Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/XNFbgEPW3XKLXPTmJN06pmuvLAQ.roa
File: XNFbgEPW3XKLXPTmJN06pmuvLAQ.roa (raw, json)
Hash identifier: qg6hwZTrch1RZoaBWBkhLJEfAZs0OMu7e2q5I9VRfg4=
Subject key identifier: 5C:D1:5B:80:43:D6:DD:72:8B:5C:F4:E6:24:DD:3A:A6:6B:AF:2C:04
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 0C699664
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/XNFbgEPW3XKLXPTmJN06pmuvLAQ.roa
Signing time: Sat 01 Jan 2022 12:56:02 +0000
ROA not before: Sat 01 Jan 2022 12:56:02 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12638
IP address blocks: 212.23.96.0/19 maxlen: 19
176.0.0.0/13 maxlen: 13
5.1.128.0/17 maxlen: 17
193.7.128.0/19 maxlen: 19
2001:1a28::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 208246372 (0xc699664)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Jan 1 12:56:02 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cd15b8043d6dd728b5cf4e624dd3aa66baf2c04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:84:78:da:9a:3a:4c:fd:62:99:27:cb:6c:5d:
83:9b:81:da:37:76:56:ef:7a:83:15:b2:68:7d:87:
e0:86:01:4f:f4:ac:d9:55:fb:9b:5b:87:e3:a3:67:
81:25:d7:bf:2a:f5:22:bf:ff:44:f7:10:f0:13:a6:
3e:2a:2c:ba:3c:49:4b:fe:04:20:28:be:3e:03:c8:
0d:34:02:81:a1:cb:9f:d1:1e:07:f9:f6:ab:a2:07:
c5:6e:56:cc:ea:f3:1f:56:5d:2c:b9:b5:b2:55:7b:
b4:13:54:0a:1d:39:89:7e:ef:51:a5:ff:4e:ea:e3:
39:33:dc:c1:ce:39:dd:43:ad:85:1c:c2:aa:56:be:
e3:a9:f3:e3:7f:80:e5:2c:0a:76:f1:10:b8:d2:6e:
ae:1a:3a:8e:ce:f2:6a:cd:f9:98:76:15:1f:a4:be:
99:af:3c:8d:64:53:6a:50:75:87:55:d5:fd:c8:9f:
31:73:16:62:46:3a:73:bf:a2:ed:b7:a0:5c:a9:87:
c6:28:98:2b:e8:1c:43:df:15:42:69:f1:80:da:1f:
4f:08:60:4a:46:dd:6c:52:79:e6:9d:8e:b0:3a:83:
60:d2:20:54:4f:07:74:bf:78:82:60:fc:75:25:dd:
f4:71:20:7a:59:31:bb:b5:d7:64:22:74:61:87:09:
38:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D1:5B:80:43:D6:DD:72:8B:5C:F4:E6:24:DD:3A:A6:6B:AF:2C:04
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/XNFbgEPW3XKLXPTmJN06pmuvLAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.128.0/17
176.0.0.0/13
193.7.128.0/19
212.23.96.0/19
IPv6:
2001:1a28::/32
Signature Algorithm: sha256WithRSAEncryption
14:d9:87:ac:62:4c:d4:6c:03:3f:28:81:3b:8c:81:a1:48:7b:
bf:32:a9:fd:b9:ce:cb:f2:ee:b8:68:fc:28:61:a2:c5:12:e4:
ce:36:f7:1b:d2:30:b2:05:14:13:61:d8:db:12:a5:37:ca:92:
32:08:a7:f3:ac:7b:a9:b1:b3:da:4f:f2:29:89:4c:12:97:0c:
