Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/XEdQr8gR9KOCse4y-Fy8vM9XTlU.roa
File: XEdQr8gR9KOCse4y-Fy8vM9XTlU.roa (raw, json)
Hash identifier: cNuzl/Ntn4tqXYLztkPuttJd+K0x61oO3jZ6P8XlmiI=
Subject key identifier: 5C:47:50:AF:C8:11:F4:A3:82:B1:EE:32:F8:5C:BC:BC:CF:57:4E:55
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0DC8405B
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/XEdQr8gR9KOCse4y-Fy8vM9XTlU.roa
Signing time: Tue 28 Jun 2022 06:21:20 +0000
ROA not before: Tue 28 Jun 2022 06:21:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 53356
IP address blocks: 194.64.164.0/22 maxlen: 22
194.64.172.0/22 maxlen: 22
194.64.168.0/22 maxlen: 22
194.233.36.0/22 maxlen: 22
194.233.32.0/22 maxlen: 22
194.233.40.0/22 maxlen: 22
195.179.80.0/20 maxlen: 22
194.195.204.0/22 maxlen: 22
194.195.200.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 231227483 (0xdc8405b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jun 28 06:21:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c4750afc811f4a382b1ee32f85cbcbccf574e55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0d:85:de:61:5e:88:74:a3:38:9a:16:22:a1:
fc:b2:20:8f:60:95:40:da:f9:ee:bf:df:9d:87:b1:
d8:c2:81:ce:9f:82:d2:32:a2:47:58:87:87:99:64:
d3:c1:4e:e1:5a:1e:d4:de:98:91:ad:cf:8f:22:5f:
63:7a:2e:c3:11:e4:fd:2e:25:55:ab:cd:aa:29:0d:
3c:96:32:df:b4:36:0d:d2:63:3e:72:30:a5:49:35:
db:23:08:97:53:02:b8:8c:9c:9e:db:17:78:b6:3b:
90:72:63:ab:ee:31:e9:13:10:87:81:35:39:23:2b:
4f:34:e8:02:f2:06:e5:40:8a:c0:f1:65:96:95:6d:
c1:bf:35:64:35:5a:91:7b:ce:d4:f3:3e:54:93:d1:
fe:a2:0f:5f:b3:4c:84:52:41:5f:31:71:03:8c:09:
0f:40:75:42:59:eb:bb:a6:15:9f:da:b8:dc:59:dd:
b5:6e:fe:38:48:d8:3c:9d:b7:ee:93:69:7a:3f:e2:
bc:e5:b2:03:e0:73:eb:e9:e3:b9:42:32:56:63:b9:
7f:9f:68:b7:81:bf:a9:fe:e9:a9:f1:26:e0:ce:b3:
ad:a8:d5:2e:4e:56:85:42:5c:4d:80:fd:a0:fa:fa:
17:ce:18:12:aa:ce:0e:bb:e2:23:9c:ab:21:9c:e6:
3f:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:47:50:AF:C8:11:F4:A3:82:B1:EE:32:F8:5C:BC:BC:CF:57:4E:55
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/XEdQr8gR9KOCse4y-Fy8vM9XTlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.164.0-194.64.175.255
194.195.200.0/21
194.233.32.0-194.233.43.255
195.179.80.0/20
Signature Algorithm: sha256WithRSAEncryption
4e:51:44:54:d2:3a:ca:b7:0c:03:76:c5:b9:55:49:89:a1:da:
17:24:eb:b1:51:f2:96:3a:96:b3:47:63:7d:7e:a2:c6:9f:74:
a1:da:e4:67:11:e1:8c:bc:dd:e4:69:76:94:44:08:b4:1b:d9:
6b:d7:c5:78:63:42:cb:42:27:65:f3:14:54:ed:fc:95:00:64:
41:fa:a2:79:1e:8e:a0:11:2a:1d:bd:f5:b5:38:4e:1d:c2:7b:
ca:93:a4:4c:6d:fe:fe:bf:aa:1f:c6:ad:29:72:8b:0d:f1:ca:
d7:56:62:76:0c:c0:2c:c8:33:d8:d0:51:c1:f0:a8:dc:05:ec:
b7:5b:40:0e:2c:b6:76:36:38:67:93:1a:25:d5:64:39:a1:d6:
db:19:95:ac:81:43:8b:61:ec:3c:5e:90:30:06:27:01:a5:60:
ae:0d:18:89:33:ce:14:aa:84:6c:fa:6f:eb:e1:2b:ed:49:32:
de:30:f0:15:ba:31:ad:c0:47:b6:84:b7:84:cd:d4:11:5c:18:
4c:fe:04:8c:8c:3e:29:c2:8e:cd:a1:12:dd:2c:74:cd:34:3e:
a2:04:5e:6b:a2:b2:70:e5:be:83:ca:dd:bb:01:5a:72:9a:75:
d7:62:78:d9:f7:72:03:85:49:da:f8:5b:bf:8c:93:e5:4d:0b:
2c:75:c1:3a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEDchAWzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDYy
ODA2MjEyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM0NzUwYWZjODEx
ZjRhMzgyYjFlZTMyZjg1Y2JjYmNjZjU3NGU1NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKINhd5hXoh0oziaFiKh/LIgj2CVQNr57r/fnYex2MKBzp+C
0jKiR1iHh5lk08FO4Voe1N6Yka3PjyJfY3ouwxHk/S4lVavNqikNPJYy37Q2DdJj
PnIwpUk12yMIl1MCuIycntsXeLY7kHJjq+4x6RMQh4E1OSMrTzToAvIG5UCKwPFl
lpVtwb81ZDVakXvO1PM+VJPR/qIPX7NMhFJBXzFxA4wJD0B1Qlnru6YVn9q43Fnd
tW7+OEjYPJ237pNpej/ivOWyA+Bz6+njuUIyVmO5f59ot4G/qf7pqfEm4M6zrajV
Lk5WhUJcTYD9oPr6F84YEqrODrviI5yrIZzmPykCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRcR1CvyBH0o4Kx7jL4XLy8z1dOVTAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L1hFZFFyOGdSOUtPQ3NlNHktRnk4dk05WFRsVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwLgQCAAEwKDAMAwQCwkCkAwQEwkCgAwQDwsPIMAwD
BAXC6SADBALC6SgDBATDs1AwDQYJKoZIhvcNAQELBQADggEBAE5RRFTSOsq3DAN2
xblVSYmh2hck67FR8pY6lrNHY31+osafdKHa5GcR4Yy83eRpdpRECLQb2WvXxXhj
QstCJ2XzFFTt/JUAZEH6onkejqARKh299bU4Th3Ce8qTpExt/v6/qh/GrSlyiw3x
ytdWYnYMwCzIM9jQUcHwqNwF7LdbQA4stnY2OGeTGiXVZDmh1tsZlayBQ4th7Dxe
kDAGJwGlYK4NGIkzzhSqhGz6b+vhK+1JMt4w8BW6Ma3AR7aEt4TN1BFcGEz+BIyM
PinCjs2hEt0sdM00PqIEXmuisnDlvoPK3bsBWnKadddieNn3cgOFSdr4W7+Mk+VN
Cyx1wTo=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:42 2025 by rpki-client