Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/XFsCipTnajQXmGJ9GhLqF33N3fg.roa
File: XFsCipTnajQXmGJ9GhLqF33N3fg.roa (raw, json)
Hash identifier: OBuyxRGac7hItAyl2gM+5fQ4HH2ZEEY94oVJj/ZqYLA=
Subject key identifier: 5C:5B:02:8A:94:E7:6A:34:17:98:62:7D:1A:12:EA:17:7D:CD:DD:F8
Certificate issuer: /CN=668d7f75ef42f0bd71aa9c66668e0a33dbe1634f
Certificate serial: 0A4E7060
Authority key identifier: 66:8D:7F:75:EF:42:F0:BD:71:AA:9C:66:66:8E:0A:33:DB:E1:63:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zo1_de9C8L1xqpxmZo4KM9vhY08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/XFsCipTnajQXmGJ9GhLqF33N3fg.roa
Signing time: Sat 01 Jan 2022 09:57:21 +0000
ROA not before: Sat 01 Jan 2022 09:57:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198089
IP address blocks: 185.46.28.0/22 maxlen: 24
85.222.240.0/20 maxlen: 24
141.136.120.0/21 maxlen: 24
157.97.192.0/18 maxlen: 24
2a01:8580::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 172912736 (0xa4e7060)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=668d7f75ef42f0bd71aa9c66668e0a33dbe1634f
Validity
Not Before: Jan 1 09:57:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c5b028a94e76a341798627d1a12ea177dcdddf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:23:01:f1:0f:f1:09:82:d0:f2:96:18:81:27:
b1:2f:87:4e:00:4c:59:61:2c:77:15:d0:ad:32:3e:
28:2a:5e:63:d6:3d:f1:30:7e:51:39:f6:ad:58:56:
9f:7f:2a:3a:c4:9b:b5:d1:77:d0:f1:a8:eb:a5:be:
3d:f2:67:7e:5d:01:e7:03:99:0f:ec:69:de:43:17:
77:37:fe:5d:43:13:47:33:fc:e2:69:7f:3b:f1:a3:
29:7f:c3:6a:33:1e:35:20:55:5e:e6:b7:b6:5e:e0:
d2:35:80:19:0d:2a:f8:2e:8b:1d:8a:80:e8:d4:e6:
36:42:ec:8c:04:df:68:d8:96:70:d1:6b:1d:76:8c:
79:ba:51:f0:35:ee:7b:3e:4c:8f:47:76:d7:25:86:
40:b7:85:7b:41:58:fe:95:65:00:7f:41:c9:0d:a7:
ec:d0:71:2c:09:62:eb:15:23:f3:e1:38:4a:bb:54:
31:3c:e4:38:81:1e:b4:e4:e0:1b:94:4c:8f:1f:38:
8f:1a:96:00:02:0a:42:3d:20:6f:e3:6e:28:73:bd:
36:2f:8a:df:ea:d8:52:04:25:80:47:b8:69:59:71:
80:f9:63:9e:c7:24:df:82:0d:de:a8:fb:bf:b6:f3:
8a:5e:9e:d8:da:03:94:02:94:5f:45:a7:8a:70:5a:
b1:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5B:02:8A:94:E7:6A:34:17:98:62:7D:1A:12:EA:17:7D:CD:DD:F8
X509v3 Authority Key Identifier:
keyid:66:8D:7F:75:EF:42:F0:BD:71:AA:9C:66:66:8E:0A:33:DB:E1:63:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zo1_de9C8L1xqpxmZo4KM9vhY08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/XFsCipTnajQXmGJ9GhLqF33N3fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/53f75e-42b9-4fae-b1be-26e7f3f2b11e/1/Zo1_de9C8L1xqpxmZo4KM9vhY08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.240.0/20
141.136.120.0/21
157.97.192.0/18
185.46.28.0/22
