Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/XbRIaLgFAkczM11bC8yybfgIFLQ.roa
File: XbRIaLgFAkczM11bC8yybfgIFLQ.roa (raw, json)
Hash identifier: 1d12D+VZjezbeGMpWGBn1/MX4eJVuiHTZ8uABBAaRxc=
Subject key identifier: 5D:B4:48:68:B8:05:02:47:33:33:5D:5B:0B:CC:B2:6D:F8:08:14:B4
Certificate issuer: /CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Certificate serial: 06AD0C01
Authority key identifier: D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/XbRIaLgFAkczM11bC8yybfgIFLQ.roa
Signing time: Tue 14 Jun 2022 12:47:44 +0000
ROA not before: Tue 14 Jun 2022 12:47:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29601
IP address blocks: 193.24.64.0/24 maxlen: 24
193.24.67.0/24 maxlen: 24
193.24.71.0/24 maxlen: 24
193.24.70.0/24 maxlen: 24
139.123.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 112004097 (0x6ad0c01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8772aac1b62b87d6b01d57a1a00a6a72b8a7da6
Validity
Not Before: Jun 14 12:47:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5db44868b805024733335d5b0bccb26df80814b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ec:65:5f:85:ea:a3:e0:22:2d:67:a2:fe:c5:
5f:fe:dd:da:7f:f9:3a:13:3d:55:15:3e:be:99:ae:
06:6e:f1:8d:53:75:cc:8a:41:bb:47:9c:94:ed:52:
ad:be:a9:3c:f7:87:8c:cf:a7:31:c5:d1:28:73:7a:
9d:1a:de:44:0a:5d:dd:0a:0d:b0:d1:08:84:03:e4:
99:1d:7a:9b:c9:3b:02:30:27:1e:79:e3:0d:3f:28:
12:22:bc:bd:13:85:a3:20:c7:e4:44:71:94:9c:2f:
1a:63:05:99:b4:46:c8:0b:59:cc:4c:dd:2d:c2:82:
91:64:91:7f:79:2d:23:07:db:c9:f5:70:1c:3d:b4:
fa:d5:a8:44:06:41:f4:4e:2a:81:de:cc:8f:a2:4c:
aa:78:db:92:b3:d1:4a:52:85:af:e6:b2:0a:d7:76:
12:6f:2d:3b:2e:0e:c7:9d:ba:22:04:e0:b4:49:f5:
32:c4:af:b5:58:5a:7a:cd:eb:82:8b:fd:47:01:27:
8e:a8:5e:c6:2e:d4:1c:46:83:4a:e1:4d:ac:24:0f:
36:4f:28:4f:0e:b1:4b:b2:79:ea:4f:4d:4f:a0:f5:
65:36:62:84:0f:ec:b6:09:67:6d:c8:96:fc:f5:33:
06:bf:ed:c8:67:b6:71:1c:93:5a:81:0e:83:ce:3e:
33:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B4:48:68:B8:05:02:47:33:33:5D:5B:0B:CC:B2:6D:F8:08:14:B4
X509v3 Authority Key Identifier:
keyid:D8:77:2A:AC:1B:62:B8:7D:6B:01:D5:7A:1A:00:A6:A7:2B:8A:7D:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2HcqrBtiuH1rAdV6GgCmpyuKfaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/XbRIaLgFAkczM11bC8yybfgIFLQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/616a58-5342-432c-a9c5-333beecff6f4/1/2HcqrBtiuH1rAdV6GgCmpyuKfaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.123.224.0/24
193.24.64.0/24
193.24.67.0/24
193.24.70.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:11:e1:06:45:46:9b:a4:aa:2d:be:07:84:24:b5:09:14:91:
be:58:5d:7e:0c:7e:75:0e:6a:36:d2:46:3d:0a:f0:3f:93:b9:
70:0d:a0:1a:79:a9:c3:0c:48:76:fd:35:16:3c:5c:83:f3:04:
a7:3a:18:00:06:fb:8f:f8:34:b3:f1:32:03:21:9e:26:61:c1:
de:34:8a:af:01:f5:b1:33:0c:e7:a2:3e:58:c3:fc:92:fd:09:
99:3d:d1:92:b5:08:93:cc:d8:f0:05:08:8e:8f:a3:a8:93:22:
a4:8c:2f:eb:38:fb:b0:77:b3:47:66:a0:22:c9:9f:e9:b4:ef:
13:be:0d:08:52:00:e2:79:9b:2c:b7:5f:25:7d:0d:c1:c1:9d:
f0:97:01:b0:7d:eb:c9:f1:eb:09:af:32:37:4d:14:f1:b0:7b:
3f:09:0a:10:2c:b0:ac:ee:02:4a:76:b3:b0:26:f5:2c:24:e1:
00:a2:6d:68:85:d9:eb:06:5e:f9:14:d7:e2:57:dc:1f:fa:ac:
19:8e:3f:fe:20:87:4c:b7:2e:bf:23:df:c6:0c:47:5c:73:3f:
46:ec:dc:a1:cc:49:87:d1:f2:d7:95:97:95:b7:a9:83:fa:83:
3a:fc:06:e7:c5:6d:ba:c8:13:5a:b7:2b:c8:0d:9e:62:0c:68:
40:40:92:91
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEBq0MATANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ODc3MmFhYzFiNjJiODdkNmIwMWQ1N2ExYTAwYTZhNzJiOGE3ZGE2MB4XDTIyMDYx
NDEyNDc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRiNDQ4NjhiODA1
MDI0NzMzMzM1ZDViMGJjY2IyNmRmODA4MTRiNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAM/sZV+F6qPgIi1nov7FX/7d2n/5OhM9VRU+vpmuBm7xjVN1
zIpBu0eclO1Srb6pPPeHjM+nMcXRKHN6nRreRApd3QoNsNEIhAPkmR16m8k7AjAn
HnnjDT8oEiK8vROFoyDH5ERxlJwvGmMFmbRGyAtZzEzdLcKCkWSRf3ktIwfbyfVw
HD20+tWoRAZB9E4qgd7Mj6JMqnjbkrPRSlKFr+ayCtd2Em8tOy4Ox526IgTgtEn1
MsSvtVhaes3rgov9RwEnjqhexi7UHEaDSuFNrCQPNk8oTw6xS7J56k9NT6D1ZTZi
hA/stglnbciW/PUzBr/tyGe2cRyTWoEOg84+M5UCAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRdtEhouAUCRzMzXVsLzLJt+AgUtDAfBgNVHSMEGDAWgBTYdyqsG2K4fWsB
1XoaAKanK4p9pjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJIY3FyQnRpdUgxckFkVjZHZ0NtcHl1S2ZhWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNTMvNjE2YTU4LTUzNDItNDMyYy1hOWM1LTMzM2JlZWNmZjZmNC8x
L1hiUklhTGdGQWtjek0xMWJDOHl5YmZnSUZMUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNTMv
NjE2YTU4LTUzNDItNDMyYy1hOWM1LTMzM2JlZWNmZjZmNC8xLzJIY3FyQnRpdUgx
ckFkVjZHZ0NtcHl1S2ZhWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAIt74AMEAMEYQAMEAMEYQwMEAcEY
RjANBgkqhkiG9w0BAQsFAAOCAQEAwBHhBkVGm6SqLb4HhCS1CRSRvlhdfgx+dQ5q
NtJGPQrwP5O5cA2gGnmpwwxIdv01Fjxcg/MEpzoYAAb7j/g0s/EyAyGeJmHB3jSK
rwH1sTMM56I+WMP8kv0JmT3RkrUIk8zY8AUIjo+jqJMipIwv6zj7sHezR2agIsmf
6bTvE74NCFIA4nmbLLdfJX0NwcGd8JcBsH3ryfHrCa8yN00U8bB7PwkKECywrO4C
SnazsCb1LCThAKJtaIXZ6wZe+RTX4lfcH/qsGY4//iCHTLcuvyPfxgxHXHM/Ruzc
ocxJh9Hy15WXlbepg/qDOvwG58VtusgTWrcryA2eYgxoQECSkQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:48:27 2023 by rpki-client on console-fra.rpki-client.org