Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pTH0YXDJ-R7k5y0zOAA8rj_whzM.roa
File: pTH0YXDJ-R7k5y0zOAA8rj_whzM.roa (raw, json)
Hash identifier: wslO/ZH1j/Txi/99BPfWtN4Om6hM9UM4EoVRW3glQCs=
Subject key identifier: A5:31:F4:61:70:C9:F9:1E:E4:E7:2D:33:38:00:3C:AE:3F:F0:87:33
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 42A42E06
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pTH0YXDJ-R7k5y0zOAA8rj_whzM.roa
Signing time: Sat 01 Jan 2022 06:05:03 +0000
ROA not before: Sat 01 Jan 2022 06:05:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42362
IP address blocks: 83.239.208.0/20 maxlen: 20
85.172.224.0/20 maxlen: 20
85.172.128.0/19 maxlen: 19
85.172.240.0/20 maxlen: 20
85.173.224.0/19 maxlen: 19
85.173.32.0/19 maxlen: 19
85.172.192.0/21 maxlen: 21
83.239.192.0/21 maxlen: 21
85.172.200.0/22 maxlen: 22
85.172.208.0/20 maxlen: 20
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1118055942 (0x42a42e06)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 1 06:05:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=a531f46170c9f91ee4e72d3338003cae3ff08733
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a5:0e:fa:f0:e2:8a:9b:fb:0d:c2:4a:b0:43:
dc:85:93:b6:68:07:dd:a9:e2:1e:f4:b2:0f:34:9d:
31:ca:da:a8:45:8f:53:c3:78:b7:ed:05:ac:b1:6f:
fe:c7:2b:15:04:bc:8e:37:e0:71:17:46:2e:1f:3a:
ef:1f:fb:de:f6:92:7a:bb:a9:46:10:be:63:86:7c:
0e:33:79:84:45:f4:e1:0e:82:48:ed:d2:6d:1f:3d:
3f:74:08:02:09:77:8f:f0:3a:f6:78:ca:da:7a:9b:
5c:5b:cd:e6:c0:bc:c8:70:53:1c:f1:70:41:b4:b9:
dc:a1:17:07:08:cb:3d:32:0f:f5:d7:40:2e:63:f0:
4b:9e:24:de:25:5e:fd:b4:ee:a4:60:b7:8f:3c:c4:
d8:47:eb:21:6c:59:dc:25:5b:75:13:75:5b:9e:dc:
72:06:42:b2:71:49:ba:ef:2f:00:8a:b2:3e:d6:55:
b8:ec:13:b3:2c:89:b1:f3:75:43:f8:ec:54:94:00:
14:76:e1:94:de:90:25:cc:f0:28:11:eb:05:33:fa:
4a:be:45:5e:ae:e8:76:a9:ee:f1:ed:58:cc:ff:e3:
30:3a:ec:09:d3:15:63:7d:f2:e7:dd:46:47:10:99:
be:5a:3a:c8:01:54:01:41:cf:ac:6f:28:d0:6b:1c:
54:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:31:F4:61:70:C9:F9:1E:E4:E7:2D:33:38:00:3C:AE:3F:F0:87:33
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/pTH0YXDJ-R7k5y0zOAA8rj_whzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.239.192.0/21
83.239.208.0/20
85.172.128.0/19
85.172.192.0-85.172.203.255
85.172.208.0-85.172.255.255
85.173.32.0/19
85.173.224.0/19
Signature Algorithm: sha256WithRSAEncryption
8c:5f:27:92:e5:bd:5e:7e:53:18:69:b6:04:fc:db:50:57:2e:
e2:35:0e:88:59:29:f6:f1:b7:d1:27:e6:a5:4f:7e:6f:08:d7:
