Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/XhycI_xo8DByMuzt8yBzUoSxRJw.roa
File: XhycI_xo8DByMuzt8yBzUoSxRJw.roa (raw, json)
Hash identifier: qmLr5ERFNA9wfVi14a5ZHo2KZP0L16oq7oBCfiQkEAY=
Subject key identifier: 5E:1C:9C:23:FC:68:F0:30:72:32:EC:ED:F3:20:73:52:84:B1:44:9C
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 0618B21C
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/XhycI_xo8DByMuzt8yBzUoSxRJw.roa
Signing time: Wed 02 Feb 2022 14:19:44 +0000
ROA not before: Wed 02 Feb 2022 14:19:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 198949
IP address blocks: 80.86.192.0/24 maxlen: 24
80.86.199.0/24 maxlen: 24
80.86.196.0/24 maxlen: 24
80.86.198.0/24 maxlen: 24
80.86.193.0/24 maxlen: 24
81.221.251.0/24 maxlen: 24
81.221.250.0/24 maxlen: 24
81.221.253.0/24 maxlen: 24
81.221.252.0/24 maxlen: 24
81.221.254.0/24 maxlen: 24
81.221.255.0/24 maxlen: 24
194.191.17.0/24 maxlen: 24
194.191.16.0/24 maxlen: 24
212.59.186.0/24 maxlen: 24
212.59.184.0/24 maxlen: 24
194.191.24.0/24 maxlen: 24
194.191.21.0/24 maxlen: 24
194.191.20.0/24 maxlen: 24
194.191.19.0/24 maxlen: 24
194.191.18.0/24 maxlen: 24
212.59.189.0/24 maxlen: 24
212.59.188.0/24 maxlen: 24
194.191.26.0/24 maxlen: 24
194.191.25.0/24 maxlen: 24
82.195.224.0/24 maxlen: 24
82.195.226.0/24 maxlen: 24
82.195.225.0/24 maxlen: 24
82.195.227.0/24 maxlen: 24
2a01:2a8:2001::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 102281756 (0x618b21c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Feb 2 14:19:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e1c9c23fc68f0307232ecedf320735284b1449c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:63:2f:95:9b:92:ea:d7:ee:e3:1c:40:84:46:
bf:28:5e:02:33:4e:d0:38:61:5e:cf:8a:8b:ed:44:
cb:5e:d1:c3:4c:67:fd:a4:f9:a2:9c:94:ea:fe:6d:
dd:d1:c3:fc:7b:a9:31:86:29:c9:10:c2:96:00:49:
d6:89:75:72:32:52:2b:4b:b2:f3:65:ef:4b:c5:e3:
2c:f5:98:c6:18:00:01:ee:ba:90:0f:47:94:f4:b6:
5a:bb:63:4b:fd:14:3e:fd:5a:db:4b:a6:b8:d7:0e:
18:0b:e3:4d:ed:42:df:b8:5c:7e:35:44:46:d7:1a:
92:a7:a0:10:86:38:cc:c4:1c:06:ca:42:75:75:9f:
82:f8:d7:59:51:c0:d2:5a:a7:30:ec:17:90:96:64:
5e:78:2b:67:af:f8:cc:95:e6:f0:e2:62:15:fa:45:
88:0c:76:15:c4:28:f4:b0:46:d3:cd:12:37:cf:7a:
bd:61:00:82:79:38:54:2d:51:a8:c1:73:1d:f9:be:
8d:4a:88:76:a0:d0:fa:48:15:d7:65:0c:69:ba:cf:
1c:1d:85:f3:40:45:be:6f:3a:97:b9:f3:c4:49:7e:
40:be:a9:d3:e8:c0:d2:78:f4:09:cc:21:62:de:12:
27:1e:6d:5a:9c:a5:c9:36:49:a7:4e:52:53:03:99:
18:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1C:9C:23:FC:68:F0:30:72:32:EC:ED:F3:20:73:52:84:B1:44:9C
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/XhycI_xo8DByMuzt8yBzUoSxRJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.86.192.0/23
80.86.196.0/24
80.86.198.0/23
81.221.250.0-81.221.255.255
82.195.224.0/22
194.191.16.0-194.191.21.255
