Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/Xwv1KwhZfEc2GrPgSAMwliKBsvY.roa
File: Xwv1KwhZfEc2GrPgSAMwliKBsvY.roa (raw, json)
Hash identifier: Igk7cMN/NktRXweyxnb6ZJrRkXyrZiuOacEKbcoKlas=
Subject key identifier: 5F:0B:F5:2B:08:59:7C:47:36:1A:B3:E0:48:03:30:96:22:81:B2:F6
Certificate issuer: /CN=066369e2705cb433db0658ab666d08b67b1551dc
Certificate serial: 055A1A62
Authority key identifier: 06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/Xwv1KwhZfEc2GrPgSAMwliKBsvY.roa
Signing time: Sat 01 Jan 2022 10:03:25 +0000
ROA not before: Sat 01 Jan 2022 10:03:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 197308
IP address blocks: 193.108.4.0/24 maxlen: 24
193.108.2.0/23 maxlen: 23
193.108.0.0/24 maxlen: 24
193.108.1.0/24 maxlen: 24
193.108.6.0/24 maxlen: 24
193.108.5.0/24 maxlen: 24
213.180.64.0/19 maxlen: 19
81.91.0.0/20 maxlen: 20
5.179.112.0/21 maxlen: 21
176.57.88.0/22 maxlen: 22
185.27.240.0/22 maxlen: 22
185.21.144.0/22 maxlen: 22
31.216.32.0/21 maxlen: 21
2a03:2f80::/32 maxlen: 32
2a00:5860::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 89791074 (0x55a1a62)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=066369e2705cb433db0658ab666d08b67b1551dc
Validity
Not Before: Jan 1 10:03:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f0bf52b08597c47361ab3e0480330962281b2f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:82:0a:4b:4c:fd:13:71:c9:a5:42:62:2d:c4:
ac:f4:14:d5:b4:93:d7:39:e7:d8:d0:e9:42:09:0e:
ab:f8:9d:fe:c9:bc:03:6f:44:91:8a:6e:54:c6:bc:
8e:c8:6a:a0:03:e3:57:28:ab:70:c5:82:0e:05:16:
ea:19:9b:d5:c6:f0:66:6f:b2:dc:44:c1:4f:0c:d1:
89:ea:7e:f6:83:65:43:74:ff:a0:e4:71:e6:fe:63:
bf:b2:65:1a:ce:0f:b1:f7:1d:5c:0b:b1:d3:7d:e5:
68:42:3b:43:03:8a:98:a7:ac:07:8f:24:e9:51:b3:
7c:5c:9e:fe:a6:e7:be:b9:36:84:12:dd:80:50:5f:
81:05:46:d7:06:22:1e:2f:43:ab:7c:ad:a6:a9:05:
34:14:5f:c4:d6:bc:93:48:39:a5:a4:bd:4f:51:f0:
e0:7a:27:f6:5f:34:82:ca:9f:7a:35:80:a5:3c:a7:
7b:5a:ad:99:ba:64:7f:02:6e:9a:c8:6c:53:b1:ce:
e3:35:09:b0:02:e3:39:4d:f5:9e:78:d8:0c:3b:ec:
9b:54:0e:60:37:d1:9a:67:a4:fa:75:de:f2:ff:d7:
2a:77:c7:57:a6:36:fd:1f:20:d7:f9:95:77:2a:98:
8c:07:87:b7:2b:de:d8:8a:55:8d:3c:95:e3:76:a2:
89:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:0B:F5:2B:08:59:7C:47:36:1A:B3:E0:48:03:30:96:22:81:B2:F6
X509v3 Authority Key Identifier:
keyid:06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/Xwv1KwhZfEc2GrPgSAMwliKBsvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.112.0/21
31.216.32.0/21
81.91.0.0/20
176.57.88.0/22
185.21.144.0/22
185.27.240.0/22
193.108.0.0-193.108.6.255
213.180.64.0/19
IPv6:
2a00:5860::/32
2a03:2f80::/32
Signature Algorithm: sha256WithRSAEncryption
