Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/xrDBi9Tw9dJPIlQkCgH941ZEet0.roa
File: xrDBi9Tw9dJPIlQkCgH941ZEet0.roa (raw, json)
Hash identifier: d7FJ+tPsMA32Nf4p5+t6Hmux6b2PK20PIhLhqSJl6yE=
Subject key identifier: C6:B0:C1:8B:D4:F0:F5:D2:4F:22:54:24:0A:01:FD:E3:56:44:7A:DD
Certificate issuer: /CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Certificate serial: 0183D1248E978585667FF424E764D663DA18
Authority key identifier: 89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/xrDBi9Tw9dJPIlQkCgH941ZEet0.roa
Signing time: Thu 13 Oct 2022 11:39:37 +0000
ROA not before: Thu 13 Oct 2022 11:39:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207147
IP address blocks: 185.178.88.0/22 maxlen: 24
130.0.88.0/22 maxlen: 24
185.194.120.0/22 maxlen: 24
185.237.40.0/22 maxlen: 24
185.164.212.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d1:24:8e:97:85:85:66:7f:f4:24:e7:64:d6:63:da:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8978ff5dab33c42da65fe4e1abfbca4eafbdd2aa
Validity
Not Before: Oct 13 11:39:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6b0c18bd4f0f5d24f2254240a01fde356447add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:12:bd:c6:41:d5:9e:8c:47:b7:14:67:b5:40:
3e:18:f3:d5:6f:72:57:bf:77:0b:f5:9c:0f:8a:d7:
82:15:fa:fd:12:c2:9a:98:32:b9:1d:71:f7:13:38:
8f:49:2c:b3:2c:61:82:d8:2d:79:b2:8c:32:28:1d:
d3:55:1a:00:2e:e9:f7:f0:42:ad:7d:88:9e:62:66:
04:1a:21:ea:e2:3b:ae:2e:10:49:60:4b:dd:f4:00:
6e:43:fd:68:be:16:f1:0d:c4:9d:d4:a6:8a:59:19:
fb:90:f5:90:1c:c2:00:45:3f:f6:58:e3:b2:e5:c5:
b3:c4:4c:88:76:28:67:67:e5:5e:bd:99:d7:4e:a4:
f4:8e:3d:6d:b5:59:ba:06:00:91:b0:bc:f9:e5:eb:
0f:f2:66:1a:6f:9e:48:08:5b:05:a1:5e:1f:38:90:
8a:0a:1c:60:d5:0c:db:48:d8:f1:56:6a:cd:c4:e3:
9e:dd:23:e9:ea:73:5a:bd:b7:3c:3b:f3:9f:62:98:
c9:eb:47:48:f9:f4:e0:55:1f:3d:72:52:eb:0f:eb:
80:60:52:af:a7:7c:6a:8b:80:fd:fc:38:fc:76:a8:
85:81:8e:6a:77:9b:b0:05:51:58:8d:db:65:8c:2c:
a0:db:df:70:25:ec:4c:50:fd:e6:ad:a2:71:3c:b4:
62:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B0:C1:8B:D4:F0:F5:D2:4F:22:54:24:0A:01:FD:E3:56:44:7A:DD
X509v3 Authority Key Identifier:
keyid:89:78:FF:5D:AB:33:C4:2D:A6:5F:E4:E1:AB:FB:CA:4E:AF:BD:D2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iXj_XaszxC2mX-Thq_vKTq-90qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/xrDBi9Tw9dJPIlQkCgH941ZEet0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/2e8347-d9c7-4e51-9b14-d02d96c36ca3/1/iXj_XaszxC2mX-Thq_vKTq-90qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.0.88.0/22
185.164.212.0/22
