Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/X70m3RJkcUOHIcgTS-Oc_M_WDkE.roa
File: X70m3RJkcUOHIcgTS-Oc_M_WDkE.roa (raw, json)
Hash identifier: UytiY8jXIEra9WSzaBe09VwqSj/YAc4teMwlOOMMw2M=
Subject key identifier: 5F:BD:26:DD:12:64:71:43:87:21:C8:13:4B:E3:9C:FC:CF:D6:0E:41
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 33FC3DDF
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/X70m3RJkcUOHIcgTS-Oc_M_WDkE.roa
Signing time: Fri 17 Jun 2022 15:46:44 +0000
ROA not before: Fri 17 Jun 2022 15:46:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29075
IP address blocks: 91.109.176.0/20 maxlen: 20
128.204.224.0/20 maxlen: 20
85.118.32.0/19 maxlen: 19
141.255.144.0/20 maxlen: 20
185.118.0.0/22 maxlen: 22
185.123.24.0/22 maxlen: 22
45.94.124.0/22 maxlen: 22
45.10.224.0/22 maxlen: 22
178.20.48.0/21 maxlen: 21
212.85.144.0/20 maxlen: 20
188.121.224.0/19 maxlen: 19
2a02:2178::/29 maxlen: 29
2a00:1b88::/32 maxlen: 32
2a02:2178::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 872168927 (0x33fc3ddf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Jun 17 15:46:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fbd26dd126471438721c8134be39cfccfd60e41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:42:8b:d2:70:3e:e6:c5:d9:b3:32:80:02:f0:
18:d4:25:07:6a:b0:1a:63:60:f4:64:e2:bd:36:97:
3f:0e:8f:80:af:fa:64:6d:19:9b:dd:63:87:13:c4:
5e:e7:bd:7c:e1:1d:93:83:17:f2:a9:43:81:56:63:
fb:fa:10:c8:89:3d:61:f6:62:8d:46:28:df:64:f3:
6f:60:ac:52:e6:b4:2e:7b:eb:f1:ec:cc:da:0d:9d:
d1:5c:81:40:2b:a5:af:9e:fa:7e:64:cb:ff:c1:fe:
d2:96:37:fc:15:45:eb:95:fd:a3:0a:99:ab:6e:64:
19:fb:92:91:1b:8b:1a:e7:2e:c2:d5:10:06:41:82:
55:55:b5:05:a7:91:ba:24:7c:09:9d:02:8c:0a:7e:
ce:fa:84:21:a0:2a:20:0c:93:c2:ea:37:2c:90:76:
e8:14:5e:49:10:88:c0:27:40:98:5b:1b:87:e0:d7:
30:7e:80:69:1e:f9:17:8d:43:a2:a5:f8:63:62:cf:
49:93:de:9d:93:e5:4b:d8:6e:80:d1:d5:4c:68:cc:
d4:ee:61:e9:c0:ce:d7:71:cf:99:0c:ac:8a:e6:63:
a3:95:a2:2f:66:26:3a:05:38:24:e1:a9:36:cf:ba:
28:2d:a7:41:3f:96:01:ba:7f:e8:de:98:01:ce:6a:
45:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:BD:26:DD:12:64:71:43:87:21:C8:13:4B:E3:9C:FC:CF:D6:0E:41
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/X70m3RJkcUOHIcgTS-Oc_M_WDkE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.224.0/22
45.94.124.0/22
85.118.32.0/19
91.109.176.0/20
128.204.224.0/20
141.255.144.0/20
178.20.48.0/21
185.118.0.0/22
185.123.24.0/22
188.121.224.0/19
212.85.144.0/20
IPv6:
2a00:1b88::/32
2a02:2178::/29
Signature Algorithm: sha256WithRSAEncryption
14:29:d0:4a:ee:03:5b:f3:38:45:aa:dd:6e:c5:8a:1f:bb:75:
