:5a:cc:40:d0:42:3f:ca:
71:7d:7b:3f:94:e5:5e:ea:c5:0d:5f:24:a3:43:4d:
c8:bd:9c:70:96:c5:a0:2e:66:63:01:a2:e1:0b:18:
0e:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:8E:9F:13:DC:82:77:C9:E0:CA:6B:2A:B0:25:0F:E6:C6:FB:4D:81
X509v3 Authority Key Identifier:
keyid:99:A2:C2:EC:F5:8C:44:B3:5A:0D:A2:95:7F:F4:DC:A2:E6:0B:68:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/maLC7PWMRLNaDaKVf_TcouYLaGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/xo6fE9yCd8ngymsqsCUP5sb7TYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/ba9674-e571-4e35-ab20-e5d507a826bf/1/maLC7PWMRLNaDaKVf_TcouYLaGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.170.0/23
91.230.176.0/22
185.194.84.0/22
194.213.114.0/23
Signature Algorithm: sha256WithRSAEncryption
23:ed:ef:4d:78:3a:cb:ae:97:86:53:5e:98:13:68:86:b3:95:
f2:2f:46:a6:5b:e6:e1:8f:03:d2:d9:3f:6d:13:ec:ac:27:23:
c4:bb:7e:05:94:79:83:38:e1:45:73:87:9b:90:83:21:68:d0:
11:76:d7:f4:d7:e1:f9:2b:a9:f4:f0:76:ee:77:d8:ea:bc:36:
a4:db:a3:92:a0:fd:6c:77:f7:5c:10:d0:c7:23:80:9c:64:99:
88:22:99:cb:56:76:09:1b:5f:4c:fa:50:af:f7:d8:00:65:e3:
c7:8c:d3:d7:a0:93:99:0a:50:a1:54:cc:41:57:e0:b5:32:bf:
51:c8:f6:81:d5:62:fa:ac:b0:10:96:04:e3:f9:39:5c:a1:a4:
c0:ef:3d:55:c2:9f:6b:6d:13:ba:da:e2:73:f2:cd:aa:a0:32:
2e:59:5b:86:77:9c:d4:fd:7a:75:18:72:f3:14:45:cc:f2:21:
d2:90:49:cb:0e:38:4d:e2:54:6f:fc:b9:71:e3:03:ea:c1:00:
9a:d5:12:36:31:13:6c:c2:e6:8f:69:c7:a6:54:63:69:72:87:
1a:d0:cc:44:ea:34:f9:46:fb:1c:f5:23:54:8a:f7:f9:3d:f9:
2d:b4:b6:f7:76:dc:d1:b5:d1:0c:46:f4:43:c2:1c:c4:b1:05:
5c:5b:43:85
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDfuvXTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
OWEyYzJlY2Y1OGM0NGIzNWEwZGEyOTU3ZmY0ZGNhMmU2MGI2ODZhMB4XDTIyMDMw
NzA5NDczNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY4ZTlmMTNkYzgy
NzdjOWUwY2E2YjJhYjAyNTBmZTZjNmZiNGQ4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANtZc8sLTa/h7o6LqWhlhh0mowFvWXeVSq+c+AO1fW28mRds
TbhG/+bzDVvCvQrUFu3vSKSjPh/27kGzAj8kjLfSzJNBI9fNrev3MHv85sKUrf8M
b8owDNLccEx0IHCPWH+DfYns6vIpByeKaKivhJZi7dipIN52UTgn6OdK07S960az
LyWq4lGXKoWP7OubRGrDSfRd3598qihkIxLWF1sh53DKG5BM5/weWLDbOKkhkFKq
DKdNaICm5+cspZRtCM8TeMTqLeXJLiMLUZ4R4BvSsbFZ4fOdKmhazEDQQj/KcX17
P5TlXurFDV8ko0NNyL2ccJbFoC5mYwGi4QsYDlcCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBTGjp8T3IJ3yeDKayqwJQ/mxvtNgTAfBgNVHSMEGDAWgBSZosLs9YxEs1oN
opV/9Nyi5gtoajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L21hTEM3UFdNUkxOYURhS1ZmX1Rjb3VZTGFHby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjYvYmE5Njc0LWU1NzEtNGUzNS1hYjIwLWU1ZDUwN2E4MjZiZi8x
L3hvNmZFOXlDZDhuZ3ltc3FzQ1VQNXNiN1RZRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYv
YmE5Njc0LWU1NzEtNGUzNS1hYjIwLWU1ZDUwN2E4MjZiZi8xL21hTEM3UFdNUkxO
YURhS1ZmX1Rjb3VZTGFHby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAVvmqgMEAlvmsAMEArnCVAMEAcLV
cjANBgkqhkiG9w0BAQsFAAOCAQEAI+3vTXg6y66XhlNemBNohrOV8i9Gplvm4Y8D
0tk/bRPsrCcjxLt+BZR5gzjhRXOHm5CDIWjQEXbX9Nfh+Sup9PB27nfY6rw2pNuj
kqD9bHf3XBDQxyOAnGSZiCKZy1Z2CRtfTPpQr/fYAGXjx4zT16CTmQpQoVTMQVfg
tTK/Ucj2gdVi+qywEJYE4/k5XKGkwO89VcKfa20Tutric/LNqqAyLllbhnec1P16
dRhy8xRFzPIh0pBJyw44TeJUb/y5ceMD6sEAmtUSNjETbMLmj2nHplRjaXKHGtDM
ROo0+Ub7HPUjVIr3+T35LbS293bc0bXRDEb0Q8IcxLEFXFtDhQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:56 2025 by rpki-client