Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/XolSfT--yjiUXQhk7Og-v6SlaYs.roa
File: XolSfT--yjiUXQhk7Og-v6SlaYs.roa (raw, json)
Hash identifier: Z+ABrglaLVS7zFTnD5/MdM7O8hJqN2cjVRx+W7eXG/c=
Subject key identifier: 5E:89:52:7D:3F:BE:CA:38:94:5D:08:64:EC:E8:3E:BF:A4:A5:69:8B
Certificate issuer: /CN=4186e6b9d1f78c94d63fac934ab9aadc0c96d43e
Certificate serial: 0ABA142E
Authority key identifier: 41:86:E6:B9:D1:F7:8C:94:D6:3F:AC:93:4A:B9:AA:DC:0C:96:D4:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QYbmudH3jJTWP6yTSrmq3AyW1D4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/XolSfT--yjiUXQhk7Og-v6SlaYs.roa
Signing time: Sat 01 Jan 2022 04:00:47 +0000
ROA not before: Sat 01 Jan 2022 04:00:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15516
IP address blocks: 79.98.192.0/21 maxlen: 21
195.135.216.0/22 maxlen: 22
62.61.128.0/19 maxlen: 19
81.161.128.0/18 maxlen: 18
77.75.160.0/21 maxlen: 21
91.100.0.0/15 maxlen: 15
85.24.0.0/17 maxlen: 17
87.72.0.0/15 maxlen: 15
82.211.224.0/19 maxlen: 19
82.147.224.0/19 maxlen: 19
2001:14d0::/29 maxlen: 29
2a01:558::/32 maxlen: 32
2a07:8900::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 179967022 (0xaba142e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4186e6b9d1f78c94d63fac934ab9aadc0c96d43e
Validity
Not Before: Jan 1 04:00:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e89527d3fbeca38945d0864ece83ebfa4a5698b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7f:e3:32:59:e8:1e:1a:35:52:25:9c:72:75:
90:f3:c8:37:d0:29:ca:ba:45:61:7e:99:e1:ff:3a:
c2:18:25:e0:e9:da:25:a4:65:37:53:a6:cb:22:50:
c5:66:b1:d9:62:c4:25:70:22:53:8e:84:e7:58:63:
58:4f:64:8c:8e:bc:19:7c:35:db:54:99:ef:86:2d:
2b:25:8e:4d:5b:91:c9:6a:11:b8:36:b0:1a:56:4d:
ea:0f:e6:e4:9c:9d:9a:f4:f9:a5:61:f8:0f:07:b0:
19:3a:12:24:22:34:19:4f:95:17:95:93:86:f2:3a:
1a:5c:c2:cd:2a:86:df:5e:01:46:b2:d0:d7:e2:97:
a4:15:42:7c:d9:02:ca:f2:e5:1d:bc:22:bb:86:7c:
63:07:91:f8:ea:ba:89:01:bb:32:09:a7:72:4a:83:
3f:ea:56:c1:04:0c:ef:87:43:a0:2e:a0:d7:24:70:
e2:e3:5b:ca:8a:94:5f:83:30:5d:a4:c7:18:a6:75:
e4:21:51:b7:92:dd:6a:de:10:27:57:47:8b:c2:4f:
7d:97:81:08:33:be:5b:ef:f6:6a:38:a8:1e:5e:b3:
83:fc:83:f0:38:96:02:48:b9:42:f8:f6:78:b9:eb:
cc:de:80:76:1e:29:58:3a:8b:34:42:fb:c7:60:bd:
49:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:89:52:7D:3F:BE:CA:38:94:5D:08:64:EC:E8:3E:BF:A4:A5:69:8B
X509v3 Authority Key Identifier:
keyid:41:86:E6:B9:D1:F7:8C:94:D6:3F:AC:93:4A:B9:AA:DC:0C:96:D4:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QYbmudH3jJTWP6yTSrmq3AyW1D4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/XolSfT--yjiUXQhk7Og-v6SlaYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1b9a66-f820-45a0-b02d-d78766d8c858/1/QYbmudH3jJTWP6yTSrmq3AyW1D4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.61.128.0/19
77.75.160.0/21
79.98.192.0/21
81.161.128.0/18
