Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xmzdHlUT5iHo-zC3IEKTf7i_2Ns.roa
File: xmzdHlUT5iHo-zC3IEKTf7i_2Ns.roa (raw, json)
Hash identifier: Fxnoj0I9meA7uRPZJF285JSguzepA8wNsbRcLtzo6/8=
Subject key identifier: C6:6C:DD:1E:55:13:E6:21:E8:FB:30:B7:20:42:93:7F:B8:BF:D8:DB
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 018354B2AB4B1B25BF24BD3FAF0EC7775A49
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xmzdHlUT5iHo-zC3IEKTf7i_2Ns.roa
Signing time: Mon 19 Sep 2022 07:42:18 +0000
ROA not before: Mon 19 Sep 2022 07:42:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60721
IP address blocks: 109.122.43.0/24 maxlen: 24
193.93.54.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:54:b2:ab:4b:1b:25:bf:24:bd:3f:af:0e:c7:77:5a:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Sep 19 07:42:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c66cdd1e5513e621e8fb30b72042937fb8bfd8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:68:83:32:d7:87:33:5b:34:1e:dc:f4:99:1e:
d7:9a:fa:7a:98:f8:e0:a9:1f:64:6e:de:d7:11:fe:
a1:e9:3c:aa:48:18:4b:55:0a:5c:00:2a:07:09:b1:
6c:a6:2b:7c:6f:50:87:87:03:0e:d4:b0:f7:af:13:
5e:75:78:b2:97:94:76:d6:83:f9:38:40:26:a5:e8:
61:1c:21:23:e8:d6:fa:e4:8c:0e:4c:c5:81:73:c0:
c7:95:27:61:a3:96:51:40:16:32:9c:dc:ce:26:f5:
5f:52:3d:c3:02:0c:fc:ae:8a:b4:d0:e9:be:32:54:
0a:fa:2c:73:33:1c:3e:29:5f:89:a9:f3:53:63:c1:
f8:26:df:62:d3:4e:13:16:f0:ee:9a:3b:a5:5e:df:
18:8b:1d:5a:00:fa:95:9e:4f:bb:40:24:05:2f:8d:
c7:16:73:af:fe:49:7e:c0:d0:d4:db:a8:99:6e:78:
16:da:2b:4e:84:e4:d0:d5:76:89:80:ca:b5:b6:cc:
30:ab:97:99:93:35:11:31:76:7a:3d:4d:a0:c6:1f:
aa:b6:f3:da:23:66:c5:13:57:6a:1d:82:51:c6:93:
6b:24:e0:d4:e0:97:b0:68:36:f3:00:4d:03:b6:14:
01:4f:93:d8:ab:43:96:e1:85:63:00:90:41:72:59:
04:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:6C:DD:1E:55:13:E6:21:E8:FB:30:B7:20:42:93:7F:B8:BF:D8:DB
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/xmzdHlUT5iHo-zC3IEKTf7i_2Ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.43.0/24
193.93.54.0/24
Signature Algorithm: sha256WithRSAEncryption
99:b5:87:65:aa:9e:81:66:a3:af:47:db:40:e8:04:08:b4:bf:
0e:39:55:c5:0d:05:a0:94:1e:a3:e8:70:8a:d5:44:b9:e3:39:
34:5e:19:f9:8a:d8:28:4c:53:e4:57:64:18:b2:90:2d:cb:2d:
20:52:79:70:49:80:ee:5d:89:4a:ff:ec:0d:42:9d:02:cc:7b:
d7:fe:8f:a6:bf:6b:ad:3b:63:d7:43:e1:e8:ee:91:4e:93:86:
96:82:3f:f3:f6:20:22:29:b4:51:5a:90:1c:b6:18:32:5e:ee:
30:8b:22:ac:1b:98:ac:4f:84:fc:20:9e:13:51:a4:1c:9f:4c:
01:6e:86:e0:69:0e:1b:64:d6:24:28:ec:46:81:03:d6:2f:0b:
7f:25:64:6b:14:12:f0:71:d8:da:4c:ef:60:b1:2a:85:dc:95:
e1:62:60:b1:75:02:be:42:ce:7b:e1:e3:f5:af:77:60:23:87:
4e:5d:d7:ab:08:72:30:b5:0a:51:1a:9f:a1:05:f1:70:ca:c6:
c9:1a:fa:8f:15:9b:d2:a8:2a:02:28:01:63:53:06:9a:3d:0e:
e4:7a:99:4d:9b:d9:5b:1c:28:96:a5:6e:35:7b:dc:7a:84:00:
4c:b6:69:ec:e7:79:20:b9:47:91:b7:95:ba:52:a5:9b:43:80:
d0:c4:d9:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYNUsqtLGyW/JL0/rw7Hd1pJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjIwOTE5MDc0MjE4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjZjZGQxZTU1MTNlNjIxZThmYjMwYjcyMDQyOTM3ZmI4YmZkOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32iDMteHM1s0Htz0mR7Xmvp6mPjg
qR9kbt7XEf6h6TyqSBhLVQpcACoHCbFspit8b1CHhwMO1LD3rxNedXiyl5R21oP5
OEAmpehhHCEj6Nb65IwOTMWBc8DHlSdho5ZRQBYynNzOJvVfUj3DAgz8roq00Om+
MlQK+ixzMxw+KV+JqfNTY8H4Jt9i004TFvDumjulXt8Yix1aAPqVnk+7QCQFL43H
FnOv/kl+wNDU26iZbngW2itOhOTQ1XaJgMq1tswwq5eZkzURMXZ6PU2gxh+qtvPa
I2bFE1dqHYJRxpNrJODU4JewaDbzAE0DthQBT5PYq0OW4YVjAJBBclkEqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMZs3R5VE+Yh6PswtyBCk3+4v9jbMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEveG16ZEhsVVQ1aUhvLXpDM0lFS1RmN2lfMk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbXorAwQA
wV02MA0GCSqGSIb3DQEBCwUAA4IBAQCZtYdlqp6BZqOvR9tA6AQItL8OOVXFDQWg
lB6j6HCK1US54zk0Xhn5itgoTFPkV2QYspAtyy0gUnlwSYDuXYlK/+wNQp0CzHvX
/o+mv2utO2PXQ+Ho7pFOk4aWgj/z9iAiKbRRWpActhgyXu4wiyKsG5isT4T8IJ4T
UaQcn0wBbobgaQ4bZNYkKOxGgQPWLwt/JWRrFBLwcdjaTO9gsSqF3JXhYmCxdQK+
Qs574eP1r3dgI4dOXderCHIwtQpRGp+hBfFwysbJGvqPFZvSqCoCKAFjUwaaPQ7k
eplNm9lbHCiWpW41e9x6hABMtmns53kguUeRt5W6UqWbQ4DQxNlb
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:57:07 2024 by rpki-client on console-ams.rpki-client.org