Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/xifpiMVeVswS-0TbD0LYetczknQ.roa
File: xifpiMVeVswS-0TbD0LYetczknQ.roa (raw, json)
Hash identifier: posUaov+E5vhh6sFkRD7J/hxmMF+66BUj3D8p+ruhvU=
Subject key identifier: C6:27:E9:88:C5:5E:56:CC:12:FB:44:DB:0F:42:D8:7A:D7:33:92:74
Certificate issuer: /CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Certificate serial: 0186C06F3C39CF2F94D6E03A682875162C35
Authority key identifier: 63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/xifpiMVeVswS-0TbD0LYetczknQ.roa
Signing time: Wed 08 Mar 2023 08:56:00 +0000
ROA not before: Wed 08 Mar 2023 08:56:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29405
IP address blocks: 185.176.72.0/22 maxlen: 22
46.229.230.0/24 maxlen: 24
81.89.48.0/20 maxlen: 24
86.110.224.0/19 maxlen: 24
176.109.56.0/21 maxlen: 24
86.110.229.0/24 maxlen: 24
92.240.230.0/24 maxlen: 24
92.240.229.0/24 maxlen: 24
92.240.228.0/24 maxlen: 24
92.240.231.0/24 maxlen: 24
92.240.234.0/24 maxlen: 24
92.240.237.0/24 maxlen: 24
92.240.236.0/24 maxlen: 24
92.240.235.0/24 maxlen: 24
92.240.241.0/24 maxlen: 24
92.240.244.0/24 maxlen: 24
92.240.242.0/24 maxlen: 24
92.240.245.0/24 maxlen: 24
92.240.253.0/24 maxlen: 24
92.240.249.0/24 maxlen: 24
92.240.254.0/24 maxlen: 24
217.73.16.0/24 maxlen: 24
217.73.16.0/20 maxlen: 24
217.73.17.0/24 maxlen: 24
93.184.64.0/20 maxlen: 24
46.229.224.0/20 maxlen: 24
109.74.144.0/20 maxlen: 24
2a01:390::/32 maxlen: 64
2a00:10d8::/32 maxlen: 64
2a00:10d8:10::/48 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:c0:6f:3c:39:cf:2f:94:d6:e0:3a:68:28:75:16:2c:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63d9d1d95c1eb716ee8195045a77cba2181d79ec
Validity
Not Before: Mar 8 08:56:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c627e988c55e56cc12fb44db0f42d87ad7339274
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4c:af:4f:c9:4e:5b:b1:12:84:80:80:18:9b:
63:73:e3:09:c7:56:2c:c7:37:16:eb:b0:82:f3:6e:
67:29:40:9f:03:d1:1b:b7:6d:d5:b9:6e:71:72:33:
c6:20:de:21:d3:49:aa:4f:2c:7f:9d:1b:69:81:05:
e2:5b:e7:18:5b:59:1a:80:67:19:35:e6:d9:a3:1b:
a9:28:b0:bf:00:fd:53:7b:23:f6:97:9c:bf:34:fa:
34:1e:57:79:13:04:a6:24:ae:78:47:7b:5c:69:02:
d1:42:87:4e:fd:2c:bf:ed:82:87:fc:5c:b1:34:26:
74:e0:bb:e7:ec:28:52:c8:fd:d8:f3:97:fe:c7:9f:
3f:9a:17:78:0f:8c:64:72:a0:87:47:01:3f:52:6d:
1c:ca:da:b1:4b:ac:43:77:06:f0:8e:51:41:66:5f:
51:ac:73:1b:ba:4e:0f:b9:32:1e:47:02:84:8e:dc:
5c:76:1a:a8:4d:6f:63:a4:f8:d7:4e:41:be:39:22:
5d:29:90:0d:e5:17:22:a2:cc:ff:84:e2:fd:c1:ab:
9a:bd:06:b8:d9:5f:a3:80:51:1e:eb:6a:27:19:cf:
b9:a7:ea:e1:6b:28:d5:77:f9:19:fd:4d:0c:6c:73:
d0:ac:a3:ab:43:d3:a6:51:c3:e3:85:c1:da:c8:a2:
1d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:27:E9:88:C5:5E:56:CC:12:FB:44:DB:0F:42:D8:7A:D7:33:92:74
X509v3 Authority Key Identifier:
keyid:63:D9:D1:D9:5C:1E:B7:16:EE:81:95:04:5A:77:CB:A2:18:1D:79:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y9nR2VwetxbugZUEWnfLohgdeew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/xifpiMVeVswS-0TbD0LYetczknQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3ed8dd-d36e-440c-8142-d80c6b85cda4/1/Y9nR2VwetxbugZUEWnfLohgdeew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.229.224.0/20
