Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/XKBIvhn9EI4MVvBJVCDhLgH9nwk.roa
File: XKBIvhn9EI4MVvBJVCDhLgH9nwk.roa (raw, json)
Hash identifier: RTAkBQChFCeK373hET6vlJXIa3p0bnv7uBGeQzHu7uI=
Subject key identifier: 5C:A0:48:BE:19:FD:10:8E:0C:56:F0:49:54:20:E1:2E:01:FD:9F:09
Certificate issuer: /CN=57c1fe8083646749816ad3fa64098345fb61e9f5
Certificate serial: 06B8611E
Authority key identifier: 57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/XKBIvhn9EI4MVvBJVCDhLgH9nwk.roa
Signing time: Sat 01 Jan 2022 08:53:24 +0000
ROA not before: Sat 01 Jan 2022 08:53:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57099
IP address blocks: 164.138.80.0/21 maxlen: 21
146.255.104.0/21 maxlen: 21
185.16.224.0/22 maxlen: 22
185.47.216.0/24 maxlen: 24
185.47.217.0/24 maxlen: 24
185.47.218.0/24 maxlen: 24
185.47.219.0/24 maxlen: 24
91.229.222.0/24 maxlen: 24
91.229.223.0/24 maxlen: 24
185.56.40.0/24 maxlen: 24
185.56.41.0/24 maxlen: 24
185.56.42.0/24 maxlen: 24
185.56.43.0/24 maxlen: 24
2a04:3c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112746782 (0x6b8611e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c1fe8083646749816ad3fa64098345fb61e9f5
Validity
Not Before: Jan 1 08:53:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ca048be19fd108e0c56f0495420e12e01fd9f09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:8b:56:97:2b:93:b2:9d:c7:16:1e:16:e9:a1:
b5:e6:a2:cd:10:40:0b:eb:e1:78:79:15:09:8b:d1:
15:7b:9a:fd:0e:9a:75:08:b1:a2:6c:23:f5:5b:e0:
3a:75:c3:65:34:37:fb:2c:bf:8a:49:bd:03:65:41:
97:01:92:77:84:0a:46:fb:67:b5:9d:26:65:c1:87:
dd:84:8a:d9:9c:81:58:ee:47:5b:5f:7f:e5:84:5c:
10:97:ce:19:0e:c5:6f:46:3f:cd:72:cd:25:3c:06:
50:4d:e2:87:04:f1:29:2f:33:72:46:bb:31:5a:2e:
f7:93:c9:01:1a:a2:c5:5e:57:c4:5d:79:ab:dd:e7:
20:6d:d0:2d:13:e1:a8:b9:ce:2f:0c:11:b8:95:53:
a4:08:8a:45:ee:e2:1a:b9:01:ca:b1:36:9f:d1:9b:
a7:4a:ce:d0:47:b2:cf:95:e7:91:a0:56:e7:1c:70:
17:9e:39:43:0c:ef:da:11:9d:12:cf:41:3a:23:66:
1a:c7:a7:93:75:99:ac:13:55:6a:41:10:d9:5e:30:
e0:c5:f0:ca:cb:b4:8f:7d:98:e1:01:b2:9d:21:d1:
fa:54:8c:04:3a:f9:c9:66:76:60:45:cc:93:d1:94:
d1:e2:f3:0c:60:2f:c3:0d:bb:c6:08:a5:0a:cf:e1:
af:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A0:48:BE:19:FD:10:8E:0C:56:F0:49:54:20:E1:2E:01:FD:9F:09
X509v3 Authority Key Identifier:
keyid:57:C1:FE:80:83:64:67:49:81:6A:D3:FA:64:09:83:45:FB:61:E9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8H-gINkZ0mBatP6ZAmDRfth6fU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/XKBIvhn9EI4MVvBJVCDhLgH9nwk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/1b4708-eef9-49de-b887-f32069ec4ee5/1/V8H-gINkZ0mBatP6ZAmDRfth6fU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.222.0/23
146.255.104.0/21
