Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/XANHFcrehD8ztI6mqMR8zJPqtU4.roa
File: XANHFcrehD8ztI6mqMR8zJPqtU4.roa (raw, json)
Hash identifier: pyMwLe+TyCCPrwQtgM5MWgisMjFtgfrieE1Vazn/uqw=
Subject key identifier: 5C:03:47:15:CA:DE:84:3F:33:B4:8E:A6:A8:C4:7C:CC:93:EA:B5:4E
Certificate issuer: /CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Certificate serial: 01849FC3C0BD67AD72B7CB8DF66B2C991F35
Authority key identifier: 93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/XANHFcrehD8ztI6mqMR8zJPqtU4.roa
Signing time: Tue 22 Nov 2022 14:35:16 +0000
ROA not before: Tue 22 Nov 2022 14:35:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56410
IP address blocks: 93.119.24.0/22 maxlen: 22
159.253.224.0/22 maxlen: 22
185.122.132.0/22 maxlen: 22
185.156.196.0/22 maxlen: 22
185.57.102.0/24 maxlen: 24
185.57.100.0/22 maxlen: 22
144.2.240.0/21 maxlen: 21
81.173.12.0/22 maxlen: 22
91.216.236.0/24 maxlen: 24
91.216.241.0/24 maxlen: 24
185.32.152.0/22 maxlen: 22
5.149.168.0/21 maxlen: 21
2a04:b00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9f:c3:c0:bd:67:ad:72:b7:cb:8d:f6:6b:2c:99:1f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b2981978885696ce1c2bbf4af99dadc2c618eb
Validity
Not Before: Nov 22 14:35:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c034715cade843f33b48ea6a8c47ccc93eab54e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:58:70:10:4e:1f:97:19:88:32:60:a4:86:1e:
02:b8:4b:3c:b6:4e:c8:8e:4a:c0:30:28:9d:12:3d:
54:00:c9:8e:a7:43:23:7d:df:77:d1:83:79:29:50:
27:69:f2:20:76:5e:5e:cd:6d:2a:ac:49:de:c6:a0:
aa:70:d7:3c:28:42:ad:db:08:92:2d:d7:17:ad:81:
37:1f:c0:ca:a6:a0:c8:9f:2b:03:6b:16:86:c3:74:
52:b7:25:f5:26:f1:31:b4:8d:19:e0:1a:57:f7:92:
ce:54:0d:c0:39:9b:2f:fe:75:28:f2:d1:e6:5a:26:
d0:a6:4a:c9:57:2c:d5:74:0b:11:76:cb:d3:e2:af:
d9:fc:36:5a:81:45:b5:b3:43:73:18:df:91:6e:66:
b0:89:12:e5:03:d8:43:b0:ac:5a:d0:a7:23:d1:fe:
a6:e2:70:f5:d8:e0:3d:0c:39:46:0b:0a:71:45:0c:
97:e1:56:0d:f4:95:79:f2:b2:9f:98:86:44:49:fc:
52:16:8f:2c:df:ea:c2:09:10:94:1d:db:f6:cf:57:
3c:e0:eb:72:c1:4a:2a:4b:81:d1:90:fb:d0:14:cd:
52:c0:00:d8:98:47:20:c0:d6:d9:68:b0:d5:c1:e6:
e3:66:37:f5:84:9d:32:5b:1e:fa:52:3b:25:52:0d:
8e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:03:47:15:CA:DE:84:3F:33:B4:8E:A6:A8:C4:7C:CC:93:EA:B5:4E
X509v3 Authority Key Identifier:
keyid:93:B2:98:19:78:88:56:96:CE:1C:2B:BF:4A:F9:9D:AD:C2:C6:18:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7KYGXiIVpbOHCu_SvmdrcLGGOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/XANHFcrehD8ztI6mqMR8zJPqtU4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7986a9-4e46-4c33-92c9-31c95e2a1d6f/1/k7KYGXiIVpbOHCu_SvmdrcLGGOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.168.0/21
81.173.12.0/22