81.89.48.0/20
86.110.224.0/19
92.240.228.0/22
92.240.234.0-92.240.237.255
92.240.241.0-92.240.242.255
92.240.244.0/23
92.240.249.0/24
92.240.253.0-92.240.254.255
93.184.64.0/20
109.74.144.0/20
176.109.56.0/21
185.176.72.0/22
217.73.16.0/20
IPv6:
2a00:10d8::/32
2a01:390::/32
Signature Algorithm: sha256WithRSAEncryption
59:fd:a5:b3:0a:69:11:96:43:13:3c:fd:4f:5e:8a:f1:e8:a8:
d8:ce:92:59:44:71:e3:86:14:4f:db:89:1f:4a:39:e6:cc:28:
95:38:a0:50:a0:ed:29:d8:89:43:5e:00:3d:79:bc:f4:e3:d2:
70:4c:cf:a7:a4:0a:be:46:03:28:0b:45:8b:e9:e9:b2:02:51:
a3:31:cf:ae:e0:97:3d:6a:7e:f0:5e:94:90:0c:c3:fb:6c:a4:
ec:80:2d:f4:e4:ca:51:17:97:cd:a3:ce:da:d4:d9:02:ed:0c:
d2:45:25:e4:98:2c:ab:a9:bb:1c:6f:5d:20:34:51:95:97:a0:
74:ab:8d:35:d2:2d:57:91:af:24:f6:77:f5:84:14:4d:11:0f:
ac:14:fb:d0:76:a6:9b:28:4f:c7:2a:56:f4:22:50:00:16:63:
8a:c5:14:54:b6:72:51:12:d8:0a:13:90:93:c0:dc:3d:26:f8:
b8:b5:1b:25:e5:61:45:ce:0c:9c:1c:d0:dd:96:db:81:3c:60:
3a:20:46:d4:71:44:ff:98:6e:bb:2e:79:77:be:bc:11:33:c3:
38:9a:45:54:86:29:38:7c:71:42:b3:f8:28:11:0b:7e:03:c5:
95:3e:8e:fa:59:cd:72:dd:60:42:04:8c:33:59:fc:4c:a2:b6:
d2:2f:bc:b5
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAYbAbzw5zy+U1uA6aCh1Fiw1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZDlkMWQ5NWMxZWI3MTZlZTgxOTUwNDVhNzdjYmEyMTgx
ZDc5ZWMwHhcNMjMwMzA4MDg1NjAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjI3ZTk4OGM1NWU1NmNjMTJmYjQ0ZGIwZjQyZDg3YWQ3MzM5Mjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukyvT8lOW7EShICAGJtjc+MJx1Ys
xzcW67CC825nKUCfA9Ebt23VuW5xcjPGIN4h00mqTyx/nRtpgQXiW+cYW1kagGcZ
NebZoxupKLC/AP1TeyP2l5y/NPo0Hld5EwSmJK54R3tcaQLRQodO/Sy/7YKH/Fyx
NCZ04Lvn7ChSyP3Y85f+x58/mhd4D4xkcqCHRwE/Um0cytqxS6xDdwbwjlFBZl9R
rHMbuk4PuTIeRwKEjtxcdhqoTW9jpPjXTkG+OSJdKZAN5Rciosz/hOL9wauavQa4
2V+jgFEe62onGc+5p+rhayjVd/kZ/U0MbHPQrKOrQ9OmUcPjhcHayKIdrQIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFMYn6YjFXlbMEvtE2w9C2HrXM5J0MB8GA1UdIwQY
MBaAFGPZ0dlcHrcW7oGVBFp3y6IYHXnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDIt
ZDgwYzZiODVjZGE0LzEveGlmcGlNVmVWc3dTLTBUYkQwTFlldGN6a25RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZWQ4ZGQtZDM2ZS00NDBjLTgxNDItZDgwYzZiODVjZGE0
LzEvWTluUjJWd2V0eGJ1Z1pVRVduZkxvaGdkZWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijByBAIAATBsAwQELuXg
AwQEUVkwAwQFVm7gAwQCXPDkMAwDBAFc8OoDBAFc8OwwDAMEAFzw8QMEAFzw8gME
AVzw9AMEAFzw+TAMAwQAXPD9AwQAXPD+AwQEXbhAAwQEbUqQAwQDsG04AwQCubBI
AwQE2UkQMBQEAgACMA4DBQAqABDYAwUAKgEDkDANBgkqhkiG9w0BAQsFAAOCAQEA
Wf2lswppEZZDEzz9T16K8eio2M6SWURx44YUT9uJH0o55swolTigUKDtKdiJQ14A
PXm89OPScEzPp6QKvkYDKAtFi+npsgJRozHPruCXPWp+8F6UkAzD+2yk7IAt9OTK
UReXzaPO2tTZAu0M0kUl5Jgsq6m7HG9dIDRRlZegdKuNNdItV5GvJPZ39YQUTREP
rBT70HammyhPxypW9CJQABZjisUUVLZyURLYChOQk8DcPSb4uLUbJeVhRc4MnBzQ
3ZbbgTxgOiBG1HFE/5huuy55d768ETPDOJpFVIYpOHxxQrP4KBELfgPFlT6O+lnN
ct1gQgSMM1n8TKK20i+8tQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:37 2025 by rpki-client