Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/XSk5N6IeZPph0WaWu853ggsWDtQ.roa
File: XSk5N6IeZPph0WaWu853ggsWDtQ.roa (raw, json)
Hash identifier: JFTzAYj16+zi2J6GdHnsCYbE9RYf+QZe6Kvm6zZqjO8=
Subject key identifier: 5D:29:39:37:A2:1E:64:FA:61:D1:66:96:BB:CE:77:82:0B:16:0E:D4
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 0992F299
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/XSk5N6IeZPph0WaWu853ggsWDtQ.roa
Signing time: Sat 01 Jan 2022 04:03:25 +0000
ROA not before: Sat 01 Jan 2022 04:03:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 200943
IP address blocks: 192.44.9.0/24 maxlen: 24
153.96.64.0/22 maxlen: 22
153.96.62.0/23 maxlen: 23
153.96.160.0/21 maxlen: 21
192.102.149.0/24 maxlen: 24
192.102.146.0/23 maxlen: 23
192.102.157.0/24 maxlen: 24
192.102.154.0/23 maxlen: 23
192.102.166.0/24 maxlen: 24
192.88.97.0/24 maxlen: 24
129.233.202.0/24 maxlen: 24
129.233.200.0/23 maxlen: 23
153.96.142.0/24 maxlen: 24
2a03:db80:5460::/48 maxlen: 48
2001:67c:61c::/48 maxlen: 48
2a03:db80:5464::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 160625305 (0x992f299)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 1 04:03:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d293937a21e64fa61d16696bbce77820b160ed4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:02:f3:56:69:4b:c5:4e:9b:81:8c:53:18:e6:
36:c3:c6:41:3c:a0:62:28:f3:33:e5:dd:3d:5c:41:
86:ff:3e:6d:90:8c:22:9e:79:8f:d8:b6:4d:39:18:
79:c4:e1:cc:c5:b4:00:7d:12:b2:5c:6d:43:5d:20:
81:32:61:b2:36:26:db:fb:1e:e2:53:c2:2c:b3:bc:
cc:19:41:17:0e:ce:fe:97:d1:30:8f:8b:a5:d3:8d:
71:e5:6a:50:9a:69:d5:69:47:c4:ef:37:34:82:9d:
07:62:3d:dc:f8:67:0b:41:61:52:87:ff:70:a8:d7:
63:45:48:86:d9:32:59:45:ed:a0:ca:91:25:45:3c:
ae:b9:1f:25:08:21:02:b1:36:8d:f7:e1:65:1a:7d:
34:94:7b:d3:c8:fa:02:ae:89:a2:4c:0a:7c:cb:f5:
5f:29:60:22:68:46:e2:55:c4:b1:e9:6d:ec:35:9d:
76:10:ad:99:68:54:98:57:db:42:4d:7e:4e:f2:65:
92:fa:31:6a:3c:8b:17:5d:d2:ad:cb:8e:0e:6e:b9:
c1:0e:0e:95:07:f8:09:08:78:51:c5:9d:5e:b7:83:
f0:42:55:93:2a:51:fd:a7:63:c9:85:7e:df:f8:c1:
27:e7:cd:33:44:b0:f4:3f:82:13:64:7a:0f:9e:58:
ef:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:29:39:37:A2:1E:64:FA:61:D1:66:96:BB:CE:77:82:0B:16:0E:D4
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/XSk5N6IeZPph0WaWu853ggsWDtQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.200.0-129.233.202.255
153.96.62.0-153.96.67.255
153.96.142.0/24
153.96.160.0/21
192.44.9.0/24
192.88.97.0/24
192.102.146.0/23
192.102.149.0/24
192.102.154.0/23
192.102.157.0/24
192.102.166.0/24
IPv6:
2001:67c:61c::/48
2a03:db80:5460::/48
2a03:db80:5464::/48
Signature Algorithm: sha256WithRSAEncryption
