Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/xBYiSwW5TCPcA7D-4B5XYnh6pFA.roa
File: xBYiSwW5TCPcA7D-4B5XYnh6pFA.roa (raw, json)
Hash identifier: B0SUgmhZm+6UpeeT2wvBuoJWIK6iak9fPkG/4ARbHzU=
Subject key identifier: C4:16:22:4B:05:B9:4C:23:DC:03:B0:FE:E0:1E:57:62:78:7A:A4:50
Certificate issuer: /CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Certificate serial: 0F0A6504
Authority key identifier: 7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/xBYiSwW5TCPcA7D-4B5XYnh6pFA.roa
Signing time: Mon 03 Jan 2022 08:28:03 +0000
ROA not before: Mon 03 Jan 2022 08:28:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43541
IP address blocks: 185.64.216.0/22 maxlen: 22
185.59.208.0/22 maxlen: 22
93.185.96.0/20 maxlen: 20
46.243.48.0/21 maxlen: 21
185.14.252.0/22 maxlen: 22
217.16.176.0/20 maxlen: 20
178.251.184.0/21 maxlen: 21
78.24.8.0/21 maxlen: 21
185.115.3.0/24 maxlen: 24
185.115.2.0/24 maxlen: 24
185.115.1.0/24 maxlen: 24
2a02:5420:627::/48 maxlen: 48
2a00:1ed0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 252339460 (0xf0a6504)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e65dab23940cb394f9aaa664fea4d6f8f42e318
Validity
Not Before: Jan 3 08:28:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c416224b05b94c23dc03b0fee01e5762787aa450
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ea:47:c8:34:fb:b0:5a:1f:28:cc:51:70:db:
0a:de:a9:4b:70:f9:81:79:d7:bb:3a:a5:bb:29:b8:
ef:9d:4f:bc:4a:20:76:2e:34:f5:72:52:31:9b:1e:
3c:0d:5e:2a:75:3f:90:69:8c:43:1f:18:b5:f5:a7:
19:a5:74:63:b8:22:4e:a9:14:4f:75:71:77:5c:b9:
8d:19:0e:9f:33:c7:59:dc:5c:97:3d:5b:d4:3b:4a:
28:b7:27:be:69:1e:80:4d:93:e6:d8:a4:3b:9f:29:
a3:08:11:3a:6e:78:d7:b6:ec:88:39:ce:a5:d9:5c:
3e:91:30:c7:80:2f:98:1e:30:b5:64:16:6f:44:ad:
b7:0e:3c:b6:d1:08:d1:0d:86:76:e0:9c:af:ce:f8:
c1:1b:fc:f9:2b:3c:e6:4c:f9:e4:2d:f5:20:3c:2e:
5d:89:00:1a:52:3a:6a:56:49:4d:5d:7b:e5:82:18:
61:ca:42:be:91:83:20:91:5e:24:35:2c:1d:ed:70:
d1:08:36:e0:ab:84:a1:53:48:06:a3:08:73:fc:d6:
d4:a6:53:16:8a:11:d7:6b:c6:42:2b:26:66:93:62:
dc:5a:84:90:cc:d6:e8:e1:78:61:3c:86:c3:7f:39:
83:b3:64:74:17:ad:af:9f:13:a4:e4:12:5a:f9:54:
ae:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:16:22:4B:05:B9:4C:23:DC:03:B0:FE:E0:1E:57:62:78:7A:A4:50
X509v3 Authority Key Identifier:
keyid:7E:65:DA:B2:39:40:CB:39:4F:9A:AA:66:4F:EA:4D:6F:8F:42:E3:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fmXasjlAyzlPmqpmT-pNb49C4xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/xBYiSwW5TCPcA7D-4B5XYnh6pFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/58ebb1-dbec-47f9-bb96-849cfcabb657/1/fmXasjlAyzlPmqpmT-pNb49C4xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.243.48.0/21
78.24.8.0/21
93.185.96.0/20
178.251.184.0/21
185.14.252.0/22
185.59.208.0/22
185.64.216.0/22
