Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/Xrs3i0Q9tLtKJqZ1_NeKW5DsG1M.roa
File: Xrs3i0Q9tLtKJqZ1_NeKW5DsG1M.roa (raw, json)
Hash identifier: oJAIpw6Sm22A8srfJG9zuJb1Cc2p8U1SWeYW5UujYZU=
Subject key identifier: 5E:BB:37:8B:44:3D:B4:BB:4A:26:A6:75:FC:D7:8A:5B:90:EC:1B:53
Certificate issuer: /CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Certificate serial: 03F68E18
Authority key identifier: 34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/Xrs3i0Q9tLtKJqZ1_NeKW5DsG1M.roa
Signing time: Sat 01 Jan 2022 00:57:41 +0000
ROA not before: Sat 01 Jan 2022 00:57:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 185.156.16.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 66489880 (0x3f68e18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34fe6b9d0cc1e7f6e16b2a46b42ca5e01c700346
Validity
Not Before: Jan 1 00:57:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ebb378b443db4bb4a26a675fcd78a5b90ec1b53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:15:75:2d:db:69:12:d4:a2:33:a0:61:b5:08:
cd:e3:c2:53:43:3f:50:4a:20:83:d9:8c:b7:5f:92:
69:a5:d3:2f:05:0e:a2:bc:e8:e1:79:5c:e4:36:5d:
26:39:74:58:59:2b:5b:05:bd:c6:93:8f:d0:6d:17:
59:95:8d:ac:34:8c:38:99:a8:93:74:f4:c9:7a:06:
31:0b:6a:af:01:c9:53:c8:e6:77:6b:a1:0c:a4:08:
f3:5a:d6:a2:e2:ae:b8:a9:e2:d9:85:cd:e0:cd:c8:
da:37:2a:74:18:ea:f7:fa:55:e6:f6:19:45:aa:e9:
95:9d:84:7e:3e:16:25:38:42:f9:d2:bf:c2:0e:70:
d0:1d:c7:e8:aa:f8:7b:00:c4:2f:63:c0:f4:88:97:
5a:29:f5:19:0b:2a:cc:81:5a:70:0e:28:0c:af:e9:
38:b6:56:21:9d:f5:5d:54:81:b4:ec:d4:bf:36:e5:
f4:47:62:13:b4:07:7e:63:aa:82:1f:de:bd:5b:cb:
34:39:a8:f6:15:bb:59:72:36:10:a5:19:13:98:22:
dd:8c:c3:bf:0e:04:3e:35:3e:83:dd:4b:a1:c7:25:
88:a4:41:df:e0:7d:5b:22:72:8b:a9:fd:21:52:7d:
29:1b:45:5e:be:6b:90:24:f6:bd:c6:06:98:a7:6c:
66:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BB:37:8B:44:3D:B4:BB:4A:26:A6:75:FC:D7:8A:5B:90:EC:1B:53
X509v3 Authority Key Identifier:
keyid:34:FE:6B:9D:0C:C1:E7:F6:E1:6B:2A:46:B4:2C:A5:E0:1C:70:03:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NP5rnQzB5_bhaypGtCyl4BxwA0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/Xrs3i0Q9tLtKJqZ1_NeKW5DsG1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/62df36-fd36-4baf-9d2e-118afed7a5ae/1/NP5rnQzB5_bhaypGtCyl4BxwA0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.16.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:a1:9d:b9:55:06:ce:7d:4b:0a:68:b1:fe:d7:c8:2e:1e:b5:
