Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/XvK7QxxoT_R9U0CyjNcMYjmQgqU.roa
File: XvK7QxxoT_R9U0CyjNcMYjmQgqU.roa (raw, json)
Hash identifier: EcIG+Pdb2g733GRMc+MhK0jVezPWaCctZ/1XtBA9iqg=
Subject key identifier: 5E:F2:BB:43:1C:68:4F:F4:7D:53:40:B2:8C:D7:0C:62:39:90:82:A5
Certificate issuer: /CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Certificate serial: 0184DD066535833D3BCF6E33CAC3763321A4
Authority key identifier: 9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/XvK7QxxoT_R9U0CyjNcMYjmQgqU.roa
Signing time: Sun 04 Dec 2022 12:04:54 +0000
ROA not before: Sun 04 Dec 2022 12:04:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35758
IP address blocks: 5.253.186.0/24 maxlen: 24
185.219.162.0/24 maxlen: 24
185.114.205.0/24 maxlen: 24
45.130.32.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:dd:06:65:35:83:3d:3b:cf:6e:33:ca:c3:76:33:21:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9cb25ce550e4d9bda05bd5d45c8b6ba37430bbba
Validity
Not Before: Dec 4 12:04:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ef2bb431c684ff47d5340b28cd70c62399082a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:0e:43:fa:b3:5e:0a:fc:52:33:53:aa:24:e3:
e7:d3:ed:f8:51:f8:71:03:60:2c:c0:91:a8:d3:7e:
d2:bc:73:3f:73:de:a7:8d:52:0d:a6:a1:41:db:0d:
9b:15:c9:70:9e:d7:78:97:45:9c:85:23:8d:41:44:
91:14:bc:b0:8a:64:40:ca:1d:cd:f7:7a:f3:78:44:
2c:d4:bc:eb:ae:a5:08:fc:6a:cb:7a:63:00:a5:67:
31:a5:e0:61:45:d1:50:9b:23:51:1b:e8:2d:0f:21:
74:94:07:b4:3c:42:55:51:e3:6b:87:56:23:1d:4b:
bf:9e:34:d8:91:f3:70:07:99:a3:11:db:46:04:8d:
40:c5:f4:c9:fd:1c:ea:02:1a:51:15:2a:32:c1:46:
fa:fa:5c:1a:4f:01:08:9c:ec:53:e9:af:51:c8:61:
ca:2b:49:f2:c1:ef:49:a1:c1:03:50:b5:9e:58:bf:
be:39:c4:f3:8e:e0:fa:a3:15:0e:35:aa:fd:c4:fe:
cf:78:00:71:51:86:6c:7e:09:29:0a:c0:cc:c4:ed:
dc:ac:93:ea:05:c7:98:e6:56:cc:7f:cc:88:c8:91:
99:41:f6:9b:b6:6f:8d:31:b6:cf:f3:f6:f6:13:61:
3a:93:83:6a:9c:0f:f2:93:1c:f6:7e:f2:b1:83:b9:
3c:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F2:BB:43:1C:68:4F:F4:7D:53:40:B2:8C:D7:0C:62:39:90:82:A5
X509v3 Authority Key Identifier:
keyid:9C:B2:5C:E5:50:E4:D9:BD:A0:5B:D5:D4:5C:8B:6B:A3:74:30:BB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nLJc5VDk2b2gW9XUXItro3Qwu7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/XvK7QxxoT_R9U0CyjNcMYjmQgqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/4f336b-4a79-4425-9556-be45f0d2abbb/1/nLJc5VDk2b2gW9XUXItro3Qwu7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.186.0/24
45.130.32.0/24
