Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/cdbf8f-6e67-4ab1-bf18-48ef8e1114e4/1/xtqB3uuxHpWxbnWl6zXW0I-RZl8.roa
File: xtqB3uuxHpWxbnWl6zXW0I-RZl8.roa (raw, json)
Hash identifier: scykN3eICW2HenAH83jsC8xc4keOh7Iv7tJ1ps9Aw9Y=
Subject key identifier: C6:DA:81:DE:EB:B1:1E:95:B1:6E:75:A5:EB:35:D6:D0:8F:91:66:5F
Certificate issuer: /CN=69c67969c3c9d8fadbc9a73e3ff56361d0203b71
Certificate serial: 1A3DA161
Authority key identifier: 69:C6:79:69:C3:C9:D8:FA:DB:C9:A7:3E:3F:F5:63:61:D0:20:3B:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/acZ5acPJ2Prbyac-P_VjYdAgO3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/cdbf8f-6e67-4ab1-bf18-48ef8e1114e4/1/xtqB3uuxHpWxbnWl6zXW0I-RZl8.roa
Signing time: Sat 01 Jan 2022 05:00:21 +0000
ROA not before: Sat 01 Jan 2022 05:00:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199976
IP address blocks: 185.136.29.0/24 maxlen: 24
185.136.28.0/24 maxlen: 24
185.136.31.0/24 maxlen: 24
185.136.30.0/24 maxlen: 24
5.102.130.0/24 maxlen: 24
5.102.129.0/24 maxlen: 24
5.102.132.0/24 maxlen: 24
5.102.128.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 440246625 (0x1a3da161)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69c67969c3c9d8fadbc9a73e3ff56361d0203b71
Validity
Not Before: Jan 1 05:00:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6da81deebb11e95b16e75a5eb35d6d08f91665f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:25:57:48:f3:07:35:9a:1b:fb:ff:06:4d:82:
d2:7e:76:50:92:f5:10:19:a0:5b:dd:5b:52:a1:40:
7c:83:bd:35:84:46:54:c5:aa:38:29:3e:13:43:79:
d6:8a:17:84:b5:10:fa:9f:cb:0f:a7:5a:a3:93:8b:
3c:90:81:d8:53:9a:5e:28:b4:84:7a:c0:6e:a2:55:
8c:ca:7a:78:28:b5:d9:7c:99:2f:89:10:4d:49:aa:
f7:06:65:51:bd:8f:4e:f9:5a:ca:a2:a1:61:79:83:
75:28:47:67:1b:6a:bd:ff:d9:8a:d3:92:91:14:d3:
8b:90:a5:72:ba:89:06:86:05:62:2c:58:4a:c3:37:
ce:ea:5b:95:89:a7:4a:10:7f:08:79:44:9d:01:63:
1b:55:26:46:ed:3d:a6:01:66:37:5e:65:10:8f:84:
e0:2b:82:0c:a5:44:70:4a:d4:c0:4d:f1:63:ee:5a:
88:cf:a2:c2:1c:5f:dc:d1:5d:26:87:a9:07:77:6c:
06:f2:ac:37:c2:09:d8:13:d6:b7:57:39:41:14:df:
74:02:c5:69:72:32:ec:46:d8:36:21:18:18:64:a1:
ed:0f:0f:3f:cf:84:af:fc:59:58:f6:c0:bc:2c:83:
64:24:d0:64:2d:6d:b5:6b:b6:d0:c8:78:94:b2:33:
fc:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DA:81:DE:EB:B1:1E:95:B1:6E:75:A5:EB:35:D6:D0:8F:91:66:5F
X509v3 Authority Key Identifier:
keyid:69:C6:79:69:C3:C9:D8:FA:DB:C9:A7:3E:3F:F5:63:61:D0:20:3B:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/acZ5acPJ2Prbyac-P_VjYdAgO3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/cdbf8f-6e67-4ab1-bf18-48ef8e1114e4/1/xtqB3uuxHpWxbnWl6zXW0I-RZl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/cdbf8f-6e67-4ab1-bf18-48ef8e1114e4/1/acZ5acPJ2Prbyac-P_VjYdAgO3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.128.0-5.102.130.255
