Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/738188-73ae-4918-bfd7-7788aee1215f/1/XSWaX0-CFUagkiccd0IBHMD6gSc.roa
File: XSWaX0-CFUagkiccd0IBHMD6gSc.roa (raw, json)
Hash identifier: vEsE4pBpQdf8rUpPHoraMBh+qah+1+q4vBkoc92fKY4=
Subject key identifier: 5D:25:9A:5F:4F:82:15:46:A0:92:27:1C:77:42:01:1C:C0:FA:81:27
Certificate issuer: /CN=2cd1ff49725f6331e63b8ed76448d725dd7a84de
Certificate serial: 1240709B
Authority key identifier: 2C:D1:FF:49:72:5F:63:31:E6:3B:8E:D7:64:48:D7:25:DD:7A:84:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LNH_SXJfYzHmO47XZEjXJd16hN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/738188-73ae-4918-bfd7-7788aee1215f/1/XSWaX0-CFUagkiccd0IBHMD6gSc.roa
Signing time: Sat 01 Jan 2022 10:55:53 +0000
ROA not before: Sat 01 Jan 2022 10:55:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57070
IP address blocks: 146.0.16.0/21 maxlen: 24
185.200.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 306213019 (0x1240709b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2cd1ff49725f6331e63b8ed76448d725dd7a84de
Validity
Not Before: Jan 1 10:55:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d259a5f4f821546a092271c7742011cc0fa8127
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:f5:7f:b8:32:df:22:78:1c:2a:13:b2:f0:63:
05:ae:c1:b6:45:29:61:4c:5a:fd:0d:85:e9:9b:16:
a0:a9:30:ae:7b:cd:35:da:60:d9:d2:3b:f1:3e:cc:
99:60:84:2b:73:5f:ab:e4:b7:83:4d:13:9b:8d:87:
d9:4e:33:dd:17:1d:d9:59:66:82:64:5b:5b:fe:c9:
c3:e9:b8:27:d1:aa:f0:d3:fa:ca:f5:b4:00:37:d7:
a2:d5:00:06:db:6c:4a:01:bf:40:e6:e4:af:99:51:
4e:ca:9b:78:47:9b:09:cf:ad:47:92:61:7f:34:31:
85:0c:34:aa:fc:27:6b:b3:81:c0:7b:a4:1e:8f:35:
0f:f4:dc:39:bd:0c:f3:76:9a:18:3f:1a:c9:c6:b0:
5d:23:48:87:f4:fb:37:b9:61:de:5d:35:75:96:f1:
de:90:87:ee:22:cc:f5:64:48:01:7c:f8:73:a9:44:
c5:90:2b:cb:6b:b5:93:6b:69:f7:99:f5:6c:89:02:
2f:12:5d:69:18:db:9e:27:63:77:08:0c:32:72:d7:
9e:4c:36:71:a0:e9:d0:45:51:7d:83:b1:e6:26:2f:
65:75:2e:3b:f1:2c:9c:5b:63:4b:5e:f0:ac:22:75:
53:00:a6:ec:64:9d:bf:08:55:f1:43:8f:4d:92:e1:
2b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:25:9A:5F:4F:82:15:46:A0:92:27:1C:77:42:01:1C:C0:FA:81:27
X509v3 Authority Key Identifier:
keyid:2C:D1:FF:49:72:5F:63:31:E6:3B:8E:D7:64:48:D7:25:DD:7A:84:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LNH_SXJfYzHmO47XZEjXJd16hN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/738188-73ae-4918-bfd7-7788aee1215f/1/XSWaX0-CFUagkiccd0IBHMD6gSc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/738188-73ae-4918-bfd7-7788aee1215f/1/LNH_SXJfYzHmO47XZEjXJd16hN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.16.0/21
