Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/DXL5nZ1evojt_rys6zNzkbnn-6o.roa
File: DXL5nZ1evojt_rys6zNzkbnn-6o.roa (raw, json)
Hash identifier: Of1DjWSL2ZOIHheI2/L6QZrH/m9scy6+ehHGYW9+HWI=
Subject key identifier: 0D:72:F9:9D:9D:5E:BE:88:ED:FE:BC:AC:EB:33:73:91:B9:E7:FB:AA
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0185226927E17AF430052D91943D2F18D567
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/DXL5nZ1evojt_rys6zNzkbnn-6o.roa
Signing time: Sat 17 Dec 2022 23:26:34 +0000
ROA not before: Sat 17 Dec 2022 23:26:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39378
IP address blocks: 194.76.226.0/24 maxlen: 24
79.132.130.0/24 maxlen: 24
185.219.220.0/23 maxlen: 23
185.219.222.0/24 maxlen: 24
185.219.223.0/24 maxlen: 24
185.158.251.0/24 maxlen: 24
185.212.44.0/24 maxlen: 24
185.212.45.0/24 maxlen: 24
185.212.46.0/24 maxlen: 24
185.212.47.0/24 maxlen: 24
91.241.93.0/24 maxlen: 24
2a0b:7140::/48 maxlen: 48
2a07:fc00::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:22:69:27:e1:7a:f4:30:05:2d:91:94:3d:2f:18:d5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Dec 17 23:26:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d72f99d9d5ebe88edfebcaceb337391b9e7fbaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:cd:93:2a:8e:07:21:7e:80:71:6e:6b:2f:94:
34:b6:92:93:55:14:e2:36:11:f1:10:5c:13:f9:93:
89:67:66:1d:24:89:17:4f:01:c2:59:d2:65:33:c8:
49:63:d1:35:a5:aa:87:0c:13:92:37:45:a1:a6:29:
41:eb:9e:32:c5:3c:f2:66:8e:d1:35:29:bb:53:d0:
5d:e1:37:3c:d8:b9:0e:84:38:b6:61:20:47:0f:5e:
fb:6b:27:d6:86:6d:31:8c:35:c0:f4:d1:39:07:c2:
2b:e7:8c:b2:89:12:4a:59:ef:16:b0:22:2a:07:53:
f3:d6:17:6c:b1:20:93:df:61:d9:ee:40:e8:6a:d5:
6c:d0:c0:8a:51:fa:cd:fb:05:fb:91:8e:99:fd:b5:
42:9b:a6:03:5b:3e:8c:6a:00:36:b1:9d:ad:0c:61:
51:7e:8b:0d:98:be:06:46:29:58:9e:9d:33:06:99:
20:9e:ca:fe:ab:22:6e:ee:af:42:cb:82:f8:5b:c6:
b9:70:a7:41:71:6a:71:47:a7:54:d4:ac:82:74:d9:
b9:6a:5d:43:72:a5:57:36:98:af:14:11:bb:2f:13:
ba:25:c9:17:49:f1:83:9b:b2:3d:29:04:4a:e5:0d:
62:16:8e:1c:c9:4d:a6:5e:46:aa:88:f9:21:03:6c:
42:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:72:F9:9D:9D:5E:BE:88:ED:FE:BC:AC:EB:33:73:91:B9:E7:FB:AA
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/DXL5nZ1evojt_rys6zNzkbnn-6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.130.0/24
91.241.93.0/24
185.158.251.0/24