5.102.132.0/24
185.136.28.0/22
Signature Algorithm: sha256WithRSAEncryption
13:55:57:16:3b:4e:0a:e0:25:5e:b1:bf:15:f1:a9:fb:03:10:
6e:3e:9e:c8:38:03:bf:f8:14:e0:0a:1a:1f:34:68:69:f9:e0:
d1:d3:10:96:87:e1:b7:2b:d9:f3:01:03:77:b9:93:e8:a2:00:
3d:d5:48:87:93:86:6b:2e:75:11:2b:55:b1:8a:8b:cc:77:19:
e5:a1:68:fd:e7:eb:f9:aa:12:98:18:f7:40:43:b9:be:3f:6f:
62:8b:5c:b4:25:d0:02:00:37:c8:e0:5f:6d:bc:4e:4f:96:29:
0a:79:eb:9f:bf:07:b4:6f:70:05:47:86:a1:e6:cc:bb:fc:52:
09:7f:2c:db:e5:06:af:7f:bc:53:15:6f:a1:a3:ca:1e:13:4e:
af:64:1d:ed:a9:81:84:85:9d:4e:05:62:0e:51:c7:3c:f0:fa:
53:e2:97:cb:24:ca:5b:26:f2:1c:0e:e3:b9:99:a0:6b:61:d7:
e4:8c:6d:9f:b9:0c:fc:3e:cc:15:4c:4e:c5:a6:98:a7:1e:65:
eb:70:9b:02:30:c8:ac:25:8e:28:09:a5:08:47:8c:86:64:21:
32:e8:c7:28:26:a7:f5:24:de:bf:c4:9d:ae:e2:92:4c:51:21:
fc:e7:19:fb:7a:11:92:e0:ea:4e:4b:ef:99:40:f1:e4:e8:56:
cf:c9:32:a7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgIEGj2hYTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
OWM2Nzk2OWMzYzlkOGZhZGJjOWE3M2UzZmY1NjM2MWQwMjAzYjcxMB4XDTIyMDEw
MTA1MDAyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzZkYTgxZGVlYmIx
MWU5NWIxNmU3NWE1ZWIzNWQ2ZDA4ZjkxNjY1ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAP4lV0jzBzWaG/v/Bk2C0n52UJL1EBmgW91bUqFAfIO9NYRG
VMWqOCk+E0N51ooXhLUQ+p/LD6dao5OLPJCB2FOaXii0hHrAbqJVjMp6eCi12XyZ
L4kQTUmq9wZlUb2PTvlayqKhYXmDdShHZxtqvf/ZitOSkRTTi5ClcrqJBoYFYixY
SsM3zupblYmnShB/CHlEnQFjG1UmRu09pgFmN15lEI+E4CuCDKVEcErUwE3xY+5a
iM+iwhxf3NFdJoepB3dsBvKsN8IJ2BPWt1c5QRTfdALFaXIy7EbYNiEYGGSh7Q8P
P8+Er/xZWPbAvCyDZCTQZC1ttWu20Mh4lLIz/FkCAwEAAaOCAh0wggIZMB0GA1Ud
DgQWBBTG2oHe67EelbFudaXrNdbQj5FmXzAfBgNVHSMEGDAWgBRpxnlpw8nY+tvJ
pz4/9WNh0CA7cTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2FjWjVhY1BKMlByYnlhYy1QX1ZqWWRBZ08zRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvY2RiZjhmLTZlNjctNGFiMS1iZjE4LTQ4ZWY4ZTExMTRlNC8x
L3h0cUIzdXV4SHBXeGJuV2w2elhXMEktUlpsOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
Y2RiZjhmLTZlNjctNGFiMS1iZjE4LTQ4ZWY4ZTExMTRlNC8xL2FjWjVhY1BKMlBy
YnlhYy1QX1ZqWWRBZ08zRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAz
BggrBgEFBQcBBwEB/wQkMCIwIAQCAAEwGjAMAwQHBWaAAwQABWaCAwQABWaEAwQC
uYgcMA0GCSqGSIb3DQEBCwUAA4IBAQATVVcWO04K4CVesb8V8an7AxBuPp7IOAO/
+BTgChofNGhp+eDR0xCWh+G3K9nzAQN3uZPoogA91UiHk4ZrLnURK1WxiovMdxnl
oWj95+v5qhKYGPdAQ7m+P29ii1y0JdACADfI4F9tvE5PlikKeeufvwe0b3AFR4ah
5sy7/FIJfyzb5Qavf7xTFW+ho8oeE06vZB3tqYGEhZ1OBWIOUcc88PpT4pfLJMpb
JvIcDuO5maBrYdfkjG2fuQz8PswVTE7FppinHmXrcJsCMMisJY4oCaUIR4yGZCEy
6McoJqf1JN6/xJ2u4pJMUSH85xn7ehGS4OpOS++ZQPHk6FbPyTKn
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:18 2024 by rpki-client on console-fra.rpki-client.org