Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/XExqtuCiPNmw8StZoaPIsC3O_6Q.roa
File: XExqtuCiPNmw8StZoaPIsC3O_6Q.roa (raw, json)
Hash identifier: /C4VqvMwkCOZMun1K29EsnVdKUj7O4osp5ZHVd7ab5I=
Subject key identifier: 5C:4C:6A:B6:E0:A2:3C:D9:B0:F1:2B:59:A1:A3:C8:B0:2D:CE:FF:A4
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 0B7EC338
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/XExqtuCiPNmw8StZoaPIsC3O_6Q.roa
Signing time: Sat 01 Jan 2022 10:53:36 +0000
ROA not before: Sat 01 Jan 2022 10:53:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39378
IP address blocks: 194.76.226.0/24 maxlen: 24
185.158.251.0/24 maxlen: 24
185.212.44.0/24 maxlen: 24
185.212.45.0/24 maxlen: 24
185.212.46.0/24 maxlen: 24
185.212.47.0/24 maxlen: 24
185.219.220.0/23 maxlen: 23
185.219.222.0/24 maxlen: 24
185.219.223.0/24 maxlen: 24
91.241.93.0/24 maxlen: 24
2a07:fc00::/48 maxlen: 48
2a0b:7140::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192856888 (0xb7ec338)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 1 10:53:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c4c6ab6e0a23cd9b0f12b59a1a3c8b02dceffa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4a:f5:ea:23:fe:19:92:25:91:00:59:fa:c4:
2e:ef:86:d4:49:50:7c:49:d2:a6:89:94:92:7e:16:
4c:2a:e0:dc:4a:3d:b5:7f:df:03:1d:30:14:ed:95:
d2:b9:89:63:fc:8d:02:6c:05:05:77:1a:44:d5:79:
68:cf:6b:cd:e5:59:04:2d:bb:20:73:58:21:6b:a6:
f6:f0:14:b6:ad:1c:94:d6:11:9a:ce:9f:1b:81:9f:
2a:21:c2:ff:d5:9b:58:9b:b2:f5:c5:bf:c4:e6:dd:
e4:3a:cf:a9:d9:36:e3:87:da:d6:e1:4c:98:8d:f7:
df:c9:2d:72:a5:d3:94:db:a9:0b:c9:09:8d:d6:2f:
b5:c3:0e:84:50:cf:87:be:57:f5:f6:60:4d:da:2a:
3d:81:f8:e3:35:3b:7a:5a:4a:6d:d0:76:5a:74:34:
b0:f2:b7:f4:00:7c:d1:5f:ce:ea:cc:97:40:95:18:
b2:c6:e1:60:52:13:c4:93:25:eb:91:51:29:b0:60:
48:8c:97:c2:1f:1a:a3:5b:b8:98:35:04:e6:6d:a3:
59:8e:e1:53:b8:02:dc:87:d0:46:e1:34:3f:3e:92:
94:c1:ce:a6:3e:c0:9d:0f:80:a2:1e:c2:ec:39:bc:
05:d7:d3:c4:41:4f:26:6a:26:7d:e6:d9:dc:d8:98:
85:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:4C:6A:B6:E0:A2:3C:D9:B0:F1:2B:59:A1:A3:C8:B0:2D:CE:FF:A4
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/XExqtuCiPNmw8StZoaPIsC3O_6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.241.93.0/24
185.158.251.0/24
185.212.44.0/22
185.219.220.0/22
194.76.226.0/24
IPv6:
2a07:fc00::/48
2a0b:7140::/48
Signature Algorithm: sha256WithRSAEncryption
56:83:65:ee:3c:63:e8:f1:17:07:5b:27:89:df:9c:bd:bc:f7:
7a:1c:63:04:f5:5d:3a:26:df:80:7c:4d:e8:05:11:5e:d1:12:
6a:e8:96:83:90:e5:f7:ad:98:2b:10:e5:78:e2:c0:93:51:e8:
5c:7e:7e:a8:53:ec:05:26:1b:03:e6:9f:99:7c:b4:f8:cc:84:
95:a5:8f:9c:85:33:31:d9:3b:8b:67:1c:82:32:7e:a2:1f:1b:
b7:68:8f:82:4d:3e:44:d1:5b:75:c0:c6:04:dd:e9:8b:c4:2e:
a7:8d:4e:8c:ab:1f:16:3a:46:aa:25:0e:ae:56:9d:17:92:0c:
d0:9c:15:eb:ac:08:c3:54:73:9c:9b:5e:bd:c3:50:d1:13:dc:
87:5b:39:a0:29:bd:1c:4c:69:6d:ed:7d:72:28:2a:67:b9:7b:
bc:a5:21:93:e9:48:6f:23:45:f3:3f:33:71:ca:11:b7:cc:09:
bc:1b:41:2b:12:a4:53:fa:09:ce:74:cf:75:eb:4f:f1:77:7d:
4d:d5:37:db:bc:db:75:8e:b8:36:52:a7:84:d4:3e:e9:e5:1c:
04:4a:96:9a:20:93:bc:b0:99:2c:ad:e8:43:ff:60:19:81:72:
94:fa:6a:71:6f:ae:74:c0:3d:de:dd:1c:f6:d7:0e:75:29:d5:
67:6b:22:ad
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgIEC37DODANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NThkMTJmMDk1MDUzYzM1ODc2Yjg4YjQ3Njg1ZDY0MzU0MjFmY2YyMB4XDTIyMDEw
MTEwNTMzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM0YzZhYjZlMGEy
M2NkOWIwZjEyYjU5YTFhM2M4YjAyZGNlZmZhNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5K9eoj/hmSJZEAWfrELu+G1ElQfEnSpomUkn4WTCrg3Eo9
tX/fAx0wFO2V0rmJY/yNAmwFBXcaRNV5aM9rzeVZBC27IHNYIWum9vAUtq0clNYR
ms6fG4GfKiHC/9WbWJuy9cW/xObd5DrPqdk244fa1uFMmI3338ktcqXTlNupC8kJ
jdYvtcMOhFDPh75X9fZgTdoqPYH44zU7elpKbdB2WnQ0sPK39AB80V/O6syXQJUY
ssbhYFITxJMl65FRKbBgSIyXwh8ao1u4mDUE5m2jWY7hU7gC3IfQRuE0Pz6SlMHO
pj7AnQ+Aoh7C7Dm8BdfTxEFPJmomfebZ3NiYhYECAwEAAaOCAjswggI3MB0GA1Ud
DgQWBBRcTGq24KI82bDxK1mho8iwLc7/pDAfBgNVHSMEGDAWgBRFjRLwlQU8NYdr
iLR2hdZDVCH88jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JZMFM4SlVGUERXSGE0aTBkb1hXUTFRaF9QSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2EvN2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8x
L1hFeHF0dUNpUE5tdzhTdFpvYVBJc0MzT182US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Ev
N2NlY2M3LWY2M2QtNDNmYy1iMjE5LTM5NTU5NTllYWY4MS8xL1JZMFM4SlVGUERX
SGE0aTBkb1hXUTFRaF9QSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBR
BggrBgEFBQcBBwEB/wRCMEAwJAQCAAEwHgMEAFvxXQMEALme+wMEArnULAMEArnb
3AMEAMJM4jAYBAIAAjASAwcAKgf8AAAAAwcAKgtxQAAAMA0GCSqGSIb3DQEBCwUA
A4IBAQBWg2XuPGPo8RcHWyeJ35y9vPd6HGME9V06Jt+AfE3oBRFe0RJq6JaDkOX3
rZgrEOV44sCTUehcfn6oU+wFJhsD5p+ZfLT4zISVpY+chTMx2TuLZxyCMn6iHxu3
aI+CTT5E0Vt1wMYE3emLxC6njU6Mqx8WOkaqJQ6uVp0XkgzQnBXrrAjDVHOcm169
w1DRE9yHWzmgKb0cTGlt7X1yKCpnuXu8pSGT6UhvI0XzPzNxyhG3zAm8G0ErEqRT
+gnOdM9160/xd31N1TfbvNt1jrg2UqeE1D7p5RwESpaaIJO8sJksrehD/2AZgXKU
+mpxb650wD3e3Rz21w51KdVnayKt
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:03:55 2024 by rpki-client on console-ams.rpki-client.org