Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xX5WOCXiDGXHlYvXEdN-rWklfRo.roa
File: xX5WOCXiDGXHlYvXEdN-rWklfRo.roa (raw, json)
Hash identifier: +xDvjmDt4WG9vRD763Hur2xD2l5oAAlBrgij1X6lzZY=
Subject key identifier: C5:7E:56:38:25:E2:0C:65:C7:95:8B:D7:11:D3:7E:AD:69:25:7D:1A
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 0183686FEC2DC93F34C6705F4500734FE410
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xX5WOCXiDGXHlYvXEdN-rWklfRo.roa
Signing time: Fri 23 Sep 2022 03:41:48 +0000
ROA not before: Fri 23 Sep 2022 03:41:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60808
IP address blocks: 5.34.208.0/20 maxlen: 24
188.253.96.0/19 maxlen: 24
185.215.246.0/24 maxlen: 24
193.36.84.0/23 maxlen: 23
2a05:ec80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:68:6f:ec:2d:c9:3f:34:c6:70:5f:45:00:73:4f:e4:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 23 03:41:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c57e563825e20c65c7958bd711d37ead69257d1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:17:99:1f:5e:8e:3a:ed:d1:cb:ec:f4:85:e8:
59:7b:ea:62:e5:bd:5d:31:3e:5e:8d:3e:73:78:a9:
6f:a0:1b:1d:fa:91:d0:de:4a:56:69:8b:3d:f6:d5:
bc:39:00:ee:ff:ce:82:93:3c:e0:ce:ec:f3:71:d5:
c6:48:e5:99:7c:3a:dc:62:d8:b6:e5:bc:18:a9:a8:
0f:01:cb:fc:d2:e2:df:9b:dc:b6:5c:8e:f7:88:7a:
54:a5:b3:a8:ed:6c:ba:f9:be:bc:65:e3:c3:21:40:
01:8e:d0:0f:2c:00:26:d2:32:c8:10:3f:69:3a:91:
7b:a8:96:69:d2:7c:29:2f:4c:01:2a:4e:a6:97:a1:
26:3e:f4:f3:69:c6:84:d0:fd:06:f8:c2:04:d8:d5:
03:16:b1:46:ee:a4:6b:56:bf:43:be:f7:dd:71:93:
17:d7:5e:f4:84:ef:40:a7:0f:57:7b:44:a8:0f:eb:
f8:df:99:bb:d8:87:6d:42:ff:b0:26:c6:ba:fc:2d:
bd:17:10:08:f4:10:9e:db:22:b1:44:1d:c9:fa:4d:
c0:b4:75:18:e4:6c:96:52:74:ad:da:42:e7:37:e7:
e5:2a:9f:a3:65:06:70:9d:ab:75:76:51:ba:00:cb:
c4:6e:20:ce:d4:aa:40:95:4f:0f:f0:84:cf:c8:38:
48:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:7E:56:38:25:E2:0C:65:C7:95:8B:D7:11:D3:7E:AD:69:25:7D:1A
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/xX5WOCXiDGXHlYvXEdN-rWklfRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/20
185.215.246.0/24
188.253.96.0/19
193.36.84.0/23
IPv6:
2a05:ec80::/29
Signature Algorithm: sha256WithRSAEncryption
53:98:91:29:ee:cb:d0:83:ac:07:66:4f:57:43:7c:c0:d3:0c:
56:94:e0:a8:a3:36:6f:83:51:78:36:fc:14:c2:28:9f:f2:39:
aa:0c:a2:ff:6d:bc:d9:14:5b:3e:ce:bd:a1:e3:f4:f4:96:1c:
f1:f7:ef:e8:a1:a4:18:16:f9:3e:7f:1e:ab:4e:e5:64:bb:08:
1f:ad:90:9e:c5:88:63:cd:04:d1:f3:d4:c4:56:a6:d4:be:3f:
7d:89:a3:d2:5b:b5:d3:73:6e:b9:00:b0:2d:a7:64:59:a3:8e:
10:e7:c3:20:20:e9:6d:8d:56:0c:02:f9:a8:5f:39:fa:77:c2:
b3:2c:04:d4:68:4f:6b:8e:92:2f:d8:9c:ee:46:f6:2c:30:e2:
30:2e:60:18:dc:d5:94:f9:96:1a:58:64:e5:8f:ff:5a:c8:ee:
68:1e:30:ac:0e:26:9e:8f:a8:60:b0:d2:8b:f1:cd:a8:be:9b:
b3:8f:2b:83:bb:9e:a6:5b:1b:ef:23:6a:79:70:40:04:15:60:
8a:4d:61:71:d2:bf:b6:14:f3:c5:72:d2:bb:2e:36:d9:1d:47:
55:89:c4:28:c5:0f:6e:0d:68:d4:e0:df:7f:33:fa:71:b0:92:
f2:c2:a4:5a:ea:23:9d:ca:e4:2c:7a:29:aa:17:c2:c3:00:43:
2e:0a:1d:ce
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYNob+wtyT80xnBfRQBzT+QQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjIwOTIzMDM0MTQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTdlNTYzODI1ZTIwYzY1Yzc5NThiZDcxMWQzN2VhZDY5MjU3ZDFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxeZH16OOu3Ry+z0hehZe+pi5b1d
MT5ejT5zeKlvoBsd+pHQ3kpWaYs99tW8OQDu/86CkzzgzuzzcdXGSOWZfDrcYti2
5bwYqagPAcv80uLfm9y2XI73iHpUpbOo7Wy6+b68ZePDIUABjtAPLAAm0jLIED9p
OpF7qJZp0nwpL0wBKk6ml6EmPvTzacaE0P0G+MIE2NUDFrFG7qRrVr9DvvfdcZMX
1170hO9Apw9Xe0SoD+v435m72IdtQv+wJsa6/C29FxAI9BCe2yKxRB3J+k3AtHUY
5GyWUnSt2kLnN+flKp+jZQZwnat1dlG6AMvEbiDO1KpAlU8P8ITPyDhI/wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMV+Vjgl4gxlx5WL1xHTfq1pJX0aMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEveFg1V09DWGlER1hIbFl2WEVkTi1yV2tsZlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEBSLQAwQA
udf2AwQFvP1gAwQBwSRUMA0EAgACMAcDBQMqBeyAMA0GCSqGSIb3DQEBCwUAA4IB
AQBTmJEp7svQg6wHZk9XQ3zA0wxWlOCoozZvg1F4NvwUwiif8jmqDKL/bbzZFFs+
zr2h4/T0lhzx9+/ooaQYFvk+fx6rTuVkuwgfrZCexYhjzQTR89TEVqbUvj99iaPS
W7XTc265ALAtp2RZo44Q58MgIOltjVYMAvmoXzn6d8KzLATUaE9rjpIv2JzuRvYs
MOIwLmAY3NWU+ZYaWGTlj/9ayO5oHjCsDiaej6hgsNKL8c2ovpuzjyuDu56mWxvv
I2p5cEAEFWCKTWFx0r+2FPPFctK7LjbZHUdVicQoxQ9uDWjU4N9/M/pxsJLywqRa
6iOdyuQseimqF8LDAEMuCh3O
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:57:45 2023 by rpki-client on console-fra.rpki-client.org