185.115.1.0-185.115.3.255
217.16.176.0/20
IPv6:
2a00:1ed0::/32
2a02:5420:627::/48
Signature Algorithm: sha256WithRSAEncryption
1f:1b:9b:1a:a7:33:b5:97:0a:26:c0:55:f7:c7:a6:aa:a6:1d:
97:0d:5b:71:ab:ae:67:ba:8b:b3:d5:97:03:82:2b:42:64:bb:
84:f7:26:aa:03:78:37:1e:a9:94:01:58:af:a3:ce:96:2f:1f:
02:2b:f5:6e:2c:4a:e1:9e:b9:a3:b1:c4:5c:fb:ff:40:0a:27:
6b:fa:c9:5c:d8:a5:b7:76:e1:cc:b1:54:49:af:a6:d4:62:c7:
b7:71:9a:25:c6:dd:5e:a3:bc:5b:e5:1f:d2:01:9a:c0:83:16:
39:86:27:35:05:a3:bf:43:ed:7b:54:b5:45:e0:65:a2:b9:c4:
8f:ba:c3:71:a5:46:f4:58:19:a0:a6:9a:95:e4:6e:35:6c:b8:
3b:36:79:29:33:46:c3:b8:de:a6:ee:85:04:d6:f8:6a:3d:3a:
4a:50:65:99:9a:da:0d:4d:56:86:db:15:04:47:91:fd:26:cf:
00:96:c3:64:f4:52:90:d8:92:d6:ed:9c:47:ea:29:1c:05:74:
b8:a0:3b:63:ab:5a:40:71:55:d1:68:2d:47:4a:09:8c:77:61:
65:8c:27:d2:1f:4e:84:26:33:91:2a:0e:37:15:16:9d:2c:52:
9f:06:39:65:8b:79:16:ba:dc:1f:f1:23:4a:30:e1:4f:8b:27:
25:8a:01:f5
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgIEDwplBDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
ZTY1ZGFiMjM5NDBjYjM5NGY5YWFhNjY0ZmVhNGQ2ZjhmNDJlMzE4MB4XDTIyMDEw
MzA4MjgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQxNjIyNGIwNWI5
NGMyM2RjMDNiMGZlZTAxZTU3NjI3ODdhYTQ1MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMPqR8g0+7BaHyjMUXDbCt6pS3D5gXnXuzqluym4751PvEog
di409XJSMZsePA1eKnU/kGmMQx8YtfWnGaV0Y7giTqkUT3Vxd1y5jRkOnzPHWdxc
lz1b1DtKKLcnvmkegE2T5tikO58powgROm5417bsiDnOpdlcPpEwx4AvmB4wtWQW
b0Sttw48ttEI0Q2GduCcr874wRv8+Ss85kz55C31IDwuXYkAGlI6alZJTV175YIY
YcpCvpGDIJFeJDUsHe1w0Qg24KuEoVNIBqMIc/zW1KZTFooR12vGQismZpNi3FqE
kMzW6OF4YTyGw385g7NkdBetr58TpOQSWvlUrrUCAwEAAaOCAlkwggJVMB0GA1Ud
DgQWBBTEFiJLBblMI9wDsP7gHldieHqkUDAfBgNVHSMEGDAWgBR+ZdqyOUDLOU+a
qmZP6k1vj0LjGDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2ZtWGFzamxBeXpsUG1xcG1ULXBOYjQ5QzR4Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDAvNThlYmIxLWRiZWMtNDdmOS1iYjk2LTg0OWNmY2FiYjY1Ny8x
L3hCWWlTd1c1VENQY0E3RC00QjVYWW5oNnBGQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDAv
NThlYmIxLWRiZWMtNDdmOS1iYjk2LTg0OWNmY2FiYjY1Ny8xL2ZtWGFzamxBeXps
UG1xcG1ULXBOYjQ5QzR4Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBv
BggrBgEFBQcBBwEB/wRgMF4wRAQCAAEwPgMEAy7zMAMEA04YCAMEBF25YAMEA7L7
uAMEArkO/AMEArk70AMEArlA2DAMAwQAuXMBAwQCuXMAAwQE2RCwMBYEAgACMBAD
BQAqAB7QAwcAKgJUIAYnMA0GCSqGSIb3DQEBCwUAA4IBAQAfG5sapzO1lwomwFX3
x6aqph2XDVtxq65nuouz1ZcDgitCZLuE9yaqA3g3HqmUAVivo86WLx8CK/VuLErh
nrmjscRc+/9ACidr+slc2KW3duHMsVRJr6bUYse3cZolxt1eo7xb5R/SAZrAgxY5
hic1BaO/Q+17VLVF4GWiucSPusNxpUb0WBmgppqV5G41bLg7NnkpM0bDuN6m7oUE
1vhqPTpKUGWZmtoNTVaG2xUER5H9Js8AlsNk9FKQ2JLW7ZxH6ikcBXS4oDtjq1pA
cVXRaC1HSgmMd2FljCfSH06EJjORKg43FRadLFKfBjlli3kWutwf8SNKMOFPiycl
igH1
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:48 2024 by rpki-client on console-fra.rpki-client.org