Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/4609ad-0b95-40e4-b053-ad5d53699dd8/1/X2k59dqd6xsODHnRWyuMhjiDzic.roa
File: X2k59dqd6xsODHnRWyuMhjiDzic.roa (raw, json)
Hash identifier: gSds62sb5mPhT5LWaksPnhaiqYEUHwQaO1G9okg7kX0=
Subject key identifier: 5F:69:39:F5:DA:9D:EB:1B:0E:0C:79:D1:5B:2B:8C:86:38:83:CE:27
Certificate issuer: /CN=ed3141220968d0ae44045e6836999928eca864b8
Certificate serial: 1E65CB9C
Authority key identifier: ED:31:41:22:09:68:D0:AE:44:04:5E:68:36:99:99:28:EC:A8:64:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7TFBIglo0K5EBF5oNpmZKOyoZLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/4609ad-0b95-40e4-b053-ad5d53699dd8/1/X2k59dqd6xsODHnRWyuMhjiDzic.roa
Signing time: Fri 03 Jun 2022 12:23:20 +0000
ROA not before: Fri 03 Jun 2022 12:23:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 176.52.224.0/20 maxlen: 24
130.0.96.0/19 maxlen: 24
95.157.128.0/18 maxlen: 24
185.147.232.0/22 maxlen: 24
2a00:9380::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 509987740 (0x1e65cb9c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed3141220968d0ae44045e6836999928eca864b8
Validity
Not Before: Jun 3 12:23:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f6939f5da9deb1b0e0c79d15b2b8c863883ce27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:db:03:84:e5:a6:e7:73:da:6b:63:0b:66:51:
e2:e8:89:ab:1c:6b:72:d8:6b:44:74:04:68:83:dc:
81:67:1a:cb:d4:38:6b:f6:09:3d:8a:e0:2c:1b:87:
61:66:6f:4a:b8:3f:ca:58:ab:82:3a:fe:8c:d1:e8:
80:ec:88:7a:bb:d7:1a:05:39:20:79:6e:85:7c:65:
7a:64:f7:a6:01:29:84:13:63:47:6b:00:91:5a:09:
20:3c:96:58:f4:b7:b2:5e:15:48:ac:34:32:97:fa:
cf:8b:94:6e:2c:07:b6:7b:fa:29:bb:74:97:3b:5a:
fe:67:31:72:26:3c:36:b9:15:2a:8f:79:6b:90:0d:
9a:3d:8e:10:d5:ab:72:15:d3:d8:72:23:28:f1:b0:
68:12:6d:e8:5c:a8:3a:ab:86:25:de:ef:92:a2:a6:
f0:8f:42:25:4d:03:ea:ea:29:79:d5:ec:41:ad:88:
b5:ab:5d:1f:8f:a5:1c:1f:29:29:c4:30:ed:25:da:
9b:c2:4f:e8:86:23:b5:dd:08:fa:97:f0:1b:30:f8:
23:26:f6:c7:c1:49:29:69:fe:7d:46:80:8e:99:2f:
52:5f:8e:42:d6:a5:d8:aa:c7:82:2a:09:77:33:3f:
d9:80:57:d1:3a:16:ed:b9:67:d9:4c:3f:e9:34:53:
01:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:69:39:F5:DA:9D:EB:1B:0E:0C:79:D1:5B:2B:8C:86:38:83:CE:27
X509v3 Authority Key Identifier:
keyid:ED:31:41:22:09:68:D0:AE:44:04:5E:68:36:99:99:28:EC:A8:64:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7TFBIglo0K5EBF5oNpmZKOyoZLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/4609ad-0b95-40e4-b053-ad5d53699dd8/1/X2k59dqd6xsODHnRWyuMhjiDzic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/4609ad-0b95-40e4-b053-ad5d53699dd8/1/7TFBIglo0K5EBF5oNpmZKOyoZLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.157.128.0/18
