Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/XqG0mP2Yiry8UXtdTbRpHaWqy-c.roa
File: XqG0mP2Yiry8UXtdTbRpHaWqy-c.roa (raw, json)
Hash identifier: iNLCVvo0nqEqJHQJzGiUc7J4eNZmrRQxMtlWU39S/q8=
Subject key identifier: 5E:A1:B4:98:FD:98:8A:BC:BC:51:7B:5D:4D:B4:69:1D:A5:AA:CB:E7
Certificate issuer: /CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Certificate serial: 37D8FBD9
Authority key identifier: 46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/XqG0mP2Yiry8UXtdTbRpHaWqy-c.roa
Signing time: Mon 03 Jan 2022 09:18:06 +0000
ROA not before: Mon 03 Jan 2022 09:18:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29695
IP address blocks: 213.167.96.0/19 maxlen: 19
141.0.64.0/18 maxlen: 18
92.220.0.0/15 maxlen: 21
109.247.0.0/16 maxlen: 21
45.14.52.0/22 maxlen: 22
84.234.128.0/17 maxlen: 24
79.160.0.0/15 maxlen: 24
80.203.0.0/17 maxlen: 17
89.11.128.0/17 maxlen: 17
81.166.0.0/15 maxlen: 24
2a01:798::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 936967129 (0x37d8fbd9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=46bb8215b2266da3c0f6ca55cc7ba800e9ade2a2
Validity
Not Before: Jan 3 09:18:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ea1b498fd988abcbc517b5d4db4691da5aacbe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b7:65:a2:90:11:53:35:0c:62:f3:73:6c:c0:
d9:da:ca:ab:39:4d:ac:91:87:c4:4d:ec:6f:65:f1:
f0:af:ea:61:67:c1:ed:18:1b:86:6a:16:8d:95:12:
77:de:1c:2a:c8:7e:8b:1a:60:d9:50:e4:51:f3:33:
66:ea:25:c9:eb:32:f6:17:fe:e2:2a:cd:6e:0f:52:
e3:ba:06:a2:ee:b0:75:55:d6:a4:31:96:b3:ce:58:
b7:70:82:c9:cc:e5:33:85:a1:c5:31:89:f2:96:64:
fa:0f:ea:d2:aa:72:9e:68:68:96:05:92:19:13:b0:
06:9a:61:5a:80:6b:05:74:87:79:c3:96:10:3f:db:
00:fc:78:1b:3a:96:73:ba:4a:53:38:f9:d6:ae:7d:
34:2c:75:40:e0:a1:cd:0e:63:a8:cf:65:e5:9a:e6:
8a:d7:95:64:73:77:78:65:f0:4d:c6:09:a7:25:cd:
c7:da:99:cd:81:24:fe:8a:87:01:cc:fb:4c:89:1b:
0b:65:2d:f5:8a:89:43:b9:00:3b:72:f2:91:ac:3c:
84:98:f0:72:55:1f:26:19:dc:5e:ef:c9:81:2a:af:
37:f7:4c:4b:ca:90:ec:7f:0e:07:7e:75:6e:5f:5f:
5c:e1:0a:95:d2:2f:63:49:1d:eb:7e:66:a6:2c:23:
3e:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A1:B4:98:FD:98:8A:BC:BC:51:7B:5D:4D:B4:69:1D:A5:AA:CB:E7
X509v3 Authority Key Identifier:
keyid:46:BB:82:15:B2:26:6D:A3:C0:F6:CA:55:CC:7B:A8:00:E9:AD:E2:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RruCFbImbaPA9spVzHuoAOmt4qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/XqG0mP2Yiry8UXtdTbRpHaWqy-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/6a3215-6b62-4363-9abc-7a54db59ec2d/1/RruCFbImbaPA9spVzHuoAOmt4qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.52.0/22
79.160.0.0/15
80.203.0.0/17
81.166.0.0/15
84.234.128.0/17
89.11.128.0/17
92.220.0.0/15
109.247.0.0/16
141.0.64.0/18
