Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/3af48a-0616-4c32-bb40-4b9ae41b3d2f/1/XuvFGWx8STKt3UsdM1E9_XCiwZ8.roa
File: XuvFGWx8STKt3UsdM1E9_XCiwZ8.roa (raw, json)
Hash identifier: N0XiTkMDGBhAt5oXtbLzWX1b7MNRGwOfqVDb9l8FYmE=
Subject key identifier: 5E:EB:C5:19:6C:7C:49:32:AD:DD:4B:1D:33:51:3D:FD:70:A2:C1:9F
Certificate issuer: /CN=779df1de43acca61eec034cea268b4654cc15cac
Certificate serial: 018499DFDCB6150E565D7553B9E5C6D6281A
Authority key identifier: 77:9D:F1:DE:43:AC:CA:61:EE:C0:34:CE:A2:68:B4:65:4C:C1:5C:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d53x3kOsymHuwDTOomi0ZUzBXKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/3af48a-0616-4c32-bb40-4b9ae41b3d2f/1/XuvFGWx8STKt3UsdM1E9_XCiwZ8.roa
Signing time: Mon 21 Nov 2022 11:08:15 +0000
ROA not before: Mon 21 Nov 2022 11:08:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57067
IP address blocks: 176.62.144.0/21 maxlen: 21
176.62.144.0/24 maxlen: 24
176.62.145.0/24 maxlen: 24
176.62.149.0/24 maxlen: 24
176.62.150.0/24 maxlen: 24
176.62.146.0/24 maxlen: 24
176.62.151.0/24 maxlen: 24
176.62.147.0/24 maxlen: 24
176.62.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:99:df:dc:b6:15:0e:56:5d:75:53:b9:e5:c6:d6:28:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=779df1de43acca61eec034cea268b4654cc15cac
Validity
Not Before: Nov 21 11:08:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5eebc5196c7c4932addd4b1d33513dfd70a2c19f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a6:bd:cc:8a:38:5d:7e:86:d9:bb:bf:99:f8:
8c:1e:7c:49:85:2e:95:e9:b1:30:2f:0c:9f:cd:4c:
0f:f7:60:48:5d:b9:14:a4:ed:80:71:da:e3:d9:fa:
60:c2:e5:5a:53:ee:cf:61:3e:51:48:35:aa:c9:d2:
68:db:0c:fe:bb:cf:01:97:e6:4f:2f:19:12:9d:96:
81:9d:aa:a9:5b:41:e7:13:60:14:c4:c9:42:6b:2f:
a7:12:21:ab:55:4a:b2:75:aa:44:86:5d:24:bb:e1:
26:d6:ae:bf:50:f3:91:fe:62:e4:34:b2:aa:70:2f:
dc:fb:12:c1:84:85:5d:ba:eb:0b:da:23:9d:63:a0:
bc:60:c1:f3:18:03:e3:cd:99:49:04:1e:75:ea:54:
a1:7b:fd:d1:64:ad:00:ed:40:f1:03:81:3c:a9:95:
0e:5e:57:38:2f:b8:36:01:4d:08:3b:8d:60:1d:f1:
7c:12:76:1c:2e:ec:9e:58:36:6f:4a:07:4d:71:70:
9d:76:61:f9:fb:a4:bc:57:0b:03:e0:77:ba:e5:5d:
ef:33:98:ff:b2:2d:95:57:af:a4:cd:a0:52:51:1b:
5b:71:b3:a1:8f:80:0f:eb:68:a7:c6:60:0d:51:17:
58:df:cc:f3:49:8a:99:ac:40:b5:60:69:f6:57:c6:
82:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:EB:C5:19:6C:7C:49:32:AD:DD:4B:1D:33:51:3D:FD:70:A2:C1:9F
X509v3 Authority Key Identifier:
keyid:77:9D:F1:DE:43:AC:CA:61:EE:C0:34:CE:A2:68:B4:65:4C:C1:5C:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d53x3kOsymHuwDTOomi0ZUzBXKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3af48a-0616-4c32-bb40-4b9ae41b3d2f/1/XuvFGWx8STKt3UsdM1E9_XCiwZ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/3af48a-0616-4c32-bb40-4b9ae41b3d2f/1/d53x3kOsymHuwDTOomi0ZUzBXKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.62.144.0/21