b6:17:5b:e2:87:0e:d9:ee:09:1c:07:aa:23:04:16:3f:cd:28:
07:65:50:06:82:a7:32:63:31:18:4c:67:51:d5:2c:cc:69:e3:
fd:fb:90:e6:26:68:f4:4e:16:5b:a2:09:c8:b0:af:15:ac:ca:
fc:dc:e1:40:6e:dc:78:b6:ed:bb:79:84:5c:42:96:d5:d1:77:
20:58:ee:7b:fa:b6:21:6f:54:b0:74:a8:53:f2:27:da:ae:27:
d1:d4:95:b2:21:aa:cd:b2:a4:b9:09:d6:38:4a:e1:e4:f4:6e:
1b:ad:ac:cd:7f:13:27:8a:93:c8:f1:b5:c8:0f:e5:0f:c6:ec:
dc:86:d4:af:32:d4:b3:fa:d7:8b:97:a0:fe:77:04:04:dd:0c:
af:39:3d:54:f9:a4:a4:a8:31:7e:4d:65:b0:29:af:ac:1a:2c:
b4:b3:b2:c4:ad:87:6d:14:31:a6:31:fd:3b:8d:a2:b4:54:91:
10:22:da:53:0b:56:21:9f:28:e5:fb:7f:02:64:a5:57:3b:66:
e4:73:07:e2:cc:c2:1f:f1:4d:54:6a:44:1d:86:cb:a9:38:91:
33:1a:ec:cc:1a:00:1e:14:d1:25:5f:0f:f7:05:46:99:8a:36:
df:47:35:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA/aOGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
NGZlNmI5ZDBjYzFlN2Y2ZTE2YjJhNDZiNDJjYTVlMDFjNzAwMzQ2MB4XDTIyMDEw
MTAwNTc0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWViYjM3OGI0NDNk
YjRiYjRhMjZhNjc1ZmNkNzhhNWI5MGVjMWI1MzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJMVdS3baRLUojOgYbUIzePCU0M/UEogg9mMt1+SaaXTLwUO
orzo4Xlc5DZdJjl0WFkrWwW9xpOP0G0XWZWNrDSMOJmok3T0yXoGMQtqrwHJU8jm
d2uhDKQI81rWouKuuKni2YXN4M3I2jcqdBjq9/pV5vYZRarplZ2Efj4WJThC+dK/
wg5w0B3H6Kr4ewDEL2PA9IiXWin1GQsqzIFacA4oDK/pOLZWIZ31XVSBtOzUvzbl
9EdiE7QHfmOqgh/evVvLNDmo9hW7WXI2EKUZE5gi3YzDvw4EPjU+g91LoccliKRB
3+B9WyJyi6n9IVJ9KRtFXr5rkCT2vcYGmKdsZvcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBReuzeLRD20u0ompnX814pbkOwbUzAfBgNVHSMEGDAWgBQ0/mudDMHn9uFr
Kka0LKXgHHADRjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L05QNXJuUXpCNV9iaGF5cEd0Q3lsNEJ4d0EwWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvNjJkZjM2LWZkMzYtNGJhZi05ZDJlLTExOGFmZWQ3YTVhZS8x
L1hyczNpMFE5dEx0S0pxWjFfTmVLVzVEc0cxTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
NjJkZjM2LWZkMzYtNGJhZi05ZDJlLTExOGFmZWQ3YTVhZS8xL05QNXJuUXpCNV9i
aGF5cEd0Q3lsNEJ4d0EwWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALmcEDANBgkqhkiG9w0BAQsFAAOC
AQEAf6GduVUGzn1LCmix/tfILh61thdb4ocO2e4JHAeqIwQWP80oB2VQBoKnMmMx
GExnUdUszGnj/fuQ5iZo9E4WW6IJyLCvFazK/NzhQG7ceLbtu3mEXEKW1dF3IFju
e/q2IW9UsHSoU/In2q4n0dSVsiGqzbKkuQnWOErh5PRuG62szX8TJ4qTyPG1yA/l
D8bs3IbUrzLUs/rXi5eg/ncEBN0Mrzk9VPmkpKgxfk1lsCmvrBostLOyxK2HbRQx
pjH9O42itFSRECLaUwtWIZ8o5ft/AmSlVztm5HMH4szCH/FNVGpEHYbLqTiRMxrs
zBoAHhTRJV8P9wVGmYo230c1Ww==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:34 2023 by rpki-client on console-fra.rpki-client.org