213.167.96.0/19
IPv6:
2a01:798::/29
Signature Algorithm: sha256WithRSAEncryption
5a:3c:b0:27:0c:81:de:9a:15:0d:e9:b5:0a:8b:15:39:a3:8a:
c5:6a:43:3c:0f:dd:0d:cc:91:10:b0:ea:a0:e6:b3:6e:67:91:
a3:b0:d4:b0:f8:d3:10:a4:b0:55:81:cb:72:a0:7c:bf:1f:da:
e4:4c:41:c5:65:36:cb:5b:9c:06:16:39:7d:9a:d0:75:2c:86:
d0:fc:52:7b:64:11:92:cc:28:83:32:3a:c2:9a:90:76:bc:20:
5b:27:cb:72:5b:fb:68:51:6e:94:b0:15:97:5c:90:1d:9e:72:
2e:0e:29:6f:07:d4:ee:ab:67:0f:56:1c:71:1f:f9:5a:c8:d6:
82:43:0d:1c:31:92:c6:aa:4c:54:37:37:f0:63:e9:56:87:06:
b5:9a:b9:4f:a8:62:48:e7:d2:69:da:01:94:8c:6a:31:48:45:
71:1e:a0:37:7e:c3:15:d8:0c:8d:81:21:af:77:3d:d8:82:b1:
7e:ba:28:92:e3:7f:f2:79:9e:da:87:21:4b:07:60:eb:cb:fc:
6d:02:ef:ff:98:60:2a:3e:4a:1b:b2:5c:b7:98:14:fe:4f:e2:
7a:b9:3b:30:f1:2d:f5:e4:e5:e1:8c:1e:92:a9:11:10:24:c8:
31:7e:40:84:38:3a:0b:59:7d:01:1e:e7:fa:ce:34:2c:17:e4:
b5:5e:54:99
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgIEN9j72TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
NmJiODIxNWIyMjY2ZGEzYzBmNmNhNTVjYzdiYTgwMGU5YWRlMmEyMB4XDTIyMDEw
MzA5MTgwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWVhMWI0OThmZDk4
OGFiY2JjNTE3YjVkNGRiNDY5MWRhNWFhY2JlNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALS3ZaKQEVM1DGLzc2zA2drKqzlNrJGHxE3sb2Xx8K/qYWfB
7RgbhmoWjZUSd94cKsh+ixpg2VDkUfMzZuolyesy9hf+4irNbg9S47oGou6wdVXW
pDGWs85Yt3CCyczlM4WhxTGJ8pZk+g/q0qpynmholgWSGROwBpphWoBrBXSHecOW
ED/bAPx4GzqWc7pKUzj51q59NCx1QOChzQ5jqM9l5ZrmiteVZHN3eGXwTcYJpyXN
x9qZzYEk/oqHAcz7TIkbC2Ut9YqJQ7kAO3Lykaw8hJjwclUfJhncXu/JgSqvN/dM
S8qQ7H8OB351bl9fXOEKldIvY0kd635mpiwjPqUCAwEAAaOCAkowggJGMB0GA1Ud
DgQWBBReobSY/ZiKvLxRe11NtGkdparL5zAfBgNVHSMEGDAWgBRGu4IVsiZto8D2
ylXMe6gA6a3iojAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1JydUNGYkltYmFQQTlzcFZ6SHVvQU9tdDRxSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDcvNmEzMjE1LTZiNjItNDM2My05YWJjLTdhNTRkYjU5ZWMyZC8x
L1hxRzBtUDJZaXJ5OFVYdGRUYlJwSGFXcXktYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDcv
NmEzMjE1LTZiNjItNDM2My05YWJjLTdhNTRkYjU5ZWMyZC8xL1JydUNGYkltYmFQ
QTlzcFZ6SHVvQU9tdDRxSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBg
BggrBgEFBQcBBwEB/wRRME8wPgQCAAEwOAMEAi0ONAMDAU+gAwQHUMsAAwMBUaYD
BAdU6oADBAdZC4ADAwFc3AMDAG33AwQGjQBAAwQF1adgMA0EAgACMAcDBQMqAQeY
MA0GCSqGSIb3DQEBCwUAA4IBAQBaPLAnDIHemhUN6bUKixU5o4rFakM8D90NzJEQ
sOqg5rNuZ5GjsNSw+NMQpLBVgctyoHy/H9rkTEHFZTbLW5wGFjl9mtB1LIbQ/FJ7
ZBGSzCiDMjrCmpB2vCBbJ8tyW/toUW6UsBWXXJAdnnIuDilvB9Tuq2cPVhxxH/la
yNaCQw0cMZLGqkxUNzfwY+lWhwa1mrlPqGJI59Jp2gGUjGoxSEVxHqA3fsMV2AyN
gSGvdz3YgrF+uiiS43/yeZ7ahyFLB2Dry/xtAu//mGAqPkobsly3mBT+T+J6uTsw
8S315OXhjB6SqREQJMgxfkCEODoLWX0BHuf6zjQsF+S1XlSZ
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:06:20 2024 by rpki-client on console-ams.rpki-client.org