Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8acc4b-e0a2-4d21-b864-990307d203c8/1/XYuYtPi6JCJ-n-uG-0AJXTsNGW4.roa
File: XYuYtPi6JCJ-n-uG-0AJXTsNGW4.roa (raw, json)
Hash identifier: Z1YBo/YKaoj/EHXGqMxcumGNfOlB4+DLklFeIXjbF7E=
Subject key identifier: 5D:8B:98:B4:F8:BA:24:22:7E:9F:EB:86:FB:40:09:5D:3B:0D:19:6E
Certificate issuer: /CN=39b8b4f04973f37cc69fb7c23468f953f149420e
Certificate serial: 07F06D3F
Authority key identifier: 39:B8:B4:F0:49:73:F3:7C:C6:9F:B7:C2:34:68:F9:53:F1:49:42:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Obi08Elz83zGn7fCNGj5U_FJQg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8acc4b-e0a2-4d21-b864-990307d203c8/1/XYuYtPi6JCJ-n-uG-0AJXTsNGW4.roa
Signing time: Sat 01 Jan 2022 06:57:03 +0000
ROA not before: Sat 01 Jan 2022 06:57:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 25377
IP address blocks: 193.177.16.0/20 maxlen: 20
193.177.32.0/19 maxlen: 19
193.177.64.0/18 maxlen: 18
193.177.4.0/22 maxlen: 22
193.177.2.0/23 maxlen: 23
193.177.1.0/24 maxlen: 24
193.177.8.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 133197119 (0x7f06d3f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39b8b4f04973f37cc69fb7c23468f953f149420e
Validity
Not Before: Jan 1 06:57:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d8b98b4f8ba24227e9feb86fb40095d3b0d196e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8a:4d:fa:e9:03:c4:23:9a:48:80:5e:71:1d:
a8:3f:f0:ee:af:75:60:6b:3e:8c:02:3e:7e:98:7d:
4f:56:ac:04:5e:e2:d6:1a:f7:8e:5a:2f:42:af:38:
e1:72:42:c9:c5:4b:23:8f:bf:db:ed:c6:d0:10:15:
fd:dc:c3:a3:65:a9:09:91:92:94:e8:a2:fa:75:4d:
c5:72:c3:70:c9:64:28:33:70:25:73:fe:cc:32:f5:
ce:c3:d2:26:a4:c3:d8:06:1e:e8:b7:a6:82:e3:c3:
6f:82:30:65:90:86:7c:c1:f0:71:1f:11:06:5c:6f:
4f:4e:5b:9b:aa:28:e9:f2:d1:73:49:da:82:29:9c:
2a:0a:da:ee:7d:4d:36:6f:39:e2:da:6f:0b:34:fa:
2f:e3:39:ec:5e:37:51:0f:17:2e:8e:d2:1b:20:38:
a0:1b:69:92:1c:7f:d7:88:36:1d:aa:34:9f:da:fe:
b7:cd:ce:83:13:cd:4f:44:d3:46:dd:ed:65:c3:31:
b7:63:6d:ef:90:26:4d:d6:41:d2:80:4a:5a:02:80:
2f:f2:ba:09:27:9d:ea:69:0f:68:14:5c:c3:05:72:
ca:56:5c:21:48:14:65:6e:55:38:f7:91:76:c3:06:
77:df:ce:36:ca:b0:be:c4:fa:ed:43:7b:34:28:f2:
38:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:8B:98:B4:F8:BA:24:22:7E:9F:EB:86:FB:40:09:5D:3B:0D:19:6E
X509v3 Authority Key Identifier:
keyid:39:B8:B4:F0:49:73:F3:7C:C6:9F:B7:C2:34:68:F9:53:F1:49:42:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Obi08Elz83zGn7fCNGj5U_FJQg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8acc4b-e0a2-4d21-b864-990307d203c8/1/XYuYtPi6JCJ-n-uG-0AJXTsNGW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8acc4b-e0a2-4d21-b864-990307d203c8/1/Obi08Elz83zGn7fCNGj5U_FJQg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.177.1.0-193.177.127.255
