Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/XD1t0DBSM3dIcZxid2_JA0btp3o.roa
File: XD1t0DBSM3dIcZxid2_JA0btp3o.roa (raw, json)
Hash identifier: Pp/l1TEqqGWA+pl24/3XR+G+yZTK+FvKIsMZ2hMDdG0=
Subject key identifier: 5C:3D:6D:D0:30:52:33:77:48:71:9C:62:77:6F:C9:03:46:ED:A7:7A
Certificate issuer: /CN=5140b5cb5986084126f68d6032316d3b1b57696e
Certificate serial: 1548BE76
Authority key identifier: 51:40:B5:CB:59:86:08:41:26:F6:8D:60:32:31:6D:3B:1B:57:69:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UUC1y1mGCEEm9o1gMjFtOxtXaW4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/XD1t0DBSM3dIcZxid2_JA0btp3o.roa
Signing time: Sat 01 Jan 2022 00:52:20 +0000
ROA not before: Sat 01 Jan 2022 00:52:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199462
IP address blocks: 185.101.78.0/24 maxlen: 24
185.101.77.0/24 maxlen: 24
185.101.76.0/24 maxlen: 24
185.101.79.0/24 maxlen: 24
2001:67c:11bc::/48 maxlen: 48
2a06:1b80::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 357088886 (0x1548be76)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5140b5cb5986084126f68d6032316d3b1b57696e
Validity
Not Before: Jan 1 00:52:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c3d6dd03052337748719c62776fc90346eda77a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:84:3e:1d:a8:af:82:09:39:d0:92:cc:92:09:
90:96:b8:24:a6:df:36:3b:31:7e:5b:5a:48:17:e7:
03:7c:8b:c8:3a:c1:b6:e3:95:12:e9:ae:9f:6e:d8:
b4:c4:22:8a:47:68:da:e0:e3:bc:0c:78:3b:41:70:
f5:d0:b9:db:1b:da:1b:ca:0c:bc:d8:8e:50:c7:28:
e4:24:f3:01:87:02:84:b4:bd:5c:c5:4d:07:6b:2c:
c4:03:4c:98:68:90:a7:55:ef:a8:d8:4d:52:db:5e:
af:7c:e6:52:50:0d:24:45:55:59:59:78:b8:40:c4:
f3:b4:fd:47:e5:10:b2:24:cb:f5:08:04:97:b1:07:
45:c1:19:bf:44:c6:eb:91:c0:08:e0:fc:0a:f7:11:
92:6b:64:21:53:16:88:50:64:40:2a:92:71:d7:70:
fd:5a:b0:3a:0a:fd:be:5a:8a:0e:ae:bb:41:8a:f5:
c7:23:fa:7e:97:1c:be:e1:b5:70:2e:b2:66:9a:bd:
4e:99:a8:13:dd:f9:cf:7a:ed:01:1b:b0:b2:bd:c0:
78:f9:2c:e7:27:2f:5d:68:7c:1f:87:7f:72:e1:8a:
fc:4d:a4:ab:07:4f:87:90:b8:68:13:2b:c9:06:11:
f1:ca:51:34:2a:d4:bb:7b:cd:08:94:0c:dd:3e:0f:
84:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:3D:6D:D0:30:52:33:77:48:71:9C:62:77:6F:C9:03:46:ED:A7:7A
X509v3 Authority Key Identifier:
keyid:51:40:B5:CB:59:86:08:41:26:F6:8D:60:32:31:6D:3B:1B:57:69:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UUC1y1mGCEEm9o1gMjFtOxtXaW4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/XD1t0DBSM3dIcZxid2_JA0btp3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/d19f2d-9659-48b1-b1e8-de13a552df63/1/UUC1y1mGCEEm9o1gMjFtOxtXaW4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.76.0/22
IPv6:
2001:67c:11bc::/48
