Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/xQCAceeETwzmHRCOkL-ZEfeyAeU.roa
File: xQCAceeETwzmHRCOkL-ZEfeyAeU.roa (raw, json)
Hash identifier: 3ZKCkd/MG2tWGPF7vxiZUks4sP+i+tWMONdPX3pzU/Y=
Subject key identifier: C5:00:80:71:E7:84:4F:0C:E6:1D:10:8E:90:BF:99:11:F7:B2:01:E5
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 018670C9F873904AA5691016C5B48AE4FFA2
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/xQCAceeETwzmHRCOkL-ZEfeyAeU.roa
Signing time: Mon 20 Feb 2023 21:45:29 +0000
ROA not before: Mon 20 Feb 2023 21:45:29 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 204957
IP address blocks: 195.211.98.0/23 maxlen: 23
195.211.96.0/23 maxlen: 23
82.117.252.0/23 maxlen: 23
45.90.56.0/22 maxlen: 22
82.117.254.0/24 maxlen: 24
195.123.232.0/22 maxlen: 22
82.117.255.0/24 maxlen: 24
195.123.236.0/22 maxlen: 22
195.123.240.0/22 maxlen: 22
195.123.244.0/22 maxlen: 22
62.233.57.0/24 maxlen: 24
2a05:9400::/32 maxlen: 32
2a12:6fc0::/32 maxlen: 32
2a05:9403::/32 maxlen: 32
2a12:6fc2::/32 maxlen: 32
2a05:9405::/32 maxlen: 32
2a05:9406::/32 maxlen: 32
2a05:9402::/32 maxlen: 32
2a05:9401::/32 maxlen: 32
2a12:6fc1::/32 maxlen: 32
2a05:9404::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:70:c9:f8:73:90:4a:a5:69:10:16:c5:b4:8a:e4:ff:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Feb 20 21:45:29 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5008071e7844f0ce61d108e90bf9911f7b201e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:6d:ac:3c:1b:bb:84:30:f8:ca:4d:f8:6c:57:
7c:ba:99:c9:80:89:6a:43:6d:1e:44:a4:02:9c:3e:
94:58:d5:1a:a8:04:df:64:44:cc:33:22:00:e6:bf:
43:77:99:27:8d:81:30:c7:7a:25:b4:12:e6:f0:6c:
43:81:f3:d0:17:e5:92:30:4a:88:f0:52:2a:3c:02:
8c:e1:01:37:4f:df:cc:21:8c:a7:0f:1b:f3:c1:89:
23:d0:43:c3:c8:56:26:93:43:ab:a8:e4:c9:a1:fe:
05:3c:2a:47:a6:98:cb:99:f4:87:70:9c:81:94:92:
26:47:48:e2:10:ce:a4:a7:e6:f4:22:9a:7a:e6:c9:
9d:ce:bc:1c:15:cf:11:be:bb:f7:61:bc:cc:4f:2d:
ba:04:f1:11:87:68:26:48:93:a6:09:08:8e:5b:e1:
68:10:77:e4:7f:fc:96:56:6f:7e:54:2c:8a:7f:8e:
95:f1:9b:a5:5a:46:b7:aa:1c:32:29:fd:c1:31:86:
84:72:dd:35:b9:c0:87:76:55:10:23:6a:82:56:18:
c6:8d:e0:5a:5f:db:dc:5c:a7:b3:83:3d:a1:c6:e6:
39:c4:c8:5f:d9:eb:cd:3d:f7:44:88:6c:95:b1:ba:
a7:5c:6f:76:e4:95:e9:49:85:4f:03:c3:a9:a6:95:
95:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:00:80:71:E7:84:4F:0C:E6:1D:10:8E:90:BF:99:11:F7:B2:01:E5
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/xQCAceeETwzmHRCOkL-ZEfeyAeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.56.0/22