fa:ff:83:da:a8:86:85:1b:e4:c7:ac:78:66:f8:8b:0f:68:6f:
74:85:a6:92:5f:91:3c:d5:48:aa:e7:42:e3:29:b5:9d:23:0e:
71:c4:53:e4:25:e8:9f:5e:02:48:23:3f:0b:1d:f0:20:09:ab:
c3:07:e3:8a:20:19:5c:fa:aa:92:1a:fc:28:ad:c2:df:65:5c:
c9:9c:6b:85:66:91:73:aa:75:85:92:ab:c5:66:bc:21:43:ff:
58:f4:d5:56:bc:83:c5:3e:24:90:2e:aa:2f:b5:62:c1:03:0b:
3a:26:ca:9f:21:09:77:50:25:40:bf:d3:ef:d4:70:0a:ba:54:
87:05:c4:0a:50:30:8f:5b:f6:93:a8:ff:0c:4c:23:e5:34:8c:
06:d1:b7:2a:76:b6:ea:e4:f2:02:0e:f4:b9:a7:80:6a:0b:a4:
e8:d2:4a:45:7e:bf:fc:8a:9b:79:fe:58:d5:f1:e5:60:25:24:
87:40:fe:22:f0:92:cf:35:87:af:e8:60:f9:e2:f0:e0:7b:ef:
0f:06:8c:54:60:12:fd:86:8f:e7:85:62:e9:98:49:10:f8:6e:
b8:4e:c0:88:35:61:9b:5b:34:36:86:dc:03:d2:9e:cd:05:33:
59:7b:d1:07
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgIEM/w93zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NmRlMWQ5ZGNkYjI1YzFlNTMyYzVjOWI2OWRmYTc1N2UzMDYyMTBlMB4XDTIyMDYx
NzE1NDY0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZiZDI2ZGQxMjY0
NzE0Mzg3MjFjODEzNGJlMzljZmNjZmQ2MGU0MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5Ci9JwPubF2bMygALwGNQlB2qwGmNg9GTivTaXPw6PgK/6
ZG0Zm91jhxPEXue9fOEdk4MX8qlDgVZj+/oQyIk9YfZijUYo32Tzb2CsUua0Lnvr
8ezM2g2d0VyBQCulr576fmTL/8H+0pY3/BVF65X9owqZq25kGfuSkRuLGucuwtUQ
BkGCVVW1BaeRuiR8CZ0CjAp+zvqEIaAqIAyTwuo3LJB26BReSRCIwCdAmFsbh+DX
MH6AaR75F41DoqX4Y2LPSZPenZPlS9hugNHVTGjM1O5h6cDO13HPmQysiuZjo5Wi
L2YmOgU4JOGpNs+6KC2nQT+WAbp/6N6YAc5qRQECAwEAAaOCAlswggJXMB0GA1Ud
DgQWBBRfvSbdEmRxQ4chyBNL45z8z9YOQTAfBgNVHSMEGDAWgBRm3h2dzbJcHlMs
XJtp36dX4wYhDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1p0NGRuYzJ5WEI1VExGeWJhZC1uVi1NR0lRNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvNjBmY2ZlLTdiMmMtNDY3Mi1iYzJmLTQwNDc5ODcwOTc2ZS8x
L1g3MG0zUkprY1VPSEljZ1RTLU9jX01fV0RrRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
NjBmY2ZlLTdiMmMtNDY3Mi1iYzJmLTQwNDc5ODcwOTc2ZS8xL1p0NGRuYzJ5WEI1
VExGeWJhZC1uVi1NR0lRNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBx
BggrBgEFBQcBBwEB/wRiMGAwSAQCAAEwQgMEAi0K4AMEAi1efAMEBVV2IAMEBFtt
sAMEBIDM4AMEBI3/kAMEA7IUMAMEArl2AAMEArl7GAMEBbx54AMEBNRVkDAUBAIA
AjAOAwUAKgAbiAMFAyoCIXgwDQYJKoZIhvcNAQELBQADggEBABQp0EruA1vzOEWq
3W7Fih+7dfr/g9qohoUb5MeseGb4iw9ob3SFppJfkTzVSKrnQuMptZ0jDnHEU+Ql
6J9eAkgjPwsd8CAJq8MH44ogGVz6qpIa/Citwt9lXMmca4VmkXOqdYWSq8VmvCFD
/1j01Va8g8U+JJAuqi+1YsEDCzomyp8hCXdQJUC/0+/UcAq6VIcFxApQMI9b9pOo
/wxMI+U0jAbRtyp2turk8gIO9LmngGoLpOjSSkV+v/yKm3n+WNXx5WAlJIdA/iLw
ks81h6/oYPni8OB77w8GjFRgEv2Gj+eFYumYSRD4brhOwIg1YZtbNDaG3APSns0F
M1l70Qc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:14:47 2024 by rpki-client on console-ams.rpki-client.org