Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XI-LgmpEJKjbVSP_vhpgIYXDrYE.roa
File: XI-LgmpEJKjbVSP_vhpgIYXDrYE.roa (raw, json)
Hash identifier: yoAlgSM1aDGfUOAZ3jBwbgkprAymiCNZjMwH/RD1Ipo=
Subject key identifier: 5C:8F:8B:82:6A:44:24:A8:DB:55:23:FF:BE:1A:60:21:85:C3:AD:81
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 0184FBB2B4AE33EB028ACE890B8F06948F93
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XI-LgmpEJKjbVSP_vhpgIYXDrYE.roa
Signing time: Sat 10 Dec 2022 11:01:43 +0000
ROA not before: Sat 10 Dec 2022 11:01:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15611
IP address blocks: 213.176.96.0/24 maxlen: 24
213.176.4.0/24 maxlen: 24
213.176.5.0/24 maxlen: 24
62.60.200.0/21 maxlen: 24
62.60.208.0/22 maxlen: 24
62.60.128.0/21 maxlen: 24
62.60.136.0/24 maxlen: 24
62.60.137.0/24 maxlen: 24
62.60.139.0/24 maxlen: 24
62.60.140.0/24 maxlen: 24
62.60.143.0/24 maxlen: 24
62.60.141.0/24 maxlen: 24
62.60.142.0/24 maxlen: 24
62.60.145.0/24 maxlen: 24
62.60.152.0/22 maxlen: 24
213.176.124.0/24 maxlen: 24
213.176.125.0/24 maxlen: 24
213.176.122.0/24 maxlen: 24
213.176.123.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:fb:b2:b4:ae:33:eb:02:8a:ce:89:0b:8f:06:94:8f:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Dec 10 11:01:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c8f8b826a4424a8db5523ffbe1a602185c3ad81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e7:59:ac:cf:6b:4e:16:41:3c:27:d2:98:4e:
2c:91:01:80:b7:e4:81:66:f7:e3:22:6f:db:b9:48:
35:6e:97:c7:4f:24:a7:0a:a9:8a:af:f2:9a:95:0e:
7b:f2:f9:a0:80:8a:81:d5:55:4d:60:36:26:ec:30:
33:bd:98:7a:19:43:98:16:d4:9d:84:69:48:4e:92:
37:cb:8d:96:64:b5:ff:1d:73:1b:0d:70:ac:07:ba:
ee:b3:57:9e:83:b1:04:e7:51:61:92:70:39:a8:7f:
97:48:1b:51:9e:13:d5:fb:a5:27:ef:95:e3:f0:a5:
de:82:72:3f:1a:1d:2d:c5:9f:ef:57:cb:a9:63:54:
2a:b4:0c:d6:df:3c:b5:86:9c:fe:44:58:7f:98:f0:
01:c2:e9:34:a6:7f:fe:a5:d2:ef:ab:a4:76:3a:d4:
7e:6c:b1:e2:54:f6:b2:94:bb:76:3a:b7:d2:f4:1a:
5f:d2:1d:14:be:a7:41:6d:ad:2a:b7:ac:1f:96:53:
8d:ca:d8:67:ba:45:db:fa:23:88:b8:c2:b1:6f:0f:
16:e6:df:cc:24:ba:09:ef:1e:cc:40:91:c2:62:a5:
67:54:86:62:1a:1f:4d:df:b9:e6:22:9d:ab:a4:76:
82:ed:93:d6:03:85:8b:7d:bd:1e:da:f6:28:0c:be:
7b:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8F:8B:82:6A:44:24:A8:DB:55:23:FF:BE:1A:60:21:85:C3:AD:81
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/XI-LgmpEJKjbVSP_vhpgIYXDrYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.60.128.0-62.60.137.255