185.212.44.0/22
185.219.220.0/22
194.76.226.0/24
IPv6:
2a07:fc00::/48
2a0b:7140::/48
Signature Algorithm: sha256WithRSAEncryption
1a:b8:c8:ed:46:c5:b3:27:f1:53:26:c1:66:ec:07:ad:5b:6e:
d4:83:f3:53:36:45:6a:5e:57:c7:ce:54:24:40:d2:92:45:78:
b3:b9:ee:ff:db:fb:5f:81:a7:1a:b0:71:99:7b:70:00:0e:c6:
30:03:2a:68:b3:ef:42:b6:bf:50:bb:6b:94:7f:ca:c2:e5:a7:
0a:8d:f4:aa:6e:8f:ff:86:58:c4:3f:8a:f6:db:62:8d:20:a9:
b3:a3:86:03:d3:90:3e:1e:dd:e6:6a:df:6a:54:e6:2c:3c:19:
46:3d:65:c5:91:8a:23:24:91:7c:29:75:2f:5e:39:76:61:a7:
57:e4:b6:ad:01:62:62:e6:13:d4:12:21:c9:5e:a8:bb:b2:32:
9b:5e:43:dd:33:2f:10:a6:4a:69:0a:0f:a8:f8:13:58:d5:e5:
ff:53:de:57:46:6f:0a:71:d9:26:e9:7c:f0:96:1a:b0:f5:84:
c0:97:03:97:11:96:af:76:48:4f:fc:cb:45:cb:1e:a1:d6:64:
ba:0f:22:c9:17:95:57:7d:86:02:75:b7:41:37:40:52:c3:83:
f3:50:6a:f0:95:e6:61:35:b7:18:f1:b9:8d:ea:6e:b1:05:f6:
3d:b5:21:ea:72:2a:23:69:0c:55:bc:f5:9d:87:b1:5a:cd:21:
49:a5:9e:e0
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYUiaSfhevQwBS2RlD0vGNVnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjIxMjE3MjMyNjM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDcyZjk5ZDlkNWViZTg4ZWRmZWJjYWNlYjMzNzM5MWI5ZTdmYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4s2TKo4HIX6AcW5rL5Q0tpKTVRTi
NhHxEFwT+ZOJZ2YdJIkXTwHCWdJlM8hJY9E1paqHDBOSN0WhpilB654yxTzyZo7R
NSm7U9Bd4Tc82LkOhDi2YSBHD177ayfWhm0xjDXA9NE5B8Ir54yyiRJKWe8WsCIq
B1Pz1hdssSCT32HZ7kDoatVs0MCKUfrN+wX7kY6Z/bVCm6YDWz6MagA2sZ2tDGFR
fosNmL4GRilYnp0zBpkgnsr+qyJu7q9Cy4L4W8a5cKdBcWpxR6dU1KyCdNm5al1D
cqVXNpivFBG7LxO6JckXSfGDm7I9KQRK5Q1iFo4cyU2mXkaqiPkhA2xC2wIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFA1y+Z2dXr6I7f68rOszc5G55/uqMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvRFhMNW5aMWV2b2p0X3J5czZ6TnprYm5uLTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQAT4SCAwQA
W/FdAwQAuZ77AwQCudQsAwQCudvcAwQAwkziMBgEAgACMBIDBwAqB/wAAAADBwAq
C3FAAAAwDQYJKoZIhvcNAQELBQADggEBABq4yO1GxbMn8VMmwWbsB61bbtSD81M2
RWpeV8fOVCRA0pJFeLO57v/b+1+BpxqwcZl7cAAOxjADKmiz70K2v1C7a5R/ysLl
pwqN9Kpuj/+GWMQ/ivbbYo0gqbOjhgPTkD4e3eZq32pU5iw8GUY9ZcWRiiMkkXwp
dS9eOXZhp1fktq0BYmLmE9QSIcleqLuyMpteQ90zLxCmSmkKD6j4E1jV5f9T3ldG
bwpx2SbpfPCWGrD1hMCXA5cRlq92SE/8y0XLHqHWZLoPIskXlVd9hgJ1t0E3QFLD
g/NQavCV5mE1txjxuY3qbrEF9j21IepyKiNpDFW89Z2HsVrNIUmlnuA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:02 2024 by rpki-client on console-fra.rpki-client.org