185.200.248.0/22
Signature Algorithm: sha256WithRSAEncryption
de:f2:ac:04:f8:f3:17:e2:1b:62:6c:7b:a2:d5:31:df:7c:a3:
20:93:69:40:4a:8b:bd:8e:4d:bb:92:29:df:b8:c7:d2:0c:b0:
40:6f:9d:6b:74:e3:82:ee:c7:c1:36:4d:6d:df:b2:e2:bf:41:
d9:e3:46:8f:d8:d7:25:ec:a6:b4:a6:12:94:01:79:a0:a3:00:
42:e2:30:9b:8e:81:94:26:b8:ce:b8:46:5a:40:5d:2c:c2:5f:
5e:b4:33:a8:a9:4b:64:c9:27:53:96:7d:ab:8a:eb:4a:2d:24:
c7:56:83:6c:de:fe:4b:2d:64:c8:87:7d:6d:7b:31:0b:96:18:
bd:64:46:3f:03:5b:71:a5:3a:1e:09:7c:b6:07:da:fe:2a:dc:
5d:67:ff:45:17:c1:03:46:21:73:62:66:52:3f:31:8f:16:5c:
24:65:d7:8a:2b:6a:19:37:be:1b:02:ff:2e:09:05:5b:69:4d:
39:3f:51:b2:3d:76:75:df:69:9f:87:d7:c0:f4:f1:4d:33:a4:
e6:17:7d:df:99:b6:f5:99:0d:e7:67:31:d4:4a:6c:4a:dc:17:
86:a6:f8:22:4c:71:27:ee:80:3c:7c:55:ac:d5:7a:f1:ba:69:
36:1f:26:3b:68:71:af:e5:fc:ba:51:4d:18:61:f1:4e:87:ce:
31:c3:88:f8
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEEkBwmzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
Y2QxZmY0OTcyNWY2MzMxZTYzYjhlZDc2NDQ4ZDcyNWRkN2E4NGRlMB4XDTIyMDEw
MTEwNTU1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQyNTlhNWY0Zjgy
MTU0NmEwOTIyNzFjNzc0MjAxMWNjMGZhODEyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAPf1f7gy3yJ4HCoTsvBjBa7BtkUpYUxa/Q2F6ZsWoKkwrnvN
Ndpg2dI78T7MmWCEK3Nfq+S3g00Tm42H2U4z3Rcd2VlmgmRbW/7Jw+m4J9Gq8NP6
yvW0ADfXotUABttsSgG/QObkr5lRTsqbeEebCc+tR5JhfzQxhQw0qvwna7OBwHuk
Ho81D/TcOb0M83aaGD8aycawXSNIh/T7N7lh3l01dZbx3pCH7iLM9WRIAXz4c6lE
xZAry2u1k2tp95n1bIkCLxJdaRjbnidjdwgMMnLXnkw2caDp0EVRfYOx5iYvZXUu
O/EsnFtjS17wrCJ1UwCm7GSdvwhV8UOPTZLhK5MCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRdJZpfT4IVRqCSJxx3QgEcwPqBJzAfBgNVHSMEGDAWgBQs0f9Jcl9jMeY7
jtdkSNcl3XqE3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0xOSF9TWEpmWXpIbU80N1haRWpYSmQxNmhONC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzIvNzM4MTg4LTczYWUtNDkxOC1iZmQ3LTc3ODhhZWUxMjE1Zi8x
L1hTV2FYMC1DRlVhZ2tpY2NkMElCSE1ENmdTYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzIv
NzM4MTg4LTczYWUtNDkxOC1iZmQ3LTc3ODhhZWUxMjE1Zi8xL0xOSF9TWEpmWXpI
bU80N1haRWpYSmQxNmhONC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEA5IAEAMEArnI+DANBgkqhkiG9w0B
AQsFAAOCAQEA3vKsBPjzF+IbYmx7otUx33yjIJNpQEqLvY5Nu5Ip37jH0gywQG+d
a3Tjgu7HwTZNbd+y4r9B2eNGj9jXJeymtKYSlAF5oKMAQuIwm46BlCa4zrhGWkBd
LMJfXrQzqKlLZMknU5Z9q4rrSi0kx1aDbN7+Sy1kyId9bXsxC5YYvWRGPwNbcaU6
Hgl8tgfa/ircXWf/RRfBA0Yhc2JmUj8xjxZcJGXXiitqGTe+GwL/LgkFW2lNOT9R
sj12dd9pn4fXwPTxTTOk5hd935m29ZkN52cx1EpsStwXhqb4IkxxJ+6APHxVrNV6
8bppNh8mO2hxr+X8ulFNGGHxTofOMcOI+A==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:01:56 2024 by rpki-client on console-ams.rpki-client.org