Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xWj611dHBkiNI1J81tiEN0e8w14.roa
File: xWj611dHBkiNI1J81tiEN0e8w14.roa (raw, json)
Hash identifier: hZdpMG0pNZFASPGpo8wrWpW5eSK8Xq6k+GaW4J7JWCM=
Subject key identifier: C5:68:FA:D7:57:47:06:48:8D:23:52:7C:D6:D8:84:37:47:BC:C3:5E
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 38ED172E
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xWj611dHBkiNI1J81tiEN0e8w14.roa
Signing time: Sat 01 Jan 2022 12:56:53 +0000
ROA not before: Sat 01 Jan 2022 12:56:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44889
IP address blocks: 212.16.64.0/19 maxlen: 24
46.38.140.0/24 maxlen: 24
212.16.72.0/24 maxlen: 25
212.80.0.0/19 maxlen: 24
212.80.20.0/23 maxlen: 24
185.24.148.0/24 maxlen: 24
46.38.129.0/24 maxlen: 24
46.38.131.0/24 maxlen: 24
2a00:7d80::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 955062062 (0x38ed172e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Jan 1 12:56:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c568fad7574706488d23527cd6d8843747bcc35e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:4c:f2:04:64:99:46:b2:33:51:35:ba:9d:e1:
26:ab:17:d4:6e:08:5f:53:96:5f:1b:f7:d0:8c:28:
aa:6f:0c:b0:11:21:b5:56:b6:f2:4b:7c:b2:8e:c7:
21:cf:e0:69:ae:bb:8e:14:5f:eb:91:6b:2b:8b:62:
c5:7b:0f:87:de:60:f2:a6:b2:2a:e6:8f:62:e9:38:
3a:23:de:09:ac:05:ae:b9:b0:aa:ff:83:9b:87:d5:
8f:17:21:2e:43:34:62:14:92:a2:3a:5a:aa:6a:3c:
d5:c6:3e:e1:86:c3:da:54:03:39:87:d4:a8:3c:24:
ea:f6:e3:98:ff:d8:f7:4a:f7:b0:91:8d:6d:c4:cf:
65:98:de:a4:b9:80:f3:b4:2b:a1:12:81:e9:ab:2d:
03:65:6c:40:2c:a4:6f:6c:db:87:ed:76:fc:53:8e:
36:43:41:b7:58:eb:4a:69:ce:78:81:7c:ca:7c:54:
a2:cf:d5:4a:2f:06:57:33:70:ca:97:02:b7:9d:2b:
0a:21:31:49:84:d7:7a:99:e3:c8:f3:27:44:22:88:
62:02:dd:b0:d3:6e:a7:90:ee:1b:61:9e:e3:cf:cb:
81:f4:0a:7f:d9:7f:6f:30:20:4a:37:42:49:70:99:
ed:1b:8a:cf:91:ee:51:ff:e7:b0:7a:4d:f6:b8:d1:
7e:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:68:FA:D7:57:47:06:48:8D:23:52:7C:D6:D8:84:37:47:BC:C3:5E
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/xWj611dHBkiNI1J81tiEN0e8w14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.129.0/24
46.38.131.0/24
46.38.140.0/24
185.24.148.0/24
212.16.64.0/19
212.80.0.0/19
IPv6:
2a00:7d80::/29
Signature Algorithm: sha256WithRSAEncryption
0b:a3:33:eb:f2:98:fc:de:8f:99:e8:32:b3:df:a1:13:cc:7b:
cc:46:d4:d2:a3:9d:d3:70:10:ab:64:33:c7:ce:d8:69:0a:07:
ce:6a:9d:53:ce:85:d8:f8:85:a4:5b:db:34:62:c2:5f:12:06:
