Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/XCCrD6QbwMZAcpiLUP-I6UOuMGE.roa
File: XCCrD6QbwMZAcpiLUP-I6UOuMGE.roa (raw, json)
Hash identifier: oGQ7/XYUXGpz4iHGgXRVAO9juf/Hrw5qwMN9b+K3HQY=
Subject key identifier: 5C:20:AB:0F:A4:1B:C0:C6:40:72:98:8B:50:FF:88:E9:43:AE:30:61
Certificate issuer: /CN=0a5f6129142bd0a9dc69dfd402489ff25f5b3ef2
Certificate serial: 355E8B48
Authority key identifier: 0A:5F:61:29:14:2B:D0:A9:DC:69:DF:D4:02:48:9F:F2:5F:5B:3E:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Cl9hKRQr0Kncad_UAkif8l9bPvI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/XCCrD6QbwMZAcpiLUP-I6UOuMGE.roa
Signing time: Sat 01 Jan 2022 06:53:30 +0000
ROA not before: Sat 01 Jan 2022 06:53:30 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43341
IP address blocks: 185.188.120.0/22 maxlen: 22
213.211.192.0/18 maxlen: 29
88.150.0.0/17 maxlen: 29
194.45.154.0/24 maxlen: 24
2a03:5080::/32 maxlen: 56
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 895388488 (0x355e8b48)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a5f6129142bd0a9dc69dfd402489ff25f5b3ef2
Validity
Not Before: Jan 1 06:53:30 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c20ab0fa41bc0c64072988b50ff88e943ae3061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:a3:58:3e:b1:ae:e3:9c:d1:76:1a:52:46:c6:
de:f5:73:92:91:8d:f5:b9:ba:e9:55:28:e1:46:d5:
aa:49:6b:33:4c:ca:14:2a:d7:b3:84:7d:c8:7a:e9:
98:0b:92:0f:9e:bd:dc:9c:69:84:ef:76:eb:9c:a8:
35:35:c8:ba:eb:cc:53:66:3c:f2:67:19:2b:05:d6:
4a:6d:4a:80:dd:5d:6a:93:2d:32:ac:08:4d:bb:e0:
df:9c:be:bb:0d:2d:9c:44:66:b3:41:a8:48:5b:9f:
7b:01:ce:7f:fa:6d:98:45:dd:3e:d6:e2:46:d0:51:
7d:9c:dd:1e:4a:14:d9:77:ce:e2:53:fe:15:41:af:
0a:1b:29:eb:ae:d5:eb:29:cf:73:fc:8d:a6:2a:5d:
e0:f2:70:37:cf:00:b8:f4:04:89:ef:5f:9f:94:23:
1d:ef:f0:c0:ff:c4:15:60:9f:2c:d9:7a:e5:d4:f3:
75:91:dc:a8:46:a7:86:17:f7:ba:03:e8:33:fd:e4:
51:47:40:c4:ac:e4:32:06:2b:0a:e5:ba:96:0b:15:
65:a6:65:fd:27:9c:e1:4b:0c:59:dc:67:ca:df:d8:
ff:ff:c5:ec:f0:77:b3:cb:c2:44:1b:37:10:c2:89:
e5:4d:99:0c:9a:f6:16:b6:c7:c9:37:22:84:91:d6:
4b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:20:AB:0F:A4:1B:C0:C6:40:72:98:8B:50:FF:88:E9:43:AE:30:61
X509v3 Authority Key Identifier:
keyid:0A:5F:61:29:14:2B:D0:A9:DC:69:DF:D4:02:48:9F:F2:5F:5B:3E:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Cl9hKRQr0Kncad_UAkif8l9bPvI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/XCCrD6QbwMZAcpiLUP-I6UOuMGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/0ad264-3a50-4563-a35a-0d2bbe58c145/1/Cl9hKRQr0Kncad_UAkif8l9bPvI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.150.0.0/17
185.188.120.0/22
194.45.154.0/24
