Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/xWcY6K3HjjlyQBueFaTTVBxZ7oM.roa
File: xWcY6K3HjjlyQBueFaTTVBxZ7oM.roa (raw, json)
Hash identifier: W+VkiUy17ysR0Jf+Yzebw9ZhBIX20QsmqPmDI3+7LCU=
Subject key identifier: C5:67:18:E8:AD:C7:8E:39:72:40:1B:9E:15:A4:D3:54:1C:59:EE:83
Certificate issuer: /CN=4a75fa95475badeeb71f844e0b0b44b6a8fea9fe
Certificate serial: 018758C268856286581CAF5B32799C264770
Authority key identifier: 4A:75:FA:95:47:5B:AD:EE:B7:1F:84:4E:0B:0B:44:B6:A8:FE:A9:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SnX6lUdbre63H4ROCwtEtqj-qf4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/xWcY6K3HjjlyQBueFaTTVBxZ7oM.roa
Signing time: Thu 06 Apr 2023 22:49:08 +0000
ROA not before: Thu 06 Apr 2023 22:49:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42755
IP address blocks: 91.198.27.0/24 maxlen: 24
91.199.206.0/24 maxlen: 24
195.184.64.0/23 maxlen: 23
195.184.64.0/24 maxlen: 24
195.184.65.0/24 maxlen: 24
185.138.208.0/22 maxlen: 22
91.195.200.0/23 maxlen: 23
91.195.200.0/24 maxlen: 24
91.195.201.0/24 maxlen: 24
91.196.168.0/22 maxlen: 22
46.21.164.0/24 maxlen: 24
46.21.165.0/24 maxlen: 24
46.21.160.0/20 maxlen: 20
2a02:27f8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:58:c2:68:85:62:86:58:1c:af:5b:32:79:9c:26:47:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a75fa95475badeeb71f844e0b0b44b6a8fea9fe
Validity
Not Before: Apr 6 22:49:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c56718e8adc78e3972401b9e15a4d3541c59ee83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f0:7c:5e:43:70:99:0c:d0:d8:3f:08:1b:89:
cb:31:2c:74:78:21:ba:cb:69:06:73:4f:38:fd:83:
f2:ed:30:49:33:01:94:47:bf:5f:b2:07:b5:4c:58:
40:62:e9:80:14:c2:0d:9b:7b:a0:ef:bb:6b:66:b3:
00:4a:16:79:a9:28:2a:17:98:d1:49:1e:07:aa:78:
be:76:3f:cc:f4:b5:ca:df:f2:83:78:9e:6e:b0:d8:
8a:99:1f:6a:0e:07:18:a0:36:a3:88:57:ad:1c:6e:
d5:f1:9e:e4:b4:b8:da:76:c4:7d:31:db:0d:52:31:
91:d3:92:b6:8f:38:26:c5:0f:0b:c1:37:28:68:28:
f8:eb:a7:57:68:d7:18:b3:8c:b2:ab:69:6e:03:14:
59:e5:37:53:7c:a5:21:4c:13:aa:77:f8:59:c3:69:
61:81:ff:f6:c7:bb:cb:88:68:cb:bf:82:46:6a:4d:
4c:17:2e:d5:8d:64:3f:a6:65:27:21:bc:d8:ba:82:
b4:65:06:24:5f:92:d8:7d:e3:ac:48:a3:39:8a:cd:
2c:f9:f3:9c:56:e6:06:13:fb:44:fd:cc:2e:8d:20:
9f:f1:bf:92:55:2d:dc:6f:62:3f:2d:d3:64:23:18:
9b:ef:d1:31:16:b2:fd:56:00:93:a7:aa:95:af:8c:
e1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:67:18:E8:AD:C7:8E:39:72:40:1B:9E:15:A4:D3:54:1C:59:EE:83
X509v3 Authority Key Identifier:
keyid:4A:75:FA:95:47:5B:AD:EE:B7:1F:84:4E:0B:0B:44:B6:A8:FE:A9:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnX6lUdbre63H4ROCwtEtqj-qf4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/xWcY6K3HjjlyQBueFaTTVBxZ7oM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/990595-5157-4036-b601-60843b5bbb81/1/SnX6lUdbre63H4ROCwtEtqj-qf4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.160.0/20
