Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/XcdVBAH1oaiOnZ_ZhCg5_DZN724.roa
File: XcdVBAH1oaiOnZ_ZhCg5_DZN724.roa (raw, json)
Hash identifier: owNrGgyeZpcztQK5/8yT37M3rvyn4rzq4aeFHPL4/lg=
Subject key identifier: 5D:C7:55:04:01:F5:A1:A8:8E:9D:9F:D9:84:28:39:FC:36:4D:EF:6E
Certificate issuer: /CN=015b6d1596ac0501a71a393447051a62ff1dda16
Certificate serial: 0275254E
Authority key identifier: 01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/XcdVBAH1oaiOnZ_ZhCg5_DZN724.roa
Signing time: Wed 23 Mar 2022 16:04:18 +0000
ROA not before: Wed 23 Mar 2022 16:04:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47626
IP address blocks: 193.7.216.0/22 maxlen: 22
5.180.240.0/22 maxlen: 22
78.24.100.0/22 maxlen: 22
91.208.35.0/24 maxlen: 24
188.93.64.0/22 maxlen: 22
2a05:9c00::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 41231694 (0x275254e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=015b6d1596ac0501a71a393447051a62ff1dda16
Validity
Not Before: Mar 23 16:04:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dc7550401f5a1a88e9d9fd9842839fc364def6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:47:84:19:95:26:9f:7c:16:c2:e9:d1:aa:8a:
eb:97:cf:76:60:82:d0:60:dd:21:b2:16:ef:69:2e:
f1:a1:38:d9:7b:ff:fe:6a:8f:4b:09:24:3f:3d:b2:
c7:f3:cf:6c:07:31:a8:53:42:fe:7c:53:55:52:3e:
ca:4f:7c:eb:61:56:b9:a9:fe:68:69:c6:0d:86:6e:
66:1b:fd:4e:8f:34:28:a6:dc:01:31:12:c3:eb:7b:
ec:42:92:85:92:f0:76:20:8b:53:07:c0:30:33:10:
87:30:c0:d4:01:8f:5b:dd:e9:82:32:79:30:e5:71:
ad:13:3e:2e:74:67:69:72:ec:c5:23:7b:7d:df:41:
8b:6b:4e:44:1b:a4:4b:fa:86:34:ca:1a:2a:9f:1b:
3b:25:a4:d1:9e:01:48:18:73:93:23:b5:6c:f0:0f:
3f:36:a5:a2:db:a3:e3:64:f7:01:97:a2:48:4b:8d:
46:0f:a7:8b:cd:15:9c:33:6c:db:c8:09:12:93:9f:
fc:23:32:dc:d3:da:6b:2f:df:f2:27:b3:d2:d6:d8:
81:29:25:c4:0e:8c:48:9e:1e:ff:ae:4f:eb:6f:6f:
2f:b5:c4:d8:a7:b6:ec:36:fc:03:26:9b:a8:8a:04:
15:6a:c5:3b:ab:91:d8:ee:94:21:93:b5:34:76:37:
00:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C7:55:04:01:F5:A1:A8:8E:9D:9F:D9:84:28:39:FC:36:4D:EF:6E
X509v3 Authority Key Identifier:
keyid:01:5B:6D:15:96:AC:05:01:A7:1A:39:34:47:05:1A:62:FF:1D:DA:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AVttFZasBQGnGjk0RwUaYv8d2hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/XcdVBAH1oaiOnZ_ZhCg5_DZN724.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/52a88f-e9a2-4851-9148-fee8f3790567/1/AVttFZasBQGnGjk0RwUaYv8d2hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.240.0/22
78.24.100.0/22
91.208.35.0/24
188.93.64.0/22
193.7.216.0/22
IPv6:
2a05:9c00::/29