62.233.57.0/24
82.117.252.0/22
195.123.232.0-195.123.247.255
195.211.96.0/22
IPv6:
2a05:9400::-2a05:9406:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6fc0::-2a12:6fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
32:dd:2f:90:11:ce:2b:a8:22:53:37:4d:d9:36:e9:ec:37:10:
b1:10:00:4b:09:60:f9:d4:fe:2e:4f:21:f7:f4:63:a3:03:f9:
e4:3b:46:9c:f2:d8:52:be:70:4e:9e:fa:38:e6:97:d0:55:60:
a2:47:61:cb:66:2d:ec:dd:80:0a:4b:9e:55:64:ec:42:9f:b2:
10:6d:47:9d:81:2c:b9:2a:70:73:db:69:01:bc:34:f4:87:21:
52:31:d4:ea:ce:9d:3c:b2:84:42:ac:a6:13:ec:3a:59:35:7a:
cc:3a:64:b1:e7:ec:9c:f4:31:2f:2d:2f:45:75:2b:83:eb:4a:
15:e3:99:65:ee:d5:39:3e:86:63:71:b6:77:ce:17:01:89:e2:
55:77:bd:1f:b2:58:eb:d7:83:ef:b1:b0:86:87:2c:aa:4e:a1:
bc:c5:10:1b:02:fc:2b:63:9a:a2:f3:06:ad:e9:05:ef:4e:f4:
7e:ab:af:68:b2:05:20:9b:95:24:67:b2:95:d3:32:d4:6c:31:
31:4f:b0:ae:d9:78:24:f4:6f:9d:c2:2f:88:c3:4d:df:9e:c2:
62:fc:36:81:fe:73:1d:11:ac:a8:40:f4:a3:84:50:a7:09:be:
5a:c8:4c:42:cf:41:a4:cf:35:c2:9e:ee:56:04:ce:30:13:a7:
cc:9e:ab:a5
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYZwyfhzkEqlaRAWxbSK5P+iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjMwMjIwMjE0NTI5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTAwODA3MWU3ODQ0ZjBjZTYxZDEwOGU5MGJmOTkxMWY3YjIwMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmG2sPBu7hDD4yk34bFd8upnJgIlq
Q20eRKQCnD6UWNUaqATfZETMMyIA5r9Dd5knjYEwx3oltBLm8GxDgfPQF+WSMEqI
8FIqPAKM4QE3T9/MIYynDxvzwYkj0EPDyFYmk0OrqOTJof4FPCpHppjLmfSHcJyB
lJImR0jiEM6kp+b0Ipp65smdzrwcFc8Rvrv3YbzMTy26BPERh2gmSJOmCQiOW+Fo
EHfkf/yWVm9+VCyKf46V8ZulWka3qhwyKf3BMYaEct01ucCHdlUQI2qCVhjGjeBa
X9vcXKezgz2hxuY5xMhf2evNPfdEiGyVsbqnXG925JXpSYVPA8OpppWV+wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFMUAgHHnhE8M5h0QjpC/mRH3sgHlMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEveFFDQWNlZUVUd3ptSFJDT2tMLVpFZmV5QWVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAsBAIAATAmAwQCLVo4AwQA
Puk5AwQCUnX8MAwDBAPDe+gDBAPDe/ADBALD02AwJQQCAAIwHzANAwQCKgWUAwUA
KgWUBjAOAwUGKhJvwAMFACoSb8IwDQYJKoZIhvcNAQELBQADggEBADLdL5ARziuo
IlM3Tdk26ew3ELEQAEsJYPnU/i5PIff0Y6MD+eQ7Rpzy2FK+cE6e+jjml9BVYKJH
YctmLezdgApLnlVk7EKfshBtR52BLLkqcHPbaQG8NPSHIVIx1OrOnTyyhEKsphPs
Olk1esw6ZLHn7Jz0MS8tL0V1K4PrShXjmWXu1Tk+hmNxtnfOFwGJ4lV3vR+yWOvX
g++xsIaHLKpOobzFEBsC/CtjmqLzBq3pBe9O9H6rr2iyBSCblSRnspXTMtRsMTFP
sK7ZeCT0b53CL4jDTd+ewmL8NoH+cx0RrKhA9KOEUKcJvlrITELPQaTPNcKe7lYE
zjATp8yeq6U=
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:13:33 2025 by rpki-client