Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Xz3XVD8Nl-6_LbZFZy3lpdNSc6Y.roa
File: Xz3XVD8Nl-6_LbZFZy3lpdNSc6Y.roa (raw, json)
Hash identifier: 7AQxpE4UP1RbSV13cqFtDfFpcu0wWZuRU9tMl/c6wKM=
Subject key identifier: 5F:3D:D7:54:3F:0D:97:EE:BF:2D:B6:45:67:2D:E5:A5:D3:52:73:A6
Certificate issuer: /CN=13932782ee7758990404fa1ccfb09ec23a86123f
Certificate serial: 01849CA566954EA4FD940DCE961533778322
Authority key identifier: 13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Xz3XVD8Nl-6_LbZFZy3lpdNSc6Y.roa
Signing time: Tue 22 Nov 2022 00:03:16 +0000
ROA not before: Tue 22 Nov 2022 00:03:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2856
IP address blocks: 46.248.112.0/23 maxlen: 23
46.248.108.0/23 maxlen: 23
46.248.110.0/23 maxlen: 23
46.248.106.0/23 maxlen: 23
46.248.114.0/23 maxlen: 23
46.248.116.0/23 maxlen: 23
46.248.118.0/23 maxlen: 23
46.248.124.0/23 maxlen: 23
46.248.122.0/23 maxlen: 23
46.248.120.0/23 maxlen: 23
46.248.126.0/23 maxlen: 23
82.136.52.0/24 maxlen: 24
85.116.0.0/23 maxlen: 23
85.116.2.0/23 maxlen: 23
85.116.4.0/23 maxlen: 23
85.116.6.0/23 maxlen: 23
85.116.16.0/21 maxlen: 21
85.116.24.0/24 maxlen: 24
85.116.26.0/24 maxlen: 24
85.116.25.0/24 maxlen: 24
85.116.28.0/24 maxlen: 24
85.116.27.0/24 maxlen: 24
85.116.30.0/24 maxlen: 24
85.116.29.0/24 maxlen: 24
85.116.31.0/24 maxlen: 24
82.136.26.0/24 maxlen: 24
82.136.43.0/24 maxlen: 24
82.136.47.0/24 maxlen: 24
46.248.98.0/23 maxlen: 23
46.248.96.0/23 maxlen: 23
46.248.100.0/23 maxlen: 23
46.248.102.0/23 maxlen: 23
46.248.104.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:9c:a5:66:95:4e:a4:fd:94:0d:ce:96:15:33:77:83:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13932782ee7758990404fa1ccfb09ec23a86123f
Validity
Not Before: Nov 22 00:03:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f3dd7543f0d97eebf2db645672de5a5d35273a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:07:87:4f:a4:d3:a3:f5:a4:e0:3a:e9:92:6d:
14:9a:74:e1:29:d4:d0:2c:f9:7b:1c:b2:34:5d:1d:
cf:31:e9:f9:eb:60:d5:e5:a2:dc:4e:5a:de:89:b5:
84:ad:b6:61:7f:49:51:01:f3:74:1b:2b:a7:13:63:
a4:a4:c1:69:58:d6:10:21:6e:19:78:e0:25:74:12:
41:0f:49:16:b9:f8:01:16:f7:6b:5c:04:bd:5b:8d:
ba:af:47:d4:a3:a3:67:8f:ba:cb:07:69:f2:0b:e3:
d8:84:d1:8e:c4:62:55:bb:a8:46:1b:90:ee:88:6f:
a1:3e:b2:4e:e4:26:5e:4a:c0:8e:ab:c6:86:fa:95:
fd:11:1f:88:20:19:18:f0:ac:34:1f:2c:1f:a2:95:
fe:d7:de:13:7c:09:8c:0b:2a:38:9f:db:13:c5:61:
69:62:ae:2e:63:4c:cc:f5:30:35:04:f7:d9:ff:1d:
1f:0e:22:42:57:a6:7e:e4:51:8e:b5:74:f3:18:5d:
c8:3a:ee:3f:6c:20:8e:9f:1e:43:94:b5:b9:24:49:
6c:3d:61:2a:46:86:c1:11:86:48:52:60:0a:6c:05:
50:c3:70:88:b2:8a:cc:3d:08:94:f6:2b:3f:93:68:
c6:9d:89:dd:d2:88:44:1c:20:b9:c8:2a:1f:cd:db:
b7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:3D:D7:54:3F:0D:97:EE:BF:2D:B6:45:67:2D:E5:A5:D3:52:73:A6
X509v3 Authority Key Identifier:
keyid:13:93:27:82:EE:77:58:99:04:04:FA:1C:CF:B0:9E:C2:3A:86:12:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E5Mngu53WJkEBPocz7CewjqGEj8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/Xz3XVD8Nl-6_LbZFZy3lpdNSc6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/828652-addf-4fe8-9fe6-4b1f61653f3d/1/E5Mngu53WJkEBPocz7CewjqGEj8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.248.96.0/19
82.136.26.0/24
82.136.43.0/24
82.136.47.0/24
82.136.52.0/24
85.116.0.0/21
85.116.16.0/20
Signature Algorithm: sha256WithRSAEncryption
0e:17:78:7e:3f:fe:2d:ad:ae:0a:b2:9e:1a:4d:28:78:2e:d6:
6c:42:36:c9:f0:55:ba:0e:c5:35:2e:51:3a:2a:5d:18:29:f9:
dc:ba:a7:b5:8b:0a:9e:d5:ff:d4:97:f7:28:55:86:c5:9c:12:
26:87:15:f9:8d:2d:5b:47:88:f1:ee:c8:47:69:37:43:10:9c:
98:cf:32:6e:d9:4a:61:6f:85:9d:a4:b4:7b:5e:8d:b9:ac:5c:
f3:1d:7a:85:e6:7f:8c:98:64:00:99:3c:0d:33:d0:98:6e:87:
33:15:df:46:05:d9:16:ac:61:76:50:12:b8:f7:fb:72:2e:b3:
c5:a9:4c:a4:b0:24:33:15:a7:71:90:6b:06:b7:b5:ee:7b:b0:
f4:64:9e:d6:85:c8:7d:c2:b8:32:a4:6c:4c:d0:7e:e4:6b:67:
c7:2b:0f:32:f3:ec:36:67:fa:98:6d:dd:72:b1:0e:96:60:07:
e2:3a:b2:dc:1c:2e:ad:bb:f1:2f:b7:70:a6:4c:14:a7:01:22:
71:02:9e:63:40:4a:30:a7:39:89:18:2c:76:b6:ca:cf:28:e9:
eb:6d:31:21:24:fb:5a:6c:0e:d1:ba:50:d1:57:e6:f6:88:65:
42:5d:19:cd:33:47:ed:98:d8:49:ab:62:77:38:66:11:f4:34:
c8:98:b9:7f
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYScpWaVTqT9lA3OlhUzd4MiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzOTMyNzgyZWU3NzU4OTkwNDA0ZmExY2NmYjA5ZWMyM2E4
NjEyM2YwHhcNMjIxMTIyMDAwMzE2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjNkZDc1NDNmMGQ5N2VlYmYyZGI2NDU2NzJkZTVhNWQzNTI3M2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQeHT6TTo/Wk4Drpkm0UmnThKdTQ
LPl7HLI0XR3PMen562DV5aLcTlreibWErbZhf0lRAfN0GyunE2OkpMFpWNYQIW4Z
eOAldBJBD0kWufgBFvdrXAS9W426r0fUo6Nnj7rLB2nyC+PYhNGOxGJVu6hGG5Du
iG+hPrJO5CZeSsCOq8aG+pX9ER+IIBkY8Kw0HywfopX+194TfAmMCyo4n9sTxWFp
Yq4uY0zM9TA1BPfZ/x0fDiJCV6Z+5FGOtXTzGF3IOu4/bCCOnx5DlLW5JElsPWEq
RobBEYZIUmAKbAVQw3CIsorMPQiU9is/k2jGnYnd0ohEHCC5yCofzdu35QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF8911Q/DZfuvy22RWct5aXTUnOmMB8GA1UdIwQY
MBaAFBOTJ4Lud1iZBAT6HM+wnsI6hhI/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYt
NGIxZjYxNjUzZjNkLzEvWHozWFZEOE5sLTZfTGJaRlp5M2xwZE5TYzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS84Mjg2NTItYWRkZi00ZmU4LTlmZTYtNGIxZjYxNjUzZjNk
LzEvRTVNbmd1NTNXSmtFQlBvY3o3Q2V3anFHRWo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQFLvhgAwQA
UogaAwQAUogrAwQAUogvAwQAUog0AwQDVXQAAwQEVXQQMA0GCSqGSIb3DQEBCwUA
A4IBAQAOF3h+P/4tra4Ksp4aTSh4LtZsQjbJ8FW6DsU1LlE6Kl0YKfncuqe1iwqe
1f/Ul/coVYbFnBImhxX5jS1bR4jx7shHaTdDEJyYzzJu2Uphb4WdpLR7Xo25rFzz
HXqF5n+MmGQAmTwNM9CYboczFd9GBdkWrGF2UBK49/tyLrPFqUyksCQzFadxkGsG
t7Xue7D0ZJ7Whch9wrgypGxM0H7ka2fHKw8y8+w2Z/qYbd1ysQ6WYAfiOrLcHC6t
u/Evt3CmTBSnASJxAp5jQEowpzmJGCx2tsrPKOnrbTEhJPtabA7RulDRV+b2iGVC
XRnNM0ftmNhJq2J3OGYR9DTImLl/
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:21 2025 by rpki-client