b2:eb:43:4b:ba:d9:e6:fc:cf:6b:2e:90:51:5d:29:32:b5:21:
6a:fc:18:a2:ac:8d:ee:a4:fc:8d:15:a2:24:d3:bd:3e:d7:7d:
40:b6:d3:01:f5:1d:15:43:f2:79:24:b7:e3:6f:84:48:9c:5c:
56:f3:35:d8:2a:9e:f6:ef:bf:f2:76:ad:77:77:ce:cc:16:00:
ad:73:85:e3:ce:a7:ef:a3:4d:7c:c7:1b:96:7c:69:70:40:09:
90:1a:af:78:4a:4d:fd:02:62:03:9d:8a:0a:2f:c3:3e:fa:61:
b8:ac:f7:48:4d:36:de:93:89:d0:b9:9d:5d:23:66:42:77:49:
e6:7e:c0:82:18:8a:a8:45:3d:e1:3e:3d:14:77:90:34:a0:9f:
af:3a:d9:bc:1e:ed:b1:5b:f4:31:b0:4d:04:5f:fe:8c:7a:fe:
a9:f5:a1:29:cf:0f:ff:25:f9:39:18:fa:84:8d:7c:07:87:92:
f7:25:f1:a4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgIEDGmWZDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MGFhNjBjYjAwMjQzMzJhMmRiNjg5OTNmMzM1NzE1OGFmNjBjOGRlMB4XDTIyMDEw
MTEyNTYwMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNkMTViODA0M2Q2
ZGQ3MjhiNWNmNGU2MjRkZDNhYTY2YmFmMmMwNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALCEeNqaOkz9Ypkny2xdg5uB2jd2Vu96gxWyaH2H4IYBT/Ss
2VX7m1uH46NngSXXvyr1Ir//RPcQ8BOmPiosujxJS/4EICi+PgPIDTQCgaHLn9Ee
B/n2q6IHxW5WzOrzH1ZdLLm1slV7tBNUCh05iX7vUaX/TurjOTPcwc453UOthRzC
qla+46nz43+A5SwKdvEQuNJurho6js7yas35mHYVH6S+ma88jWRTalB1h1XV/cif
MXMWYkY6c7+i7begXKmHxiiYK+gcQ98VQmnxgNofTwhgSkbdbFJ55p2OsDqDYNIg
VE8HdL94gmD8dSXd9HEgelkxu7XXZCJ0YYcJOBcCAwEAAaOCAikwggIlMB0GA1Ud
DgQWBBRc0VuAQ9bdcotc9OYk3Tqma68sBDAfBgNVHSMEGDAWgBQgqmDLACQzKi22
iZPzNXFYr2DI3jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lLcGd5d0FrTXlvdHRvbVQ4elZ4V0s5Z3lONC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvN2IvMzUyNDMxLWU2OTQtNDQxMi1hNzY2LTczZjdkMTEwYjgyYS8x
L1hORmJnRVBXM1hLTFhQVG1KTjA2cG11dkxBUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2Iv
MzUyNDMxLWU2OTQtNDQxMi1hNzY2LTczZjdkMTEwYjgyYS8xL0lLcGd5d0FrTXlv
dHRvbVQ4elZ4V0s5Z3lONC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA/
BggrBgEFBQcBBwEB/wQwMC4wHQQCAAEwFwMEBwUBgAMDA7AAAwQFwQeAAwQF1Bdg
MA0EAgACMAcDBQAgARooMA0GCSqGSIb3DQEBCwUAA4IBAQAU2YesYkzUbAM/KIE7
jIGhSHu/Mqn9uc7L8u64aPwoYaLFEuTONvcb0jCyBRQTYdjbEqU3ypIyCKfzrHup
sbPaT/IpiUwSlwyy60NLutnm/M9rLpBRXSkytSFq/BiirI3upPyNFaIk070+131A
ttMB9R0VQ/J5JLfjb4RInFxW8zXYKp7277/ydq13d87MFgCtc4Xjzqfvo018xxuW
fGlwQAmQGq94Sk39AmIDnYoKL8M++mG4rPdITTbek4nQuZ1dI2ZCd0nmfsCCGIqo
RT3hPj0Ud5A0oJ+vOtm8Hu2xW/QxsE0EX/6Mev6p9aEpzw//Jfk5GPqEjXwHh5L3
JfGk
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:19:26 2024 by rpki-client on console-ams.rpki-client.org