Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/XjzPXXhoj0A4B4y1wnjq78LXGVo.roa
File: XjzPXXhoj0A4B4y1wnjq78LXGVo.roa (raw, json)
Hash identifier: 5wg+DrdkPtLKFgLfTScZNDdkkSqnM62llehuheNRasQ=
Subject key identifier: 5E:3C:CF:5D:78:68:8F:40:38:07:8C:B5:C2:78:EA:EF:C2:D7:19:5A
Certificate issuer: /CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Certificate serial: 0823614E
Authority key identifier: B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/XjzPXXhoj0A4B4y1wnjq78LXGVo.roa
Signing time: Sat 01 Jan 2022 06:03:19 +0000
ROA not before: Sat 01 Jan 2022 06:03:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44843
IP address blocks: 192.145.19.0/24 maxlen: 24
152.89.135.0/24 maxlen: 24
152.89.134.0/24 maxlen: 24
31.207.64.0/20 maxlen: 20
178.236.132.0/24 maxlen: 24
178.236.130.0/24 maxlen: 24
178.236.128.0/21 maxlen: 21
178.236.131.0/24 maxlen: 24
178.236.128.0/24 maxlen: 24
178.236.129.0/24 maxlen: 24
178.236.133.0/24 maxlen: 24
178.236.134.0/24 maxlen: 24
178.236.135.0/24 maxlen: 24
2a02:1710:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 136536398 (0x823614e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72588c00eef715809eb5fdd6d6717cc28c0dfac
Validity
Not Before: Jan 1 06:03:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e3ccf5d78688f4038078cb5c278eaefc2d7195a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:36:22:f5:bd:f3:73:c2:ce:0c:f5:04:98:ee:
91:05:be:91:8a:9d:4f:28:87:6e:12:15:00:50:d7:
d7:a6:1b:af:c7:f4:78:07:e9:65:40:b1:f2:40:e1:
ef:b2:b0:63:1b:18:1d:a2:14:a0:fd:54:14:b1:39:
59:ad:24:fb:98:17:bf:45:42:06:9a:dc:cf:64:da:
de:fa:ff:1d:b5:93:b6:d3:f6:9d:24:cd:ef:a2:80:
bf:54:fb:4b:95:64:2a:15:09:23:06:43:bc:d9:88:
5b:ac:fd:f3:f7:91:a8:5a:d2:01:5c:10:b6:58:77:
48:2a:5d:3a:c9:da:71:be:d1:c8:5a:46:40:cd:c7:
4f:2a:33:9b:aa:b3:86:3c:de:6e:0b:ad:26:03:2a:
2c:a2:85:6b:1b:1f:dc:e1:6a:e2:74:d6:38:60:e3:
7f:1e:99:9e:c5:93:53:e8:76:ca:00:4f:93:cd:e9:
6d:e4:bf:dc:20:4e:3f:0f:90:f3:ba:bd:53:16:22:
cb:1f:bf:61:e3:83:22:e1:b1:93:de:68:21:e9:da:
63:29:db:dd:06:81:0b:c4:e3:25:9b:c5:86:22:83:
99:11:fd:be:c0:9e:0d:b7:f2:43:e6:b8:66:90:d3:
18:c2:47:30:1d:a8:7c:87:db:3f:0a:69:da:1d:2b:
7c:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3C:CF:5D:78:68:8F:40:38:07:8C:B5:C2:78:EA:EF:C2:D7:19:5A
X509v3 Authority Key Identifier:
keyid:B7:25:88:C0:0E:EF:71:58:09:EB:5F:DD:6D:67:17:CC:28:C0:DF:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tyWIwA7vcVgJ61_dbWcXzCjA36w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/XjzPXXhoj0A4B4y1wnjq78LXGVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ebbac9-fee7-4f3b-8cd5-7a41254eaaca/1/tyWIwA7vcVgJ61_dbWcXzCjA36w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.207.64.0/20
