Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/xp8eU3X_45PPDqAdAZeWJ_tYKac.roa
File: xp8eU3X_45PPDqAdAZeWJ_tYKac.roa (raw, json)
Hash identifier: RfyIqjKESA/yVf1+3cl7FDPkPoZqyiphC/SC1NsBgoY=
Subject key identifier: C6:9F:1E:53:75:FF:E3:93:CF:0E:A0:1D:01:97:96:27:FB:58:29:A7
Certificate issuer: /CN=0859786f226cb6d490bfb54294e611a7d51a8f1e
Certificate serial: 08D01859
Authority key identifier: 08:59:78:6F:22:6C:B6:D4:90:BF:B5:42:94:E6:11:A7:D5:1A:8F:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/xp8eU3X_45PPDqAdAZeWJ_tYKac.roa
Signing time: Sat 01 Jan 2022 15:02:11 +0000
ROA not before: Sat 01 Jan 2022 15:02:11 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47975
IP address blocks: 94.228.16.0/20 maxlen: 24
178.213.128.0/21 maxlen: 24
178.72.128.0/18 maxlen: 24
185.182.120.0/22 maxlen: 24
185.18.72.0/22 maxlen: 24
2a03:2300::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147855449 (0x8d01859)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0859786f226cb6d490bfb54294e611a7d51a8f1e
Validity
Not Before: Jan 1 15:02:11 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c69f1e5375ffe393cf0ea01d01979627fb5829a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:43:2c:2c:b0:95:bb:60:84:e9:c8:cf:e6:d4:
a8:d8:f7:a5:16:92:e4:03:5d:13:8f:7e:2b:64:3e:
17:e3:7d:e5:78:6f:49:1a:ba:88:7a:0d:81:dc:24:
53:bd:eb:94:0a:ce:2b:15:1a:fd:0e:70:18:b1:4e:
5c:9a:17:0e:04:08:27:90:8a:fd:45:bb:52:63:74:
4f:b0:e5:cb:4e:f6:94:b4:76:1d:90:75:21:6c:35:
84:f4:6e:5c:ef:f8:c0:4e:50:90:22:93:6a:af:74:
ea:21:f0:f9:1f:be:40:e0:89:67:7c:d1:6d:4e:ff:
7a:15:ec:5e:25:68:b5:75:93:46:43:92:1b:f3:f7:
b1:3a:dd:8e:89:17:49:14:57:8c:ca:63:98:c0:bb:
57:d9:96:34:90:9c:4a:b3:b1:3d:6c:33:eb:a1:d5:
a1:e1:30:52:e0:e8:9f:39:26:e3:21:b2:a9:84:ae:
bc:fc:3f:59:5b:c8:ab:49:9c:a8:6c:52:b8:4c:91:
70:ec:10:96:59:b2:e9:81:e3:8e:83:77:2a:d9:23:
82:b3:42:ee:52:cb:ad:3f:5a:22:4a:aa:d1:24:59:
aa:8c:f9:82:7c:c5:27:8f:5d:4e:84:15:31:c1:fa:
33:f6:56:c1:3c:45:00:93:2d:c1:1a:4a:4a:ad:05:
cd:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:9F:1E:53:75:FF:E3:93:CF:0E:A0:1D:01:97:96:27:FB:58:29:A7
X509v3 Authority Key Identifier:
keyid:08:59:78:6F:22:6C:B6:D4:90:BF:B5:42:94:E6:11:A7:D5:1A:8F:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CFl4byJsttSQv7VClOYRp9Uajx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/xp8eU3X_45PPDqAdAZeWJ_tYKac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/684ee3-fbed-4226-91ad-52fe4434350e/1/CFl4byJsttSQv7VClOYRp9Uajx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.16.0/20
178.72.128.0/18
178.213.128.0/21
185.18.72.0/22
185.182.120.0/22
IPv6:
2a03:2300::/29
