Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Xuknydp33aIBa03gfylQKvQuvjg.roa
File: Xuknydp33aIBa03gfylQKvQuvjg.roa (raw, json)
Hash identifier: 7FIp21ONLowCGYzh6KcQdzY/VW4tYhRr/E3cXPC4c5M=
Subject key identifier: 5E:E9:27:C9:DA:77:DD:A2:01:6B:4D:E0:7F:29:50:2A:F4:2E:BE:38
Certificate issuer: /CN=95b30111b0b720a209f788c8b90f60380b465c2e
Certificate serial: 0A9D13D9
Authority key identifier: 95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Xuknydp33aIBa03gfylQKvQuvjg.roa
Signing time: Wed 15 Jun 2022 13:20:44 +0000
ROA not before: Wed 15 Jun 2022 13:20:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199312
IP address blocks: 46.28.166.0/24 maxlen: 24
46.28.165.0/24 maxlen: 24
46.28.164.0/24 maxlen: 24
46.28.163.0/24 maxlen: 24
46.28.162.0/24 maxlen: 24
46.28.161.0/24 maxlen: 24
46.28.160.0/21 maxlen: 24
46.28.167.0/24 maxlen: 24
185.10.251.0/24 maxlen: 24
185.10.250.0/24 maxlen: 24
185.10.249.0/24 maxlen: 24
185.10.248.0/24 maxlen: 24
185.10.248.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 178066393 (0xa9d13d9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95b30111b0b720a209f788c8b90f60380b465c2e
Validity
Not Before: Jun 15 13:20:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ee927c9da77dda2016b4de07f29502af42ebe38
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:76:b0:50:5c:89:20:65:8f:2b:0b:df:93:dd:
c0:48:2c:d6:dc:99:36:9b:5f:72:88:5b:f4:f1:57:
eb:88:59:c0:4c:c9:b3:41:11:45:c1:a8:dd:b9:ad:
b8:b8:e7:c4:c1:e7:c1:c4:3d:94:0b:21:1d:b5:c9:
54:32:77:9c:a0:91:dc:09:fb:74:c8:5c:e2:ae:20:
26:dc:59:d1:27:a4:88:f7:79:4f:8d:65:65:ab:b9:
c8:65:7d:95:d7:39:c9:5a:4d:32:53:86:44:c4:68:
c3:af:06:b8:ef:b9:bf:2a:02:9a:2f:bd:73:4b:da:
e2:bb:49:59:b4:87:76:41:69:67:00:fe:bc:c8:2e:
de:4b:87:d2:93:91:9f:98:7d:90:19:ef:4e:f9:1f:
11:ea:16:ed:4a:ee:e7:a3:a0:36:eb:97:31:68:64:
fb:fd:78:b9:e5:4e:c5:5b:02:2e:b5:11:07:59:39:
3f:84:83:30:84:21:f7:53:9e:fc:95:2b:80:07:ab:
2b:43:92:55:4a:0f:8c:06:96:5b:1c:bb:39:3c:22:
b3:13:c0:84:59:21:2e:7a:3a:9a:3d:cd:8d:94:57:
33:5f:f1:5d:8e:3a:4c:9d:8a:fe:6e:f9:25:f5:7b:
df:f5:3d:7c:a3:03:ca:5e:f5:72:e2:ef:22:93:30:
40:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E9:27:C9:DA:77:DD:A2:01:6B:4D:E0:7F:29:50:2A:F4:2E:BE:38
X509v3 Authority Key Identifier:
keyid:95:B3:01:11:B0:B7:20:A2:09:F7:88:C8:B9:0F:60:38:0B:46:5C:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/Xuknydp33aIBa03gfylQKvQuvjg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/03bf28-c55d-4c7a-91bb-91646bf0153d/1/lbMBEbC3IKIJ94jIuQ9gOAtGXC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.28.160.0/21
