Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/66f829-5129-4842-a5c0-3740b0941db8/1/X8666Q-wUrkpXSEqRweWkQ9vwTg.roa
File: X8666Q-wUrkpXSEqRweWkQ9vwTg.roa (raw, json)
Hash identifier: kVRLiuWku6QfP2CdccI1VqF9Ev44K7qZw4geWJdGX7A=
Subject key identifier: 5F:CE:BA:E9:0F:B0:52:B9:29:5D:21:2A:47:07:96:91:0F:6F:C1:38
Certificate issuer: /CN=9d257190821f7058a8eafd48196974368bad8f14
Certificate serial: 01856BF7DAF5C1D273593DA03A13466F1F92
Authority key identifier: 9D:25:71:90:82:1F:70:58:A8:EA:FD:48:19:69:74:36:8B:AD:8F:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSVxkIIfcFio6v1IGWl0NoutjxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/66f829-5129-4842-a5c0-3740b0941db8/1/X8666Q-wUrkpXSEqRweWkQ9vwTg.roa
Signing time: Sun 01 Jan 2023 06:14:43 +0000
ROA not before: Sun 01 Jan 2023 06:14:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35805
IP address blocks: 92.241.64.0/19 maxlen: 24
185.51.16.0/22 maxlen: 24
109.238.224.0/20 maxlen: 24
213.131.32.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:f7:da:f5:c1:d2:73:59:3d:a0:3a:13:46:6f:1f:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d257190821f7058a8eafd48196974368bad8f14
Validity
Not Before: Jan 1 06:14:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5fcebae90fb052b9295d212a470796910f6fc138
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d7:1b:d8:7a:d8:fb:1f:67:e0:f6:59:bd:0b:
36:3c:91:3d:4e:30:b2:0c:1a:02:a8:7d:1b:b3:04:
3f:a4:38:92:61:35:2f:64:db:fe:27:c1:d7:8b:06:
14:92:80:64:5d:46:f6:30:b8:b5:71:d7:ca:e2:b2:
9b:d2:f0:19:99:78:fb:d1:43:21:c5:44:21:1b:42:
bd:be:52:d2:9c:52:88:6d:a7:aa:8d:f5:73:46:f9:
76:75:20:fa:3f:80:86:95:31:3e:da:10:c0:5c:9d:
fa:0d:c0:a5:df:1b:83:01:d2:50:c4:f1:e2:97:80:
9d:cd:19:54:0f:63:97:31:2e:8d:d9:c1:4e:61:24:
13:48:98:42:aa:19:18:f1:3f:fc:b2:e4:a9:ef:a7:
43:8e:a0:d0:59:18:b1:5d:fc:5b:88:31:e8:cc:5e:
e4:f6:fe:0e:e2:05:9c:11:d0:9a:1d:81:80:7a:f3:
5b:58:1e:db:d6:22:c1:b9:2d:e7:63:65:61:b4:c5:
b3:ff:c0:d2:ac:0d:0a:8d:59:93:17:68:7f:f8:f0:
62:6b:59:02:85:aa:76:00:a6:03:90:40:2f:22:55:
ea:b4:26:4b:98:89:58:9b:df:9f:e1:66:df:8e:45:
d2:20:25:97:6a:f0:b9:7b:6b:8e:59:46:4a:ef:49:
62:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CE:BA:E9:0F:B0:52:B9:29:5D:21:2A:47:07:96:91:0F:6F:C1:38
X509v3 Authority Key Identifier:
keyid:9D:25:71:90:82:1F:70:58:A8:EA:FD:48:19:69:74:36:8B:AD:8F:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSVxkIIfcFio6v1IGWl0NoutjxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/66f829-5129-4842-a5c0-3740b0941db8/1/X8666Q-wUrkpXSEqRweWkQ9vwTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/66f829-5129-4842-a5c0-3740b0941db8/1/nSVxkIIfcFio6v1IGWl0NoutjxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.241.64.0/19