Signature Algorithm: sha256WithRSAEncryption
c9:4a:b1:fe:9f:98:a4:ff:a0:69:7d:1e:f3:c2:a8:a0:b9:ce:
b0:b2:78:c2:7e:7b:03:44:30:14:75:c0:7d:e6:27:c9:40:c2:
e8:f7:80:d1:cb:c7:b5:69:de:98:f5:db:25:81:71:1d:e8:b8:
36:5c:57:6e:c5:35:db:7e:a7:4d:14:38:e0:3f:cf:a3:3d:f3:
c0:24:f5:9f:ec:13:e8:1d:78:4e:94:3d:da:7b:ba:c0:ce:26:
06:f2:85:f2:8c:5a:cb:97:9b:44:f1:01:f8:b2:9f:e6:31:b7:
34:db:c5:6e:6a:08:9a:d4:1f:4e:d2:08:d7:7f:29:38:c4:ef:
ee:54:8f:4a:14:e7:14:d7:ec:56:65:d1:11:d1:15:d3:49:77:
6f:e8:81:bd:d9:89:ea:d1:85:87:95:0a:31:2c:76:ce:bd:48:
fd:37:b7:06:f6:dc:4d:d6:d4:73:bd:23:91:9f:40:06:bb:29:
66:7f:ab:d7:e0:f0:f0:6c:88:4e:5c:d1:af:56:dc:20:51:b1:
c3:79:61:d7:ac:ce:4f:da:80:7f:8d:58:da:0f:2f:ea:cb:47:
33:fc:17:68:dc:8a:45:d3:ce:48:19:1b:1a:6e:d3:bb:51:a8:
18:cb:70:4e:4e:26:7c:ec:21:6f:cd:c3:e2:c1:c5:21:2e:8c:
4a:d2:26:22
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgIECNAYWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
ODU5Nzg2ZjIyNmNiNmQ0OTBiZmI1NDI5NGU2MTFhN2Q1MWE4ZjFlMB4XDTIyMDEw
MTE1MDIxMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY5ZjFlNTM3NWZm
ZTM5M2NmMGVhMDFkMDE5Nzk2MjdmYjU4MjlhNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAONDLCywlbtghOnIz+bUqNj3pRaS5ANdE49+K2Q+F+N95Xhv
SRq6iHoNgdwkU73rlArOKxUa/Q5wGLFOXJoXDgQIJ5CK/UW7UmN0T7Dly072lLR2
HZB1IWw1hPRuXO/4wE5QkCKTaq906iHw+R++QOCJZ3zRbU7/ehXsXiVotXWTRkOS
G/P3sTrdjokXSRRXjMpjmMC7V9mWNJCcSrOxPWwz66HVoeEwUuDonzkm4yGyqYSu
vPw/WVvIq0mcqGxSuEyRcOwQllmy6YHjjoN3KtkjgrNC7lLLrT9aIkqq0SRZqoz5
gnzFJ49dToQVMcH6M/ZWwTxFAJMtwRpKSq0FzRcCAwEAAaOCAjAwggIsMB0GA1Ud
DgQWBBTGnx5Tdf/jk88OoB0Bl5Yn+1gppzAfBgNVHSMEGDAWgBQIWXhvImy21JC/
tUKU5hGn1RqPHjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NGbDRieUpzdHRTUXY3VkNsT1lScDlVYWp4NC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvNjg0ZWUzLWZiZWQtNDIyNi05MWFkLTUyZmU0NDM0MzUwZS8x
L3hwOGVVM1hfNDVQUERxQWRBWmVXSl90WUthYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
Njg0ZWUzLWZiZWQtNDIyNi05MWFkLTUyZmU0NDM0MzUwZS8xL0NGbDRieUpzdHRT
UXY3VkNsT1lScDlVYWp4NC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBG
BggrBgEFBQcBBwEB/wQ3MDUwJAQCAAEwHgMEBF7kEAMEBrJIgAMEA7LVgAMEArkS
SAMEArm2eDANBAIAAjAHAwUDKgMjADANBgkqhkiG9w0BAQsFAAOCAQEAyUqx/p+Y
pP+gaX0e88KooLnOsLJ4wn57A0QwFHXAfeYnyUDC6PeA0cvHtWnemPXbJYFxHei4
NlxXbsU1236nTRQ44D/Poz3zwCT1n+wT6B14TpQ92nu6wM4mBvKF8oxay5ebRPEB
+LKf5jG3NNvFbmoImtQfTtII138pOMTv7lSPShTnFNfsVmXREdEV00l3b+iBvdmJ
6tGFh5UKMSx2zr1I/Te3BvbcTdbUc70jkZ9ABrspZn+r1+Dw8GyITlzRr1bcIFGx
w3lh16zOT9qAf41Y2g8v6stHM/wXaNyKRdPOSBkbGm7Tu1GoGMtwTk4mfOwhb83D
4sHFIS6MStImIg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:01:17 2023 by rpki-client on console-ams.rpki-client.org