22:f8:80:77:ef:c4:78:b2:78:ca:9e:68:80:f0:97:6e:6d:99:
ef:93:a8:ba:3f:fd:5d:16:8e:92:b8:3c:35:70:18:e4:89:93:
5f:2d:af:ac:8d:37:ef:a3:cd:fa:dc:db:63:23:c4:6f:d3:e7:
46:f7:c8:00:e9:27:85:e7:6f:23:36:bc:2d:08:2f:66:f2:84:
d8:4d:b5:b3:c9:e2:30:06:a4:1a:03:7c:84:fc:99:74:21:5f:
20:5d:54:38:bc:99:50:dd:23:fb:85:cc:20:b8:23:7f:8b:37:
69:5d:0a:80:bf:93:b3:81:61:4d:a8:47:78:3e:22:b6:51:cc:
4d:6b:60:1c:cf:5a:6c:bc:df:48:bb:9a:13:b9:fd:09:2d:56:
ff:4b:93:49:51:e8:b9:4a:05:30:cd:2e:10:c4:d9:83:ac:c5:
39:cb:cd:7f:05:31:fc:db:ca:15:ab:68:18:26:ba:72:c8:05:
67:2f:47:5c:c6:02:3d:bc:3a:1c:03:a2:a9:7c:9e:8a:6e:ea:
b9:9a:6a:e7
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEOO0XLjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
NzI5NDVmNTcxMDMxNTNhMDc4NTRlNzRlMjI3ZjJhZWMxYzVmNDMwMB4XDTIyMDEw
MTEyNTY1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzU2OGZhZDc1NzQ3
MDY0ODhkMjM1MjdjZDZkODg0Mzc0N2JjYzM1ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMFM8gRkmUayM1E1up3hJqsX1G4IX1OWXxv30Iwoqm8MsBEh
tVa28kt8so7HIc/gaa67jhRf65FrK4tixXsPh95g8qayKuaPYuk4OiPeCawFrrmw
qv+Dm4fVjxchLkM0YhSSojpaqmo81cY+4YbD2lQDOYfUqDwk6vbjmP/Y90r3sJGN
bcTPZZjepLmA87QroRKB6astA2VsQCykb2zbh+12/FOONkNBt1jrSmnOeIF8ynxU
os/VSi8GVzNwypcCt50rCiExSYTXepnjyPMnRCKIYgLdsNNup5DuG2Ge48/LgfQK
f9l/bzAgSjdCSXCZ7RuKz5HuUf/nsHpN9rjRfu8CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTFaPrXV0cGSI0jUnzW2IQ3R7zDXjAfBgNVHSMEGDAWgBS3KUX1cQMVOgeF
TnTiJ/KuwcX0MDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3R5bEY5WEVERlRvSGhVNTA0aWZ5cnNIRjlEQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjEvNWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8x
L3hXajYxMWRIQmtpTkkxSjgxdGlFTjBlOHcxNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjEv
NWY2OTA2LTNmYjAtNGRmZi04ZDAxLTJhMDljYzUzYTgwNS8xL3R5bEY5WEVERlRv
SGhVNTA0aWZ5cnNIRjlEQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAC4mgQMEAC4mgwMEAC4mjAMEALkY
lAMEBdQQQAMEBdRQADANBAIAAjAHAwUDKgB9gDANBgkqhkiG9w0BAQsFAAOCAQEA
C6Mz6/KY/N6Pmegys9+hE8x7zEbU0qOd03AQq2Qzx87YaQoHzmqdU86F2PiFpFvb
NGLCXxIGIviAd+/EeLJ4yp5ogPCXbm2Z75Oouj/9XRaOkrg8NXAY5ImTXy2vrI03
76PN+tzbYyPEb9PnRvfIAOknhedvIza8LQgvZvKE2E21s8niMAakGgN8hPyZdCFf
IF1UOLyZUN0j+4XMILgjf4s3aV0KgL+Ts4FhTahHeD4itlHMTWtgHM9abLzfSLua
E7n9CS1W/0uTSVHouUoFMM0uEMTZg6zFOcvNfwUx/NvKFatoGCa6csgFZy9HXMYC
Pbw6HAOiqXyeim7quZpq5w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:32:24 2024 by rpki-client on console-fra.rpki-client.org