Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XSQYNXlJdSDCggFU-tlhcdEpCno.roa
File: XSQYNXlJdSDCggFU-tlhcdEpCno.roa (raw, json)
Hash identifier: V+LQg/btkDBtO1oJkiiLBQNoxPw1KwOj4YDX27pdySQ=
Subject key identifier: 5D:24:18:35:79:49:75:20:C2:82:01:54:FA:D9:61:71:D1:29:0A:7A
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 38742DD0
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XSQYNXlJdSDCggFU-tlhcdEpCno.roa
Signing time: Sat 01 Jan 2022 05:54:11 +0000
ROA not before: Sat 01 Jan 2022 05:54:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 13194
IP address blocks: 85.254.71.0/24 maxlen: 24
85.254.76.0/22 maxlen: 22
85.254.75.0/24 maxlen: 24
85.254.76.0/24 maxlen: 24
85.254.73.0/24 maxlen: 24
85.254.74.0/24 maxlen: 24
85.254.74.0/23 maxlen: 23
85.254.138.0/23 maxlen: 23
85.254.141.0/24 maxlen: 24
85.254.152.0/22 maxlen: 22
85.254.151.0/24 maxlen: 24
85.254.149.0/24 maxlen: 24
85.254.170.0/24 maxlen: 24
85.254.176.0/23 maxlen: 23
85.254.84.0/23 maxlen: 23
85.254.80.0/22 maxlen: 22
85.254.94.0/24 maxlen: 24
85.254.98.0/23 maxlen: 23
85.254.96.0/22 maxlen: 22
85.254.96.0/23 maxlen: 23
85.254.92.0/22 maxlen: 22
85.254.95.0/24 maxlen: 24
85.254.92.0/23 maxlen: 23
85.254.92.0/24 maxlen: 24
85.254.93.0/24 maxlen: 24
85.254.103.0/24 maxlen: 24
85.254.104.0/21 maxlen: 21
85.254.101.0/24 maxlen: 24
85.254.102.0/24 maxlen: 24
85.254.100.0/24 maxlen: 24
85.254.112.0/21 maxlen: 21
85.254.124.0/23 maxlen: 23
85.254.126.0/24 maxlen: 24
85.254.128.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 947138000 (0x38742dd0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d24183579497520c2820154fad96171d1290a7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:5b:b3:33:19:f6:1d:f4:15:b4:e9:12:d3:b9:
2b:7c:a1:86:84:61:eb:2d:a2:97:c4:d2:97:56:06:
40:85:25:c3:da:56:b1:54:dc:09:f7:68:7f:71:a6:
e8:0e:10:92:3b:da:02:c9:26:d4:c3:85:64:44:87:
de:7c:94:02:5f:7a:ba:2f:77:ce:bd:a7:b7:d6:25:
49:f0:34:47:ed:63:f4:58:d4:e9:4f:43:f7:d0:e9:
6c:c9:0e:52:2d:92:12:6e:72:d5:34:db:3c:cf:fd:
6b:fe:4c:78:92:14:41:ce:df:ba:a6:f6:a6:a9:b8:
a2:14:26:aa:82:5d:29:1e:72:8c:c0:73:be:5f:5b:
ea:d8:64:33:6d:6d:28:9a:1f:19:ac:10:be:25:8c:
6c:60:d5:30:6d:0c:72:70:91:e7:1e:ad:74:3e:2b:
db:eb:1d:a0:56:7c:df:f9:ee:93:9a:ee:d4:e6:22:
0b:8a:ef:3b:be:bb:27:c4:9a:b8:5c:b9:55:c1:7a:
86:f5:9c:06:cf:2c:57:66:4e:2c:59:d2:e4:d3:39:
6e:f7:fd:8d:af:0a:08:7e:99:6e:ab:82:58:07:82:
b3:de:2f:45:c4:e7:86:08:6a:9b:f9:7e:21:65:4f:
bf:ec:d4:71:c9:e1:cf:08:8d:a4:12:de:4e:d8:1c:
a9:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:24:18:35:79:49:75:20:C2:82:01:54:FA:D9:61:71:D1:29:0A:7A