130.0.96.0/19
176.52.224.0/20
185.147.232.0/22
IPv6:
2a00:9380::/32
Signature Algorithm: sha256WithRSAEncryption
99:fc:a4:63:b7:94:e0:fa:16:99:37:05:d5:ad:94:e3:bb:3a:
1e:82:ec:a2:c2:98:a0:90:f4:e1:a1:81:bc:c0:c6:ea:97:79:
6d:eb:3b:a3:41:54:5d:f2:c0:c0:9a:e9:f2:bf:f5:08:3f:83:
0d:0c:d6:07:ce:dc:17:5c:23:fb:2c:3a:4d:90:6b:4a:f1:9e:
02:61:2b:63:86:a4:53:2e:65:5c:bf:ff:f3:4c:d9:63:a0:54:
d2:4b:aa:f3:9c:6f:6c:d0:50:92:25:e0:a2:15:96:42:91:c2:
d3:82:a7:ab:25:1b:76:c3:21:d5:a2:4e:fe:5e:71:b9:99:50:
d7:bb:a7:04:cd:31:74:e9:65:20:d8:72:2f:cf:e5:56:6b:1e:
9f:60:65:d2:49:e1:6b:bb:7a:3e:1d:95:10:5d:52:09:1e:26:
de:a0:0a:f5:b2:b4:57:63:e3:64:13:2c:64:e2:40:74:bf:aa:
fb:47:b7:12:b7:75:9c:95:06:bf:34:88:6c:a7:a2:be:bb:7a:
c4:93:ae:e3:b2:46:2e:33:6b:5d:72:77:5c:25:28:bc:43:94:
96:d1:30:31:e0:6b:f4:0c:9f:41:a5:29:df:40:8c:22:38:f2:
9f:7d:29:50:b9:47:2a:02:d1:ab:8b:d6:9d:95:8b:5e:47:f1:
de:86:d5:1e
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEHmXLnDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZDMxNDEyMjA5NjhkMGFlNDQwNDVlNjgzNjk5OTkyOGVjYTg2NGI4MB4XDTIyMDYw
MzEyMjMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY2OTM5ZjVkYTlk
ZWIxYjBlMGM3OWQxNWIyYjhjODYzODgzY2UyNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ7bA4Tlpudz2mtjC2ZR4uiJqxxrcthrRHQEaIPcgWcay9Q4
a/YJPYrgLBuHYWZvSrg/ylirgjr+jNHogOyIervXGgU5IHluhXxlemT3pgEphBNj
R2sAkVoJIDyWWPS3sl4VSKw0Mpf6z4uUbiwHtnv6Kbt0lzta/mcxciY8NrkVKo95
a5ANmj2OENWrchXT2HIjKPGwaBJt6FyoOquGJd7vkqKm8I9CJU0D6uopedXsQa2I
tatdH4+lHB8pKcQw7SXam8JP6IYjtd0I+pfwGzD4Iyb2x8FJKWn+fUaAjpkvUl+O
Qtal2KrHgioJdzM/2YBX0ToW7bln2Uw/6TRTAQECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRfaTn12p3rGw4MedFbK4yGOIPOJzAfBgNVHSMEGDAWgBTtMUEiCWjQrkQE
Xmg2mZko7KhkuDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzdURkJJZ2xvMEs1RUJGNW9OcG1aS095b1pMZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvNDYwOWFkLTBiOTUtNDBlNC1iMDUzLWFkNWQ1MzY5OWRkOC8x
L1gyazU5ZHFkNnhzT0RIblJXeXVNaGppRHppYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
NDYwOWFkLTBiOTUtNDBlNC1iMDUzLWFkNWQ1MzY5OWRkOC8xLzdURkJJZ2xvMEs1
RUJGNW9OcG1aS095b1pMZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBl+dgAMEBYIAYAMEBLA04AMEArmT
6DANBAIAAjAHAwUAKgCTgDANBgkqhkiG9w0BAQsFAAOCAQEAmfykY7eU4PoWmTcF
1a2U47s6HoLsosKYoJD04aGBvMDG6pd5bes7o0FUXfLAwJrp8r/1CD+DDQzWB87c
F1wj+yw6TZBrSvGeAmErY4akUy5lXL//80zZY6BU0kuq85xvbNBQkiXgohWWQpHC
04KnqyUbdsMh1aJO/l5xuZlQ17unBM0xdOllINhyL8/lVmsen2Bl0knha7t6Ph2V
EF1SCR4m3qAK9bK0V2PjZBMsZOJAdL+q+0e3Erd1nJUGvzSIbKeivrt6xJOu47JG
LjNrXXJ3XCUovEOUltEwMeBr9AyfQaUp30CMIjjyn30pULlHKgLRq4vWnZWLXkfx
3obVHg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:11 2023 by rpki-client on console-ams.rpki-client.org