91.195.200.0/23
91.196.168.0/22
91.198.27.0/24
91.199.206.0/24
185.138.208.0/22
195.184.64.0/23
IPv6:
2a02:27f8::/32
Signature Algorithm: sha256WithRSAEncryption
9f:4a:41:2b:f7:e5:32:7d:73:4e:b3:db:7a:fa:8e:9a:f3:f4:
ab:99:40:ff:cf:59:1a:35:2e:1a:4d:8c:12:3a:54:be:30:44:
8f:cb:de:ea:0e:be:e2:d2:29:0b:04:4a:32:64:c1:24:61:de:
dd:b5:ec:e2:b9:6e:6c:18:e7:b8:9a:20:12:d1:9c:9b:18:0e:
af:47:27:9d:8d:84:c4:a2:ab:b0:41:ee:9d:4c:47:0b:66:9b:
70:2f:72:79:68:5f:11:82:95:3a:be:5f:d3:c2:68:18:bb:4f:
47:45:23:e3:bb:25:a1:57:fb:58:58:b1:82:2f:d0:77:c1:41:
94:fe:43:cd:90:99:65:c9:54:0b:a9:4f:65:75:a2:e5:18:6b:
bb:2c:5e:6e:95:5f:7a:1a:ca:25:68:dd:79:e5:f8:ae:30:fe:
c2:d0:39:f6:73:7c:69:3e:ea:6a:10:34:72:2b:3b:73:78:5e:
2d:f3:1c:17:34:26:12:36:b6:7f:71:74:5f:4d:fa:9f:34:a1:
d0:6a:90:6f:94:02:b3:45:d6:83:df:bb:cb:4f:15:92:37:08:
0b:96:4d:d2:4d:68:d4:9b:7e:29:71:3d:56:9e:3b:48:b2:df:
c3:b5:ad:91:c7:9f:e4:75:85:8b:d9:3a:03:f7:9d:2d:ce:77:
15:c8:b5:37
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYdYwmiFYoZYHK9bMnmcJkdwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhNzVmYTk1NDc1YmFkZWViNzFmODQ0ZTBiMGI0NGI2YThm
ZWE5ZmUwHhcNMjMwNDA2MjI0OTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTY3MThlOGFkYzc4ZTM5NzI0MDFiOWUxNWE0ZDM1NDFjNTllZTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPB8XkNwmQzQ2D8IG4nLMSx0eCG6
y2kGc084/YPy7TBJMwGUR79fsge1TFhAYumAFMINm3ug77trZrMAShZ5qSgqF5jR
SR4Hqni+dj/M9LXK3/KDeJ5usNiKmR9qDgcYoDajiFetHG7V8Z7ktLjadsR9MdsN
UjGR05K2jzgmxQ8LwTcoaCj466dXaNcYs4yyq2luAxRZ5TdTfKUhTBOqd/hZw2lh
gf/2x7vLiGjLv4JGak1MFy7VjWQ/pmUnIbzYuoK0ZQYkX5LYfeOsSKM5is0s+fOc
VuYGE/tE/cwujSCf8b+SVS3cb2I/LdNkIxib79ExFrL9VgCTp6qVr4zhKwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFMVnGOitx445ckAbnhWk01QcWe6DMB8GA1UdIwQY
MBaAFEp1+pVHW63utx+ETgsLRLao/qn+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25YNmxVZGJyZTYzSDRST0N3dEV0cWotcWY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85OTA1OTUtNTE1Ny00MDM2LWI2MDEt
NjA4NDNiNWJiYjgxLzEveFdjWTZLM0hqamx5UUJ1ZUZhVFRWQnhaN29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85OTA1OTUtNTE1Ny00MDM2LWI2MDEtNjA4NDNiNWJiYjgx
LzEvU25YNmxVZGJyZTYzSDRST0N3dEV0cWotcWY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQELhWgAwQB
W8PIAwQCW8SoAwQAW8YbAwQAW8fOAwQCuYrQAwQBw7hAMA0EAgACMAcDBQAqAif4
MA0GCSqGSIb3DQEBCwUAA4IBAQCfSkEr9+UyfXNOs9t6+o6a8/SrmUD/z1kaNS4a
TYwSOlS+MESPy97qDr7i0ikLBEoyZMEkYd7dteziuW5sGOe4miAS0ZybGA6vRyed
jYTEoquwQe6dTEcLZptwL3J5aF8RgpU6vl/TwmgYu09HRSPjuyWhV/tYWLGCL9B3
wUGU/kPNkJllyVQLqU9ldaLlGGu7LF5ulV96GsolaN155fiuMP7C0Dn2c3xpPupq
EDRyKztzeF4t8xwXNCYSNrZ/cXRfTfqfNKHQapBvlAKzRdaD37vLTxWSNwgLlk3S
TWjUm34pcT1WnjtIst/Dta2Rx5/kdYWL2ToD950tzncVyLU3
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:42 2025 by rpki-client