Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/XEBc2BQNd3eSO9iOssH7VH5twkc.roa
File: XEBc2BQNd3eSO9iOssH7VH5twkc.roa (raw, json)
Hash identifier: nhJ4YpiV3w4fzptzpfvRJdyD+fvUn96iK3ubJxUcTkw=
Subject key identifier: 5C:40:5C:D8:14:0D:77:77:92:3B:D8:8E:B2:C1:FB:54:7E:6D:C2:47
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 192E3ECB
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/XEBc2BQNd3eSO9iOssH7VH5twkc.roa
Signing time: Sat 01 Jan 2022 11:57:07 +0000
ROA not before: Sat 01 Jan 2022 11:57:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9009
IP address blocks: 85.121.48.0/21 maxlen: 24
85.122.120.0/22 maxlen: 22
85.120.224.0/21 maxlen: 24
85.121.208.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 422461131 (0x192e3ecb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 11:57:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c405cd8140d7777923bd88eb2c1fb547e6dc247
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:61:09:a2:e9:3b:59:d3:c0:7a:c6:dc:8d:ec:
52:a8:dc:82:e2:21:21:fb:41:d3:2d:85:e1:55:32:
9e:13:5c:f9:79:22:3a:86:00:1c:2c:9d:59:65:a1:
fd:db:89:63:aa:51:61:79:88:64:b6:9d:d6:50:f2:
c7:da:ac:64:34:ab:c0:64:f2:9c:29:ba:f6:3a:29:
57:7e:7c:65:95:4e:4d:e6:e1:38:28:f7:07:ba:00:
2a:c0:92:93:84:05:2f:48:4b:3e:08:c8:fd:8e:39:
6e:08:05:bf:0a:a7:92:ff:52:70:a7:6b:0f:ab:58:
a6:ab:27:7e:44:a9:22:d9:9a:a6:2b:7f:40:c2:8b:
8a:74:10:45:b9:1b:53:6e:fd:ea:44:3f:4e:cb:01:
d5:4d:9f:48:44:c9:d4:26:5e:01:e6:02:85:df:9c:
8c:b7:80:7f:fe:b3:24:d9:23:e1:86:9c:64:c7:66:
ae:99:73:a0:65:9b:c6:3d:5f:3c:cf:37:87:dd:c5:
0e:54:ae:86:cf:2a:d7:ff:da:d7:8b:b9:a3:86:10:
85:c7:e5:55:fd:ad:ba:1c:33:7d:86:76:10:6d:bc:
b5:78:db:d5:88:e8:bc:e4:5b:5f:7a:91:7d:cf:62:
7a:9b:5a:cf:68:cb:c2:89:c6:8a:5f:13:a8:cd:b9:
73:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:40:5C:D8:14:0D:77:77:92:3B:D8:8E:B2:C1:FB:54:7E:6D:C2:47
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/XEBc2BQNd3eSO9iOssH7VH5twkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.120.224.0/21
85.121.48.0/21
85.121.208.0/21
85.122.120.0/22
Signature Algorithm: sha256WithRSAEncryption
43:1b:1b:d1:d9:da:01:37:1f:35:46:f1:9e:43:64:7b:8d:82:
24:80:26:85:1d:80:5b:59:69:f5:c1:56:11:4c:09:2a:cd:e2:
a6:1d:2a:29:ab:de:a3:64:51:2f:6e:91:63:53:6d:de:da:68:
bb:96:e5:43:88:dc:c4:fa:f7:d9:09:a9:5e:04:61:bd:2c:09:
6d:3d:e6:60:4d:d4:a4:0f:87:7c:ea:0f:5b:ef:42:df:0c:84:
51:34:89:dc:ef:7b:09:a3:c4:6b:9a:6c:e6:10:2c:65:88:b8:
b4:07:17:33:6f:31:e7:ad:36:a7:d3:3c:c2:ac:74:9b:50:fb:
49:0c:00:b6:79:b3:95:ec:bb:97:a5:3d:4c:3d:7c:d0:9c:ba:
a2:58:7f:29:d0:06:e8:76:1f:cc:4b:f6:9f:a4:2f:c6:20:e4:
a7:b1:ab:19:76:5c:73:4b:49:c8:e8:bc:b3:67:4b:f9:4b:20:
3a:8c:56:b2:b5:b8:d0:1b:f3:99:b7:af:6a:31:f4:97:85:04:
5b:f7:86:8b:0f:24:2e:ce:4a:1b:bc:dd:8a:58:c9:a1:2f:0d:
a2:d6:e8:2e:e7:4f:49:ba:47:15:23:df:66:b1:f4:e5:e6:d3:
11:1b:0a:e0:14:e4:bd:80:d1:67:cc:34:3a:67:b3:5b:7f:5c:
86:03:e9:d1
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEGS4+yzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MTgzNzg1OTE2Y2Q5OGQ3Yzc3MGQ2ODUxNDU0OTlhOGEwYTE1NzIyMB4XDTIyMDEw
MTExNTcwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM0MDVjZDgxNDBk
Nzc3NzkyM2JkODhlYjJjMWZiNTQ3ZTZkYzI0NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALlhCaLpO1nTwHrG3I3sUqjcguIhIftB0y2F4VUynhNc+Xki
OoYAHCydWWWh/duJY6pRYXmIZLad1lDyx9qsZDSrwGTynCm69jopV358ZZVOTebh
OCj3B7oAKsCSk4QFL0hLPgjI/Y45bggFvwqnkv9ScKdrD6tYpqsnfkSpItmapit/
QMKLinQQRbkbU2796kQ/TssB1U2fSETJ1CZeAeYChd+cjLeAf/6zJNkj4YacZMdm
rplzoGWbxj1fPM83h93FDlSuhs8q1//a14u5o4YQhcflVf2tuhwzfYZ2EG28tXjb
1YjovORbX3qRfc9ieptaz2jLwonGil8TqM25c3MCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRcQFzYFA13d5I72I6ywftUfm3CRzAfBgNVHSMEGDAWgBQxg3hZFs2Y18dw
1oUUVJmooKFXIjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01ZTjRXUmJObU5mSGNOYUZGRlNacUtDaFZ5SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTUvNzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8x
L1hFQmMyQlFOZDNlU085aU9zc0g3Vkg1dHdrYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTUv
NzE5M2RiLTdmODUtNDJiYi1iMDlhLWY1MmM0N2MyMjVkYi8xL01ZTjRXUmJObU5m
SGNOYUZGRlNacUtDaFZ5SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEA1V44AMEA1V5MAMEA1V50AMEAlV6
eDANBgkqhkiG9w0BAQsFAAOCAQEAQxsb0dnaATcfNUbxnkNke42CJIAmhR2AW1lp
9cFWEUwJKs3iph0qKaveo2RRL26RY1Nt3tpou5blQ4jcxPr32QmpXgRhvSwJbT3m
YE3UpA+HfOoPW+9C3wyEUTSJ3O97CaPEa5ps5hAsZYi4tAcXM28x5602p9M8wqx0
m1D7SQwAtnmzley7l6U9TD180Jy6olh/KdAG6HYfzEv2n6QvxiDkp7GrGXZcc0tJ
yOi8s2dL+UsgOoxWsrW40BvzmbevajH0l4UEW/eGiw8kLs5KG7zdiljJoS8Notbo
LudPSbpHFSPfZrH05ebTERsK4BTkvYDRZ8w0OmezW39chgPp0Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:16 2023 by rpki-client on console-ams.rpki-client.org