Signature Algorithm: sha256WithRSAEncryption
3e:db:be:88:0a:8f:fa:17:20:db:8c:87:4a:e3:42:52:ae:42:
64:fa:cf:a7:2b:31:a2:02:43:d8:17:70:f4:29:e1:e8:b8:0d:
3e:0c:cd:26:08:1d:a3:46:7f:7f:18:c9:a1:4f:c1:c3:72:65:
3b:09:fd:8a:ab:18:91:ea:63:40:a1:86:66:25:08:0b:b3:0f:
c0:ef:b0:a9:74:23:c1:11:97:83:8b:ad:a0:c0:58:45:06:b2:
de:59:9f:3e:56:0f:55:4b:12:42:d8:b3:55:95:b6:77:65:5b:
a2:8a:77:44:64:43:2a:e1:af:6a:b7:28:8c:45:1c:f4:79:10:
ff:7e:d4:74:d9:af:fd:fb:c6:79:3c:fe:ca:88:0f:b6:35:c1:
21:27:83:6f:a7:a3:b7:ab:84:36:8f:8e:b1:58:74:6f:be:f3:
1c:0f:ee:35:10:d2:d9:6c:ed:a1:f2:47:6b:41:0d:f0:c1:a2:
79:5a:2c:9e:14:56:c0:a0:ac:d9:3a:ce:e2:29:f1:8b:8b:93:
52:f2:05:79:2c:5e:e9:67:95:68:0d:c3:20:66:84:3e:6f:f6:
85:b7:b6:11:80:e5:7b:24:4d:ac:a7:63:79:b1:c8:70:0f:0d:
fc:84:d7:8e:e8:d6:bc:07:d2:0d:fc:b3:da:8c:09:c6:c8:85:
f1:b9:ff:55
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIEAnUlTjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
MTViNmQxNTk2YWMwNTAxYTcxYTM5MzQ0NzA1MWE2MmZmMWRkYTE2MB4XDTIyMDMy
MzE2MDQxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRjNzU1MDQwMWY1
YTFhODhlOWQ5ZmQ5ODQyODM5ZmMzNjRkZWY2ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALtHhBmVJp98FsLp0aqK65fPdmCC0GDdIbIW72ku8aE42Xv/
/mqPSwkkPz2yx/PPbAcxqFNC/nxTVVI+yk9862FWuan+aGnGDYZuZhv9To80KKbc
ATESw+t77EKShZLwdiCLUwfAMDMQhzDA1AGPW93pgjJ5MOVxrRM+LnRnaXLsxSN7
fd9Bi2tORBukS/qGNMoaKp8bOyWk0Z4BSBhzkyO1bPAPPzalotuj42T3AZeiSEuN
Rg+ni80VnDNs28gJEpOf/CMy3NPaay/f8iez0tbYgSklxA6MSJ4e/65P629vL7XE
2Ke27Db8AyabqIoEFWrFO6uR2O6UIZO1NHY3ACkCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBRdx1UEAfWhqI6dn9mEKDn8Nk3vbjAfBgNVHSMEGDAWgBQBW20VlqwFAaca
OTRHBRpi/x3aFjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0FWdHRGWmFzQlFHbkdqazBSd1VhWXY4ZDJoWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNTJhODhmLWU5YTItNDg1MS05MTQ4LWZlZThmMzc5MDU2Ny8x
L1hjZFZCQUgxb2FpT25aX1poQ2c1X0RaTjcyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NTJhODhmLWU5YTItNDg1MS05MTQ4LWZlZThmMzc5MDU2Ny8xL0FWdHRGWmFzQlFH
bkdqazBSd1VhWXY4ZDJoWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEAgW08AMEAk4YZAMEAFvQIwMEArxd
QAMEAsEH2DANBAIAAjAHAwUDKgWcADANBgkqhkiG9w0BAQsFAAOCAQEAPtu+iAqP
+hcg24yHSuNCUq5CZPrPpysxogJD2Bdw9Cnh6LgNPgzNJggdo0Z/fxjJoU/Bw3Jl
Own9iqsYkepjQKGGZiUIC7MPwO+wqXQjwRGXg4utoMBYRQay3lmfPlYPVUsSQtiz
VZW2d2Vboop3RGRDKuGvarcojEUc9HkQ/37UdNmv/fvGeTz+yogPtjXBISeDb6ej
t6uENo+OsVh0b77zHA/uNRDS2WztofJHa0EN8MGieVosnhRWwKCs2TrO4inxi4uT
UvIFeSxe6WeVaA3DIGaEPm/2hbe2EYDleyRNrKdjebHIcA8N/ITXjujWvAfSDfyz
2owJxsiF8bn/VQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:37:48 2025 by rpki-client