Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/_XbfgngOWGuJC65KVKZ1BjUq7w4.roa
File: _XbfgngOWGuJC65KVKZ1BjUq7w4.roa (raw, json)
Hash identifier: gl5AO/rwl6m2eck1ZvKInBajptwqDxQ3GuSo/wuQvtk=
Subject key identifier: FD:76:DF:82:78:0E:58:6B:89:0B:AE:4A:54:A6:75:06:35:2A:EF:0E
Certificate issuer: /CN=29be02dea0a086e9880f564c86872bbc597cc672
Certificate serial: 0184AA6A59F794E63229356276E40AE64B62
Authority key identifier: 29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/_XbfgngOWGuJC65KVKZ1BjUq7w4.roa
Signing time: Thu 24 Nov 2022 16:13:27 +0000
ROA not before: Thu 24 Nov 2022 16:13:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9002
IP address blocks: 139.45.192.0/19 maxlen: 19
87.245.208.0/20 maxlen: 20
87.245.208.0/21 maxlen: 21
185.82.8.0/22 maxlen: 22
87.245.224.0/19 maxlen: 19
2a02:2d8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:aa:6a:59:f7:94:e6:32:29:35:62:76:e4:0a:e6:4b:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29be02dea0a086e9880f564c86872bbc597cc672
Validity
Not Before: Nov 24 16:13:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fd76df82780e586b890bae4a54a67506352aef0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:e4:8e:a4:86:1a:31:76:dc:e8:78:d1:1d:11:
96:f7:af:b6:f5:a7:08:89:83:57:d3:52:2b:db:c6:
80:da:8d:71:69:97:25:8a:59:9d:ce:2c:71:56:71:
3b:f6:63:96:be:f4:dc:d7:ad:38:ca:6b:a1:8a:b9:
8b:d9:4b:a2:c4:16:83:21:09:57:1e:3f:c5:69:d5:
0b:01:b6:2e:af:ea:20:f5:89:02:4a:0c:63:c7:80:
d0:ef:a0:73:bc:da:40:9b:88:d9:2f:02:34:da:96:
40:8d:e8:0d:2c:aa:ff:f8:cd:93:8e:6f:f4:91:e7:
67:ab:c4:ac:31:b9:b9:8f:5d:25:39:cd:44:5e:ac:
65:b0:42:85:f6:a9:7a:9b:a3:42:cd:8a:03:b8:c4:
63:c2:5b:db:d1:1e:64:23:9b:2e:92:60:21:14:cf:
19:68:74:37:b5:d1:30:f9:eb:c3:db:5d:98:7f:90:
59:64:b0:bc:93:35:6b:7a:2b:de:f2:32:81:29:90:
6a:63:07:06:7a:ef:d5:ea:74:95:61:59:0d:26:5c:
55:0e:4c:d8:80:2e:c6:9a:a4:6d:30:ad:ce:fb:80:
92:91:89:64:fe:bd:33:66:f3:ab:8d:e8:9f:e7:35:
fa:8c:32:3f:e0:6f:77:96:02:43:36:b4:50:7c:84:
19:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:76:DF:82:78:0E:58:6B:89:0B:AE:4A:54:A6:75:06:35:2A:EF:0E
X509v3 Authority Key Identifier:
keyid:29:BE:02:DE:A0:A0:86:E9:88:0F:56:4C:86:87:2B:BC:59:7C:C6:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Kb4C3qCghumID1ZMhocrvFl8xnI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/_XbfgngOWGuJC65KVKZ1BjUq7w4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/ea1cff-ae8f-4719-89b3-003a1568bf3f/1/Kb4C3qCghumID1ZMhocrvFl8xnI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.245.208.0-87.245.255.255
