Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/XP2y5vfbj5BR9YLNjXGg-BNFZPY.roa
File: XP2y5vfbj5BR9YLNjXGg-BNFZPY.roa (raw, json)
Hash identifier: ELjXxyyB5BOyMHP/9b8FnDIRniSo3lz3/AZ+biQ9Fg8=
Subject key identifier: 5C:FD:B2:E6:F7:DB:8F:90:51:F5:82:CD:8D:71:A0:F8:13:45:64:F6
Certificate issuer: /CN=f1479b83c520d784445c24828bab633f0d702cf3
Certificate serial: 01840A4A5EAB8A1A9578330CABEC17910B9D
Authority key identifier: F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/XP2y5vfbj5BR9YLNjXGg-BNFZPY.roa
Signing time: Mon 24 Oct 2022 13:59:16 +0000
ROA not before: Mon 24 Oct 2022 13:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 196755
IP address blocks: 157.143.248.0/21 maxlen: 21
178.157.24.0/23 maxlen: 23
178.157.26.0/23 maxlen: 23
80.251.108.0/23 maxlen: 23
178.157.28.0/22 maxlen: 22
217.181.252.0/23 maxlen: 23
178.157.40.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:0a:4a:5e:ab:8a:1a:95:78:33:0c:ab:ec:17:91:0b:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1479b83c520d784445c24828bab633f0d702cf3
Validity
Not Before: Oct 24 13:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cfdb2e6f7db8f9051f582cd8d71a0f8134564f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:c8:10:8e:6f:09:54:35:67:36:23:49:0d:b5:
d9:5b:a3:ed:9a:62:6b:ae:0f:3c:e7:5e:68:08:35:
2f:bf:50:07:ec:22:5f:90:f5:6c:65:75:c9:da:20:
37:32:c8:0d:ab:77:52:55:5d:7d:7b:bc:3a:17:fc:
9b:16:f7:d9:e4:80:9d:5a:23:54:1c:25:7d:61:e0:
1f:32:a6:c0:c2:4a:1b:86:f9:94:0f:a8:91:fb:29:
4d:5a:53:9c:ab:a2:cf:92:aa:22:bb:44:40:03:36:
9d:11:30:f2:e7:40:6b:f1:7c:a5:da:a6:c2:3c:50:
ec:79:18:85:36:de:bc:3b:95:c9:62:62:72:3b:4a:
c2:06:d8:2e:ae:53:2d:90:9a:3f:8f:13:7e:df:28:
53:fe:cc:6d:e1:fe:26:c9:4b:21:a0:59:ac:6e:37:
23:21:29:62:29:1e:a3:a2:fd:f9:79:ed:79:d6:24:
fc:f6:ae:f4:ff:72:b8:c2:b4:73:d3:5c:8d:0a:2e:
22:05:9a:03:53:55:c7:35:38:8b:6d:a0:d2:97:af:
84:f0:65:58:84:f0:e6:8e:e4:8c:2a:14:da:3d:b5:
72:b6:3b:ca:72:a9:4e:e2:64:13:2a:59:95:a5:f7:
50:6d:1a:53:42:94:3d:0b:d1:09:da:13:12:56:ad:
c1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:FD:B2:E6:F7:DB:8F:90:51:F5:82:CD:8D:71:A0:F8:13:45:64:F6
X509v3 Authority Key Identifier:
keyid:F1:47:9B:83:C5:20:D7:84:44:5C:24:82:8B:AB:63:3F:0D:70:2C:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8Uebg8Ug14REXCSCi6tjPw1wLPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/XP2y5vfbj5BR9YLNjXGg-BNFZPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/a97e21-b5fe-4a56-a98a-bdd4af5f35d1/1/8Uebg8Ug14REXCSCi6tjPw1wLPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.251.108.0/23
