Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/975c5e-6b05-4a47-9e91-13699365c3c7/1/XHMQtzIf-oLH4sj3m58TxNxMqcU.roa
File: XHMQtzIf-oLH4sj3m58TxNxMqcU.roa (raw, json)
Hash identifier: RiXAzr62aNwqNBMQ32o1bCNNFlQPxJFrrWdmu/nSbpk=
Subject key identifier: 5C:73:10:B7:32:1F:FA:82:C7:E2:C8:F7:9B:9F:13:C4:DC:4C:A9:C5
Certificate issuer: /CN=4ecf617af35f3724e7da860ebfbe4ec138ae1800
Certificate serial: 04046C15
Authority key identifier: 4E:CF:61:7A:F3:5F:37:24:E7:DA:86:0E:BF:BE:4E:C1:38:AE:18:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts9hevNfNyTn2oYOv75OwTiuGAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/975c5e-6b05-4a47-9e91-13699365c3c7/1/XHMQtzIf-oLH4sj3m58TxNxMqcU.roa
Signing time: Mon 17 Jan 2022 07:16:09 +0000
ROA not before: Mon 17 Jan 2022 07:16:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35401
IP address blocks: 217.170.112.0/20 maxlen: 24
87.244.56.0/22 maxlen: 24
87.244.54.0/24 maxlen: 24
87.244.55.0/24 maxlen: 24
87.244.52.0/24 maxlen: 24
87.244.53.0/24 maxlen: 24
87.244.63.0/24 maxlen: 24
87.244.62.0/24 maxlen: 24
87.244.60.0/23 maxlen: 24
87.244.0.0/21 maxlen: 24
87.244.16.0/21 maxlen: 24
87.244.32.0/21 maxlen: 24
87.244.40.0/21 maxlen: 24
87.244.48.0/21 maxlen: 24
2a02:26e0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67398677 (0x4046c15)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecf617af35f3724e7da860ebfbe4ec138ae1800
Validity
Not Before: Jan 17 07:16:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c7310b7321ffa82c7e2c8f79b9f13c4dc4ca9c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:ed:f9:79:bc:d2:99:96:3f:96:60:16:99:56:
ab:e7:d0:d2:fe:07:42:38:d2:95:62:dc:d3:f2:f6:
fe:39:21:44:9c:48:8c:39:c5:da:04:db:d0:01:e6:
9d:42:5c:f0:2e:e8:fd:d5:17:04:cf:32:9c:60:63:
0f:65:d1:73:05:0f:6b:de:f7:2d:b9:32:d9:71:a8:
f4:49:41:f1:dd:b7:9e:c3:54:bf:84:2b:d7:f1:91:
35:7f:fb:4f:40:eb:ae:c0:8e:2c:ea:ef:e9:13:f9:
2a:e1:3e:9d:6d:8e:cc:c7:77:e5:ef:30:d8:9a:e2:
73:87:b2:38:3b:7e:83:76:67:c2:b5:78:45:5b:db:
26:81:29:82:87:bb:9b:fe:77:f2:d0:09:3f:fb:74:
a8:2d:a2:b9:20:cb:5f:8f:55:27:34:16:b4:87:b4:
fc:48:38:46:e8:33:75:44:68:98:57:6b:a2:6e:ae:
2c:79:76:11:be:76:67:c8:41:c2:4e:c6:e3:e5:1a:
2d:51:76:3c:b0:01:86:ab:78:f8:c8:5d:96:0e:c8:
10:c5:31:4e:ed:b8:8c:29:21:c9:ca:da:e7:cf:3a:
6c:7d:57:22:11:42:4a:aa:be:ca:bb:4b:28:28:e4:
6d:fc:45:84:aa:f6:5a:82:1a:63:41:40:d2:77:b6:
24:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:73:10:B7:32:1F:FA:82:C7:E2:C8:F7:9B:9F:13:C4:DC:4C:A9:C5
X509v3 Authority Key Identifier:
keyid:4E:CF:61:7A:F3:5F:37:24:E7:DA:86:0E:BF:BE:4E:C1:38:AE:18:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9hevNfNyTn2oYOv75OwTiuGAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/975c5e-6b05-4a47-9e91-13699365c3c7/1/XHMQtzIf-oLH4sj3m58TxNxMqcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/975c5e-6b05-4a47-9e91-13699365c3c7/1/Ts9hevNfNyTn2oYOv75OwTiuGAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.244.0.0/21