IPv6:
2a01:8580::/32
Signature Algorithm: sha256WithRSAEncryption
5d:ef:39:b3:04:06:ef:c7:44:6d:0f:a2:09:a2:b0:b4:b0:e1:
df:b1:be:48:83:90:1f:c7:23:1f:08:9a:4f:b6:e7:62:e5:a0:
37:83:a1:bf:2c:68:e5:77:05:46:7a:f7:d5:60:7f:6d:bc:7d:
fd:f9:fa:53:19:73:f6:56:c3:8e:d8:21:38:d0:08:4d:68:0c:
16:e6:83:6c:bd:6a:7b:47:85:9d:e7:a6:19:d7:e1:ff:02:c3:
b3:de:17:51:ef:e3:b4:c3:83:5e:fc:8c:d5:de:68:e2:8b:d6:
85:2d:30:9f:9c:35:fe:be:4c:b0:73:65:cf:c5:20:a1:8f:94:
59:f6:b8:b5:21:bf:50:02:53:6a:8a:27:75:74:e5:9c:62:8a:
2d:36:e6:6b:22:5b:b8:31:03:00:9e:d4:07:d6:0b:df:5f:fe:
74:b4:93:91:19:a9:00:1f:3f:f9:5a:fd:69:a6:24:91:aa:f0:
aa:b0:3d:b4:33:34:bb:59:06:2b:65:9c:4b:2d:9d:c6:1e:0f:
54:65:82:00:3b:f4:7c:7d:dc:a5:80:80:64:5f:e0:95:65:9f:
dc:02:4f:8f:a7:c8:38:87:b4:11:bb:97:f4:39:55:6f:7f:b9:
82:34:36:47:aa:57:39:f4:cd:3e:4d:8e:57:6c:76:59:17:ca:
66:2d:cf:29
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECk5wYDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjhkN2Y3NWVmNDJmMGJkNzFhYTljNjY2NjhlMGEzM2RiZTE2MzRmMB4XDTIyMDEw
MTA5NTcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM1YjAyOGE5NGU3
NmEzNDE3OTg2MjdkMWExMmVhMTc3ZGNkZGRmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ8jAfEP8QmC0PKWGIEnsS+HTgBMWWEsdxXQrTI+KCpeY9Y9
8TB+UTn2rVhWn38qOsSbtdF30PGo66W+PfJnfl0B5wOZD+xp3kMXdzf+XUMTRzP8
4ml/O/GjKX/DajMeNSBVXua3tl7g0jWAGQ0q+C6LHYqA6NTmNkLsjATfaNiWcNFr
HXaMebpR8DXuez5Mj0d21yWGQLeFe0FY/pVlAH9ByQ2n7NBxLAli6xUj8+E4SrtU
MTzkOIEetOTgG5RMjx84jxqWAAIKQj0gb+NuKHO9Ni+K3+rYUgQlgEe4aVlxgPlj
nsck34IN3qj7v7bzil6e2NoDlAKUX0WninBasR0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRcWwKKlOdqNBeYYn0aEuoXfc3d+DAfBgNVHSMEGDAWgBRmjX9170LwvXGq
nGZmjgoz2+FjTzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pvMV9kZTlDOEwxeHFweG1abzRLTTl2aFkwOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvNTNmNzVlLTQyYjktNGZhZS1iMWJlLTI2ZTdmM2YyYjExZS8x
L1hGc0NpcFRuYWpRWG1HSjlHaExxRjMzTjNmZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
NTNmNzVlLTQyYjktNGZhZS1iMWJlLTI2ZTdmM2YyYjExZS8xL1pvMV9kZTlDOEwx
eHFweG1abzRLTTl2aFkwOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFXe8AMEA42IeAMEBp1hwAMEArku
HDANBAIAAjAHAwUAKgGFgDANBgkqhkiG9w0BAQsFAAOCAQEAXe85swQG78dEbQ+i
CaKwtLDh37G+SIOQH8cjHwiaT7bnYuWgN4Ohvyxo5XcFRnr31WB/bbx9/fn6Uxlz
9lbDjtghONAITWgMFuaDbL1qe0eFneemGdfh/wLDs94XUe/jtMODXvyM1d5o4ovW
hS0wn5w1/r5MsHNlz8UgoY+UWfa4tSG/UAJTaoondXTlnGKKLTbmayJbuDEDAJ7U
B9YL31/+dLSTkRmpAB8/+Vr9aaYkkarwqrA9tDM0u1kGK2WcSy2dxh4PVGWCADv0
fH3cpYCAZF/glWWf3AJPj6fIOIe0EbuX9DlVb3+5gjQ2R6pXOfTNPk2OV2x2WRfK
Zi3PKQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:39:02 2024 by rpki-client on console-fra.rpki-client.org