Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XnONxt7QVSOv1I-lTpcAuwLoO6M.roa
File: XnONxt7QVSOv1I-lTpcAuwLoO6M.roa (raw, json)
Hash identifier: gzS09Jka0jIwKG/JAKd/PEeBk27MxpRvvXmn67cW7pk=
Subject key identifier: 5E:73:8D:C6:DE:D0:55:23:AF:D4:8F:A5:4E:97:00:BB:02:E8:3B:A3
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018442A3EE575E3093E5FC93D5E2A2C4DB4F
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XnONxt7QVSOv1I-lTpcAuwLoO6M.roa
Signing time: Fri 04 Nov 2022 12:35:50 +0000
ROA not before: Fri 04 Nov 2022 12:35:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 1239
IP address blocks: 81.161.238.0/23 maxlen: 24
185.207.12.0/24 maxlen: 24
193.168.196.0/22 maxlen: 24
88.218.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:42:a3:ee:57:5e:30:93:e5:fc:93:d5:e2:a2:c4:db:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Nov 4 12:35:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e738dc6ded05523afd48fa54e9700bb02e83ba3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:56:d4:98:ef:a4:43:f2:fa:ba:ef:1d:3c:9a:
41:17:36:f6:2e:85:0e:45:f9:79:5b:4c:4a:0d:c3:
f6:1f:e6:76:49:9e:06:ae:d3:38:ba:a5:fc:3a:45:
9d:33:b4:54:b7:ef:c5:fd:98:9a:0b:a0:c0:36:64:
c8:18:1d:3a:0c:f1:e2:e2:c6:c2:4d:9c:e8:50:39:
0a:97:4a:ad:ad:5c:d8:64:c1:37:9c:83:6b:ea:6e:
eb:c5:75:62:1e:90:0b:d6:bf:28:b5:e4:37:9a:46:
d4:90:b6:96:00:ae:3f:b6:a2:e4:90:a1:27:84:af:
25:d0:7f:d2:a7:c5:04:66:06:c8:c3:25:20:74:73:
5b:2e:86:56:09:38:26:28:39:f7:48:32:66:df:de:
f4:9e:35:3a:82:db:f4:41:35:fc:a7:25:46:f6:fb:
ca:8d:6d:c6:13:cd:07:85:bb:ed:d1:2f:33:ae:27:
f2:06:83:15:36:92:44:85:19:3f:03:52:3c:7f:f7:
37:4d:42:ef:bf:2b:9e:a4:73:e4:dc:59:65:17:da:
14:d7:66:2b:16:72:1a:07:e2:da:87:3e:f6:d2:ac:
5b:e7:52:0e:21:39:15:a0:35:4f:80:70:9e:75:9c:
3c:28:18:60:fe:1b:45:45:d2:28:66:d3:b9:85:4d:
df:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:73:8D:C6:DE:D0:55:23:AF:D4:8F:A5:4E:97:00:BB:02:E8:3B:A3
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/XnONxt7QVSOv1I-lTpcAuwLoO6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.238.0/23
88.218.76.0/22
185.207.12.0/24
193.168.196.0/22
Signature Algorithm: sha256WithRSAEncryption
b0:af:32:f4:87:b1:7e:ea:07:f6:28:95:c2:fc:38:74:77:ec:
58:1d:4a:91:04:cf:bf:88:05:30:55:85:6a:fd:0d:b6:fc:20:
fa:ec:db:7f:cf:5a:6e:32:12:d3:97:fe:f7:58:98:ae:98:1d:
24:e2:7c:80:7e:fc:b5:74:a9:8e:68:12:13:98:72:97:da:ac:
fa:c3:2e:8b:7b:84:c4:c8:ab:de:ad:a9:a5:e1:9c:4c:ea:93:
13:8f:7f:9e:ef:ce:6d:f0:73:de:a3:23:9d:26:3f:25:78:30:
3e:3c:1d:70:e5:34:65:8e:a8:10:cb:55:33:8b:d1:8d:93:88:
e0:56:8a:36:4c:7e:71:55:e8:a9:42:ce:b0:92:2b:f7:33:81:
7a:25:f5:00:77:f6:16:91:cd:2a:21:cd:90:5d:ed:60:67:6a:
33:df:4b:cb:11:2d:fb:1e:e8:1b:33:d7:77:94:aa:86:d3:a6:
0d:d3:f1:73:55:d8:65:b5:21:89:f6:38:35:48:7f:e9:85:d6:
4b:25:c6:0d:1b:6a:aa:95:55:b4:b1:9b:4a:c0:25:95:28:69:
8a:77:bc:e4:be:b9:2b:38:ff:2f:bc:2f:2e:69:7b:62:c5:1a:
5f:05:42:fc:18:1b:11:f6:af:02:e1:b1:28:86:1b:54:64:ed:
93:61:3d:c0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYRCo+5XXjCT5fyT1eKixNtPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjIxMTA0MTIzNTUwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTczOGRjNmRlZDA1NTIzYWZkNDhmYTU0ZTk3MDBiYjAyZTgzYmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAplbUmO+kQ/L6uu8dPJpBFzb2LoUO
Rfl5W0xKDcP2H+Z2SZ4GrtM4uqX8OkWdM7RUt+/F/ZiaC6DANmTIGB06DPHi4sbC
TZzoUDkKl0qtrVzYZME3nINr6m7rxXViHpAL1r8oteQ3mkbUkLaWAK4/tqLkkKEn
hK8l0H/Sp8UEZgbIwyUgdHNbLoZWCTgmKDn3SDJm3970njU6gtv0QTX8pyVG9vvK
jW3GE80Hhbvt0S8zrifyBoMVNpJEhRk/A1I8f/c3TULvvyuepHPk3FllF9oU12Yr
FnIaB+Lahz720qxb51IOITkVoDVPgHCedZw8KBhg/htFRdIoZtO5hU3f/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF5zjcbe0FUjr9SPpU6XALsC6DujMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvWG5PTnh0N1FWU092MUktbFRwY0F1d0xvTzZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBUaHuAwQC
WNpMAwQAuc8MAwQCwajEMA0GCSqGSIb3DQEBCwUAA4IBAQCwrzL0h7F+6gf2KJXC
/Dh0d+xYHUqRBM+/iAUwVYVq/Q22/CD67Nt/z1puMhLTl/73WJiumB0k4nyAfvy1
dKmOaBITmHKX2qz6wy6Le4TEyKveraml4ZxM6pMTj3+e785t8HPeoyOdJj8leDA+
PB1w5TRljqgQy1Uzi9GNk4jgVoo2TH5xVeipQs6wkiv3M4F6JfUAd/YWkc0qIc2Q
Xe1gZ2oz30vLES37HugbM9d3lKqG06YN0/FzVdhltSGJ9jg1SH/phdZLJcYNG2qq
lVW0sZtKwCWVKGmKd7zkvrkrOP8vvC8uaXtixRpfBUL8GBsR9q8C4bEohhtUZO2T
YT3A
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:38 2023 by rpki-client on console-ams.rpki-client.org