Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDgrmmDozG4nO61bXgfVEo4koXI.roa
File: XDgrmmDozG4nO61bXgfVEo4koXI.roa (raw, json)
Hash identifier: c9QZYvwBJuMD98nSJ2TOJoip63tKlehmvg+S1thqlqg=
Subject key identifier: 5C:38:2B:9A:60:E8:CC:6E:27:3B:AD:5B:5E:07:D5:12:8E:24:A1:72
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018318732A18C9EC7BF1CD98C280FEFD4B86
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDgrmmDozG4nO61bXgfVEo4koXI.roa
Signing time: Wed 07 Sep 2022 14:55:44 +0000
ROA not before: Wed 07 Sep 2022 14:55:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50225
IP address blocks: 84.21.173.0/24 maxlen: 24
194.55.224.0/24 maxlen: 24
194.55.225.0/24 maxlen: 24
194.55.226.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
194.55.227.0/24 maxlen: 24
87.121.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:18:73:2a:18:c9:ec:7b:f1:cd:98:c2:80:fe:fd:4b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 7 14:55:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c382b9a60e8cc6e273bad5b5e07d5128e24a172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:09:d1:12:90:ec:2c:88:5e:51:03:f3:1b:c1:
33:8d:30:98:66:0c:09:38:52:b9:79:70:3b:36:06:
22:c8:3c:af:5d:8a:19:8e:5c:b9:41:8b:70:c6:6f:
d3:09:ea:55:23:e3:2d:1e:3a:1b:b9:d5:b9:52:5c:
b4:6f:a3:e6:77:19:41:1c:51:05:c8:69:be:20:bf:
ea:6c:71:85:df:b6:a5:94:5c:b0:ff:ff:27:38:5e:
73:b0:2d:76:e0:fe:3d:7c:df:7d:39:7c:33:83:98:
37:17:59:5b:b3:39:b0:e5:40:98:51:a3:8c:ef:b1:
05:34:4d:0b:5e:7f:d4:1b:45:ae:0b:cf:f3:ce:6a:
ea:b6:09:f1:7d:23:d2:a9:63:a5:a5:0a:67:a0:12:
03:69:42:33:92:ba:f7:2a:7b:5a:cd:79:ac:47:81:
cc:4a:21:4e:aa:ee:7b:c5:8d:42:91:66:a1:0f:29:
08:85:71:66:70:73:e7:bf:01:6a:1e:40:71:2f:05:
18:34:aa:5d:b3:64:ab:9d:db:c0:e4:05:7b:9a:a9:
b6:a6:86:d4:56:bb:ce:1c:fd:ca:52:2c:94:dc:f6:
a3:c2:8d:e2:ea:22:9e:08:63:e1:90:ec:bb:bc:e8:
cf:21:29:00:ba:b2:c8:da:e0:0c:64:e7:98:c6:1f:
3f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:38:2B:9A:60:E8:CC:6E:27:3B:AD:5B:5E:07:D5:12:8E:24:A1:72
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XDgrmmDozG4nO61bXgfVEo4koXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.173.0/24
84.54.48.0/24
87.121.221.0/24
194.55.224.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:ea:93:22:9e:78:67:12:ff:99:a0:89:9a:32:f0:a6:8c:ab:
49:e9:70:ca:8f:00:a0:62:20:b9:ff:c7:3b:dd:e4:91:84:6b:
e7:b1:96:4c:ae:e7:df:df:d9:00:28:90:c6:bd:e1:a2:40:fb:
c0:fe:f6:f4:1c:ce:5f:b9:08:47:50:c2:34:ff:ae:67:f1:bc:
5f:0b:d7:2f:7c:b2:17:4f:8f:f5:ef:9b:ad:c7:cb:77:4f:7e:
25:a3:3e:7a:a9:81:be:dc:46:4f:a4:49:a4:d6:69:fe:bb:01:
7a:13:0c:4c:99:44:6b:6e:00:c4:6e:01:81:a7:df:89:b6:40:
b7:2f:9d:77:3b:19:90:1d:5e:45:0a:e7:62:7b:39:ec:d3:f6:
57:b6:4f:7d:c0:98:14:3d:e5:0d:b1:48:1e:e1:b9:a4:27:a9:
9b:98:74:ca:19:76:1f:c6:56:a7:a3:74:6e:b9:21:8b:32:6e:
42:3e:d4:14:58:5e:cf:95:83:b8:fa:2c:d0:13:2d:b3:c6:ae:
d0:5f:b7:a6:d3:92:1f:b2:66:01:57:da:88:3b:0b:d0:1f:35:
ef:d6:62:cd:ea:ea:d1:1a:df:8c:3c:2d:b4:f1:54:38:a4:82:
c5:b9:87:b0:04:b7:51:70:53:df:d7:fe:63:a7:a4:55:fe:4b:
56:72:ae:4c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYMYcyoYyex78c2YwoD+/UuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIwOTA3MTQ1NTQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzM4MmI5YTYwZThjYzZlMjczYmFkNWI1ZTA3ZDUxMjhlMjRhMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkAnREpDsLIheUQPzG8EzjTCYZgwJ
OFK5eXA7NgYiyDyvXYoZjly5QYtwxm/TCepVI+MtHjobudW5Uly0b6PmdxlBHFEF
yGm+IL/qbHGF37allFyw//8nOF5zsC124P49fN99OXwzg5g3F1lbszmw5UCYUaOM
77EFNE0LXn/UG0WuC8/zzmrqtgnxfSPSqWOlpQpnoBIDaUIzkrr3KntazXmsR4HM
SiFOqu57xY1CkWahDykIhXFmcHPnvwFqHkBxLwUYNKpds2SrndvA5AV7mqm2pobU
VrvOHP3KUiyU3Pajwo3i6iKeCGPhkOy7vOjPISkAurLI2uAMZOeYxh8/JwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFFw4K5pg6MxuJzutW14H1RKOJKFyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWERncm1tRG96RzRuTzYxYlhnZlZFbzRrb1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVBWtAwQA
VDYwAwQAV3ndAwQCwjfgMA0GCSqGSIb3DQEBCwUAA4IBAQC16pMinnhnEv+ZoIma
MvCmjKtJ6XDKjwCgYiC5/8c73eSRhGvnsZZMruff39kAKJDGveGiQPvA/vb0HM5f
uQhHUMI0/65n8bxfC9cvfLIXT4/175utx8t3T34loz56qYG+3EZPpEmk1mn+uwF6
EwxMmURrbgDEbgGBp9+JtkC3L513OxmQHV5FCudiezns0/ZXtk99wJgUPeUNsUge
4bmkJ6mbmHTKGXYfxlano3RuuSGLMm5CPtQUWF7PlYO4+izQEy2zxq7QX7em05If
smYBV9qIOwvQHzXv1mLN6urRGt+MPC208VQ4pILFuYewBLdRcFPf1/5jp6RV/ktW
cq5M
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org