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XSQYNXlJdSDCggFU-tlhcdEpCno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.71.0/24
85.254.73.0-85.254.85.255
85.254.92.0-85.254.119.255
85.254.124.0-85.254.126.255
85.254.128.0/22
85.254.138.0/23
85.254.141.0/24
85.254.149.0/24
85.254.151.0-85.254.155.255
85.254.170.0/24
85.254.176.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:c7:80:d5:fb:a4:42:66:b2:4f:3c:f2:0a:b5:d7:28:8a:6a:
6b:32:eb:48:83:25:95:78:31:6a:dd:ce:7b:89:95:5a:b3:5a:
7e:a2:8b:26:0c:14:97:1d:6c:d3:18:c1:a4:28:db:df:2c:87:
26:dd:8d:74:2e:46:4c:35:06:9b:04:85:44:0e:a1:3d:be:0a:
a3:50:37:9c:52:3a:1c:28:97:d9:33:ca:55:42:ec:66:32:ae:
b6:db:b1:bb:08:3f:e3:27:c0:82:9f:c5:fd:93:a4:e5:59:53:
95:0c:bd:9f:17:e2:5c:23:99:b9:22:c6:a8:4f:c8:0b:bb:d4:
97:d9:07:4e:50:23:21:21:13:79:06:8b:e0:47:b0:98:b0:4d:
3a:34:b6:5c:f8:e1:f8:10:c0:04:1a:12:cc:24:7a:b6:43:7d:
da:db:15:ab:76:a4:ff:2a:f6:49:bc:3f:53:b4:05:83:ba:21:
3e:2d:7b:cd:1e:fe:6d:e6:ea:a8:1d:b6:6f:d9:ab:53:c6:93:
5d:88:29:23:37:d7:5b:e0:59:27:d0:e1:2c:40:a2:db:43:63:
1b:82:dd:44:1c:6b:40:d9:0e:24:81:49:8d:76:0b:c3:36:ac:
8e:95:a4:d0:a6:e3:f7:7b:93:6a:f1:a4:2d:94:c7:b3:f2:64:
27:51:ac:66
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIEOHQt0DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQyNDE4MzU3OTQ5
NzUyMGMyODIwMTU0ZmFkOTYxNzFkMTI5MGE3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxbszMZ9h30FbTpEtO5K3yhhoRh6y2il8TSl1YGQIUlw9pW
sVTcCfdof3Gm6A4QkjvaAskm1MOFZESH3nyUAl96ui93zr2nt9YlSfA0R+1j9FjU
6U9D99DpbMkOUi2SEm5y1TTbPM/9a/5MeJIUQc7fuqb2pqm4ohQmqoJdKR5yjMBz
vl9b6thkM21tKJofGawQviWMbGDVMG0McnCR5x6tdD4r2+sdoFZ83/nuk5ru1OYi
C4rvO767J8SauFy5VcF6hvWcBs8sV2ZOLFnS5NM5bvf9ja8KCH6ZbquCWAeCs94v
RcTnhghqm/l+IWVPv+zUccnhzwiNpBLeTtgcqWECAwEAAaOCAmUwggJhMB0GA1Ud
DgQWBBRdJBg1eUl1IMKCAVT62WFx0SkKejAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L1hTUVlOWGxKZFNEQ2dnRlUtdGxoY2RFcENuby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB7
BggrBgEFBQcBBwEB/wRsMGowaAQCAAEwYgMEAFX+RzAMAwQAVf5JAwQBVf5UMAwD
BAJV/lwDBANV/nAwDAMEAlX+fAMEAFX+fgMEAlX+gAMEAVX+igMEAFX+jQMEAFX+
lTAMAwQAVf6XAwQCVf6YAwQAVf6qAwQBVf6wMA0GCSqGSIb3DQEBCwUAA4IBAQCj
x4DV+6RCZrJPPPIKtdcoimprMutIgyWVeDFq3c57iZVas1p+oosmDBSXHWzTGMGk
KNvfLIcm3Y10LkZMNQabBIVEDqE9vgqjUDecUjocKJfZM8pVQuxmMq6227G7CD/j
J8CCn8X9k6TlWVOVDL2fF+JcI5m5IsaoT8gLu9SX2QdOUCMhIRN5BovgR7CYsE06
NLZc+OH4EMAEGhLMJHq2Q33a2xWrdqT/KvZJvD9TtAWDuiE+LXvNHv5t5uqoHbZv
2atTxpNdiCkjN9db4Fkn0OEsQKLbQ2Mbgt1EHGtA2Q4kgUmNdgvDNqyOlaTQpuP3
e5Nq8aQtlMez8mQnUaxm
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:37 2023 by rpki-client on console-ams.rpki-client.org