185.10.248.0/22
Signature Algorithm: sha256WithRSAEncryption
49:69:f1:a6:7d:74:a3:a9:07:9e:6e:d4:85:b4:f6:b9:4d:e8:
6b:f7:72:76:48:89:fb:dc:c9:d1:c3:5d:70:17:a4:91:a9:f4:
aa:b9:d7:a0:7a:b8:42:55:b1:ee:2c:72:50:0b:9e:7b:b6:15:
39:45:94:49:d9:71:02:df:87:95:36:6a:95:a3:54:8f:bc:75:
0b:d8:e6:fa:4d:c7:d9:d5:c6:a2:a6:96:7a:fc:06:c0:54:6b:
9c:fe:5f:13:10:88:0a:23:66:10:06:77:f7:f2:d3:6d:43:28:
e9:0c:7b:c6:e3:91:d6:2d:89:24:bd:a8:f3:8b:e9:36:ac:1c:
da:ed:3a:4e:cb:25:54:34:f0:71:48:94:88:8b:2a:9a:56:00:
f9:64:87:7d:71:78:d5:b4:f7:3a:e2:3a:10:20:c7:f2:ac:1e:
56:f9:56:bb:93:e3:6a:9c:5d:8f:3a:b1:c0:f4:e4:e1:e3:43:
43:1c:65:c8:1e:a2:04:5b:8e:14:d6:39:ec:b3:a5:da:62:50:
93:62:61:9b:5a:65:bc:f1:e1:df:28:39:61:e8:23:54:44:3d:
38:60:1f:6e:21:51:7b:76:40:43:53:ba:cb:07:95:6d:65:7a:
c6:3b:1b:6a:3e:ac:20:c3:25:c1:d3:58:b8:1b:9c:81:87:9e:
a3:dd:22:f2
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECp0T2TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NWIzMDExMWIwYjcyMGEyMDlmNzg4YzhiOTBmNjAzODBiNDY1YzJlMB4XDTIyMDYx
NTEzMjA0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWVlOTI3YzlkYTc3
ZGRhMjAxNmI0ZGUwN2YyOTUwMmFmNDJlYmUzODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANt2sFBciSBljysL35PdwEgs1tyZNptfcohb9PFX64hZwEzJ
s0ERRcGo3bmtuLjnxMHnwcQ9lAshHbXJVDJ3nKCR3An7dMhc4q4gJtxZ0SekiPd5
T41lZau5yGV9ldc5yVpNMlOGRMRow68GuO+5vyoCmi+9c0va4rtJWbSHdkFpZwD+
vMgu3kuH0pORn5h9kBnvTvkfEeoW7Uru56OgNuuXMWhk+/14ueVOxVsCLrURB1k5
P4SDMIQh91Oe/JUrgAerK0OSVUoPjAaWWxy7OTwisxPAhFkhLno6mj3NjZRXM1/x
XY46TJ2K/m75JfV73/U9fKMDyl71cuLvIpMwQBUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRe6SfJ2nfdogFrTeB/KVAq9C6+ODAfBgNVHSMEGDAWgBSVswERsLcgogn3
iMi5D2A4C0ZcLjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xiTUJFYkMzSUtJSjk0akl1UTlnT0F0R1hDNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTEvMDNiZjI4LWM1NWQtNGM3YS05MWJiLTkxNjQ2YmYwMTUzZC8x
L1h1a255ZHAzM2FJQmEwM2dmeWxRS3ZRdXZqZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTEv
MDNiZjI4LWM1NWQtNGM3YS05MWJiLTkxNjQ2YmYwMTUzZC8xL2xiTUJFYkMzSUtJ
Sjk0akl1UTlnT0F0R1hDNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAy4coAMEArkK+DANBgkqhkiG9w0B
AQsFAAOCAQEASWnxpn10o6kHnm7UhbT2uU3oa/dydkiJ+9zJ0cNdcBekkan0qrnX
oHq4QlWx7ixyUAuee7YVOUWUSdlxAt+HlTZqlaNUj7x1C9jm+k3H2dXGoqaWevwG
wFRrnP5fExCICiNmEAZ39/LTbUMo6Qx7xuOR1i2JJL2o84vpNqwc2u06TsslVDTw
cUiUiIsqmlYA+WSHfXF41bT3OuI6ECDH8qweVvlWu5PjapxdjzqxwPTk4eNDQxxl
yB6iBFuOFNY57LOl2mJQk2Jhm1plvPHh3yg5YegjVEQ9OGAfbiFRe3ZAQ1O6yweV
bWV6xjsbaj6sIMMlwdNYuBucgYeeo90i8g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:08:47 2024 by rpki-client on console-ams.rpki-client.org