Signature Algorithm: sha256WithRSAEncryption
ac:c0:14:84:99:9b:47:2c:92:d6:a5:89:e8:92:45:25:6b:fa:
78:e7:27:54:d9:d9:89:16:cb:1f:0f:25:c8:f3:bc:fe:cc:fd:
69:55:6a:74:9e:31:d7:28:16:f5:d4:76:cc:ee:ff:5a:29:a3:
70:6b:4c:93:41:d2:cf:08:52:f8:de:0d:2a:7b:96:9e:d1:1d:
83:e8:a0:8e:a8:1c:42:79:ae:6c:f7:03:74:8e:88:67:61:80:
7b:72:a6:0c:d6:a6:ec:90:7b:2b:47:84:ee:d8:8c:36:f4:88:
33:be:bd:09:90:f5:81:b0:fe:e6:8c:c1:65:dc:7b:ab:76:2e:
69:9d:ba:25:df:7c:74:d8:34:65:3c:e6:be:f3:b0:7b:3b:85:
30:19:bb:ef:cd:9c:3a:10:56:2d:fa:9a:fc:bf:52:94:4b:38:
7a:37:5e:fd:74:a7:1b:20:39:87:a3:f3:20:25:e9:03:13:18:
e0:f7:dc:d7:54:c8:cd:cf:df:14:24:05:f3:95:0f:b5:89:89:
d0:87:bd:69:1d:89:00:08:78:23:d4:ea:ef:b8:c6:d0:fd:40:
5c:81:cc:59:ff:f0:9a:06:a4:29:af:a4:5e:6a:61:56:c7:ec:
2f:6e:e9:97:d9:03:70:ab:c2:0f:4a:28:02:2e:54:50:75:c4:
70:76:90:8d
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEB/BtPzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OWI4YjRmMDQ5NzNmMzdjYzY5ZmI3YzIzNDY4Zjk1M2YxNDk0MjBlMB4XDTIyMDEw
MTA2NTcwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ4Yjk4YjRmOGJh
MjQyMjdlOWZlYjg2ZmI0MDA5NWQzYjBkMTk2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMyKTfrpA8QjmkiAXnEdqD/w7q91YGs+jAI+fph9T1asBF7i
1hr3jlovQq844XJCycVLI4+/2+3G0BAV/dzDo2WpCZGSlOii+nVNxXLDcMlkKDNw
JXP+zDL1zsPSJqTD2AYe6LemguPDb4IwZZCGfMHwcR8RBlxvT05bm6oo6fLRc0na
gimcKgra7n1NNm854tpvCzT6L+M57F43UQ8XLo7SGyA4oBtpkhx/14g2Hao0n9r+
t83OgxPNT0TTRt3tZcMxt2Nt75AmTdZB0oBKWgKAL/K6CSed6mkPaBRcwwVyylZc
IUgUZW5VOPeRdsMGd9/ONsqwvsT67UN7NCjyOFkCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRdi5i0+LokIn6f64b7QAldOw0ZbjAfBgNVHSMEGDAWgBQ5uLTwSXPzfMaf
t8I0aPlT8UlCDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09iaTA4RWx6ODN6R243ZkNOR2o1VV9GSlFnNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvOGFjYzRiLWUwYTItNGQyMS1iODY0LTk5MDMwN2QyMDNjOC8x
L1hZdVl0UGk2SkNKLW4tdUctMEFKWFRzTkdXNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
OGFjYzRiLWUwYTItNGQyMS1iODY0LTk5MDMwN2QyMDNjOC8xL09iaTA4RWx6ODN6
R243ZkNOR2o1VV9GSlFnNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAwbEBAwQHwbEAMA0GCSqGSIb3
DQEBCwUAA4IBAQCswBSEmZtHLJLWpYnokkUla/p45ydU2dmJFssfDyXI87z+zP1p
VWp0njHXKBb11HbM7v9aKaNwa0yTQdLPCFL43g0qe5ae0R2D6KCOqBxCea5s9wN0
johnYYB7cqYM1qbskHsrR4Tu2Iw29Igzvr0JkPWBsP7mjMFl3Hurdi5pnbol33x0
2DRlPOa+87B7O4UwGbvvzZw6EFYt+pr8v1KUSzh6N179dKcbIDmHo/MgJekDExjg
99zXVMjNz98UJAXzlQ+1iYnQh71pHYkACHgj1OrvuMbQ/UBcgcxZ//CaBqQpr6Re
amFWx+wvbumX2QNwq8IPSigCLlRQdcRwdpCN
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:29:02 2024 by rpki-client on console-fra.rpki-client.org