82.147.224.0/19
82.211.224.0/19
85.24.0.0/17
87.72.0.0/15
91.100.0.0/15
195.135.216.0/22
IPv6:
2001:14d0::/29
2a01:558::/32
2a07:8900::/29
Signature Algorithm: sha256WithRSAEncryption
6f:96:bf:42:3e:14:f0:02:49:3e:73:f7:ad:50:45:92:a5:b6:
bd:2e:5b:d8:a2:0c:a2:a2:d6:67:1c:3c:ab:6a:20:bb:eb:e7:
a4:9c:37:a3:f5:74:3d:eb:4c:0e:05:ba:e5:88:33:ac:de:83:
c6:52:fd:e8:fa:5f:72:28:0d:cc:bd:60:36:03:44:78:74:9c:
b1:8f:ea:40:03:bf:af:4f:e5:73:d2:a6:02:08:94:0d:2c:26:
b6:f8:0b:fb:6a:fd:17:aa:34:c2:0c:b2:dd:84:23:14:d0:fe:
ff:29:dc:67:08:ba:6f:1e:ad:93:90:96:42:32:e7:63:5b:69:
ab:59:74:15:ac:e1:bb:1c:c2:c5:5a:6c:f1:a3:e1:a8:d1:52:
19:3f:e6:b5:64:58:31:81:fe:d1:00:08:d8:02:63:5f:2a:37:
35:a8:95:bb:47:f7:36:83:eb:45:df:5b:8b:3d:aa:d4:7e:ed:
9e:de:7f:8e:bf:28:08:92:f2:11:5e:18:85:42:ce:3d:d2:1e:
02:92:47:9b:59:40:f7:c9:dd:40:dd:58:ef:1b:81:fc:16:df:
0d:38:86:c6:38:f8:18:b7:32:d1:d9:d1:bb:dd:5e:94:31:84:
e4:4c:f4:e6:8a:73:3d:46:19:82:15:f3:dc:4a:d6:c0:b2:d3:
5f:7c:6a:e4
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgIECroULjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MTg2ZTZiOWQxZjc4Yzk0ZDYzZmFjOTM0YWI5YWFkYzBjOTZkNDNlMB4XDTIyMDEw
MTA0MDA0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU4OTUyN2QzZmJl
Y2EzODk0NWQwODY0ZWNlODNlYmZhNGE1Njk4YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5/4zJZ6B4aNVIlnHJ1kPPIN9ApyrpFYX6Z4f86whgl4Ona
JaRlN1OmyyJQxWax2WLEJXAiU46E51hjWE9kjI68GXw121SZ74YtKyWOTVuRyWoR
uDawGlZN6g/m5JydmvT5pWH4DwewGToSJCI0GU+VF5WThvI6GlzCzSqG314BRrLQ
1+KXpBVCfNkCyvLlHbwiu4Z8YweR+Oq6iQG7MgmnckqDP+pWwQQM74dDoC6g1yRw
4uNbyoqUX4MwXaTHGKZ15CFRt5Ldat4QJ1dHi8JPfZeBCDO+W+/2ajioHl6zg/yD
8DiWAki5Qvj2eLnrzN6Adh4pWDqLNEL7x2C9ScMCAwEAAaOCAlowggJWMB0GA1Ud
DgQWBBReiVJ9P77KOJRdCGTs6D6/pKVpizAfBgNVHSMEGDAWgBRBhua50feMlNY/
rJNKuarcDJbUPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1FZYm11ZEgzakpUV1A2eVRTcm1xM0F5VzFENC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvMWI5YTY2LWY4MjAtNDVhMC1iMDJkLWQ3ODc2NmQ4Yzg1OC8x
L1hvbFNmVC0teWppVVhRaGs3T2ctdjZTbGFZcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
MWI5YTY2LWY4MjAtNDVhMC1iMDJkLWQ3ODc2NmQ4Yzg1OC8xL1FZYm11ZEgzakpU
V1A2eVRTcm1xM0F5VzFENC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBw
BggrBgEFBQcBBwEB/wRhMF8wQAQCAAEwOgMEBT49gAMEA01LoAMEA09iwAMEBlGh
gAMEBVKT4AMEBVLT4AMEB1UYAAMDAVdIAwMBW2QDBALDh9gwGwQCAAIwFQMFAyAB
FNADBQAqAQVYAwUDKgeJADANBgkqhkiG9w0BAQsFAAOCAQEAb5a/Qj4U8AJJPnP3
rVBFkqW2vS5b2KIMoqLWZxw8q2ogu+vnpJw3o/V0PetMDgW65YgzrN6DxlL96Ppf
cigNzL1gNgNEeHScsY/qQAO/r0/lc9KmAgiUDSwmtvgL+2r9F6o0wgyy3YQjFND+
/yncZwi6bx6tk5CWQjLnY1tpq1l0FazhuxzCxVps8aPhqNFSGT/mtWRYMYH+0QAI
2AJjXyo3NaiVu0f3NoPrRd9biz2q1H7tnt5/jr8oCJLyEV4YhULOPdIeApJHm1lA
98ndQN1Y7xuB/BbfDTiGxjj4GLcy0dnRu91elDGE5Ez05opzPUYZghXz3ErWwLLT
X3xq5A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:24 2023 by rpki-client on console-ams.rpki-client.org