68:fa:69:58:c6:fe:ad:6e:3a:d6:18:6e:67:ac:74:f1:05:16:
2d:19:e9:5b:18:71:e4:10:e2:b5:ca:cc:0a:fd:49:7b:a4:dd:
5f:80:7e:e1:a2:12:5b:61:64:69:b8:97:b0:36:2b:e3:5e:31:
ce:da:cd:5f:10:34:94:bf:7f:d0:10:4b:94:f4:dd:f1:0b:a8:
42:e0:8c:c7:fc:c9:91:5d:9c:57:99:b5:11:7d:49:82:eb:84:
94:65:68:f6:70:77:8e:2f:e6:59:31:0b:74:dd:08:d0:e5:1b:
7f:f5:42:25:9a:31:e5:f2:31:2a:84:f2:ac:1d:06:33:48:a4:
b1:76:66:80:1e:6f:a7:95:34:ef:ed:34:35:fe:b5:8f:be:58:
7f:fd:d6:d9:72:f8:0e:34:a3:9d:f9:e2:7e:1c:b6:99:87:bc:
53:7a:39:a3:69:96:db:24:94:d1:75:69:6a:f9:d3:68:bd:21:
f1:88:8b:03:2f:83:15:12:7c:81:86:75:31:85:2b:54:b1:06:
8c:92:6b:76:f6:f6:c0:ca:64:78:ef:4c:1a:14:0c:44:31:be:
c8:1c:f4:50:8d:c5:57:b6:18:cb:c8:4c:b6:4a:e8:64:1e:23:
bf:59:43:7e:a9:64:bf:2c:f2:38:1c:09:98:d6:1c:26:bd:2c:
10:be:d2:3b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgIEBVoaYjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
NjYzNjllMjcwNWNiNDMzZGIwNjU4YWI2NjZkMDhiNjdiMTU1MWRjMB4XDTIyMDEw
MTEwMDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYwYmY1MmIwODU5
N2M0NzM2MWFiM2UwNDgwMzMwOTYyMjgxYjJmNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANCCCktM/RNxyaVCYi3ErPQU1bST1znn2NDpQgkOq/id/sm8
A29EkYpuVMa8jshqoAPjVyircMWCDgUW6hmb1cbwZm+y3ETBTwzRiep+9oNlQ3T/
oORx5v5jv7JlGs4PsfcdXAux033laEI7QwOKmKesB48k6VGzfFye/qbnvrk2hBLd
gFBfgQVG1wYiHi9Dq3ytpqkFNBRfxNa8k0g5paS9T1Hw4Hon9l80gsqfejWApTyn
e1qtmbpkfwJumshsU7HO4zUJsALjOU31nnjYDDvsm1QOYDfRmmek+nXe8v/XKnfH
V6Y2/R8g1/mVdyqYjAeHtyve2IpVjTyV43aiid0CAwEAAaOCAlAwggJMMB0GA1Ud
DgQWBBRfC/UrCFl8RzYas+BIAzCWIoGy9jAfBgNVHSMEGDAWgBQGY2nicFy0M9sG
WKtmbQi2exVR3DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0JtTnA0bkJjdERQYkJsaXJabTBJdG5zVlVkdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDAvNjRlNDlhLTVmZTEtNDVjMi04MzEwLTM0YTllOThhNWY4Ni8x
L1h3djFLd2haZkVjMkdyUGdTQU13bGlLQnN2WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDAv
NjRlNDlhLTVmZTEtNDVjMi04MzEwLTM0YTllOThhNWY4Ni8xL0JtTnA0bkJjdERQ
YkJsaXJabTBJdG5zVlVkdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBm
BggrBgEFBQcBBwEB/wRXMFUwPQQCAAEwNwMEAwWzcAMEAx/YIAMEBFFbAAMEArA5
WAMEArkVkAMEArkb8DALAwMCwWwDBADBbAYDBAXVtEAwFAQCAAIwDgMFACoAWGAD
BQAqAy+AMA0GCSqGSIb3DQEBCwUAA4IBAQBo+mlYxv6tbjrWGG5nrHTxBRYtGelb
GHHkEOK1yswK/Ul7pN1fgH7hohJbYWRpuJewNivjXjHO2s1fEDSUv3/QEEuU9N3x
C6hC4IzH/MmRXZxXmbURfUmC64SUZWj2cHeOL+ZZMQt03QjQ5Rt/9UIlmjHl8jEq
hPKsHQYzSKSxdmaAHm+nlTTv7TQ1/rWPvlh//dbZcvgONKOd+eJ+HLaZh7xTejmj
aZbbJJTRdWlq+dNovSHxiIsDL4MVEnyBhnUxhStUsQaMkmt29vbAymR470waFAxE
Mb7IHPRQjcVXthjLyEy2SuhkHiO/WUN+qWS/LPI4HAmY1hwmvSwQvtI7
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:46 2023 by rpki-client on console-ams.rpki-client.org