139.45.192.0/19
185.82.8.0/22
IPv6:
2a02:2d8::/32
Signature Algorithm: sha256WithRSAEncryption
68:63:6a:1d:c6:14:a3:07:6c:2f:2a:db:3a:8a:8f:94:c4:05:
6c:8a:c0:69:f1:39:38:87:e1:8b:56:2f:b8:18:fc:8c:60:95:
b5:ad:c3:1a:ba:c9:06:c4:ca:17:e3:4c:cc:a6:27:3c:b1:96:
fa:c9:3b:70:95:3b:31:aa:2c:99:b7:7b:51:99:11:5f:f7:80:
a3:c7:6a:fa:d6:3e:1b:a8:c0:ae:22:15:5b:1b:95:88:2d:0f:
f6:24:45:12:6c:3e:aa:eb:96:bd:82:3b:13:b4:50:4c:c7:a3:
86:eb:de:bb:a1:dc:9a:e5:1a:64:52:38:95:d0:8a:73:61:9b:
bc:36:fa:31:50:68:47:b1:df:cf:12:eb:74:25:a6:92:2c:ed:
18:d6:05:a6:78:5c:d7:66:e9:7f:7f:95:9d:d0:80:0c:fb:09:
3d:61:4e:1c:22:1a:dd:62:28:49:ab:6e:f8:29:0e:46:15:bd:
78:e6:dc:8a:e1:40:8f:3c:bc:3b:2b:4f:84:11:e7:e6:35:b0:
6f:61:ec:b0:25:c4:1b:7f:a1:26:ec:e2:53:13:29:1d:3d:1b:
7f:c6:c5:69:7e:0b:8a:e7:3d:4e:db:5d:b4:16:26:ba:20:01:
9d:5e:49:0f:88:8b:ae:e7:be:df:97:9d:28:cb:ca:99:f9:20:
25:81:5c:05
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYSqaln3lOYyKTViduQK5ktiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YmUwMmRlYTBhMDg2ZTk4ODBmNTY0Yzg2ODcyYmJjNTk3
Y2M2NzIwHhcNMjIxMTI0MTYxMzI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDc2ZGY4Mjc4MGU1ODZiODkwYmFlNGE1NGE2NzUwNjM1MmFlZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOSOpIYaMXbc6HjRHRGW96+29acI
iYNX01Ir28aA2o1xaZclilmdzixxVnE79mOWvvTc1604ymuhirmL2UuixBaDIQlX
Hj/FadULAbYur+og9YkCSgxjx4DQ76BzvNpAm4jZLwI02pZAjegNLKr/+M2Tjm/0
kednq8SsMbm5j10lOc1EXqxlsEKF9ql6m6NCzYoDuMRjwlvb0R5kI5sukmAhFM8Z
aHQ3tdEw+evD212Yf5BZZLC8kzVreive8jKBKZBqYwcGeu/V6nSVYVkNJlxVDkzY
gC7GmqRtMK3O+4CSkYlk/r0zZvOrjeif5zX6jDI/4G93lgJDNrRQfIQZMQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFP1234J4DlhriQuuSlSmdQY1Ku8OMB8GA1UdIwQY
MBaAFCm+At6goIbpiA9WTIaHK7xZfMZyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMt
MDAzYTE1NjhiZjNmLzEvX1hiZmduZ09XR3VKQzY1S1ZLWjFCalVxN3c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9lYTFjZmYtYWU4Zi00NzE5LTg5YjMtMDAzYTE1NjhiZjNm
LzEvS2I0QzNxQ2dodW1JRDFaTWhvY3J2Rmw4eG5JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZMAsDBARX9dAD
AwFX9AMEBYstwAMEArlSCDANBAIAAjAHAwUAKgIC2DANBgkqhkiG9w0BAQsFAAOC
AQEAaGNqHcYUowdsLyrbOoqPlMQFbIrAafE5OIfhi1YvuBj8jGCVta3DGrrJBsTK
F+NMzKYnPLGW+sk7cJU7Maosmbd7UZkRX/eAo8dq+tY+G6jAriIVWxuViC0P9iRF
Emw+quuWvYI7E7RQTMejhuveu6HcmuUaZFI4ldCKc2GbvDb6MVBoR7HfzxLrdCWm
kiztGNYFpnhc12bpf3+VndCADPsJPWFOHCIa3WIoSatu+CkORhW9eObciuFAjzy8
OytPhBHn5jWwb2HssCXEG3+hJuziUxMpHT0bf8bFaX4Liuc9TttdtBYmuiABnV5J
D4iLrue+35edKMvKmfkgJYFcBQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:09 2024 by rpki-client on console-ams.rpki-client.org