152.89.134.0/23
178.236.128.0/21
192.145.19.0/24
IPv6:
2a02:1710:4::/48
Signature Algorithm: sha256WithRSAEncryption
6b:3f:95:ff:6c:9a:f3:ba:6e:be:f3:fe:f6:91:9d:f9:6f:73:
de:cd:54:45:30:13:cb:9d:ce:eb:03:a0:6b:4d:24:f8:98:70:
36:7c:e6:99:77:9a:e7:aa:0a:7d:7c:b6:7b:82:c4:08:4b:89:
a5:74:c6:a5:b5:e1:26:ba:24:df:4f:42:c9:dc:74:2e:5e:a5:
0b:a1:0e:3c:02:6a:02:35:72:dd:9a:64:01:df:93:ae:b5:77:
4e:6b:62:8c:e5:76:cb:0c:fe:14:6b:fb:5d:06:1a:07:4d:51:
32:1a:4e:3a:0b:10:ce:d7:8b:4e:65:c9:0b:eb:df:cb:1c:1b:
d2:e4:67:4f:8a:06:74:45:e3:a3:2b:49:79:d1:ce:c1:e8:7e:
25:57:f9:41:62:f6:fd:f9:03:12:4c:68:1d:cc:18:c9:43:31:
31:b3:81:b9:fa:90:22:91:2b:10:35:e4:1d:b6:fb:9d:64:b8:
34:fd:49:a0:20:4f:32:b2:03:61:a7:04:69:1b:cc:29:b8:46:
d0:da:58:d1:da:ee:7d:95:85:f7:c2:3b:c8:c5:ca:5b:2c:61:
88:d1:30:e7:70:58:19:82:73:2f:c3:2b:11:6b:05:e0:97:cf:
33:98:5e:36:6e:07:29:cc:f8:c6:01:2d:06:b5:32:29:e0:f4:
2e:6d:96:1f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgIECCNhTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI1ODhjMDBlZWY3MTU4MDllYjVmZGQ2ZDY3MTdjYzI4YzBkZmFjMB4XDTIyMDEw
MTA2MDMxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUzY2NmNWQ3ODY4
OGY0MDM4MDc4Y2I1YzI3OGVhZWZjMmQ3MTk1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALI2IvW983PCzgz1BJjukQW+kYqdTyiHbhIVAFDX16Ybr8f0
eAfpZUCx8kDh77KwYxsYHaIUoP1UFLE5Wa0k+5gXv0VCBprcz2Ta3vr/HbWTttP2
nSTN76KAv1T7S5VkKhUJIwZDvNmIW6z98/eRqFrSAVwQtlh3SCpdOsnacb7RyFpG
QM3HTyozm6qzhjzebgutJgMqLKKFaxsf3OFq4nTWOGDjfx6ZnsWTU+h2ygBPk83p
beS/3CBOPw+Q87q9UxYiyx+/YeODIuGxk95oIenaYynb3QaBC8TjJZvFhiKDmRH9
vsCeDbfyQ+a4ZpDTGMJHMB2ofIfbPwpp2h0rfGcCAwEAAaOCAiwwggIoMB0GA1Ud
DgQWBBRePM9deGiPQDgHjLXCeOrvwtcZWjAfBgNVHSMEGDAWgBS3JYjADu9xWAnr
X91tZxfMKMDfrDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5V0l3QTd2Y1ZnSjYxX2RiV2NYekNqQTM2dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjgvZWJiYWM5LWZlZTctNGYzYi04Y2Q1LTdhNDEyNTRlYWFjYS8x
L1hqelBYWGhvajBBNEI0eTF3bmpxNzhMWEdWby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjgv
ZWJiYWM5LWZlZTctNGYzYi04Y2Q1LTdhNDEyNTRlYWFjYS8xL3R5V0l3QTd2Y1Zn
SjYxX2RiV2NYekNqQTM2dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBC
BggrBgEFBQcBBwEB/wQzMDEwHgQCAAEwGAMEBB/PQAMEAZhZhgMEA7LsgAMEAMCR
EzAPBAIAAjAJAwcAKgIXEAAEMA0GCSqGSIb3DQEBCwUAA4IBAQBrP5X/bJrzum6+
8/72kZ35b3PezVRFMBPLnc7rA6BrTST4mHA2fOaZd5rnqgp9fLZ7gsQIS4mldMal
teEmuiTfT0LJ3HQuXqULoQ48AmoCNXLdmmQB35OutXdOa2KM5XbLDP4Ua/tdBhoH
TVEyGk46CxDO14tOZckL69/LHBvS5GdPigZ0ReOjK0l50c7B6H4lV/lBYvb9+QMS
TGgdzBjJQzExs4G5+pAikSsQNeQdtvudZLg0/UmgIE8ysgNhpwRpG8wpuEbQ2ljR
2u59lYX3wjvIxcpbLGGI0TDncFgZgnMvwysRawXgl88zmF42bgcpzPjGAS0GtTIp
4PQubZYf
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:59:35 2024 by rpki-client on console-ams.rpki-client.org