164.138.80.0/21
185.16.224.0/22
185.47.216.0/22
185.56.40.0/22
IPv6:
2a04:3c0::/29
Signature Algorithm: sha256WithRSAEncryption
47:b8:dc:87:b8:4a:1b:c2:5a:14:c3:fc:86:53:05:26:8e:56:
50:b9:0f:77:08:f1:3d:2e:53:b2:1c:85:14:da:34:25:99:bb:
27:26:8b:90:fa:68:43:e8:54:48:a2:70:e3:75:2e:f0:0e:8e:
64:81:46:88:f0:05:07:0b:4f:55:56:a2:27:61:13:ca:a2:10:
d0:33:4f:28:5e:75:b0:99:1e:9a:c2:e6:e5:b7:f0:eb:05:a6:
cd:30:6c:47:06:56:87:9a:b3:c4:a0:0a:47:2b:60:f9:26:29:
98:3f:07:53:ca:70:57:da:7a:a4:d3:6c:19:30:58:95:c4:95:
bb:10:a2:e3:ab:d8:fa:b9:26:17:76:7f:b8:4b:e7:81:bf:a3:
d9:da:20:16:78:12:42:9a:dd:d7:ac:95:c8:5c:d3:7d:f9:4b:
e7:f2:bb:c5:a5:75:1c:e6:2d:ea:1f:b1:7a:1f:5e:ee:c9:69:
64:e5:8a:66:38:b2:62:2a:78:49:d3:70:d9:71:f2:b9:20:10:
ca:f2:c8:fc:5e:da:23:0c:fa:19:3a:86:90:58:6e:25:69:b9:
41:aa:c6:f3:88:fa:aa:2e:7e:c0:56:e8:31:25:a3:79:90:d1:
c2:cd:a3:ec:00:f0:2e:d7:1a:f3:01:64:73:ab:48:e3:c0:a9:
e2:4e:26:13
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEBrhhHjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
N2MxZmU4MDgzNjQ2NzQ5ODE2YWQzZmE2NDA5ODM0NWZiNjFlOWY1MB4XDTIyMDEw
MTA4NTMyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNhMDQ4YmUxOWZk
MTA4ZTBjNTZmMDQ5NTQyMGUxMmUwMWZkOWYwOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL2LVpcrk7KdxxYeFumhteaizRBAC+vheHkVCYvRFXua/Q6a
dQixomwj9VvgOnXDZTQ3+yy/ikm9A2VBlwGSd4QKRvtntZ0mZcGH3YSK2ZyBWO5H
W19/5YRcEJfOGQ7Fb0Y/zXLNJTwGUE3ihwTxKS8zcka7MVou95PJARqixV5XxF15
q93nIG3QLRPhqLnOLwwRuJVTpAiKRe7iGrkByrE2n9Gbp0rO0Eeyz5XnkaBW5xxw
F545Qwzv2hGdEs9BOiNmGsenk3WZrBNVakEQ2V4w4MXwysu0j32Y4QGynSHR+lSM
BDr5yWZ2YEXMk9GU0eLzDGAvww27xgilCs/hr5ECAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRcoEi+Gf0QjgxW8ElUIOEuAf2fCTAfBgNVHSMEGDAWgBRXwf6Ag2RnSYFq
0/pkCYNF+2Hp9TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Y4SC1nSU5rWjBtQmF0UDZaQW1EUmZ0aDZmVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjYvMWI0NzA4LWVlZjktNDlkZS1iODg3LWYzMjA2OWVjNGVlNS8x
L1hLQkl2aG45RUk0TVZ2QkpWQ0RoTGdIOW53ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjYv
MWI0NzA4LWVlZjktNDlkZS1iODg3LWYzMjA2OWVjNGVlNS8xL1Y4SC1nSU5rWjBt
QmF0UDZaQW1EUmZ0aDZmVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAVvl3gMEA5L/aAMEA6SKUAMEArkQ
4AMEArkv2AMEArk4KDANBAIAAjAHAwUDKgQDwDANBgkqhkiG9w0BAQsFAAOCAQEA
R7jch7hKG8JaFMP8hlMFJo5WULkPdwjxPS5TshyFFNo0JZm7JyaLkPpoQ+hUSKJw
43Uu8A6OZIFGiPAFBwtPVVaiJ2ETyqIQ0DNPKF51sJkemsLm5bfw6wWmzTBsRwZW
h5qzxKAKRytg+SYpmD8HU8pwV9p6pNNsGTBYlcSVuxCi46vY+rkmF3Z/uEvngb+j
2dogFngSQprd16yVyFzTfflL5/K7xaV1HOYt6h+xeh9e7slpZOWKZjiyYip4SdNw
2XHyuSAQyvLI/F7aIwz6GTqGkFhuJWm5QarG84j6qi5+wFboMSWjeZDRws2j7ADw
Ltca8wFkc6tI48Cp4k4mEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:56 2024 by rpki-client on console-ams.rpki-client.org