2a06:1b80::/29
Signature Algorithm: sha256WithRSAEncryption
3d:68:43:6b:c6:a3:2a:11:45:18:db:a5:d3:81:2a:5c:1a:d7:
ef:ba:49:9d:04:7e:48:6e:e0:66:1c:8c:d7:de:c2:ca:1a:b6:
f4:a0:d6:7c:20:e7:d8:ed:52:93:ca:e3:a1:34:f0:d1:2a:a2:
d5:5f:96:7c:b6:4d:3d:52:de:64:c6:27:dc:67:32:13:e6:4d:
7b:48:44:8e:40:ef:ed:ca:28:29:49:4f:ca:5c:e4:37:fd:bf:
48:ed:d0:5d:40:5f:29:80:f5:53:b0:e1:09:07:99:c9:fd:03:
8a:08:2e:25:3e:2e:a0:20:c0:c1:11:ae:9d:3c:2a:9c:9f:3d:
7a:04:9b:55:f2:79:b1:12:7a:4b:c6:86:e9:8d:b0:13:b9:b8:
04:3e:46:3f:fe:08:de:fd:cd:bb:c4:02:67:d8:14:60:bb:6b:
20:bf:3e:38:b1:ba:70:08:a3:c7:b2:4b:0b:fd:35:e8:60:4a:
35:3c:3b:9b:19:a4:a8:01:df:6c:8c:fe:70:8d:5d:0a:0f:67:
86:94:70:c8:7c:c3:42:5b:54:e2:b7:d9:93:20:d9:e1:b5:15:
c0:f6:79:25:5d:72:e7:ae:52:e2:8a:19:1c:89:95:6a:c1:66:
cb:51:59:cd:03:8a:dd:bd:68:9b:17:31:63:d4:52:67:c2:c9:
09:9d:48:23
-----BEGIN CERTIFICATE-----
MIIFBzCCA++gAwIBAgIEFUi+djANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
MTQwYjVjYjU5ODYwODQxMjZmNjhkNjAzMjMxNmQzYjFiNTc2OTZlMB4XDTIyMDEw
MTAwNTIyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMzZDZkZDAzMDUy
MzM3NzQ4NzE5YzYyNzc2ZmM5MDM0NmVkYTc3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALGEPh2or4IJOdCSzJIJkJa4JKbfNjsxfltaSBfnA3yLyDrB
tuOVEumun27YtMQiikdo2uDjvAx4O0Fw9dC52xvaG8oMvNiOUMco5CTzAYcChLS9
XMVNB2ssxANMmGiQp1XvqNhNUtter3zmUlANJEVVWVl4uEDE87T9R+UQsiTL9QgE
l7EHRcEZv0TG65HACOD8CvcRkmtkIVMWiFBkQCqScddw/VqwOgr9vlqKDq67QYr1
xyP6fpccvuG1cC6yZpq9TpmoE935z3rtARuwsr3AePks5ycvXWh8H4d/cuGK/E2k
qwdPh5C4aBMryQYR8cpRNCrUu3vNCJQM3T4PhIsCAwEAAaOCAiEwggIdMB0GA1Ud
DgQWBBRcPW3QMFIzd0hxnGJ3b8kDRu2nejAfBgNVHSMEGDAWgBRRQLXLWYYIQSb2
jWAyMW07G1dpbjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1VVQzF5MW1HQ0VFbTlvMWdNakZ0T3h0WGFXNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWMvZDE5ZjJkLTk2NTktNDhiMS1iMWU4LWRlMTNhNTUyZGY2My8x
L1hEMXQwREJTTTNkSWNaeGlkMl9KQTBidHAzby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWMv
ZDE5ZjJkLTk2NTktNDhiMS1iMWU4LWRlMTNhNTUyZGY2My8xL1VVQzF5MW1HQ0VF
bTlvMWdNakZ0T3h0WGFXNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA3
BggrBgEFBQcBBwEB/wQoMCYwDAQCAAEwBgMEArllTDAWBAIAAjAQAwcAIAEGfBG8
AwUDKgYbgDANBgkqhkiG9w0BAQsFAAOCAQEAPWhDa8ajKhFFGNul04EqXBrX77pJ
nQR+SG7gZhyM197Cyhq29KDWfCDn2O1Sk8rjoTTw0Sqi1V+WfLZNPVLeZMYn3Gcy
E+ZNe0hEjkDv7cooKUlPylzkN/2/SO3QXUBfKYD1U7DhCQeZyf0DigguJT4uoCDA
wRGunTwqnJ89egSbVfJ5sRJ6S8aG6Y2wE7m4BD5GP/4I3v3Nu8QCZ9gUYLtrIL8+
OLG6cAijx7JLC/016GBKNTw7mxmkqAHfbIz+cI1dCg9nhpRwyHzDQltU4rfZkyDZ
4bUVwPZ5JV1y565S4ooZHImVasFmy1FZzQOK3b1omxcxY9RSZ8LJCZ1IIw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:31:18 2024 by rpki-client on console-fra.rpki-client.org