Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/172180-8f44-4161-ab7e-020307acbbb9/1/xwUeQG0sWFrnL8vxUjUKrflWsRg.roa
File: xwUeQG0sWFrnL8vxUjUKrflWsRg.roa (raw, json)
Hash identifier: nCfF8StbRMp7I419b4w0i3YYKab/jfBs87K/T74Mlsg=
Subject key identifier: C7:05:1E:40:6D:2C:58:5A:E7:2F:CB:F1:52:35:0A:AD:F9:56:B1:18
Certificate issuer: /CN=481699c10b8ff8b91ab90940314ee93b27afdcd6
Certificate serial: 03AA56
Authority key identifier: 48:16:99:C1:0B:8F:F8:B9:1A:B9:09:40:31:4E:E9:3B:27:AF:DC:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SBaZwQuP-LkauQlAMU7pOyev3NY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/172180-8f44-4161-ab7e-020307acbbb9/1/xwUeQG0sWFrnL8vxUjUKrflWsRg.roa
Signing time: Tue 21 Jun 2022 11:43:44 +0000
ROA not before: Tue 21 Jun 2022 11:43:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12399
IP address blocks: 185.247.40.0/22 maxlen: 22
212.211.128.0/17 maxlen: 17
212.75.32.0/19 maxlen: 19
2001:a78::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 240214 (0x3aa56)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=481699c10b8ff8b91ab90940314ee93b27afdcd6
Validity
Not Before: Jun 21 11:43:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c7051e406d2c585ae72fcbf152350aadf956b118
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:08:cf:58:40:09:bb:e4:d5:2d:1b:eb:58:91:
ba:2c:38:51:5e:1b:b7:16:ac:ae:b2:71:2c:72:e4:
81:79:7c:fb:30:32:24:76:0b:40:3a:3b:fd:74:f8:
4d:0e:a1:84:71:06:34:c6:1f:00:01:9e:ac:ca:00:
77:df:09:32:10:b4:b6:cf:f0:1d:8e:c8:6e:a8:75:
67:f7:6f:25:89:d9:8d:25:26:09:9d:83:92:d2:20:
cc:25:b8:fd:40:57:c0:da:09:fa:6a:0f:65:20:57:
83:7c:79:7e:5f:64:06:20:1e:c2:f2:c0:00:45:5b:
7d:29:fa:05:f0:93:a4:b6:85:48:ab:e6:3d:bd:50:
5b:7f:94:44:d1:70:2c:aa:b2:16:6e:5f:0b:71:9f:
09:07:ea:cc:69:a1:7f:9a:fa:d5:b5:9d:26:b9:55:
49:e6:5a:03:6c:e6:a6:14:4b:a9:60:c3:e3:4b:bd:
45:e1:8c:70:28:e5:05:f2:51:8d:e3:22:5a:3f:3f:
c2:54:58:c8:b7:e5:3d:5a:d5:50:26:2f:dc:ed:52:
62:4c:f0:62:d5:9d:dd:1a:ba:5a:9d:4c:23:2b:7d:
01:93:28:8c:02:96:2d:c0:9f:a9:aa:7c:c9:7a:f7:
db:86:15:37:72:2d:e1:d6:4b:92:cc:7e:e0:a8:c8:
e0:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:05:1E:40:6D:2C:58:5A:E7:2F:CB:F1:52:35:0A:AD:F9:56:B1:18
X509v3 Authority Key Identifier:
keyid:48:16:99:C1:0B:8F:F8:B9:1A:B9:09:40:31:4E:E9:3B:27:AF:DC:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SBaZwQuP-LkauQlAMU7pOyev3NY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/172180-8f44-4161-ab7e-020307acbbb9/1/xwUeQG0sWFrnL8vxUjUKrflWsRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/172180-8f44-4161-ab7e-020307acbbb9/1/SBaZwQuP-LkauQlAMU7pOyev3NY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.247.40.0/22
212.75.32.0/19
