Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/XfmUwuKxuW5ROA15owfWtihUmWk.roa
File: XfmUwuKxuW5ROA15owfWtihUmWk.roa (raw, json)
Hash identifier: usyddtNgr0P8QGNa6asZpYlqUtPRGdT0lnqQPeJw/4k=
Subject key identifier: 5D:F9:94:C2:E2:B1:B9:6E:51:38:0D:79:A3:07:D6:B6:28:54:99:69
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 079B7D3D
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/XfmUwuKxuW5ROA15owfWtihUmWk.roa
Signing time: Sat 01 Jan 2022 08:01:41 +0000
ROA not before: Sat 01 Jan 2022 08:01:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6233
IP address blocks: 45.11.45.0/24 maxlen: 24
45.13.196.0/24 maxlen: 24
45.13.197.0/24 maxlen: 24
45.13.196.0/22 maxlen: 24
79.143.140.0/22 maxlen: 24
45.87.164.0/24 maxlen: 24
45.87.164.0/22 maxlen: 24
45.153.244.0/22 maxlen: 24
194.36.242.0/24 maxlen: 24
185.248.87.0/24 maxlen: 24
185.184.222.0/24 maxlen: 24
185.222.216.0/21 maxlen: 24
2a09::/29 maxlen: 48
2a0d:c7c0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 127630653 (0x79b7d3d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Jan 1 08:01:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5df994c2e2b1b96e51380d79a307d6b628549969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:48:0a:d6:3f:3a:7f:3b:d2:59:0a:7d:af:23:
49:b3:a7:e7:58:41:48:61:eb:c5:50:2d:8a:3b:dd:
c4:83:ab:92:bf:81:b0:43:f1:e9:f6:fa:a1:e6:7f:
83:03:69:ef:8b:5d:60:2e:8c:d4:bc:e8:86:a0:4d:
db:a1:45:d9:2a:13:c1:54:c8:da:8e:d4:b4:33:38:
c2:26:37:14:63:d5:f3:63:39:4c:40:c9:61:d0:1b:
0e:82:a4:e4:63:33:3f:38:97:e1:55:85:4c:28:f4:
fd:5b:4a:4d:a6:b4:55:98:45:21:2c:7a:60:d7:02:
8e:1f:05:3f:25:33:98:7c:d4:6f:f0:a0:b0:90:b6:
82:02:23:e0:17:6e:fd:cd:f7:89:fa:0d:f1:f9:95:
d5:db:7f:83:31:26:85:c6:c3:7e:d6:95:86:0e:6a:
81:8d:7b:19:e8:7b:6e:c9:23:b3:93:ee:7e:31:fd:
66:4c:79:04:da:5f:6a:d3:c6:27:78:11:74:79:c7:
7a:36:fa:3a:ff:5d:ec:4b:4d:e1:e8:99:a0:ac:d4:
ab:98:04:eb:ee:c0:6c:4f:ef:37:8a:34:55:db:dc:
06:04:fb:49:e4:39:4a:2d:16:ab:62:7e:6c:8a:31:
ac:72:a7:f7:a6:3f:bb:b4:a7:d5:6e:f2:fd:b5:f6:
75:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F9:94:C2:E2:B1:B9:6E:51:38:0D:79:A3:07:D6:B6:28:54:99:69
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/XfmUwuKxuW5ROA15owfWtihUmWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.45.0/24
45.13.196.0/22
45.87.164.0/22
45.153.244.0/22
79.143.140.0/22
185.184.222.0/24
185.222.216.0/21
185.248.87.0/24