213.211.192.0/18
IPv6:
2a03:5080::/32
Signature Algorithm: sha256WithRSAEncryption
7e:35:9e:52:15:c6:b9:55:45:29:e6:3a:97:61:48:39:b1:5a:
c3:96:1e:99:d1:8b:a5:01:33:c7:c0:c5:7c:cd:18:b6:fa:37:
5d:d1:b8:bc:b3:04:0b:c6:32:c0:16:c4:bd:23:fb:f3:f7:67:
f1:1e:5a:3c:6c:12:12:45:27:46:56:13:d6:a1:80:e6:a6:da:
26:95:0f:54:20:bb:dd:0b:91:6f:1b:ea:8e:ab:08:d9:a9:45:
2c:e9:b8:8c:a1:89:b1:82:2d:06:13:87:92:f9:ef:78:99:ca:
66:86:02:63:43:85:a4:54:3b:3b:d7:ae:a1:cf:b6:86:92:ea:
47:d9:f9:e7:61:94:e6:a1:f5:55:1d:da:b7:11:ad:98:06:f1:
0a:66:ed:f6:86:29:cb:42:a3:16:7f:da:f5:1c:cf:23:f5:f9:
e3:5f:2f:a9:ca:e9:1c:89:76:3b:2c:a2:aa:1e:3c:a3:1d:3b:
25:ff:4b:43:5d:91:4c:ee:53:0b:b1:ef:23:ef:ec:4a:cb:25:
5f:4c:c7:4b:e6:3d:c6:53:7c:38:1e:0f:7c:52:06:aa:99:0f:
a1:78:2c:b5:15:7e:23:b4:45:69:0b:05:26:a4:c2:ae:f3:fb:
71:10:a3:0d:b8:bd:6b:84:b3:79:50:c3:f2:1c:e0:0c:d0:46:
fd:ab:a9:03
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENV6LSDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YTVmNjEyOTE0MmJkMGE5ZGM2OWRmZDQwMjQ4OWZmMjVmNWIzZWYyMB4XDTIyMDEw
MTA2NTMzMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMyMGFiMGZhNDFi
YzBjNjQwNzI5ODhiNTBmZjg4ZTk0M2FlMzA2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJijWD6xruOc0XYaUkbG3vVzkpGN9bm66VUo4UbVqklrM0zK
FCrXs4R9yHrpmAuSD5693JxphO9265yoNTXIuuvMU2Y88mcZKwXWSm1KgN1dapMt
MqwITbvg35y+uw0tnERms0GoSFufewHOf/ptmEXdPtbiRtBRfZzdHkoU2XfO4lP+
FUGvChsp667V6ynPc/yNpipd4PJwN88AuPQEie9fn5QjHe/wwP/EFWCfLNl65dTz
dZHcqEanhhf3ugPoM/3kUUdAxKzkMgYrCuW6lgsVZaZl/Sec4UsMWdxnyt/Y///F
7PB3s8vCRBs3EMKJ5U2ZDJr2FrbHyTcihJHWSwsCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRcIKsPpBvAxkBymItQ/4jpQ64wYTAfBgNVHSMEGDAWgBQKX2EpFCvQqdxp
39QCSJ/yX1s+8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NsOWhLUlFyMEtuY2FkX1VBa2lmOGw5YlB2SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvMGFkMjY0LTNhNTAtNDU2My1hMzVhLTBkMmJiZTU4YzE0NS8x
L1hDQ3JENlFid01aQWNwaUxVUC1JNlVPdU1HRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
MGFkMjY0LTNhNTAtNDU2My1hMzVhLTBkMmJiZTU4YzE0NS8xL0NsOWhLUlFyMEtu
Y2FkX1VBa2lmOGw5YlB2SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEB1iWAAMEArm8eAMEAMItmgMEBtXT
wDANBAIAAjAHAwUAKgNQgDANBgkqhkiG9w0BAQsFAAOCAQEAfjWeUhXGuVVFKeY6
l2FIObFaw5YemdGLpQEzx8DFfM0Ytvo3XdG4vLMEC8YywBbEvSP78/dn8R5aPGwS
EkUnRlYT1qGA5qbaJpUPVCC73QuRbxvqjqsI2alFLOm4jKGJsYItBhOHkvnveJnK
ZoYCY0OFpFQ7O9euoc+2hpLqR9n552GU5qH1VR3atxGtmAbxCmbt9oYpy0KjFn/a
9RzPI/X5418vqcrpHIl2Oyyiqh48ox07Jf9LQ12RTO5TC7HvI+/sSsslX0zHS+Y9
xlN8OB4PfFIGqpkPoXgstRV+I7RFaQsFJqTCrvP7cRCjDbi9a4SzeVDD8hzgDNBG
/aupAw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:34 2024 by rpki-client on console-fra.rpki-client.org