Signature Algorithm: sha256WithRSAEncryption
80:d2:c7:0a:1d:bf:35:51:f7:45:d5:ef:30:61:34:88:04:f4:
4f:8f:d5:a7:b8:f8:a3:ca:25:1e:1c:ac:46:53:46:6d:c2:da:
ee:dd:dd:0c:4a:3f:e1:e4:cf:e8:dd:57:e6:55:df:4b:49:10:
c3:6a:0d:c5:ad:04:a0:dd:7b:bb:7c:2b:3a:55:6c:a4:61:6e:
fb:5e:85:72:30:73:81:31:b8:9d:3b:89:7e:dc:5d:b5:f9:22:
69:76:a9:ae:28:ac:df:5c:46:b6:65:cd:d3:54:8d:5c:98:c4:
2a:c3:75:2d:9d:f4:60:11:68:d5:f2:20:c8:e2:13:78:f4:15:
64:ac:1b:b1:5a:e6:c3:12:77:a1:66:c1:70:d8:a9:76:3d:31:
09:6b:14:e5:29:46:a2:9e:cf:ef:f3:61:e0:17:be:38:c9:9d:
4c:2f:81:aa:25:41:77:31:d0:21:8e:a4:34:1f:7b:74:a1:bf:
ad:f0:ff:08:09:5e:70:de:ff:ce:ff:4e:fa:b5:3e:05:f7:1d:
95:d7:5c:e1:f3:6f:e7:60:d5:2c:7e:bf:9e:c0:5b:de:e5:5a:
93:1c:a9:d7:b5:4b:95:45:72:bf:13:bf:5d:ba:6e:9a:6b:ca:
26:4b:90:1c:d1:01:d9:94:27:ae:16:28:12:44:f5:7a:a5:e9:
b5:f2:45:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYSZ39y2FQ5WXXVTueXG1igaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3OWRmMWRlNDNhY2NhNjFlZWMwMzRjZWEyNjhiNDY1NGNj
MTVjYWMwHhcNMjIxMTIxMTEwODE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWViYzUxOTZjN2M0OTMyYWRkZDRiMWQzMzUxM2RmZDcwYTJjMTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKa9zIo4XX6G2bu/mfiMHnxJhS6V
6bEwLwyfzUwP92BIXbkUpO2Acdrj2fpgwuVaU+7PYT5RSDWqydJo2wz+u88Bl+ZP
LxkSnZaBnaqpW0HnE2AUxMlCay+nEiGrVUqydapEhl0ku+Em1q6/UPOR/mLkNLKq
cC/c+xLBhIVduusL2iOdY6C8YMHzGAPjzZlJBB516lShe/3RZK0A7UDxA4E8qZUO
Xlc4L7g2AU0IO41gHfF8EnYcLuyeWDZvSgdNcXCddmH5+6S8VwsD4He65V3vM5j/
si2VV6+kzaBSURtbcbOhj4AP62inxmANURdY38zzSYqZrEC1YGn2V8aC8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7rxRlsfEkyrd1LHTNRPf1wosGfMB8GA1UdIwQY
MBaAFHed8d5DrMph7sA0zqJotGVMwVysMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDUzeDNrT3N5bUh1d0RUT29taTBaVXpCWEt3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS8zYWY0OGEtMDYxNi00YzMyLWJiNDAt
NGI5YWU0MWIzZDJmLzEvWHV2RkdXeDhTVEt0M1VzZE0xRTlfWENpd1o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS8zYWY0OGEtMDYxNi00YzMyLWJiNDAtNGI5YWU0MWIzZDJm
LzEvZDUzeDNrT3N5bUh1d0RUT29taTBaVXpCWEt3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsD6QMA0G
CSqGSIb3DQEBCwUAA4IBAQCA0scKHb81UfdF1e8wYTSIBPRPj9WnuPijyiUeHKxG
U0Ztwtru3d0MSj/h5M/o3VfmVd9LSRDDag3FrQSg3Xu7fCs6VWykYW77XoVyMHOB
MbidO4l+3F21+SJpdqmuKKzfXEa2Zc3TVI1cmMQqw3UtnfRgEWjV8iDI4hN49BVk
rBuxWubDEnehZsFw2Kl2PTEJaxTlKUains/v82HgF744yZ1ML4GqJUF3MdAhjqQ0
H3t0ob+t8P8ICV5w3v/O/076tT4F9x2V11zh82/nYNUsfr+ewFve5VqTHKnXtUuV
RXK/E79dum6aa8omS5Ac0QHZlCeuFigSRPV6pem18kVV
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:05:51 2024 by rpki-client on console-ams.rpki-client.org