62.60.139.0-62.60.143.255
62.60.145.0/24
62.60.152.0/22
62.60.200.0-62.60.211.255
213.176.4.0/23
213.176.96.0/24
213.176.122.0-213.176.125.255
Signature Algorithm: sha256WithRSAEncryption
62:14:fc:48:da:14:ec:32:6d:f9:0a:2f:0f:25:ea:ce:6e:71:
ba:42:5e:7d:23:bd:44:09:d7:93:87:54:9f:dd:95:01:02:e3:
0d:cf:23:45:a9:1d:6e:1b:99:ac:51:c6:94:6c:db:12:4d:38:
f8:fe:68:dc:27:7a:4f:0b:fc:e5:aa:bf:3e:cf:30:18:19:5a:
9f:a2:6a:b3:37:69:86:02:a0:d9:c8:1a:ad:5d:3d:2d:f5:cd:
27:0c:e6:e1:eb:b3:fe:8c:10:04:3e:ea:9e:b8:5a:34:bc:a3:
37:f5:ad:7d:8e:44:e0:d8:bd:0b:d6:20:f2:cf:db:e9:96:e4:
7c:57:ec:f1:7b:34:e1:7a:5e:74:3d:64:2b:d7:17:ad:eb:7b:
b5:8e:0b:3e:f3:ea:48:99:34:c2:62:80:4c:5f:bc:13:3f:51:
a6:02:b8:18:2c:0e:08:d7:d9:2a:7f:6d:b6:f9:f3:e1:cb:9e:
99:55:ab:6f:63:a6:1e:59:a0:54:43:b3:68:b9:8d:33:9f:25:
c8:5d:1a:58:5c:17:ba:1e:a8:62:f6:d8:e7:da:37:ab:63:e5:
55:a7:57:86:7d:aa:dc:41:dc:8c:46:37:0b:a1:0a:46:20:8b:
eb:d8:e3:e0:db:c9:28:01:68:c2:03:ed:c1:a8:92:ef:a2:ab:
c8:f0:2a:22
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYT7srSuM+sCis6JC48GlI+TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjIxMjEwMTEwMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzhmOGI4MjZhNDQyNGE4ZGI1NTIzZmZiZTFhNjAyMTg1YzNhZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxudZrM9rThZBPCfSmE4skQGAt+SB
ZvfjIm/buUg1bpfHTySnCqmKr/KalQ578vmggIqB1VVNYDYm7DAzvZh6GUOYFtSd
hGlITpI3y42WZLX/HXMbDXCsB7rus1eeg7EE51FhknA5qH+XSBtRnhPV+6Un75Xj
8KXegnI/Gh0txZ/vV8upY1QqtAzW3zy1hpz+RFh/mPABwuk0pn/+pdLvq6R2OtR+
bLHiVPaylLt2OrfS9Bpf0h0UvqdBba0qt6wfllONythnukXb+iOIuMKxbw8W5t/M
JLoJ7x7MQJHCYqVnVIZiGh9N37nmIp2rpHaC7ZPWA4WLfb0e2vYoDL57zQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFFyPi4JqRCSo21Uj/74aYCGFw62BMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvWEktTGdtcEVKS2piVlNQX3ZocGdJWVhEcllFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBAc+PIAD
BAE+PIgwDAMEAD48iwMEBD48gAMEAD48kQMEAj48mDAMAwQDPjzIAwQCPjzQAwQB
1bAEAwQA1bBgMAwDBAHVsHoDBAHVsHwwDQYJKoZIhvcNAQELBQADggEBAGIU/Eja
FOwybfkKLw8l6s5ucbpCXn0jvUQJ15OHVJ/dlQEC4w3PI0WpHW4bmaxRxpRs2xJN
OPj+aNwnek8L/OWqvz7PMBgZWp+iarM3aYYCoNnIGq1dPS31zScM5uHrs/6MEAQ+
6p64WjS8ozf1rX2ORODYvQvWIPLP2+mW5HxX7PF7NOF6XnQ9ZCvXF63re7WOCz7z
6kiZNMJigExfvBM/UaYCuBgsDgjX2Sp/bbb58+HLnplVq29jph5ZoFRDs2i5jTOf
JchdGlhcF7oeqGL22OfaN6tj5VWnV4Z9qtxB3IxGNwuhCkYgi+vY4+DbySgBaMID
7cGoku+iq8jwKiI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:55:29 2024 by rpki-client on console-ams.rpki-client.org