Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/X4MCw-vTOHDkHHn3j2kqW-j3YNY.roa
File: X4MCw-vTOHDkHHn3j2kqW-j3YNY.roa (raw, json)
Hash identifier: N6v9GgKJGu4x3iHUKJKlhy2xmP2W7MoeOfBBK+swaM8=
Subject key identifier: 5F:83:02:C3:EB:D3:38:70:E4:1C:79:F7:8F:69:2A:5B:E8:F7:60:D6
Certificate issuer: /CN=a823fe6dad8ad4fdaee6dd6983c1e55cde8482a2
Certificate serial: 03E960F8
Authority key identifier: A8:23:FE:6D:AD:8A:D4:FD:AE:E6:DD:69:83:C1:E5:5C:DE:84:82:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qCP-ba2K1P2u5t1pg8HlXN6EgqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/X4MCw-vTOHDkHHn3j2kqW-j3YNY.roa
Signing time: Sat 01 Jan 2022 14:00:51 +0000
ROA not before: Sat 01 Jan 2022 14:00:51 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209620
IP address blocks: 193.58.91.0/24 maxlen: 24
194.55.240.0/22 maxlen: 24
2a0c:cbc0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 65626360 (0x3e960f8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a823fe6dad8ad4fdaee6dd6983c1e55cde8482a2
Validity
Not Before: Jan 1 14:00:51 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f8302c3ebd33870e41c79f78f692a5be8f760d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5a:27:01:49:74:b0:7f:5e:9b:a2:8c:ba:5c:
57:8f:73:d4:46:26:cd:18:05:07:e7:76:aa:42:88:
d9:af:52:8a:2d:bf:64:96:7d:cc:09:6b:ae:0a:b8:
fc:c4:4e:14:d5:bd:6f:56:62:24:0a:f7:b9:cf:86:
03:c6:33:c1:50:4d:7e:21:17:af:a6:8f:e1:40:aa:
87:3c:c4:71:7a:b2:0a:45:3f:64:c0:fd:eb:47:91:
37:01:0f:4a:56:1c:16:55:8d:41:e8:89:70:76:80:
d3:50:23:1e:37:47:06:b1:80:d4:92:a9:84:5c:ab:
f8:45:36:3f:79:a5:86:61:89:d2:a0:d4:33:d2:12:
42:9f:b4:7d:74:03:3a:72:31:36:b9:12:8b:2d:14:
92:d4:4d:8c:11:f9:4d:c2:0a:15:b7:b3:a8:06:4e:
59:ac:b0:a0:ff:37:e4:cf:76:37:e0:9a:5c:f2:d8:
7b:f1:c4:b5:5b:77:8d:58:58:f1:e4:70:09:46:ef:
49:c3:d3:f5:86:2a:5d:b3:81:22:e2:02:76:40:84:
bc:e2:3b:a8:13:e8:a3:39:66:5e:1a:df:24:35:b9:
88:f4:a8:97:04:c7:42:99:86:3e:c6:84:50:3e:b2:
64:f2:e1:f8:01:ca:a8:28:64:f5:04:d1:cc:e7:b9:
d1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:83:02:C3:EB:D3:38:70:E4:1C:79:F7:8F:69:2A:5B:E8:F7:60:D6
X509v3 Authority Key Identifier:
keyid:A8:23:FE:6D:AD:8A:D4:FD:AE:E6:DD:69:83:C1:E5:5C:DE:84:82:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qCP-ba2K1P2u5t1pg8HlXN6EgqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/X4MCw-vTOHDkHHn3j2kqW-j3YNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/038560-26d6-455d-a8f4-9bfdf2251267/1/qCP-ba2K1P2u5t1pg8HlXN6EgqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.91.0/24
194.55.240.0/22
IPv6:
