Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/XqAWuYoCPTLDhjS-pkEZBbUFwvg.roa
File: XqAWuYoCPTLDhjS-pkEZBbUFwvg.roa (raw, json)
Hash identifier: wNog0jh5mjsGsaYDbIzZRSbPrjBShLSyocsJ3D+cMz4=
Subject key identifier: 5E:A0:16:B9:8A:02:3D:32:C3:86:34:BE:A6:41:19:05:B5:05:C2:F8
Certificate issuer: /CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e
Certificate serial: 018B3DC0BC51304565C0DEE54B967CC9F8FC
Authority key identifier: 13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/XqAWuYoCPTLDhjS-pkEZBbUFwvg.roa
Signing time: Tue 17 Oct 2023 13:08:43 +0000
ROA not before: Tue 17 Oct 2023 13:08:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 12835
IP address blocks: 185.38.252.0/22 maxlen: 24
46.226.200.0/21 maxlen: 24
77.72.192.0/21 maxlen: 24
109.205.104.0/21 maxlen: 24
194.105.48.0/21 maxlen: 24
37.128.136.0/21 maxlen: 24
2a00:10c8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:3d:c0:bc:51:30:45:65:c0:de:e5:4b:96:7c:c9:f8:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13c9fd37c7431ce6aa3c93a6952c67f0f0c9846e
Validity
Not Before: Oct 17 13:08:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ea016b98a023d32c38634bea6411905b505c2f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:eb:2b:b9:8f:0e:79:53:de:bf:f1:cf:51:05:
5b:16:25:b1:51:b8:eb:bc:cd:43:f7:03:8f:76:8e:
94:c2:04:1b:7b:eb:42:bf:ad:21:ac:79:23:0f:0b:
6b:d3:a1:1a:3e:e7:6c:05:f1:98:22:ad:23:81:b4:
59:fe:28:83:97:56:12:0c:f8:42:63:b0:61:bd:84:
84:f4:e9:e5:d1:9e:7e:71:03:17:aa:e7:63:94:81:
ac:21:8e:52:e8:85:eb:3b:14:df:69:37:f1:95:b4:
df:a6:76:4b:f7:69:15:60:6d:82:3c:37:2a:74:95:
91:ab:81:d4:8c:5c:f2:ce:0e:27:b9:6b:99:12:ae:
cc:3f:8d:76:1a:b4:f4:87:1d:44:be:d8:c2:ee:aa:
3d:4f:5a:1f:e5:5c:37:f5:84:33:b9:27:1f:56:d0:
3e:0e:bf:7a:2a:32:a3:de:99:76:5a:65:8b:91:78:
32:75:26:8a:a1:d3:9c:e7:28:88:31:a8:f0:1f:ec:
7a:d2:cb:bd:d5:3b:fe:7c:64:e0:1e:52:bb:81:31:
47:f3:dd:34:fc:c0:29:e9:b7:de:78:f9:30:35:99:
63:f1:fd:ca:01:5c:6c:45:9c:81:f3:d7:d2:d6:2d:
10:24:20:f3:f7:8e:31:45:22:a3:95:42:55:c0:1a:
e4:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A0:16:B9:8A:02:3D:32:C3:86:34:BE:A6:41:19:05:B5:05:C2:F8
X509v3 Authority Key Identifier:
keyid:13:C9:FD:37:C7:43:1C:E6:AA:3C:93:A6:95:2C:67:F0:F0:C9:84:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E8n9N8dDHOaqPJOmlSxn8PDJhG4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/XqAWuYoCPTLDhjS-pkEZBbUFwvg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/8e8227-cd20-4db8-a40e-6a3dfb47f8c4/1/E8n9N8dDHOaqPJOmlSxn8PDJhG4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.136.0/21
46.226.200.0/21
77.72.192.0/21
109.205.104.0/21
185.38.252.0/22
