Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/XgJU6utMzySDUKutZO4TujIuZvk.roa
File: XgJU6utMzySDUKutZO4TujIuZvk.roa (raw, json)
Hash identifier: CWHsp3qp+H2HR8+N2FOw2MovldOv7a1PLAafZrPy4C4=
Subject key identifier: 5E:02:54:EA:EB:4C:CF:24:83:50:AB:AD:64:EE:13:BA:32:2E:66:F9
Certificate issuer: /CN=c1ab247c636ad389bf9f8c5074c8220230e8edcc
Certificate serial: 0BBECCA5
Authority key identifier: C1:AB:24:7C:63:6A:D3:89:BF:9F:8C:50:74:C8:22:02:30:E8:ED:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/waskfGNq04m_n4xQdMgiAjDo7cw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/XgJU6utMzySDUKutZO4TujIuZvk.roa
Signing time: Wed 29 Jun 2022 13:32:02 +0000
ROA not before: Wed 29 Jun 2022 13:32:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44964
IP address blocks: 93.188.40.0/21 maxlen: 21
37.203.240.0/24 maxlen: 24
37.203.242.64/27 maxlen: 27
37.203.243.0/24 maxlen: 24
37.203.242.192/26 maxlen: 26
37.203.242.128/26 maxlen: 26
37.203.242.0/24 maxlen: 29
37.203.245.0/24 maxlen: 24
37.203.246.0/24 maxlen: 24
37.203.247.0/24 maxlen: 24
93.188.41.79/32 maxlen: 32
37.203.242.48/29 maxlen: 29
37.203.242.32/28 maxlen: 28
2a00:c8c0:1::/48 maxlen: 48
2a00:c8c0::/47 maxlen: 47
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 197053605 (0xbbecca5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1ab247c636ad389bf9f8c5074c8220230e8edcc
Validity
Not Before: Jun 29 13:32:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e0254eaeb4ccf248350abad64ee13ba322e66f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ea:35:5e:b6:a1:e5:a7:c5:0e:59:78:7d:31:
a1:ca:e9:b7:ed:87:23:39:61:8b:b8:14:aa:1f:4c:
ad:ac:4d:53:b1:1c:29:ba:dc:4f:13:13:5d:bd:ed:
44:3a:ae:52:82:57:d4:8b:25:c9:d6:a1:1c:4a:56:
2a:17:8c:98:f1:40:f7:03:0e:86:7a:db:b5:30:f2:
ef:a6:1b:1e:25:5b:79:21:5f:69:d2:b1:6d:33:34:
0a:01:37:bb:74:4d:07:5d:43:d9:da:92:75:c4:9b:
a7:57:fb:c5:8c:5d:55:0c:4d:3a:3d:7d:db:a1:76:
c6:d0:dc:f8:29:8d:c8:55:6c:a8:95:e0:3b:d7:c2:
5c:36:1d:f3:4e:60:13:45:4b:88:36:5d:84:63:0e:
3d:c7:10:c9:39:c7:b4:3f:52:c1:b4:90:3e:cb:c0:
e8:15:26:00:b6:33:cf:8a:7d:08:a0:16:48:f0:c3:
81:5a:99:12:5e:3f:14:f9:a0:1c:53:22:c4:cd:49:
57:24:fd:87:dd:20:04:c6:d4:2f:a8:ea:fd:b7:61:
35:33:33:ac:5e:93:9b:36:b1:74:6b:cb:d0:67:ea:
67:4b:2d:72:c6:26:ac:07:dc:6d:e2:4b:1b:fa:18:
32:11:47:a5:f3:76:97:2b:bf:53:c3:00:95:6e:cb:
0e:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:02:54:EA:EB:4C:CF:24:83:50:AB:AD:64:EE:13:BA:32:2E:66:F9
X509v3 Authority Key Identifier:
keyid:C1:AB:24:7C:63:6A:D3:89:BF:9F:8C:50:74:C8:22:02:30:E8:ED:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/waskfGNq04m_n4xQdMgiAjDo7cw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/XgJU6utMzySDUKutZO4TujIuZvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/566938-e2a8-48b3-816b-27b113cff53b/1/waskfGNq04m_n4xQdMgiAjDo7cw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.240.0/24