01:23:a5:b9:7e:51:f3:08:11:ce:52:7d:73:54:15:e8:40:33:
3d:c0:b4:50:89:26:36:af:26:e8:99:ac:39:49:84:0b:4e:30:
14:54:ed:26:58:f9:57:4a:66:4f:d1:bf:34:a1:50:59:38:8b:
45:61:57:ed:b0:6b:b4:f9:98:94:30:14:0e:10:85:97:dc:bc:
98:38:87:79:e1:59:d0:23:e6:9b:dc:6d:31:f1:eb:a1:37:24:
3f:3c:31:f4:70:ca:dc:b5:f3:8e:30:21:eb:10:82:68:c7:c0:
45:4d:a5:48:1d:f6:19:02:0d:d5:c2:2f:e6:d9:be:a0:68:4b:
95:43:43:09:e6:64:b4:c5:73:bb:00:e3:40:72:a5:e8:eb:29:
77:cf:d8:a9:2c:2e:f9:c8:81:e5:a7:f7:bc:0b:cf:18:1b:a3:
8e:8f:da:ee:c2:79:dd:da:7c:3f:d5:e2:3b:6f:b0:b9:5f:57:
2e:95:98:66:67:06:7f:8e:5d:50:2c:ea:77:59:f2:a3:7b:6e:
77:15:d3:f8:62:89:65:a4:af:c7:56:5e:6f:e3:7c:40:f9:66:
1e:75:88:34
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEQqQuBjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZWU1MzFiOWFjMjk5MGQ2OWE4YTVjMzAyM2U3MmU2ZDg0MWU2YzA5MB4XDTIyMDEw
MTA2MDUwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYTUzMWY0NjE3MGM5
ZjkxZWU0ZTcyZDMzMzgwMDNjYWUzZmYwODczMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANqlDvrw4oqb+w3CSrBD3IWTtmgH3aniHvSyDzSdMcraqEWP
U8N4t+0FrLFv/scrFQS8jjfgcRdGLh867x/73vaSerupRhC+Y4Z8DjN5hEX04Q6C
SO3SbR89P3QIAgl3j/A69njK2nqbXFvN5sC8yHBTHPFwQbS53KEXBwjLPTIP9ddA
LmPwS54k3iVe/bTupGC3jzzE2EfrIWxZ3CVbdRN1W57ccgZCsnFJuu8vAIqyPtZV
uOwTsyyJsfN1Q/jsVJQAFHbhlN6QJczwKBHrBTP6Sr5FXq7odqnu8e1YzP/jMDrs
CdMVY33y591GRxCZvlo6yAFUAUHPrG8o0GscVL8CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBSlMfRhcMn5HuTnLTM4ADyuP/CHMzAfBgNVHSMEGDAWgBRe5TG5rCmQ1pqK
XDAj5y5thB5sCTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1h1VXh1YXdwa05hYWlsd3dJLWN1YllRZWJBay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmQvOWExZDQ0LTg2MDktNGU1ZS1iYTk0LTVhODZjMjc1N2MxZS8x
L3BUSDBZWERKLVI3azV5MHpPQUE4cmpfd2h6TS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmQv
OWExZDQ0LTg2MDktNGU1ZS1iYTk0LTVhODZjMjc1N2MxZS8xL1h1VXh1YXdwa05h
YWlsd3dJLWN1YllRZWJBay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwPwQCAAEwOQMEA1PvwAMEBFPv0AMEBVWsgDAMAwQG
VazAAwQCVazIMAsDBARVrNADAwBVrAMEBVWtIAMEBVWt4DANBgkqhkiG9w0BAQsF
AAOCAQEAjF8nkuW9Xn5TGGm2BPzbUFcu4jUOiFkp9vG30SfmpU9+bwjXASOluX5R
8wgRzlJ9c1QV6EAzPcC0UIkmNq8m6JmsOUmEC04wFFTtJlj5V0pmT9G/NKFQWTiL
RWFX7bBrtPmYlDAUDhCFl9y8mDiHeeFZ0CPmm9xtMfHroTckPzwx9HDK3LXzjjAh
6xCCaMfARU2lSB32GQIN1cIv5tm+oGhLlUNDCeZktMVzuwDjQHKl6Ospd8/YqSwu
+ciB5af3vAvPGBujjo/a7sJ53dp8P9XiO2+wuV9XLpWYZmcGf45dUCzqd1nyo3tu
dxXT+GKJZaSvx1Zeb+N8QPlmHnWINA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:56 2024 by rpki-client on console-fra.rpki-client.org