185.114.205.0/24
185.219.162.0/24
Signature Algorithm: sha256WithRSAEncryption
58:f6:b2:b2:4e:dc:ca:98:50:3d:33:e6:11:26:c1:30:2a:ec:
cb:a9:0f:93:1b:2d:3b:5b:d6:f9:b2:9f:3e:a4:82:89:75:f8:
aa:59:52:37:39:2a:ec:d7:b1:89:51:3f:76:75:d0:4c:3b:83:
66:9c:90:50:17:b3:14:52:e4:8f:92:93:a8:17:2e:9e:4f:69:
f9:a6:ab:f0:c7:d7:85:e7:3b:06:75:8e:d3:c8:e0:9a:c7:58:
29:03:af:4d:d3:a1:e1:33:b0:5b:1b:a4:cd:6e:f6:1a:3e:17:
9a:a2:71:89:21:cc:0d:b2:82:ac:3a:0f:ad:c3:79:04:14:63:
ef:5f:23:69:a3:50:17:92:ae:f1:3d:72:95:3e:d0:2c:f2:c4:
90:87:12:e6:27:a4:e2:3c:f8:34:48:80:79:8b:20:01:92:b1:
5b:fb:92:a1:12:a9:f7:40:8d:bd:63:f7:43:6b:29:5f:70:6f:
6d:c4:ce:2c:65:ff:40:9b:f5:58:7d:ca:bb:2c:2e:cb:87:18:
20:9e:ff:81:1e:9c:61:8f:37:3a:d0:a5:2c:f9:a0:f9:cb:ee:
be:5e:ab:6a:c6:97:63:a1:f5:bf:0a:9c:3a:8a:af:84:9c:cd:
31:5a:a0:63:4e:2c:7e:7e:ec:ac:14:07:47:4b:48:a4:c0:31:
7d:93:ca:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYTdBmU1gz07z24zysN2MyGkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYjI1Y2U1NTBlNGQ5YmRhMDViZDVkNDVjOGI2YmEzNzQz
MGJiYmEwHhcNMjIxMjA0MTIwNDU0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWYyYmI0MzFjNjg0ZmY0N2Q1MzQwYjI4Y2Q3MGM2MjM5OTA4MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzg5D+rNeCvxSM1OqJOPn0+34Ufhx
A2AswJGo037SvHM/c96njVINpqFB2w2bFclwntd4l0WchSONQUSRFLywimRAyh3N
93rzeEQs1LzrrqUI/GrLemMApWcxpeBhRdFQmyNRG+gtDyF0lAe0PEJVUeNrh1Yj
HUu/njTYkfNwB5mjEdtGBI1AxfTJ/RzqAhpRFSoywUb6+lwaTwEInOxT6a9RyGHK
K0nywe9JocEDULWeWL++OcTzjuD6oxUONar9xP7PeABxUYZsfgkpCsDMxO3crJPq
BceY5lbMf8yIyJGZQfabtm+NMbbP8/b2E2E6k4NqnA/ykxz2fvKxg7k8TwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF7yu0McaE/0fVNAsozXDGI5kIKlMB8GA1UdIwQY
MBaAFJyyXOVQ5Nm9oFvV1FyLa6N0MLu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYt
YmU0NWYwZDJhYmJiLzEvWHZLN1F4eG9UX1I5VTBDeWpOY01Zam1RZ3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS80ZjMzNmItNGE3OS00NDI1LTk1NTYtYmU0NWYwZDJhYmJi
LzEvbkxKYzVWRGsyYjJnVzlYVVhJdHJvM1F3dTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABf26AwQA
LYIgAwQAuXLNAwQAuduiMA0GCSqGSIb3DQEBCwUAA4IBAQBY9rKyTtzKmFA9M+YR
JsEwKuzLqQ+TGy07W9b5sp8+pIKJdfiqWVI3OSrs17GJUT92ddBMO4NmnJBQF7MU
UuSPkpOoFy6eT2n5pqvwx9eF5zsGdY7TyOCax1gpA69N06HhM7BbG6TNbvYaPhea
onGJIcwNsoKsOg+tw3kEFGPvXyNpo1AXkq7xPXKVPtAs8sSQhxLmJ6TiPPg0SIB5
iyABkrFb+5KhEqn3QI29Y/dDaylfcG9txM4sZf9Am/VYfcq7LC7Lhxggnv+BHpxh
jzc60KUs+aD5y+6+XqtqxpdjofW/Cpw6iq+EnM0xWqBjTix+fuysFAdHS0ikwDF9
k8pw
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:39 2023 by rpki-client on console-ams.rpki-client.org