99:8c:ec:13:17:ad:2e:1c:45:53:d5:35:2f:47:6e:35:f6:c9:
48:27:49:c0:c2:72:35:76:cc:b4:72:5d:90:7a:3a:8c:12:1b:
11:7f:4c:fc:3f:4a:4d:87:0e:1d:eb:2e:bb:99:5d:12:84:89:
7e:50:71:11:2c:a6:db:7e:8d:f6:6b:b9:05:6b:49:b1:1e:f4:
e2:e0:c9:89:62:7d:0b:bc:1f:4d:a2:7b:93:8e:7e:6c:b4:25:
2e:f9:50:0c:cc:18:50:f9:5f:a4:a3:94:68:a9:5a:21:56:d6:
e1:1e:0d:65:5c:00:f6:a4:64:a5:5e:ed:95:bb:bb:08:06:66:
24:5d:d8:00:ef:b1:da:00:73:c0:f4:2c:b1:85:86:1b:f4:32:
5e:2b:5e:7c:97:18:5f:d4:d9:22:b9:29:42:28:a4:cd:7e:38:
7a:71:96:75:33:17:4b:16:92:d9:41:0d:bf:b3:6e:f4:dc:92:
0c:3d:ac:a8:c7:d2:51:a4:b8:eb:1a:89:e2:ab:ad:8f:f3:ea:
dd:c8:ca:86:46:80:4d:4f:f8:94:70:b4:8a:56:0f:64:47:1a:
83:9c:58:1a:3b:45:61:58:f3:44:db:7b:74:89:68:98:35:c2:
e3:4a:52:86:cd:23:a7:65:83:51:5b:61:0e:35:43:5e:44:af:
b5:99:45:fb
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIECZLymTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NmE3NTgyNmU5OTEyMjVhNDI5ZmY4YTFlN2ZmZGM4MDQ2NjQyMGRmMB4XDTIyMDEw
MTA0MDMyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQyOTM5MzdhMjFl
NjRmYTYxZDE2Njk2YmJjZTc3ODIwYjE2MGVkNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJAC81ZpS8VOm4GMUxjmNsPGQTygYijzM+XdPVxBhv8+bZCM
Ip55j9i2TTkYecThzMW0AH0SslxtQ10ggTJhsjYm2/se4lPCLLO8zBlBFw7O/pfR
MI+LpdONceVqUJpp1WlHxO83NIKdB2I93PhnC0FhUof/cKjXY0VIhtkyWUXtoMqR
JUU8rrkfJQghArE2jffhZRp9NJR708j6Aq6JokwKfMv1XylgImhG4lXEselt7DWd
dhCtmWhUmFfbQk1+TvJlkvoxajyLF13SrcuODm65wQ4OlQf4CQh4UcWdXreD8EJV
kypR/adjyYV+3/jBJ+fNM0Sw9D+CE2R6D55Y76UCAwEAAaOCAnkwggJ1MB0GA1Ud
DgQWBBRdKTk3oh5k+mHRZpa7zneCCxYO1DAfBgNVHSMEGDAWgBR2p1gm6ZEiWkKf
+KHn/9yARmQg3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RxZFlKdW1SSWxwQ25faWg1X19jZ0Vaa0lOOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDkvMWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8x
L1hTazVONkllWlBwaDBXYVd1ODUzZ2dzV0R0US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkv
MWQzM2NhLThkMWMtNDljMC1iZTk3LWFkOGZiZWFhOGRkOS8xL2RxZFlKdW1SSWxw
Q25faWg1X19jZ0Vaa0lOOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
jgYIKwYBBQUHAQcBAf8EfzB9MFgEAgABMFIwDAMEA4HpyAMEAIHpyjAMAwQBmWA+
AwQCmWBAAwQAmWCOAwQDmWCgAwQAwCwJAwQAwFhhAwQBwGaSAwQAwGaVAwQBwGaa
AwQAwGadAwQAwGamMCEEAgACMBsDBwAgAQZ8BhwDBwAqA9uAVGADBwAqA9uAVGQw
DQYJKoZIhvcNAQELBQADggEBAJmM7BMXrS4cRVPVNS9HbjX2yUgnScDCcjV2zLRy
XZB6OowSGxF/TPw/Sk2HDh3rLruZXRKEiX5QcREsptt+jfZruQVrSbEe9OLgyYli
fQu8H02ie5OOfmy0JS75UAzMGFD5X6SjlGipWiFW1uEeDWVcAPakZKVe7ZW7uwgG
ZiRd2ADvsdoAc8D0LLGFhhv0Ml4rXnyXGF/U2SK5KUIopM1+OHpxlnUzF0sWktlB
Db+zbvTckgw9rKjH0lGkuOsaieKrrY/z6t3IyoZGgE1P+JRwtIpWD2RHGoOcWBo7
RWFY80Tbe3SJaJg1wuNKUobNI6dlg1FbYQ41Q15Er7WZRfs=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:46:02 2025 by rpki-client