194.105.48.0/21
IPv6:
2a00:10c8::/32
Signature Algorithm: sha256WithRSAEncryption
55:88:eb:64:62:74:a4:a3:c5:41:55:37:7a:c3:ca:b5:04:1e:
12:fd:da:a9:e5:5c:8b:d0:6f:0c:dd:03:1f:cf:8a:51:f8:aa:
70:51:3f:bc:93:39:c4:43:e9:f0:7e:e4:f6:dd:e1:9d:23:ae:
09:3e:dd:4b:03:75:a0:de:8c:aa:66:5a:49:5d:89:00:ee:a8:
77:3b:39:14:6d:e5:2d:3d:90:b3:05:ca:31:6a:a0:28:4f:06:
de:f7:ea:66:61:e8:8b:68:38:12:b5:60:41:e0:81:83:6c:91:
45:b3:d9:03:34:44:5f:93:fe:98:cd:f3:44:4d:ff:f0:c0:3f:
89:03:73:96:e9:0b:5f:29:0a:7f:73:38:d0:08:fc:0d:54:64:
85:88:fe:90:bf:8b:78:31:b9:ab:61:3c:46:d0:01:e1:ed:0f:
dc:e1:25:04:c0:b4:fc:6d:b3:c9:45:8f:73:79:20:ef:1f:bc:
91:a7:4a:2a:e1:a6:4f:d1:f9:23:5f:1c:9c:fb:90:70:7a:61:
ed:72:c7:ac:e6:ea:4d:d2:d7:ad:fe:96:df:1e:83:21:2f:df:
c7:1c:e0:e4:6f:63:5b:f6:d4:70:17:51:67:2a:d2:00:70:32:
b4:1f:5e:6a:b8:71:15:df:a5:e6:b5:d9:2e:3a:c7:7a:9b:f4:
d5:96:57:24
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYs9wLxRMEVlwN7lS5Z8yfj8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzYzlmZDM3Yzc0MzFjZTZhYTNjOTNhNjk1MmM2N2YwZjBj
OTg0NmUwHhcNMjMxMDE3MTMwODQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWEwMTZiOThhMDIzZDMyYzM4NjM0YmVhNjQxMTkwNWI1MDVjMmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+sruY8OeVPev/HPUQVbFiWxUbjr
vM1D9wOPdo6UwgQbe+tCv60hrHkjDwtr06EaPudsBfGYIq0jgbRZ/iiDl1YSDPhC
Y7BhvYSE9Onl0Z5+cQMXqudjlIGsIY5S6IXrOxTfaTfxlbTfpnZL92kVYG2CPDcq
dJWRq4HUjFzyzg4nuWuZEq7MP412GrT0hx1EvtjC7qo9T1of5Vw39YQzuScfVtA+
Dr96KjKj3pl2WmWLkXgydSaKodOc5yiIMajwH+x60su91Tv+fGTgHlK7gTFH8900
/MAp6bfeePkwNZlj8f3KAVxsRZyB89fS1i0QJCDz944xRSKjlUJVwBrkPQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFF6gFrmKAj0yw4Y0vqZBGQW1BcL4MB8GA1UdIwQY
MBaAFBPJ/TfHQxzmqjyTppUsZ/DwyYRuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRThuOU44ZERIT2FxUEpPbWxTeG44UERKaEc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC84ZTgyMjctY2QyMC00ZGI4LWE0MGUt
NmEzZGZiNDdmOGM0LzEvWHFBV3VZb0NQVExEaGpTLXBrRVpCYlVGd3ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC84ZTgyMjctY2QyMC00ZGI4LWE0MGUtNmEzZGZiNDdmOGM0
LzEvRThuOU44ZERIT2FxUEpPbWxTeG44UERKaEc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDJYCIAwQD
LuLIAwQDTUjAAwQDbc1oAwQCuSb8AwQDwmkwMA0EAgACMAcDBQAqABDIMA0GCSqG
SIb3DQEBCwUAA4IBAQBViOtkYnSko8VBVTd6w8q1BB4S/dqp5VyL0G8M3QMfz4pR
+KpwUT+8kznEQ+nwfuT23eGdI64JPt1LA3Wg3oyqZlpJXYkA7qh3OzkUbeUtPZCz
BcoxaqAoTwbe9+pmYeiLaDgStWBB4IGDbJFFs9kDNERfk/6YzfNETf/wwD+JA3OW
6QtfKQp/czjQCPwNVGSFiP6Qv4t4MbmrYTxG0AHh7Q/c4SUEwLT8bbPJRY9zeSDv
H7yRp0oq4aZP0fkjXxyc+5BwemHtcses5upN0tet/pbfHoMhL9/HHODkb2Nb9tRw
F1FnKtIAcDK0H15quHEV36XmtdkuOsd6m/TVllck
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:46 2025 by rpki-client