Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/XvPwW_ZL_NXLIzAa3qruy2ea39Y.roa
File: XvPwW_ZL_NXLIzAa3qruy2ea39Y.roa (raw, json)
Hash identifier: I1Ye0L4Ssih2t7YRXy44h7+fqame3TUxSLnnUloUQpU=
Subject key identifier: 5E:F3:F0:5B:F6:4B:FC:D5:CB:23:30:1A:DE:AA:EE:CB:67:9A:DF:D6
Certificate issuer: /CN=f7e092affaf9b5484e00999aa7f1cef1ac7b4093
Certificate serial: 0B7C4E33
Authority key identifier: F7:E0:92:AF:FA:F9:B5:48:4E:00:99:9A:A7:F1:CE:F1:AC:7B:40:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9-CSr_r5tUhOAJmap_HO8ax7QJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/XvPwW_ZL_NXLIzAa3qruy2ea39Y.roa
Signing time: Sat 01 Jan 2022 01:50:45 +0000
ROA not before: Sat 01 Jan 2022 01:50:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8752
IP address blocks: 95.182.32.0/19 maxlen: 19
185.35.168.0/22 maxlen: 22
46.38.96.0/19 maxlen: 19
212.46.0.0/19 maxlen: 19
2a03:3200::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 192695859 (0xb7c4e33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7e092affaf9b5484e00999aa7f1cef1ac7b4093
Validity
Not Before: Jan 1 01:50:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ef3f05bf64bfcd5cb23301adeaaeecb679adfd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:f0:01:89:e4:3b:19:af:2e:05:53:c8:49:32:
43:06:6a:f4:44:97:78:11:a9:3d:21:cf:8f:c0:20:
a9:61:cc:d4:71:7f:67:8b:89:9a:67:9b:c1:14:88:
fb:14:a6:7c:29:a5:2f:d8:55:0d:11:cd:26:f7:61:
7f:e6:f2:c7:66:2c:38:53:b8:ce:ec:0d:01:3f:fa:
1e:7c:63:0c:00:64:7e:28:ad:02:c7:be:50:00:04:
ad:12:f2:4b:f8:3a:37:d9:d5:c9:c9:6f:c4:bb:9d:
4a:9d:fa:7e:b6:c3:9f:1e:a3:ff:ee:53:20:56:98:
76:60:91:cf:fc:57:e7:52:02:37:cb:08:c1:d0:5e:
8e:cb:b9:0c:77:0a:7c:67:c9:62:c4:19:17:c9:5a:
73:48:06:6b:2c:99:03:3d:e3:af:d8:43:1b:2d:e3:
c8:83:64:47:19:7f:9b:1f:b7:9e:18:f4:08:71:20:
c1:d4:9a:dc:ee:01:f1:d6:87:79:79:fa:eb:28:13:
9e:bb:5a:56:20:01:14:5a:b7:6a:77:31:f2:0d:c9:
6b:1c:d5:53:12:0c:82:4a:cb:f4:a5:55:a5:82:b5:
a8:02:b2:52:a7:7e:fd:6d:fd:fb:79:35:dc:37:20:
e3:50:79:5e:37:ba:55:37:b4:15:60:2a:3c:16:34:
64:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F3:F0:5B:F6:4B:FC:D5:CB:23:30:1A:DE:AA:EE:CB:67:9A:DF:D6
X509v3 Authority Key Identifier:
keyid:F7:E0:92:AF:FA:F9:B5:48:4E:00:99:9A:A7:F1:CE:F1:AC:7B:40:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9-CSr_r5tUhOAJmap_HO8ax7QJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/XvPwW_ZL_NXLIzAa3qruy2ea39Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/ec9092-1bc2-4aad-ad3a-10ff9ee2a8c2/1/9-CSr_r5tUhOAJmap_HO8ax7QJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.96.0/19
95.182.32.0/19
185.35.168.0/22
212.46.0.0/19