91.216.236.0/24
91.216.241.0/24
93.119.24.0/22
144.2.240.0/21
159.253.224.0/22
185.32.152.0/22
185.57.100.0/22
185.122.132.0/22
185.156.196.0/22
IPv6:
2a04:b00::/29
Signature Algorithm: sha256WithRSAEncryption
82:ec:71:13:1b:02:b6:62:3e:96:4c:85:20:1a:71:b3:19:ec:
2f:c2:21:11:04:77:33:e4:ea:e7:1d:ba:fb:84:c5:4e:b1:57:
4e:65:a9:d2:81:23:68:82:68:54:47:45:09:35:25:d6:86:b6:
8b:29:ef:99:ca:c2:80:14:06:bb:2b:65:c3:e7:74:8c:54:91:
d5:a1:5e:c0:4a:62:94:03:3f:3e:63:14:f7:5a:30:5f:81:2f:
5c:c2:2b:9c:9d:59:8b:89:48:44:85:45:f1:10:2f:ac:ef:01:
c6:40:b6:4d:a4:82:84:f8:8b:0b:a6:9e:36:0e:6e:74:35:a9:
26:84:4e:02:f6:eb:ff:0e:98:4a:2c:be:5d:39:bf:fd:28:48:
dd:5d:c4:5a:f1:85:8b:43:07:6c:ba:bf:46:4f:1c:bb:54:85:
02:49:03:22:a9:16:0c:e8:69:91:6d:e9:37:b6:c3:6d:fb:fa:
42:ca:1d:9b:50:26:b8:b3:71:8e:5a:51:e3:e5:0c:0b:06:d3:
68:6d:02:f5:ca:54:03:67:34:ab:dc:f4:e0:77:2d:9d:b6:9c:
3f:be:65:2c:44:6a:e4:5b:bf:d0:82:9c:80:4c:83:79:f9:f6:
c2:c5:a8:a2:17:a5:10:9d:44:3e:3a:0b:f9:9a:d3:fa:b3:1d:
ae:e8:79:82
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYSfw8C9Z61yt8uN9mssmR81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjI5ODE5Nzg4ODU2OTZjZTFjMmJiZjRhZjk5ZGFkYzJj
NjE4ZWIwHhcNMjIxMTIyMTQzNTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzAzNDcxNWNhZGU4NDNmMzNiNDhlYTZhOGM0N2NjYzkzZWFiNTRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllhwEE4flxmIMmCkhh4CuEs8tk7I
jkrAMCidEj1UAMmOp0Mjfd930YN5KVAnafIgdl5ezW0qrEnexqCqcNc8KEKt2wiS
LdcXrYE3H8DKpqDInysDaxaGw3RStyX1JvExtI0Z4BpX95LOVA3AOZsv/nUo8tHm
WibQpkrJVyzVdAsRdsvT4q/Z/DZagUW1s0NzGN+RbmawiRLlA9hDsKxa0Kcj0f6m
4nD12OA9DDlGCwpxRQyX4VYN9JV58rKfmIZESfxSFo8s3+rCCRCUHdv2z1c84Oty
wUoqS4HRkPvQFM1SwADYmEcgwNbZaLDVwebjZjf1hJ0yWx76UjslUg2OZQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFFwDRxXK3oQ/M7SOpqjEfMyT6rVOMB8GA1UdIwQY
MBaAFJOymBl4iFaWzhwrv0r5na3CxhjrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzkt
MzFjOTVlMmExZDZmLzEvWEFOSEZjcmVoRDh6dEk2bXFNUjh6SlBxdFU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83OTg2YTktNGU0Ni00YzMzLTkyYzktMzFjOTVlMmExZDZm
LzEvazdLWUdYaUlWcGJPSEN1X1N2bWRyY0xHR09zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDBZWoAwQC
Ua0MAwQAW9jsAwQAW9jxAwQCXXcYAwQDkALwAwQCn/3gAwQCuSCYAwQCuTlkAwQC
uXqEAwQCuZzEMA0EAgACMAcDBQMqBAsAMA0GCSqGSIb3DQEBCwUAA4IBAQCC7HET
GwK2Yj6WTIUgGnGzGewvwiERBHcz5OrnHbr7hMVOsVdOZanSgSNogmhUR0UJNSXW
hraLKe+ZysKAFAa7K2XD53SMVJHVoV7ASmKUAz8+YxT3WjBfgS9cwiucnVmLiUhE
hUXxEC+s7wHGQLZNpIKE+IsLpp42Dm50NakmhE4C9uv/DphKLL5dOb/9KEjdXcRa
8YWLQwdsur9GTxy7VIUCSQMiqRYM6GmRbek3tsNt+/pCyh2bUCa4s3GOWlHj5QwL
BtNobQL1ylQDZzSr3PTgdy2dtpw/vmUsRGrkW7/QgpyATIN5+fbCxaiiF6UQnUQ+
Ogv5mtP6sx2u6HmC
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:14 2023 by rpki-client on console-ams.rpki-client.org