2a0c:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
40:f3:6d:0f:1e:c2:d1:5c:7e:5d:0e:7b:46:ee:2f:7d:fb:cd:
7d:1a:38:c2:79:6c:b5:25:b6:23:6a:43:5f:ed:24:e1:6a:5c:
87:d4:8d:c8:ac:8e:71:6f:0c:64:2c:98:20:3e:ff:53:ac:a3:
c5:0c:68:4d:64:ab:59:4f:1e:3d:8b:01:c7:4c:9b:ed:45:ba:
7e:51:54:dc:d8:3a:71:9b:6a:d5:be:84:52:51:80:73:61:5d:
45:8c:0e:bd:a7:74:7f:5c:14:32:f4:a5:1c:f3:d2:0b:99:e7:
f5:35:80:ac:7d:10:29:fa:3d:62:4b:70:d7:2e:d1:e1:b5:a6:
1a:49:4d:98:4d:e3:db:78:58:a6:11:61:e2:4d:32:38:0b:82:
f4:60:cf:de:8b:8f:24:db:e7:e7:29:98:41:86:ca:b3:0d:c7:
0e:34:36:48:a9:f6:1f:83:ee:af:39:cd:24:e5:12:09:0f:79:
d5:31:8e:95:7a:81:92:89:21:de:6c:9e:23:0e:03:38:e7:a4:
0e:ab:e9:46:7c:9f:93:8a:f0:b9:92:1e:34:76:f9:ed:f9:67:
55:e2:98:4d:2b:1d:e3:36:72:9b:2b:40:96:8c:b0:c8:85:3f:
ec:b3:2e:38:ab:5f:cc:7b:32:2d:64:be:9a:cd:d5:97:1a:d2:
a9:e1:75:8c
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEA+lg+DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
ODIzZmU2ZGFkOGFkNGZkYWVlNmRkNjk4M2MxZTU1Y2RlODQ4MmEyMB4XDTIyMDEw
MTE0MDA1MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY4MzAyYzNlYmQz
Mzg3MGU0MWM3OWY3OGY2OTJhNWJlOGY3NjBkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALBaJwFJdLB/XpuijLpcV49z1EYmzRgFB+d2qkKI2a9Sii2/
ZJZ9zAlrrgq4/MROFNW9b1ZiJAr3uc+GA8YzwVBNfiEXr6aP4UCqhzzEcXqyCkU/
ZMD960eRNwEPSlYcFlWNQeiJcHaA01AjHjdHBrGA1JKphFyr+EU2P3mlhmGJ0qDU
M9ISQp+0fXQDOnIxNrkSiy0UktRNjBH5TcIKFbezqAZOWaywoP835M92N+CaXPLY
e/HEtVt3jVhY8eRwCUbvScPT9YYqXbOBIuICdkCEvOI7qBPoozlmXhrfJDW5iPSo
lwTHQpmGPsaEUD6yZPLh+AHKqChk9QTRzOe50eMCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRfgwLD69M4cOQcefePaSpb6Pdg1jAfBgNVHSMEGDAWgBSoI/5trYrU/a7m
3WmDweVc3oSCojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3FDUC1iYTJLMVAydTV0MXBnOEhsWE42RWdxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzYvMDM4NTYwLTI2ZDYtNDU1ZC1hOGY0LTliZmRmMjI1MTI2Ny8x
L1g0TUN3LXZUT0hEa0hIbjNqMmtxVy1qM1lOWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzYv
MDM4NTYwLTI2ZDYtNDU1ZC1hOGY0LTliZmRmMjI1MTI2Ny8xL3FDUC1iYTJLMVAy
dTV0MXBnOEhsWE42RWdxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEAME6WwMEAsI38DANBAIAAjAHAwUD
KgzLwDANBgkqhkiG9w0BAQsFAAOCAQEAQPNtDx7C0Vx+XQ57Ru4vffvNfRo4wnls
tSW2I2pDX+0k4Wpch9SNyKyOcW8MZCyYID7/U6yjxQxoTWSrWU8ePYsBx0yb7UW6
flFU3Ng6cZtq1b6EUlGAc2FdRYwOvad0f1wUMvSlHPPSC5nn9TWArH0QKfo9Yktw
1y7R4bWmGklNmE3j23hYphFh4k0yOAuC9GDP3ouPJNvn5ymYQYbKsw3HDjQ2SKn2
H4PurznNJOUSCQ951TGOlXqBkokh3myeIw4DOOekDqvpRnyfk4rwuZIeNHb57fln
VeKYTSsd4zZymytAloywyIU/7LMuOKtfzHsyLWS+ms3VlxrSqeF1jA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:16 2023 by rpki-client on console-ams.rpki-client.org