Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/X6nipF34DMAJlQpuhv6TV1SLX-A.roa
File: X6nipF34DMAJlQpuhv6TV1SLX-A.roa (raw, json)
Hash identifier: 16maDyXLPUtVJcbY8JOE+sn+PpMbcbG5weuuB0IZC4w=
Subject key identifier: 5F:A9:E2:A4:5D:F8:0C:C0:09:95:0A:6E:86:FE:93:57:54:8B:5F:E0
Certificate issuer: /CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Certificate serial: 01851653955661DB9CA018807E867293DEBE
Authority key identifier: F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/X6nipF34DMAJlQpuhv6TV1SLX-A.roa
Signing time: Thu 15 Dec 2022 15:07:34 +0000
ROA not before: Thu 15 Dec 2022 15:07:34 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56971
IP address blocks: 193.43.72.0/24 maxlen: 32
45.152.112.0/24 maxlen: 32
45.152.113.0/24 maxlen: 32
193.242.145.0/24 maxlen: 32
45.145.4.0/24 maxlen: 24
45.145.6.0/24 maxlen: 32
45.145.7.0/24 maxlen: 32
45.159.210.0/24 maxlen: 24
45.159.208.0/24 maxlen: 24
45.159.209.0/24 maxlen: 24
45.154.3.0/24 maxlen: 32
45.152.84.0/24 maxlen: 32
45.154.1.0/24 maxlen: 32
45.154.2.0/24 maxlen: 32
45.152.86.0/24 maxlen: 32
45.11.93.0/24 maxlen: 24
45.11.94.0/24 maxlen: 24
45.11.92.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:16:53:95:56:61:db:9c:a0:18:80:7e:86:72:93:de:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1b8bbb1e186a599d4cc058cabf4df0e252f31fa
Validity
Not Before: Dec 15 15:07:34 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fa9e2a45df80cc009950a6e86fe9357548b5fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3f:18:20:4d:28:37:2c:00:0f:44:44:3f:25:
e4:61:8d:07:42:09:ea:d2:90:33:06:0b:81:d4:48:
41:ab:a7:b0:64:2e:28:3e:af:2f:73:71:bd:42:98:
10:6d:ac:dd:4d:4b:91:80:52:f2:e7:cd:7e:df:37:
70:30:35:50:f9:7d:c6:f4:72:46:b4:53:ed:3f:1d:
11:2c:03:f9:22:c1:ce:4a:1e:88:42:47:41:65:72:
c4:1f:1e:92:7a:f9:6e:b1:5c:b9:3c:9a:9b:8e:44:
cf:a3:a8:cd:10:19:22:60:0e:ad:ae:73:99:49:58:
f0:10:91:9f:d0:e3:83:34:4b:10:ae:92:80:f6:27:
1b:9e:0d:c6:0b:44:0d:20:29:92:49:2c:63:ae:d3:
9e:3d:f2:65:45:fe:46:5a:c6:8b:bb:d6:0d:17:cf:
35:37:fb:c8:c6:77:c0:81:cd:71:2b:3f:3e:6a:7f:
00:f8:a0:ee:b5:fb:20:0e:5e:90:c8:f3:fc:ca:f3:
16:2e:02:6f:7b:2a:d9:36:bf:6c:0a:ea:a3:b8:d1:
44:51:a8:c3:a6:73:88:d0:6f:f9:db:ee:6a:4b:04:
29:e8:b4:7b:5f:66:c0:ea:42:73:13:f1:47:b1:5d:
86:cc:38:73:4f:9a:42:94:3b:40:02:bf:44:01:c8:
d0:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:A9:E2:A4:5D:F8:0C:C0:09:95:0A:6E:86:FE:93:57:54:8B:5F:E0
X509v3 Authority Key Identifier:
keyid:F1:B8:BB:B1:E1:86:A5:99:D4:CC:05:8C:AB:F4:DF:0E:25:2F:31:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8bi7seGGpZnUzAWMq_TfDiUvMfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/X6nipF34DMAJlQpuhv6TV1SLX-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/321ea6-eff7-4514-ab2d-5b4b85fd5ae5/1/8bi7seGGpZnUzAWMq_TfDiUvMfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.92.0-45.11.94.255