87.244.16.0/21
87.244.32.0/19
217.170.112.0/20
IPv6:
2a02:26e0::/32
Signature Algorithm: sha256WithRSAEncryption
3e:8a:95:13:f5:f5:d7:7c:c7:45:44:d6:dc:7f:e3:2e:9f:43:
92:11:b0:0b:af:6b:14:cf:e9:d8:87:16:f2:0f:4b:aa:c9:2a:
f5:80:93:f4:e2:61:ec:2a:a3:8c:c4:6d:0f:17:71:42:f8:ed:
a5:c5:3a:53:21:55:19:3b:67:b9:79:fa:d2:bc:61:ae:27:8a:
b1:9a:67:bb:20:ba:15:21:08:62:f5:1a:a8:7f:d7:81:5d:9a:
e1:3d:75:47:24:3f:3b:b7:e1:2c:84:91:1c:b8:b5:e5:09:b6:
28:1a:f3:2a:6d:81:5f:e8:31:2b:55:be:69:47:ba:7a:30:bb:
5b:32:30:7d:d8:ba:32:f8:63:a8:a2:b8:01:70:f3:7d:b9:ac:
e8:1e:a5:49:f0:8e:f5:75:9e:fd:c1:ff:1e:7f:39:6b:dd:53:
03:c7:0c:94:f1:97:3e:f5:97:3e:a7:d3:82:e0:26:48:fd:88:
25:87:fb:7a:15:db:cf:cf:7f:c9:42:8f:18:19:7e:90:ed:65:
cd:5f:ec:e1:64:49:06:4f:db:73:fc:a8:4f:c4:cd:77:34:fa:
24:d6:b7:e9:ee:16:e2:f7:b2:a9:a3:b0:b2:0f:eb:f8:39:b9:
e1:b7:bf:68:42:b2:ff:fa:d5:05:05:09:3b:5e:e0:39:86:d6:
47:96:d0:d9
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEBARsFTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZWNmNjE3YWYzNWYzNzI0ZTdkYTg2MGViZmJlNGVjMTM4YWUxODAwMB4XDTIyMDEx
NzA3MTYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM3MzEwYjczMjFm
ZmE4MmM3ZTJjOGY3OWI5ZjEzYzRkYzRjYTljNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKjt+Xm80pmWP5ZgFplWq+fQ0v4HQjjSlWLc0/L2/jkhRJxI
jDnF2gTb0AHmnUJc8C7o/dUXBM8ynGBjD2XRcwUPa973Lbky2XGo9ElB8d23nsNU
v4Qr1/GRNX/7T0DrrsCOLOrv6RP5KuE+nW2OzMd35e8w2Jric4eyODt+g3ZnwrV4
RVvbJoEpgoe7m/538tAJP/t0qC2iuSDLX49VJzQWtIe0/Eg4RugzdURomFdrom6u
LHl2Eb52Z8hBwk7G4+UaLVF2PLABhqt4+Mhdlg7IEMUxTu24jCkhycra5886bH1X
IhFCSqq+yrtLKCjkbfxFhKr2WoIaY0FA0ne2JFMCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRccxC3Mh/6gsfiyPebnxPE3EypxTAfBgNVHSMEGDAWgBROz2F68183JOfa
hg6/vk7BOK4YADAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1RzOWhldk5mTnlUbjJvWU92NzVPd1RpdUdBQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvM2YvOTc1YzVlLTZiMDUtNGE0Ny05ZTkxLTEzNjk5MzY1YzNjNy8x
L1hITVF0eklmLW9MSDRzajNtNThUeE54TXFjVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2Yv
OTc1YzVlLTZiMDUtNGE0Ny05ZTkxLTEzNjk5MzY1YzNjNy8xL1RzOWhldk5mTnlU
bjJvWU92NzVPd1RpdUdBQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA1f0AAMEA1f0EAMEBVf0IAMEBNmq
cDANBAIAAjAHAwUAKgIm4DANBgkqhkiG9w0BAQsFAAOCAQEAPoqVE/X113zHRUTW
3H/jLp9DkhGwC69rFM/p2IcW8g9Lqskq9YCT9OJh7CqjjMRtDxdxQvjtpcU6UyFV
GTtnuXn60rxhrieKsZpnuyC6FSEIYvUaqH/XgV2a4T11RyQ/O7fhLISRHLi15Qm2
KBrzKm2BX+gxK1W+aUe6ejC7WzIwfdi6MvhjqKK4AXDzfbms6B6lSfCO9XWe/cH/
Hn85a91TA8cMlPGXPvWXPqfTguAmSP2IJYf7ehXbz89/yUKPGBl+kO1lzV/s4WRJ
Bk/bc/yoT8TNdzT6JNa36e4W4veyqaOwsg/r+Dm54be/aEKy//rVBQUJO17gOYbW
R5bQ2Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:46:59 2023 by rpki-client on console-fra.rpki-client.org