Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/XU3v6layTECY50Lam7JVPD4P9-w.roa
File: XU3v6layTECY50Lam7JVPD4P9-w.roa (raw, json)
Hash identifier: 8aGsIyLkox1ovIaR7vUM2MxZKQ1g5ij9SJu5UoJ0VIw=
Subject key identifier: 5D:4D:EF:EA:56:B2:4C:40:98:E7:42:DA:9B:B2:55:3C:3E:0F:F7:EC
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0CB0AE37
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/XU3v6layTECY50Lam7JVPD4P9-w.roa
Signing time: Thu 31 Mar 2022 06:16:45 +0000
ROA not before: Thu 31 Mar 2022 06:16:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 40676
IP address blocks: 194.233.146.0/24 maxlen: 24
195.180.136.0/24 maxlen: 24
195.180.156.0/24 maxlen: 24
194.163.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 212905527 (0xcb0ae37)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Mar 31 06:16:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d4defea56b24c4098e742da9bb2553c3e0ff7ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3b:29:76:1b:0c:1f:d8:47:e7:cd:e4:ca:0e:
69:c3:3c:a3:d6:5a:81:9d:43:da:dd:a8:f8:ee:6d:
98:c3:8b:c3:4a:2f:e0:0c:f6:f0:91:43:7b:af:7c:
83:a2:f0:2a:92:fc:bc:35:f3:10:7a:45:ca:6b:e4:
ee:58:8b:7d:20:7b:c2:10:eb:47:29:f8:00:78:8c:
da:e1:e9:34:03:b0:2e:c4:78:18:59:c6:06:b1:22:
64:e4:b9:2e:6f:ab:8e:00:7c:59:ff:a8:59:1d:d6:
6f:e8:cd:f4:b2:cd:3b:3b:a0:04:e3:fb:b7:cc:ba:
79:b0:b3:65:e4:37:91:ab:e5:19:0f:ce:44:50:9b:
f2:8a:92:c8:db:43:c3:8b:1e:e2:f2:8e:ae:41:37:
d5:55:a4:72:07:8c:66:3b:f2:0b:fc:87:c8:4f:00:
0a:26:78:27:59:4f:29:64:8a:96:de:35:85:ef:65:
af:c3:8a:5d:f4:34:50:d9:0b:5d:b3:b7:cf:d3:97:
c7:4b:25:65:eb:4f:7a:3f:39:a5:a0:b4:3d:58:24:
48:61:48:f8:fd:59:cd:57:eb:ae:70:90:25:8c:81:
09:6d:93:49:66:e1:d4:57:61:11:b8:37:64:2f:42:
33:1f:af:74:fd:6f:f8:f3:d9:5d:ed:bb:f3:49:b2:
c1:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4D:EF:EA:56:B2:4C:40:98:E7:42:DA:9B:B2:55:3C:3E:0F:F7:EC
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/XU3v6layTECY50Lam7JVPD4P9-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.163.91.0/24
194.233.146.0/24
195.180.136.0/24
195.180.156.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:6e:d4:09:69:a6:a2:07:f1:b8:87:9a:8a:7c:7b:07:21:7b:
fd:79:ce:7d:29:9f:c9:44:b1:18:14:d5:c7:2a:04:83:55:aa:
8f:97:d9:62:ab:f3:18:70:79:1a:db:cd:9c:b7:cc:57:f5:bb:
51:e9:2d:50:ce:5d:8a:72:ca:88:08:08:cf:64:bb:55:0b:a9:
d8:90:5a:64:37:54:43:96:7e:95:8d:92:b0:28:e4:b4:3a:fb:
6a:84:a6:9e:be:cc:7c:8d:63:96:77:e4:73:0d:0f:98:ff:ac:
84:46:df:65:bd:b3:92:02:10:7d:3f:e6:bb:03:71:26:98:57:
39:d8:ed:22:1e:9b:84:a7:be:5e:1e:83:55:fe:1f:01:90:f5:
71:4f:45:7e:48:da:87:da:5c:69:1b:88:2c:78:6f:65:4e:23:
75:b6:ca:d3:fe:a5:70:f3:78:54:2f:4e:a3:56:0b:27:99:8e:
08:bd:3f:e2:f9:80:f8:ed:db:1a:36:35:cb:e3:d1:9c:25:21:
6d:e2:06:8e:12:53:73:7d:ed:0a:4d:39:87:f6:17:23:e3:ab:
63:18:a9:63:32:43:62:d2:cb:1f:6d:cc:bc:ce:43:de:51:af:
f1:96:2a:04:f8:e4:47:74:4d:e4:0d:d0:ad:ad:49:d7:c9:51:
c3:da:74:e5
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEDLCuNzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NzQ3MDE3NTY0YzcxMWJjYmQ1NzY4MGEwZGZkMDBmMmE1ZDA5OWRiMB4XDTIyMDMz
MTA2MTY0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ0ZGVmZWE1NmIy
NGM0MDk4ZTc0MmRhOWJiMjU1M2MzZTBmZjdlYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL87KXYbDB/YR+fN5MoOacM8o9ZagZ1D2t2o+O5tmMOLw0ov
4Az28JFDe698g6LwKpL8vDXzEHpFymvk7liLfSB7whDrRyn4AHiM2uHpNAOwLsR4
GFnGBrEiZOS5Lm+rjgB8Wf+oWR3Wb+jN9LLNOzugBOP7t8y6ebCzZeQ3kavlGQ/O
RFCb8oqSyNtDw4se4vKOrkE31VWkcgeMZjvyC/yHyE8ACiZ4J1lPKWSKlt41he9l
r8OKXfQ0UNkLXbO3z9OXx0slZetPej85paC0PVgkSGFI+P1ZzVfrrnCQJYyBCW2T
SWbh1FdhEbg3ZC9CMx+vdP1v+PPZXe2780mywS8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRdTe/qVrJMQJjnQtqbslU8Pg/37DAfBgNVHSMEGDAWgBTXRwF1ZMcRvL1X
aAoN/QDypdCZ2zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEwY0JkV1RIRWJ5OVYyZ0tEZjBBOHFYUW1kcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTgvYmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8x
L1hVM3Y2bGF5VEVDWTUwTGFtN0pWUEQ0UDktdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTgv
YmEyMzYyLTBjYzUtNDliZC1hNTIyLTRmMGU4Y2UxMWE3ZC8xLzEwY0JkV1RIRWJ5
OVYyZ0tEZjBBOHFYUW1kcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMKjWwMEAMLpkgMEAMO0iAMEAMO0
nDANBgkqhkiG9w0BAQsFAAOCAQEAbW7UCWmmogfxuIeainx7ByF7/XnOfSmfyUSx
GBTVxyoEg1Wqj5fZYqvzGHB5GtvNnLfMV/W7UektUM5dinLKiAgIz2S7VQup2JBa
ZDdUQ5Z+lY2SsCjktDr7aoSmnr7MfI1jlnfkcw0PmP+shEbfZb2zkgIQfT/muwNx
JphXOdjtIh6bhKe+Xh6DVf4fAZD1cU9Ffkjah9pcaRuILHhvZU4jdbbK0/6lcPN4
VC9Oo1YLJ5mOCL0/4vmA+O3bGjY1y+PRnCUhbeIGjhJTc33tCk05h/YXI+OrYxip
YzJDYtLLH23MvM5D3lGv8ZYqBPjkR3RN5A3Qra1J18lRw9p05Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:42 2023 by rpki-client on console-fra.rpki-client.org