Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/rXGJ4d6WQ7eu53YNGCWDxPRdIY0.roa
File: rXGJ4d6WQ7eu53YNGCWDxPRdIY0.roa (raw, json)
Hash identifier: a20skxFXIhu763ot0ZRmJzQA2a5WwAtKK99Fotlk8ag=
Subject key identifier: AD:71:89:E1:DE:96:43:B7:AE:E7:76:0D:18:25:83:C4:F4:5D:21:8D
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0182826F80BCCDB872CB24F42F32DFC71C40
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/rXGJ4d6WQ7eu53YNGCWDxPRdIY0.roa
Signing time: Tue 09 Aug 2022 11:48:41 +0000
ROA not before: Tue 09 Aug 2022 11:48:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3320
IP address blocks: 85.239.149.0/24 maxlen: 24
85.239.151.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.159.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:82:6f:80:bc:cd:b8:72:cb:24:f4:2f:32:df:c7:1c:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Aug 9 11:48:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ad7189e1de9643b7aee7760d182583c4f45d218d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:53:6e:61:56:9a:61:f7:96:22:a6:79:b1:b7:
cb:ee:ce:89:b6:6c:ab:8d:1b:ea:fd:1a:73:a6:8b:
eb:c2:86:13:13:c3:7f:5e:34:eb:2c:cb:2b:9d:2a:
e6:ee:9b:0b:c3:82:d8:fa:a3:81:f5:32:de:24:3f:
0c:db:fa:f1:03:3c:40:0a:f3:f5:cf:2c:78:6b:5c:
c8:93:e6:aa:8d:a0:e7:ae:cb:97:ef:c0:73:dc:c6:
cd:e0:f8:ae:69:3a:8d:f5:da:18:ab:c4:41:d2:dc:
e8:96:e2:18:2a:85:8e:67:00:ec:72:9a:02:2d:24:
c4:ba:c2:ae:80:61:84:52:0c:b6:ea:ef:5a:a6:b7:
75:2e:bd:1a:2d:88:55:f0:57:80:eb:50:ef:67:d3:
67:cd:56:84:93:d9:2d:47:89:95:a1:0b:75:68:06:
0b:f9:18:b0:9d:c8:e4:a4:63:bc:73:16:7c:51:6c:
48:ba:2c:6f:09:ab:b7:2c:71:54:0d:96:44:c0:05:
94:ec:54:c1:ba:1e:86:b7:eb:f2:15:2e:e4:bb:b3:
b0:b2:9c:e6:db:5f:2b:6b:43:72:13:80:12:19:de:
72:f7:8e:db:46:60:19:48:ce:a7:f1:79:ab:e9:f1:
82:d7:ff:ef:84:f2:f6:5d:71:7b:ea:2d:3a:01:5e:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:71:89:E1:DE:96:43:B7:AE:E7:76:0D:18:25:83:C4:F4:5D:21:8D
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/rXGJ4d6WQ7eu53YNGCWDxPRdIY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.149.0/24
85.239.151.0/24
185.95.157.0-185.95.159.255
Signature Algorithm: sha256WithRSAEncryption
a2:c8:02:92:fa:f1:da:9b:66:d7:91:05:1a:51:4d:e8:3b:5d:
5c:e5:b2:1b:82:25:4d:fc:79:61:23:a2:0f:10:6f:64:d7:59:
aa:41:70:31:e1:91:54:72:62:fc:be:47:80:97:fe:a4:5e:49:
f1:e3:58:a0:67:08:8c:20:b5:11:aa:3e:f7:e0:20:17:18:60:
73:e0:a2:f9:64:d5:c4:13:c6:3c:25:89:c0:62:3f:d7:e9:d7:
8e:9f:f9:46:f6:93:4b:49:1c:2a:65:af:2a:f4:36:92:49:9d:
c6:1b:7a:63:aa:8c:d7:42:e6:e5:5c:af:c4:8c:78:d1:7b:fd:
f5:21:de:02:a8:8a:6f:52:a4:ab:f0:53:de:9a:ae:9f:ef:5e:
ac:83:83:59:8a:1b:df:12:bc:f6:81:63:52:28:d7:d1:5e:03:
0c:dc:76:a9:6d:ac:fa:4d:90:f2:1c:3a:68:cb:6b:36:5f:9d:
6b:34:8b:55:8c:67:d1:21:42:49:e7:31:14:ae:79:40:79:17:
ec:14:24:f6:d3:35:fa:94:4a:6d:47:f0:cd:cf:66:a9:ed:d8:
df:5a:db:80:a1:dd:c7:39:a5:9b:a6:bd:7c:6f:1a:3d:79:0c:
06:ce:27:9d:80:2d:af:ef:bc:14:aa:5d:21:e6:f5:ea:87:f5:
da:cb:ff:e1
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYKCb4C8zbhyyyT0LzLfxxxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjIwODA5MTE0ODQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDcxODllMWRlOTY0M2I3YWVlNzc2MGQxODI1ODNjNGY0NWQyMThkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFNuYVaaYfeWIqZ5sbfL7s6Jtmyr
jRvq/RpzpovrwoYTE8N/XjTrLMsrnSrm7psLw4LY+qOB9TLeJD8M2/rxAzxACvP1
zyx4a1zIk+aqjaDnrsuX78Bz3MbN4PiuaTqN9doYq8RB0tzoluIYKoWOZwDscpoC
LSTEusKugGGEUgy26u9aprd1Lr0aLYhV8FeA61DvZ9NnzVaEk9ktR4mVoQt1aAYL
+RiwncjkpGO8cxZ8UWxIuixvCau3LHFUDZZEwAWU7FTBuh6Gt+vyFS7ku7Owspzm
218ra0NyE4ASGd5y947bRmAZSM6n8Xmr6fGC1//vhPL2XXF76i06AV7NzwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK1xieHelkO3rud2DRglg8T0XSGNMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvclhHSjRkNldRN2V1NTNZTkdDV0R4UFJkSVkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVe+VAwQA
Ve+XMAwDBAC5X50DBAW5X4AwDQYJKoZIhvcNAQELBQADggEBAKLIApL68dqbZteR
BRpRTeg7XVzlshuCJU38eWEjog8Qb2TXWapBcDHhkVRyYvy+R4CX/qReSfHjWKBn
CIwgtRGqPvfgIBcYYHPgovlk1cQTxjwlicBiP9fp146f+Ub2k0tJHCplryr0NpJJ
ncYbemOqjNdC5uVcr8SMeNF7/fUh3gKoim9SpKvwU96arp/vXqyDg1mKG98SvPaB
Y1Io19FeAwzcdqltrPpNkPIcOmjLazZfnWs0i1WMZ9EhQknnMRSueUB5F+wUJPbT
NfqUSm1H8M3PZqnt2N9a24Ch3cc5pZumvXxvGj15DAbOJ52ALa/vvBSqXSHm9eqH
9drL/+E=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:51:33 2024 by rpki-client on console-ams.rpki-client.org