45.145.4.0/24
45.145.6.0/23
45.152.84.0/24
45.152.86.0/24
45.152.112.0/23
45.154.1.0-45.154.3.255
45.159.208.0-45.159.210.255
193.43.72.0/24
193.242.145.0/24
Signature Algorithm: sha256WithRSAEncryption
55:fe:5f:3a:f4:50:75:f0:e8:19:4f:8e:60:fe:d2:78:b2:b6:
23:81:c6:b3:9b:06:ca:26:4e:f6:85:29:6f:30:94:d4:23:98:
8c:79:66:a7:72:0a:f1:26:d4:64:03:22:4a:e3:e2:67:00:f7:
3b:73:e5:3d:03:25:d6:0b:f7:4c:5a:b6:00:2a:35:da:b4:9c:
b6:e5:df:96:91:0a:3c:29:fd:e5:d5:17:6d:75:13:f1:68:53:
b0:eb:1f:d2:70:0a:49:5c:1e:ae:6c:52:d1:9d:10:00:ad:ff:
7f:34:b3:fb:ac:25:4d:da:5c:46:80:d4:0f:39:4b:97:91:13:
40:64:a0:dd:92:8d:fc:ab:d5:c8:3b:8f:3d:89:16:4e:14:f7:
fb:e4:18:ac:29:87:68:b4:3c:4c:49:07:de:ee:59:17:62:07:
89:d9:4f:78:f1:97:09:65:5c:8e:d8:bb:17:a1:1c:63:24:c6:
78:99:c2:29:78:ac:32:66:9f:47:ee:6f:e7:94:54:f5:76:ce:
6d:1f:68:7e:8c:44:ba:bc:40:4e:7f:18:d5:d9:a4:9d:76:0f:
b9:09:f0:7c:09:df:88:36:9b:ec:68:bd:55:44:2b:3b:27:36:
4a:bc:7d:27:6c:5d:1c:3a:10:a8:d3:23:8a:1b:04:bf:40:01:
f7:79:84:2b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAYUWU5VWYducoBiAfoZyk96+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxYjhiYmIxZTE4NmE1OTlkNGNjMDU4Y2FiZjRkZjBlMjUy
ZjMxZmEwHhcNMjIxMjE1MTUwNzM0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmE5ZTJhNDVkZjgwY2MwMDk5NTBhNmU4NmZlOTM1NzU0OGI1ZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxD8YIE0oNywAD0REPyXkYY0HQgnq
0pAzBguB1EhBq6ewZC4oPq8vc3G9QpgQbazdTUuRgFLy581+3zdwMDVQ+X3G9HJG
tFPtPx0RLAP5IsHOSh6IQkdBZXLEHx6SevlusVy5PJqbjkTPo6jNEBkiYA6trnOZ
SVjwEJGf0OODNEsQrpKA9icbng3GC0QNICmSSSxjrtOePfJlRf5GWsaLu9YNF881
N/vIxnfAgc1xKz8+an8A+KDutfsgDl6QyPP8yvMWLgJveyrZNr9sCuqjuNFEUajD
pnOI0G/52+5qSwQp6LR7X2bA6kJzE/FHsV2GzDhzT5pClDtAAr9EAcjQZQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFF+p4qRd+AzACZUKbob+k1dUi1/gMB8GA1UdIwQY
MBaAFPG4u7HhhqWZ1MwFjKv03w4lLzH6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQt
NWI0Yjg1ZmQ1YWU1LzEvWDZuaXBGMzRETUFKbFFwdWh2NlRWMVNMWC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8zMjFlYTYtZWZmNy00NTE0LWFiMmQtNWI0Yjg1ZmQ1YWU1
LzEvOGJpN3NlR0dwWm5VekFXTXFfVGZEaVV2TWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUMAwDBAItC1wD
BAAtC14DBAAtkQQDBAEtkQYDBAAtmFQDBAAtmFYDBAEtmHAwDAMEAC2aAQMEAi2a
ADAMAwQELZ/QAwQALZ/SAwQAwStIAwQAwfKRMA0GCSqGSIb3DQEBCwUAA4IBAQBV
/l869FB18OgZT45g/tJ4srYjgcazmwbKJk72hSlvMJTUI5iMeWancgrxJtRkAyJK
4+JnAPc7c+U9AyXWC/dMWrYAKjXatJy25d+WkQo8Kf3l1RdtdRPxaFOw6x/ScApJ
XB6ubFLRnRAArf9/NLP7rCVN2lxGgNQPOUuXkRNAZKDdko38q9XIO489iRZOFPf7
5BisKYdotDxMSQfe7lkXYgeJ2U948ZcJZVyO2LsXoRxjJMZ4mcIpeKwyZp9H7m/n
lFT1ds5tH2h+jES6vEBOfxjV2aSddg+5CfB8Cd+INpvsaL1VRCs7JzZKvH0nbF0c
OhCo0yOKGwS/QAH3eYQr
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:46 2023 by rpki-client on console-ams.rpki-client.org