109.238.224.0/20
185.51.16.0/22
213.131.32.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:e6:72:1b:c3:d8:97:9e:35:31:30:db:24:a2:ec:85:2e:e5:
b3:51:0a:2c:a6:1e:61:f5:ab:10:af:d5:81:f2:10:97:94:c2:
01:8b:c5:65:35:42:71:5a:84:ec:11:1b:20:7c:bb:29:84:c4:
04:bd:6a:b4:a0:10:56:98:d4:5e:a0:ea:96:05:53:91:02:4a:
03:0b:80:8e:1f:20:df:da:b4:45:0f:d8:d2:d6:f9:06:db:d0:
4d:66:e3:10:f6:1e:ce:83:d1:45:ec:06:4a:65:b6:d7:c3:07:
e3:6c:4b:f6:dc:16:7c:55:ad:83:10:50:72:c6:19:a7:d2:75:
49:c0:42:e8:25:2e:81:64:72:d1:97:21:22:02:6f:dc:d5:fa:
d8:09:ae:8b:15:d7:bc:44:1b:9d:ea:8e:ad:95:20:6b:5d:41:
05:d6:a0:23:08:bc:1f:85:12:9a:9d:45:b9:5f:a1:17:eb:83:
5a:e3:a7:e8:7e:e2:4b:fb:f3:1a:89:e4:30:8a:c3:39:84:24:
a3:93:5f:48:7a:81:8d:1f:66:38:12:59:ef:ff:54:2b:02:e5:
72:2f:79:dd:ff:cc:bf:17:9a:29:28:5e:32:28:38:8e:a6:7b:
b4:0f:82:8f:aa:e5:ee:68:c6:c3:2f:04:e0:ed:4d:ce:5b:3b:
12:b4:cc:52
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYVr99r1wdJzWT2gOhNGbx+SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjU3MTkwODIxZjcwNThhOGVhZmQ0ODE5Njk3NDM2OGJh
ZDhmMTQwHhcNMjMwMTAxMDYxNDQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmNlYmFlOTBmYjA1MmI5Mjk1ZDIxMmE0NzA3OTY5MTBmNmZjMTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdcb2HrY+x9n4PZZvQs2PJE9TjCy
DBoCqH0bswQ/pDiSYTUvZNv+J8HXiwYUkoBkXUb2MLi1cdfK4rKb0vAZmXj70UMh
xUQhG0K9vlLSnFKIbaeqjfVzRvl2dSD6P4CGlTE+2hDAXJ36DcCl3xuDAdJQxPHi
l4CdzRlUD2OXMS6N2cFOYSQTSJhCqhkY8T/8suSp76dDjqDQWRixXfxbiDHozF7k
9v4O4gWcEdCaHYGAevNbWB7b1iLBuS3nY2VhtMWz/8DSrA0KjVmTF2h/+PBia1kC
hap2AKYDkEAvIlXqtCZLmIlYm9+f4WbfjkXSICWXavC5e2uOWUZK70liPwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFF/OuukPsFK5KV0hKkcHlpEPb8E4MB8GA1UdIwQY
MBaAFJ0lcZCCH3BYqOr9SBlpdDaLrY8UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNWeGtJSWZjRmlvNnYxSUdXbDBOb3V0anhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS82NmY4MjktNTEyOS00ODQyLWE1YzAt
Mzc0MGIwOTQxZGI4LzEvWDg2NjZRLXdVcmtwWFNFcVJ3ZVdrUTl2d1RnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS82NmY4MjktNTEyOS00ODQyLWE1YzAtMzc0MGIwOTQxZGI4
LzEvblNWeGtJSWZjRmlvNnYxSUdXbDBOb3V0anhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFXPFAAwQE
be7gAwQCuTMQAwQF1YMgMA0GCSqGSIb3DQEBCwUAA4IBAQBt5nIbw9iXnjUxMNsk
ouyFLuWzUQosph5h9asQr9WB8hCXlMIBi8VlNUJxWoTsERsgfLsphMQEvWq0oBBW
mNReoOqWBVORAkoDC4COHyDf2rRFD9jS1vkG29BNZuMQ9h7Og9FF7AZKZbbXwwfj
bEv23BZ8Va2DEFByxhmn0nVJwELoJS6BZHLRlyEiAm/c1frYCa6LFde8RBud6o6t
lSBrXUEF1qAjCLwfhRKanUW5X6EX64Na46fofuJL+/MaieQwisM5hCSjk19IeoGN
H2Y4Elnv/1QrAuVyL3nd/8y/F5opKF4yKDiOpnu0D4KPquXuaMbDLwTg7U3OWzsS
tMxS
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:29 2025 by rpki-client