37.203.242.0/23
37.203.245.0-37.203.247.255
93.188.40.0/21
IPv6:
2a00:c8c0::/47
Signature Algorithm: sha256WithRSAEncryption
ce:9c:dc:ca:dc:b8:7a:ac:df:0d:34:d9:b4:97:03:6c:ba:f2:
e1:c5:d2:09:2f:5e:b7:31:f2:ef:f1:bb:23:8f:62:6e:aa:20:
2c:3b:55:94:cb:e4:66:42:a4:61:ad:62:6d:73:2b:ee:05:ce:
0e:b9:8e:f3:ee:34:4d:58:42:12:39:39:06:ac:a0:47:cb:6f:
1b:19:1d:0b:14:a5:d3:b3:36:98:8a:b8:6e:3d:05:77:ff:b5:
b3:f7:05:94:fc:2a:d2:1f:fa:69:85:d4:83:56:bc:3f:c4:24:
74:21:71:81:3b:5b:ca:a8:5b:a9:d7:04:1b:2b:11:7d:d8:3d:
32:42:e3:37:dc:e5:f1:7f:d1:fb:2f:82:f6:37:27:c8:3e:5d:
b7:67:c5:7e:6a:09:1d:6d:e4:00:6b:3c:40:eb:9d:a9:5f:46:
c9:ae:5a:e0:4b:8d:9c:8b:32:b9:11:20:26:71:e3:74:b5:ee:
db:2d:83:ac:87:e1:99:df:72:8e:f1:5b:10:0a:96:da:90:77:
cd:20:f7:7d:4b:e3:9f:72:5e:aa:79:47:b8:e9:af:08:42:64:
cd:2b:9b:00:12:6d:95:44:2f:aa:0e:98:20:29:76:dc:e5:e0:
2e:23:ab:80:cc:07:15:9f:49:c1:0d:da:e4:34:0b:9f:72:bf:
5c:46:47:04
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgIEC77MpTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
MWFiMjQ3YzYzNmFkMzg5YmY5ZjhjNTA3NGM4MjIwMjMwZThlZGNjMB4XDTIyMDYy
OTEzMzIwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUwMjU0ZWFlYjRj
Y2YyNDgzNTBhYmFkNjRlZTEzYmEzMjJlNjZmOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALPqNV62oeWnxQ5ZeH0xocrpt+2HIzlhi7gUqh9MraxNU7Ec
KbrcTxMTXb3tRDquUoJX1IslydahHEpWKheMmPFA9wMOhnrbtTDy76YbHiVbeSFf
adKxbTM0CgE3u3RNB11D2dqSdcSbp1f7xYxdVQxNOj1926F2xtDc+CmNyFVsqJXg
O9fCXDYd805gE0VLiDZdhGMOPccQyTnHtD9SwbSQPsvA6BUmALYzz4p9CKAWSPDD
gVqZEl4/FPmgHFMixM1JVyT9h90gBMbUL6jq/bdhNTMzrF6TmzaxdGvL0GfqZ0st
csYmrAfcbeJLG/oYMhFHpfN2lyu/U8MAlW7LDlECAwEAAaOCAjQwggIwMB0GA1Ud
DgQWBBReAlTq60zPJINQq61k7hO6Mi5m+TAfBgNVHSMEGDAWgBTBqyR8Y2rTib+f
jFB0yCICMOjtzDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3dhc2tmR05xMDRtX240eFFkTWdpQWpEbzdjdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTEvNTY2OTM4LWUyYTgtNDhiMy04MTZiLTI3YjExM2NmZjUzYi8x
L1hnSlU2dXRNenlTRFVLdXRaTzRUdWpJdVp2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTEv
NTY2OTM4LWUyYTgtNDhiMy04MTZiLTI3YjExM2NmZjUzYi8xL3dhc2tmR05xMDRt
X240eFFkTWdpQWpEbzdjdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBK
BggrBgEFBQcBBwEB/wQ7MDkwJgQCAAEwIAMEACXL8AMEASXL8jAMAwQAJcv1AwQD
JcvwAwQDXbwoMA8EAgACMAkDBwEqAMjAAAAwDQYJKoZIhvcNAQELBQADggEBAM6c
3MrcuHqs3w002bSXA2y68uHF0gkvXrcx8u/xuyOPYm6qICw7VZTL5GZCpGGtYm1z
K+4Fzg65jvPuNE1YQhI5OQasoEfLbxsZHQsUpdOzNpiKuG49BXf/tbP3BZT8KtIf
+mmF1INWvD/EJHQhcYE7W8qoW6nXBBsrEX3YPTJC4zfc5fF/0fsvgvY3J8g+Xbdn
xX5qCR1t5ABrPEDrnalfRsmuWuBLjZyLMrkRICZx43S17tstg6yH4Znfco7xWxAK
ltqQd80g931L459yXqp5R7jprwhCZM0rmwASbZVEL6oOmCApdtzl4C4jq4DMBxWf
ScEN2uQ0C59yv1xGRwQ=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:00 2023 by rpki-client on console-ams.rpki-client.org