Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/XDyR98Bu_86nUIAKlFIdQFMD4pk.roa
File: XDyR98Bu_86nUIAKlFIdQFMD4pk.roa (raw, json)
Hash identifier: FIyQ1qa/HnSUPbRYyS2Le9moeRgCqvIHREKeOHglPUc=
Subject key identifier: 5C:3C:91:F7:C0:6E:FF:CE:A7:50:80:0A:94:52:1D:40:53:03:E2:99
Certificate issuer: /CN=fe92ef35321bf8f722734bff9dfa63fbd0f0690a
Certificate serial: 0183E51A556BE851803722875A3FF03DBB8A
Authority key identifier: FE:92:EF:35:32:1B:F8:F7:22:73:4B:FF:9D:FA:63:FB:D0:F0:69:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/XDyR98Bu_86nUIAKlFIdQFMD4pk.roa
Signing time: Mon 17 Oct 2022 08:40:51 +0000
ROA not before: Mon 17 Oct 2022 08:40:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212559
IP address blocks: 5.1.42.0/24 maxlen: 24
91.243.118.0/24 maxlen: 24
2a10:78c0::/29 maxlen: 32
2a11:2900::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e5:1a:55:6b:e8:51:80:37:22:87:5a:3f:f0:3d:bb:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe92ef35321bf8f722734bff9dfa63fbd0f0690a
Validity
Not Before: Oct 17 08:40:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c3c91f7c06effcea750800a94521d405303e299
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:81:b4:fb:d1:34:ce:90:6e:81:ff:a3:b2:0e:
53:ca:66:bf:78:c6:3b:45:b3:c9:fb:91:28:75:d8:
cf:c9:0a:b3:12:9c:11:53:67:53:59:ac:f0:3f:d4:
8c:50:5b:a4:cf:e4:81:c7:50:b4:b2:bd:a3:ae:ff:
0e:d3:c3:1c:10:c8:5a:d2:d5:99:cc:ff:57:93:26:
12:10:89:38:94:f9:1d:5c:cf:65:e2:34:1f:31:96:
55:22:af:35:87:a0:a6:16:a3:4b:eb:0b:7e:dd:bb:
99:90:47:be:fc:0c:63:cf:90:5b:a2:18:b5:dc:dc:
a7:16:ab:7d:92:96:d7:7d:1c:f0:79:8e:2a:15:41:
df:a2:b1:11:20:4a:5c:ff:d1:84:89:c6:d1:45:68:
25:ee:1c:24:b5:97:8f:8a:f5:9c:6c:7a:a3:ab:00:
6a:c5:75:43:c1:f4:91:11:76:80:aa:36:2e:b5:1c:
3a:a4:c9:b8:18:f2:91:b7:bc:5e:ce:27:5c:85:5b:
71:a1:ed:dc:ae:fd:b5:77:f9:8c:e8:44:80:ba:c0:
94:2c:84:63:da:65:e4:b0:d6:19:a0:a0:27:2d:77:
9e:ad:30:af:e8:e9:53:27:54:97:84:ad:17:77:ce:
f2:fc:15:5c:59:79:00:7b:c7:08:a0:93:0c:dc:f9:
48:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3C:91:F7:C0:6E:FF:CE:A7:50:80:0A:94:52:1D:40:53:03:E2:99
X509v3 Authority Key Identifier:
keyid:FE:92:EF:35:32:1B:F8:F7:22:73:4B:FF:9D:FA:63:FB:D0:F0:69:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_pLvNTIb-Pcic0v_nfpj-9DwaQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/XDyR98Bu_86nUIAKlFIdQFMD4pk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/d2725d-8001-41f1-80e5-a9eef294ac34/1/_pLvNTIb-Pcic0v_nfpj-9DwaQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.42.0/24
91.243.118.0/24
IPv6:
2a10:78c0::/29
2a11:2900::/29