185.178.88.0/22
185.194.120.0/22
185.237.40.0/22
Signature Algorithm: sha256WithRSAEncryption
01:5f:76:1a:a1:e9:08:38:07:83:2d:48:42:36:b7:59:98:4f:
94:de:49:0a:52:e5:ab:db:46:fb:06:4e:3f:64:ce:7a:43:a6:
36:90:f0:1f:16:0f:90:18:f3:d3:b4:aa:fe:20:9b:42:d7:54:
c1:b9:29:49:8b:30:29:00:2f:d5:37:d9:34:9d:de:4d:5d:d3:
e3:c8:81:07:97:35:5b:1e:94:e4:0d:69:d2:ff:5f:93:40:89:
81:b3:d2:06:74:27:4b:49:78:4a:c5:c8:04:b4:0b:49:8e:fe:
15:e0:59:78:33:34:22:82:72:5c:e5:82:cd:b4:f4:26:f0:f3:
06:2b:4a:22:0b:ef:91:e0:3e:f9:35:9b:fe:0a:7a:61:7d:52:
6c:a6:9e:bd:66:97:27:1c:72:0a:a0:d1:7f:22:e8:93:dc:cc:
9f:8a:71:b5:6f:e9:36:7f:fd:e6:27:30:4d:29:6e:87:77:4a:
1a:2d:78:55:f9:28:a9:53:11:18:bb:0f:5a:58:73:bb:27:6b:
91:1f:12:83:29:e2:53:10:1f:9a:d5:8b:1a:83:ab:7f:39:96:
fb:f3:37:75:80:ec:a4:c3:9b:a8:ed:ad:fe:46:20:9d:40:49:
de:88:b4:d2:8a:87:14:9e:e4:40:c6:5c:c7:09:43:40:a9:21:
87:93:d8:9d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYPRJI6XhYVmf/Qk52TWY9oYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NzhmZjVkYWIzM2M0MmRhNjVmZTRlMWFiZmJjYTRlYWZi
ZGQyYWEwHhcNMjIxMDEzMTEzOTM3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIwYzE4YmQ0ZjBmNWQyNGYyMjU0MjQwYTAxZmRlMzU2NDQ3YWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthK9xkHVnoxHtxRntUA+GPPVb3JX
v3cL9ZwPiteCFfr9EsKamDK5HXH3EziPSSyzLGGC2C15sowyKB3TVRoALun38EKt
fYieYmYEGiHq4juuLhBJYEvd9ABuQ/1ovhbxDcSd1KaKWRn7kPWQHMIART/2WOOy
5cWzxEyIdihnZ+VevZnXTqT0jj1ttVm6BgCRsLz55esP8mYab55ICFsFoV4fOJCK
Chxg1QzbSNjxVmrNxOOe3SPp6nNavbc8O/OfYpjJ60dI+fTgVR89clLrD+uAYFKv
p3xqi4D9/Dj8dqiFgY5qd5uwBVFYjdtljCyg299wJexMUP3mraJxPLRibQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMawwYvU8PXSTyJUJAoB/eNWRHrdMB8GA1UdIwQY
MBaAFIl4/12rM8Qtpl/k4av7yk6vvdKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQt
ZDAyZDk2YzM2Y2EzLzEveHJEQmk5VHc5ZEpQSWxRa0NnSDk0MVpFZXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC8yZTgzNDctZDljNy00ZTUxLTliMTQtZDAyZDk2YzM2Y2Ez
LzEvaVhqX1hhc3p4QzJtWC1UaHFfdktUcS05MHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCggBYAwQC
uaTUAwQCubJYAwQCucJ4AwQCue0oMA0GCSqGSIb3DQEBCwUAA4IBAQABX3YaoekI
OAeDLUhCNrdZmE+U3kkKUuWr20b7Bk4/ZM56Q6Y2kPAfFg+QGPPTtKr+IJtC11TB
uSlJizApAC/VN9k0nd5NXdPjyIEHlzVbHpTkDWnS/1+TQImBs9IGdCdLSXhKxcgE
tAtJjv4V4Fl4MzQignJc5YLNtPQm8PMGK0oiC++R4D75NZv+CnphfVJspp69Zpcn
HHIKoNF/IuiT3MyfinG1b+k2f/3mJzBNKW6Hd0oaLXhV+SipUxEYuw9aWHO7J2uR
HxKDKeJTEB+a1Ysag6t/OZb78zd1gOykw5uo7a3+RiCdQEneiLTSiocUnuRAxlzH
CUNAqSGHk9id
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:42:46 2023 by rpki-client on console.sobornost.net