212.211.128.0/17
IPv6:
2001:a78::/29
Signature Algorithm: sha256WithRSAEncryption
43:fa:88:96:3c:fd:3a:6d:c7:3e:5e:da:d1:3c:59:71:61:4b:
cc:02:af:8e:c9:bc:09:64:e9:52:cf:c0:87:c7:8b:05:66:de:
e1:f7:93:4c:ea:35:a9:20:b8:6e:c1:22:50:2e:c7:d6:ec:d4:
a6:f2:b9:38:46:fa:c7:41:b9:04:19:a3:c4:fe:92:21:42:e5:
e8:bc:69:10:f6:32:a3:93:f1:09:b2:6f:aa:39:2a:72:54:73:
ad:44:5c:6c:d1:32:2a:0c:d8:16:ac:a4:32:f2:14:db:69:f8:
99:fd:28:21:dc:87:88:54:0c:dc:22:cb:51:52:6f:53:41:ea:
93:7d:87:71:18:05:bc:fc:d4:c8:73:3d:02:cb:79:d6:bc:d2:
a2:c4:a5:47:cf:f9:c0:44:41:10:47:ed:f5:24:67:ca:b0:c5:
90:e0:6c:7a:40:59:5b:3e:f6:f7:d9:b0:a8:e8:e2:b4:1a:fe:
38:fa:99:1d:dc:14:14:2d:98:30:a0:82:ee:9d:02:1a:70:24:
01:c6:fa:ad:97:50:0b:e9:0f:1e:e8:25:54:98:03:ae:cb:c1:
1b:3a:1f:80:cb:e7:5f:48:2c:6f:cd:4f:64:fc:53:e6:89:00:
bd:b8:58:02:53:c1:b0:c7:da:c0:a9:28:36:4e:99:fe:71:93:
d0:85:4a:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgIDA6pWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDQ4
MTY5OWMxMGI4ZmY4YjkxYWI5MDk0MDMxNGVlOTNiMjdhZmRjZDYwHhcNMjIwNjIx
MTE0MzQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyhjNzA1MWU0MDZkMmM1
ODVhZTcyZmNiZjE1MjM1MGFhZGY5NTZiMTE4MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA5AjPWEAJu+TVLRvrWJG6LDhRXhu3FqyusnEscuSBeXz7MDIk
dgtAOjv9dPhNDqGEcQY0xh8AAZ6sygB33wkyELS2z/AdjshuqHVn928lidmNJSYJ
nYOS0iDMJbj9QFfA2gn6ag9lIFeDfHl+X2QGIB7C8sAARVt9KfoF8JOktoVIq+Y9
vVBbf5RE0XAsqrIWbl8LcZ8JB+rMaaF/mvrVtZ0muVVJ5loDbOamFEupYMPjS71F
4YxwKOUF8lGN4yJaPz/CVFjIt+U9WtVQJi/c7VJiTPBi1Z3dGrpanUwjK30BkyiM
ApYtwJ+pqnzJevfbhhU3ci3h1kuSzH7gqMjgzwIDAQABo4ICJDCCAiAwHQYDVR0O
BBYEFMcFHkBtLFha5y/L8VI1Cq35VrEYMB8GA1UdIwQYMBaAFEgWmcELj/i5GrkJ
QDFO6Tsnr9zWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
U0JhWndRdVAtTGthdVFsQU1VN3BPeWV2M05ZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC84Ni8xNzIxODAtOGY0NC00MTYxLWFiN2UtMDIwMzA3YWNiYmI5LzEv
eHdVZVFHMHNXRnJuTDh2eFVqVUtyZmxXc1JnLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni8x
NzIxODAtOGY0NC00MTYxLWFiN2UtMDIwMzA3YWNiYmI5LzEvU0JhWndRdVAtTGth
dVFsQU1VN3BPeWV2M05ZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDoG
CCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCufcoAwQF1EsgAwQH1NOAMA0EAgAC
MAcDBQMgAQp4MA0GCSqGSIb3DQEBCwUAA4IBAQBD+oiWPP06bcc+XtrRPFlxYUvM
Aq+OybwJZOlSz8CHx4sFZt7h95NM6jWpILhuwSJQLsfW7NSm8rk4RvrHQbkEGaPE
/pIhQuXovGkQ9jKjk/EJsm+qOSpyVHOtRFxs0TIqDNgWrKQy8hTbafiZ/Sgh3IeI
VAzcIstRUm9TQeqTfYdxGAW8/NTIcz0Cy3nWvNKixKVHz/nAREEQR+31JGfKsMWQ
4Gx6QFlbPvb32bCo6OK0Gv44+pkd3BQULZgwoILunQIacCQBxvqtl1AL6Q8e6CVU
mAOuy8EbOh+Ay+dfSCxvzU9k/FPmiQC9uFgCU8Gwx9rAqSg2Tpn+cZPQhUpW
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:21:29 2024 by rpki-client on console-ams.rpki-client.org