194.191.24.0-194.191.26.255
212.59.184.0/24
212.59.186.0/24
212.59.188.0/23
IPv6:
2a01:2a8:2001::/48
Signature Algorithm: sha256WithRSAEncryption
2b:6e:f6:6a:32:49:5c:5f:cb:9b:f0:ac:df:97:0b:32:99:99:
7e:1c:83:fa:36:7b:7a:30:1a:17:31:a4:a6:87:e7:0a:39:c4:
ca:9b:54:bd:e9:10:25:34:8d:be:7b:c2:de:6f:ad:1e:32:44:
90:16:cc:a5:dd:59:67:71:a1:26:cf:66:88:a7:f2:6c:0c:1a:
51:c4:0b:49:56:ba:ec:2c:dc:4e:2d:f2:97:7d:c1:39:1d:a3:
cd:cf:65:7c:03:11:c4:9c:5d:ac:39:f6:62:8d:43:ab:c7:52:
15:08:9c:dd:17:5b:2a:c2:35:56:44:30:cd:b0:ce:db:20:68:
79:6a:46:58:f8:24:c7:f1:84:9f:50:35:74:93:8b:59:61:41:
ca:d3:a5:da:b3:6a:01:6a:9f:31:a4:e8:03:b6:27:78:c2:43:
33:b7:bf:f6:3b:31:26:76:98:02:cf:6c:1a:ee:e5:e3:4d:dc:
d0:c6:bd:95:db:cf:54:01:03:87:da:bc:39:57:65:36:16:3b:
70:14:11:30:4f:5f:c3:c8:7f:2a:6b:3c:01:40:1b:3d:d8:4d:
e0:cc:21:b8:c9:93:47:d2:2b:13:f8:63:1c:f5:20:5c:3e:ba:
23:a6:c4:40:1d:bc:e5:d3:bd:c3:9c:e9:ef:a6:95:78:59:83:
6f:df:57:0a
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIEBhiyHDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzRjNjcwNmUzZmJlYmRmZjE0NmE4YTE0ZWMyYTMyODRhOTJiYTYyMB4XDTIyMDIw
MjE0MTk0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUxYzljMjNmYzY4
ZjAzMDcyMzJlY2VkZjMyMDczNTI4NGIxNDQ5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALdjL5WbkurX7uMcQIRGvyheAjNO0DhhXs+Ki+1Ey17Rw0xn
/aT5opyU6v5t3dHD/HupMYYpyRDClgBJ1ol1cjJSK0uy82XvS8XjLPWYxhgAAe66
kA9HlPS2WrtjS/0UPv1a20umuNcOGAvjTe1C37hcfjVERtcakqegEIY4zMQcBspC
dXWfgvjXWVHA0lqnMOwXkJZkXngrZ6/4zJXm8OJiFfpFiAx2FcQo9LBG080SN896
vWEAgnk4VC1RqMFzHfm+jUqIdqDQ+kgV12UMabrPHB2F80BFvm86l7nzxEl+QL6p
0+jA0nj0CcwhYt4SJx5tWpylyTZJp05SUwOZGGUCAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBReHJwj/GjwMHIy7O3zIHNShLFEnDAfBgNVHSMEGDAWgBSnTGcG4/vr3/FG
qKFOwqMoSpK6YjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3AweG5CdVA3NjlfeFJxaWhUc0tqS0VxU3VtSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvYTBjNDQ0LTk3OTYtNGYwNi04M2YyLWFhNzg4YTQyMGFlYy8x
L1hoeWNJX3hvOERCeU11enQ4eUJ6VW9TeFJKdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
YTBjNDQ0LTk3OTYtNGYwNi04M2YyLWFhNzg4YTQyMGFlYy8xL3AweG5CdVA3Njlf
eFJxaWhUc0tqS0VxU3VtSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwWQQCAAEwUwMEAVBWwAMEAFBWxAMEAVBWxjALAwQB
Ud36AwMBUdwDBAJSw+AwDAMEBMK/EAMEAcK/FDAMAwQDwr8YAwQAwr8aAwQA1Du4
AwQA1Du6AwQB1Du8MA8EAgACMAkDBwAqAQKoIAEwDQYJKoZIhvcNAQELBQADggEB
ACtu9moySVxfy5vwrN+XCzKZmX4cg/o2e3owGhcxpKaH5wo5xMqbVL3pECU0jb57
wt5vrR4yRJAWzKXdWWdxoSbPZoin8mwMGlHEC0lWuuws3E4t8pd9wTkdo83PZXwD
EcScXaw59mKNQ6vHUhUInN0XWyrCNVZEMM2wztsgaHlqRlj4JMfxhJ9QNXSTi1lh
QcrTpdqzagFqnzGk6AO2J3jCQzO3v/Y7MSZ2mALPbBru5eNN3NDGvZXbz1QBA4fa
vDlXZTYWO3AUETBPX8PIfyprPAFAGz3YTeDMIbjJk0fSKxP4Yxz1IFw+uiOmxEAd
vOXTvcOc6e+mlXhZg2/fVwo=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:31:30 2025 by rpki-client