157.143.248.0/21
178.157.24.0/21
178.157.40.0/22
217.181.252.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:b4:e5:8e:49:6c:b4:39:f3:39:bf:ea:6b:0e:a7:d7:ef:03:
19:68:6c:19:92:3d:17:fc:fb:5e:f6:6e:52:f0:41:38:fa:ef:
b2:90:60:cc:df:bb:94:8e:aa:19:c9:28:b4:89:45:15:02:3b:
77:b2:24:88:e1:a6:06:8a:f4:bc:6a:6d:ea:18:e6:8a:eb:d0:
ce:f8:9c:9a:f7:a6:1e:62:b0:ea:c2:c3:3a:50:34:5c:8a:46:
81:e6:f4:98:d4:1c:ed:7f:76:e9:2a:8a:3f:36:cc:c1:53:6a:
52:b9:73:54:f8:78:c8:88:d0:a3:aa:5c:1f:61:fa:45:6f:59:
08:fb:39:6c:ad:37:04:ce:ce:68:13:47:66:00:5c:a7:f7:a1:
1d:39:ea:63:d6:99:aa:fa:29:9f:08:4b:c0:ee:f6:63:d1:05:
35:75:46:7f:3d:9c:36:26:ae:31:1d:66:b1:62:c1:96:8b:83:
68:ae:97:80:32:26:5b:8e:05:46:6e:86:a3:3a:eb:85:e7:bf:
ef:ad:5d:72:2b:a7:2d:ac:38:cb:fe:c6:d6:1b:ca:e0:a5:3f:
bf:f3:d2:25:62:74:77:5a:34:b9:8a:8d:5f:6f:5f:ff:38:2b:
0b:c9:7e:f4:7a:0a:3d:65:49:62:ef:88:ed:01:31:84:f7:72:
ee:47:de:b9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYQKSl6rihqVeDMMq+wXkQudMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxNDc5YjgzYzUyMGQ3ODQ0NDVjMjQ4MjhiYWI2MzNmMGQ3
MDJjZjMwHhcNMjIxMDI0MTM1OTE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2ZkYjJlNmY3ZGI4ZjkwNTFmNTgyY2Q4ZDcxYTBmODEzNDU2NGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA18gQjm8JVDVnNiNJDbXZW6PtmmJr
rg88515oCDUvv1AH7CJfkPVsZXXJ2iA3MsgNq3dSVV19e7w6F/ybFvfZ5ICdWiNU
HCV9YeAfMqbAwkobhvmUD6iR+ylNWlOcq6LPkqoiu0RAAzadETDy50Br8Xyl2qbC
PFDseRiFNt68O5XJYmJyO0rCBtgurlMtkJo/jxN+3yhT/sxt4f4myUshoFmsbjcj
ISliKR6jov35ee151iT89q70/3K4wrRz01yNCi4iBZoDU1XHNTiLbaDSl6+E8GVY
hPDmjuSMKhTaPbVytjvKcqlO4mQTKlmVpfdQbRpTQpQ9C9EJ2hMSVq3BZQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFz9sub324+QUfWCzY1xoPgTRWT2MB8GA1UdIwQY
MBaAFPFHm4PFINeERFwkgourYz8NcCzzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEt
YmRkNGFmNWYzNWQxLzEvWFAyeTV2ZmJqNUJSOVlMTmpYR2ctQk5GWlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9hOTdlMjEtYjVmZS00YTU2LWE5OGEtYmRkNGFmNWYzNWQx
LzEvOFVlYmc4VWcxNFJFWENTQ2k2dGpQdzF3TFBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBUPtsAwQD
nY/4AwQDsp0YAwQCsp0oAwQB2bX8MA0GCSqGSIb3DQEBCwUAA4IBAQAftOWOSWy0
OfM5v+prDqfX7wMZaGwZkj0X/Pte9m5S8EE4+u+ykGDM37uUjqoZySi0iUUVAjt3
siSI4aYGivS8am3qGOaK69DO+Jya96YeYrDqwsM6UDRcikaB5vSY1Bztf3bpKoo/
NszBU2pSuXNU+HjIiNCjqlwfYfpFb1kI+zlsrTcEzs5oE0dmAFyn96EdOepj1pmq
+imfCEvA7vZj0QU1dUZ/PZw2Jq4xHWaxYsGWi4NorpeAMiZbjgVGboajOuuF57/v
rV1yK6ctrDjL/sbWG8rgpT+/89IlYnR3WjS5io1fb1//OCsLyX70ego9ZUli74jt
ATGE93LuR965
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:45:50 2023 by rpki-client on console-fra.rpki-client.org