Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X0pf_6JH9ylSS8LwfyyfgPHFBo8.roa
File: X0pf_6JH9ylSS8LwfyyfgPHFBo8.roa (raw, json)
Hash identifier: WEiBijzunDhgABD5Rx1Feiot1Fe0WVk+nrLa6fQV9PY=
Subject key identifier: 5F:4A:5F:FF:A2:47:F7:29:52:4B:C2:F0:7F:2C:9F:80:F1:C5:06:8F
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 07BB83F2
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X0pf_6JH9ylSS8LwfyyfgPHFBo8.roa
Signing time: Wed 05 Jan 2022 05:45:56 +0000
ROA not before: Wed 05 Jan 2022 05:45:56 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 23959
IP address blocks: 193.111.30.0/23 maxlen: 24
45.159.48.0/22 maxlen: 24
91.200.240.0/24 maxlen: 24
185.213.151.0/24 maxlen: 24
91.200.242.0/24 maxlen: 24
45.149.156.0/22 maxlen: 24
2a09:7::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 129729522 (0x7bb83f2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 5 05:45:56 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f4a5fffa247f729524bc2f07f2c9f80f1c5068f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:40:a9:aa:f1:68:57:c9:25:ab:f4:aa:be:10:
23:d0:82:7e:97:1a:5e:0a:a0:a4:67:63:88:01:36:
23:99:9a:52:64:46:07:45:2a:7f:02:36:40:74:46:
f0:1f:a5:20:13:98:cd:61:24:9a:61:43:1b:9b:b2:
b2:57:1c:ff:2b:d6:32:35:7a:c7:3d:2e:2d:5f:5b:
76:d1:3f:07:86:96:c7:59:d2:ff:ce:8a:52:8a:89:
49:ed:13:c6:6d:87:89:4d:57:18:d6:2a:5d:20:9d:
47:e1:ab:a4:58:63:b7:5b:a4:ac:4f:88:46:25:ad:
2b:92:33:22:6b:fd:d2:51:f1:38:e7:47:84:25:d8:
76:cb:35:14:0f:45:f5:f0:ba:ff:a0:83:1f:96:26:
c5:fe:0c:cd:ec:d6:03:5b:34:fc:40:a2:d5:85:4d:
57:f2:5e:3a:e0:bd:fa:73:8f:e3:c9:37:52:e6:0d:
ea:66:ab:4f:96:1c:b2:af:32:01:a3:c2:7a:2b:0d:
41:21:87:78:13:bc:80:e3:e7:d0:30:69:83:c6:3d:
4d:d5:e4:18:8c:28:e3:69:3b:6b:64:77:cb:27:bf:
c0:51:02:31:29:a5:8e:51:ce:d6:a9:b7:c8:1d:e1:
2b:40:c7:22:fb:a0:76:f9:ba:03:2c:bf:9d:cd:73:
f3:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:4A:5F:FF:A2:47:F7:29:52:4B:C2:F0:7F:2C:9F:80:F1:C5:06:8F
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/X0pf_6JH9ylSS8LwfyyfgPHFBo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.156.0/22
45.159.48.0/22
91.200.240.0/24
91.200.242.0/24
185.213.151.0/24
193.111.30.0/23
IPv6:
2a09:7::/36
Signature Algorithm: sha256WithRSAEncryption
8b:0f:9b:60:8d:79:d6:81:b6:a5:36:83:0e:08:d1:70:a2:f1:
33:c0:23:a1:09:06:a4:80:2c:f3:b6:99:89:63:62:fe:94:ac:
ba:e4:1e:68:eb:7f:0e:25:97:23:21:a8:95:5b:0b:38:fc:26:
38:f1:a2:a6:64:b8:b8:03:a9:a8:44:f7:1d:e4:2c:40:f9:ac:
f3:a8:fd:3b:2f:14:f5:fa:c6:0b:6a:1c:e2:16:c2:b9:61:74:
34:28:48:f7:ab:74:97:05:02:8e:71:79:49:c3:25:61:d2:14:
21:40:2d:74:0c:78:6b:74:a8:b4:8f:c2:bf:e3:05:6e:c5:a1:
3e:f4:85:7d:36:4b:a6:c1:6b:97:50:ad:d7:5b:14:ea:09:9b:
99:0c:8b:d9:78:a4:8f:dc:07:dd:86:35:bc:91:24:37:42:59:
32:cb:e7:d0:f4:d5:81:57:49:51:a4:17:e8:d8:4b:b3:14:15:
48:cf:15:4b:6f:62:be:d9:c7:91:78:aa:7b:a7:fe:91:21:35:
e9:9d:99:7d:d0:e2:b3:0d:03:46:7a:00:8d:69:5f:bc:13:9d:
11:a0:94:50:4b:56:86:02:00:98:3a:55:99:c2:c1:88:36:b4:
36:fc:f6:23:56:cb:4d:1c:cc:dc:4b:c0:82:0a:b4:d7:b4:aa:
e0:19:53:1a
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgIEB7uD8jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
NTA1NDU1NloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY0YTVmZmZhMjQ3
ZjcyOTUyNGJjMmYwN2YyYzlmODBmMWM1MDY4ZjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMZAqarxaFfJJav0qr4QI9CCfpcaXgqgpGdjiAE2I5maUmRG
B0UqfwI2QHRG8B+lIBOYzWEkmmFDG5uyslcc/yvWMjV6xz0uLV9bdtE/B4aWx1nS
/86KUoqJSe0Txm2HiU1XGNYqXSCdR+GrpFhjt1ukrE+IRiWtK5IzImv90lHxOOdH
hCXYdss1FA9F9fC6/6CDH5Ymxf4MzezWA1s0/ECi1YVNV/JeOuC9+nOP48k3UuYN
6marT5Ycsq8yAaPCeisNQSGHeBO8gOPn0DBpg8Y9TdXkGIwo42k7a2R3yye/wFEC
MSmljlHO1qm3yB3hK0DHIvugdvm6Ayy/nc1z88sCAwEAAaOCAjcwggIzMB0GA1Ud
DgQWBBRfSl//okf3KVJLwvB/LJ+A8cUGjzAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L1gwcGZfNkpIOXlsU1M4THdmeXlmZ1BIRkJvOC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBN
BggrBgEFBQcBBwEB/wQ+MDwwKgQCAAEwJAMEAi2VnAMEAi2fMAMEAFvI8AMEAFvI
8gMEALnVlwMEAcFvHjAOBAIAAjAIAwYEKgkABwAwDQYJKoZIhvcNAQELBQADggEB
AIsPm2CNedaBtqU2gw4I0XCi8TPAI6EJBqSALPO2mYljYv6UrLrkHmjrfw4llyMh
qJVbCzj8JjjxoqZkuLgDqahE9x3kLED5rPOo/TsvFPX6xgtqHOIWwrlhdDQoSPer
dJcFAo5xeUnDJWHSFCFALXQMeGt0qLSPwr/jBW7FoT70hX02S6bBa5dQrddbFOoJ
m5kMi9l4pI/cB92GNbyRJDdCWTLL59D01YFXSVGkF+jYS7MUFUjPFUtvYr7Zx5F4
qnun/pEhNemdmX3Q4rMNA0Z6AI1pX7wTnRGglFBLVoYCAJg6VZnCwYg2tDb89iNW
y00czNxLwIIKtNe0quAZUxo=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:36 2023 by rpki-client on console-ams.rpki-client.org