IPv6:
2a03:3200::/32
Signature Algorithm: sha256WithRSAEncryption
21:ae:26:04:09:ef:92:99:77:eb:c0:a0:83:e8:48:bf:3e:42:
bc:55:0b:c5:1b:94:3f:b5:8e:0c:ee:5f:14:f9:df:b8:9b:8d:
0a:05:2c:4e:45:b1:ff:85:18:8f:9e:c3:cb:ad:52:f9:65:ab:
e6:01:11:5d:7d:c4:e2:65:9b:08:19:81:85:fe:0e:e5:e9:e7:
90:66:a6:94:4a:39:43:40:5b:85:3b:72:a6:85:ab:5f:84:e4:
52:a4:f6:c6:1e:cc:79:a0:ab:7f:f4:88:1b:b4:68:39:85:12:
90:07:85:89:26:79:d4:d0:d6:7a:7d:1a:82:6a:71:17:05:30:
ec:40:c0:74:dc:4d:22:15:ee:63:f6:4e:86:0f:1a:64:fb:6b:
78:98:9c:71:a2:3f:46:fb:3d:d4:26:57:fd:40:10:41:14:a1:
21:41:5a:9e:e8:89:51:28:95:ab:75:03:e5:fb:3f:77:1f:a3:
e5:4b:00:d4:de:90:87:bf:72:86:d5:be:0e:10:bf:78:ab:78:
ed:ac:25:f1:86:0c:c8:22:94:5a:ce:28:43:ed:5b:a8:d8:22:
3c:c1:fc:35:10:c0:60:e9:ad:17:5e:44:b2:2f:cc:89:23:cb:
17:6a:07:d6:49:3b:5b:69:2a:71:63:3d:c7:53:3e:a3:5e:9b:
9e:3e:03:56
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIEC3xOMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
N2UwOTJhZmZhZjliNTQ4NGUwMDk5OWFhN2YxY2VmMWFjN2I0MDkzMB4XDTIyMDEw
MTAxNTA0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWVmM2YwNWJmNjRi
ZmNkNWNiMjMzMDFhZGVhYWVlY2I2NzlhZGZkNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMbwAYnkOxmvLgVTyEkyQwZq9ESXeBGpPSHPj8AgqWHM1HF/
Z4uJmmebwRSI+xSmfCmlL9hVDRHNJvdhf+byx2YsOFO4zuwNAT/6HnxjDABkfiit
Ase+UAAErRLyS/g6N9nVyclvxLudSp36frbDnx6j/+5TIFaYdmCRz/xX51ICN8sI
wdBejsu5DHcKfGfJYsQZF8lac0gGayyZAz3jr9hDGy3jyINkRxl/mx+3nhj0CHEg
wdSa3O4B8daHeXn66ygTnrtaViABFFq3ancx8g3JaxzVUxIMgkrL9KVVpYK1qAKy
Uqd+/W39+3k13Dcg41B5Xje6VTe0FWAqPBY0ZBECAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRe8/Bb9kv81csjMBrequ7LZ5rf1jAfBgNVHSMEGDAWgBT34JKv+vm1SE4A
mZqn8c7xrHtAkzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzktQ1NyX3I1dFVoT0FKbWFwX0hPOGF4N1FKTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjkvZWM5MDkyLTFiYzItNGFhZC1hZDNhLTEwZmY5ZWUyYThjMi8x
L1h2UHdXX1pMX05YTEl6QWEzcXJ1eTJlYTM5WS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkv
ZWM5MDkyLTFiYzItNGFhZC1hZDNhLTEwZmY5ZWUyYThjMi8xLzktQ1NyX3I1dFVo
T0FKbWFwX0hPOGF4N1FKTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBS4mYAMEBV+2IAMEArkjqAMEBdQu
ADANBAIAAjAHAwUAKgMyADANBgkqhkiG9w0BAQsFAAOCAQEAIa4mBAnvkpl368Cg
g+hIvz5CvFULxRuUP7WODO5fFPnfuJuNCgUsTkWx/4UYj57Dy61S+WWr5gERXX3E
4mWbCBmBhf4O5ennkGamlEo5Q0BbhTtypoWrX4TkUqT2xh7MeaCrf/SIG7RoOYUS
kAeFiSZ51NDWen0agmpxFwUw7EDAdNxNIhXuY/ZOhg8aZPtreJiccaI/Rvs91CZX
/UAQQRShIUFanuiJUSiVq3UD5fs/dx+j5UsA1N6Qh79yhtW+DhC/eKt47awl8YYM
yCKUWs4oQ+1bqNgiPMH8NRDAYOmtF15Esi/MiSPLF2oH1kk7W2kqcWM9x1M+o16b
nj4DVg==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:48 2025 by rpki-client