Signature Algorithm: sha256WithRSAEncryption
31:26:ab:4a:34:e0:c3:d2:d3:f2:0b:69:f9:1a:bc:b8:9c:f5:
6a:6f:68:f8:de:da:e9:9e:a5:5f:e3:9a:31:95:44:9c:83:36:
05:d6:c2:48:c0:6e:50:84:dc:4e:27:79:37:67:0e:1a:67:1c:
e8:2c:2b:d0:2a:62:27:8e:b4:5d:b4:b2:46:9e:5f:bd:16:42:
f0:1f:f6:66:7f:2f:96:d2:ec:69:2f:a5:1b:ac:bd:99:72:9f:
06:10:20:aa:b5:01:cb:b2:c4:84:97:5f:70:56:61:b7:d8:90:
3d:bb:c6:f8:f7:45:f2:0d:72:f9:9b:3e:27:5a:31:a0:e4:ce:
b5:f8:e3:80:6c:ac:40:bc:62:62:70:cc:69:c1:46:1b:49:df:
60:dc:c3:fc:0e:15:82:43:d4:a6:3e:6b:e7:4e:e2:64:d9:aa:
22:22:f4:37:5c:0f:c6:fb:58:84:33:84:99:a0:42:f1:80:cf:
a1:0c:3d:ec:62:a3:23:73:ab:b7:d5:87:e6:6b:14:35:35:25:
e1:f8:f8:66:6f:0a:87:ff:b4:b5:d3:c0:4d:59:f1:85:ae:d3:
f5:e0:2b:c6:a2:6e:d5:a9:a3:26:38:91:b1:7e:cc:9e:ba:4f:
72:7c:0c:29:d7:71:bf:6c:4e:ae:53:78:f5:3a:2d:84:4c:0b:
ea:42:9e:25
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYPlGlVr6FGANyKHWj/wPbuKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlOTJlZjM1MzIxYmY4ZjcyMjczNGJmZjlkZmE2M2ZiZDBm
MDY5MGEwHhcNMjIxMDE3MDg0MDUxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzNjOTFmN2MwNmVmZmNlYTc1MDgwMGE5NDUyMWQ0MDUzMDNlMjk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIG0+9E0zpBugf+jsg5Tyma/eMY7
RbPJ+5EoddjPyQqzEpwRU2dTWazwP9SMUFukz+SBx1C0sr2jrv8O08McEMha0tWZ
zP9XkyYSEIk4lPkdXM9l4jQfMZZVIq81h6CmFqNL6wt+3buZkEe+/Axjz5Bbohi1
3NynFqt9kpbXfRzweY4qFUHforERIEpc/9GEicbRRWgl7hwktZePivWcbHqjqwBq
xXVDwfSREXaAqjYutRw6pMm4GPKRt7xezidchVtxoe3crv21d/mM6ESAusCULIRj
2mXksNYZoKAnLXeerTCv6OlTJ1SXhK0Xd87y/BVcWXkAe8cIoJMM3PlIDQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFFw8kffAbv/Op1CACpRSHUBTA+KZMB8GA1UdIwQY
MBaAFP6S7zUyG/j3InNL/536Y/vQ8GkKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3BMdk5USWItUGNpYzB2X25mcGotOUR3YVFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9kMjcyNWQtODAwMS00MWYxLTgwZTUt
YTllZWYyOTRhYzM0LzEvWER5Ujk4QnVfODZuVUlBS2xGSWRRRk1ENHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9kMjcyNWQtODAwMS00MWYxLTgwZTUtYTllZWYyOTRhYzM0
LzEvX3BMdk5USWItUGNpYzB2X25mcGotOUR3YVFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQABQEqAwQA
W/N2MBQEAgACMA4DBQMqEHjAAwUDKhEpADANBgkqhkiG9w0BAQsFAAOCAQEAMSar
SjTgw9LT8gtp+Rq8uJz1am9o+N7a6Z6lX+OaMZVEnIM2BdbCSMBuUITcTid5N2cO
Gmcc6Cwr0CpiJ460XbSyRp5fvRZC8B/2Zn8vltLsaS+lG6y9mXKfBhAgqrUBy7LE
hJdfcFZht9iQPbvG+PdF8g1y+Zs+J1oxoOTOtfjjgGysQLxiYnDMacFGG0nfYNzD
/A4VgkPUpj5r507iZNmqIiL0N1wPxvtYhDOEmaBC8YDPoQw97GKjI3Ort9WH5msU
NTUl4fj4Zm8Kh/+0tdPATVnxha7T9eArxqJu1amjJjiRsX7MnrpPcnwMKddxv2xO
rlN49TothEwL6kKeJQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:54:18 2024 by rpki-client on console-ams.rpki-client.org