194.36.242.0/24
IPv6:
2a09::/29
2a0d:c7c0::/32
Signature Algorithm: sha256WithRSAEncryption
57:c5:57:52:2b:96:5d:30:ee:db:2d:c2:71:fa:a3:5c:1b:0d:
1f:9f:0e:51:29:ad:c1:c2:64:06:09:ae:70:f7:34:91:41:69:
44:f3:bf:a0:9a:0f:43:33:d0:a4:be:51:12:1c:bd:d8:90:aa:
19:c0:e8:7e:4d:5a:e0:90:7f:69:92:59:f7:22:2a:29:2a:b6:
c9:6c:b7:ed:b1:13:2a:6c:a0:6b:78:80:38:5d:ee:b8:de:c3:
42:86:4d:01:c2:c0:4e:72:af:72:50:86:aa:f3:4e:d0:2d:0f:
83:18:22:b1:66:cd:bf:7f:53:9d:89:f8:d5:e5:32:54:04:f1:
26:f5:30:50:e2:1f:b8:6a:8b:96:e0:36:b0:9f:71:de:54:6f:
37:64:ed:e0:13:22:66:22:02:7b:45:0c:d2:9a:f4:4a:15:39:
d2:a2:c5:0d:f5:c6:13:68:03:c8:3d:0d:75:7c:51:9c:a6:49:
2b:cc:37:0e:a8:a8:d7:be:92:9b:71:30:ed:30:11:f0:93:0e:
55:9f:13:cd:16:bb:2f:72:d5:b1:45:f9:b9:fc:f9:62:26:aa:
dd:85:a1:23:e3:64:00:2c:5d:80:5b:6f:94:21:5e:5f:98:c9:
99:cd:a4:16:27:9b:11:60:a0:3b:60:e7:11:c2:68:c2:94:bb:
b8:c8:a5:e6
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgIEB5t9PTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NTc2ZWIyY2M0NjJlNmU0YmYwZGU2OWI5ZjYzNDg3NWRlYmJhYWUyMB4XDTIyMDEw
MTA4MDE0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRmOTk0YzJlMmIx
Yjk2ZTUxMzgwZDc5YTMwN2Q2YjYyODU0OTk2OTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKNICtY/On870lkKfa8jSbOn51hBSGHrxVAtijvdxIOrkr+B
sEPx6fb6oeZ/gwNp74tdYC6M1LzohqBN26FF2SoTwVTI2o7UtDM4wiY3FGPV82M5
TEDJYdAbDoKk5GMzPziX4VWFTCj0/VtKTaa0VZhFISx6YNcCjh8FPyUzmHzUb/Cg
sJC2ggIj4Bdu/c33ifoN8fmV1dt/gzEmhcbDftaVhg5qgY17Geh7bskjs5PufjH9
Zkx5BNpfatPGJ3gRdHnHejb6Ov9d7EtN4eiZoKzUq5gE6+7AbE/vN4o0VdvcBgT7
SeQ5Si0Wq2J+bIoxrHKn96Y/u7Sn1W7y/bX2dR0CAwEAAaOCAk8wggJLMB0GA1Ud
DgQWBBRd+ZTC4rG5blE4DXmjB9a2KFSZaTAfBgNVHSMEGDAWgBSldussxGLm5L8N
5pufY0h13ruq4jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3BYYnJMTVJpNXVTX0RlYWJuMk5JZGQ2N3F1SS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODcvOTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8x
L1hmbVV3dUt4dVc1Uk9BMTVvd2ZXdGloVW1Xay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODcv
OTMxOTI3LTlmMzgtNDFiNi04N2ZhLTI1NGFjZDkyYjRlMS8xL3BYYnJMTVJpNXVT
X0RlYWJuMk5JZGQ2N3F1SS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBl
BggrBgEFBQcBBwEB/wRWMFQwPAQCAAEwNgMEAC0LLQMEAi0NxAMEAi1XpAMEAi2Z
9AMEAk+PjAMEALm43gMEA7ne2AMEALn4VwMEAMIk8jAUBAIAAjAOAwUDKgkAAAMF
ACoNx8AwDQYJKoZIhvcNAQELBQADggEBAFfFV1Irll0w7tstwnH6o1wbDR+fDlEp
rcHCZAYJrnD3NJFBaUTzv6CaD0Mz0KS+URIcvdiQqhnA6H5NWuCQf2mSWfciKikq
tslst+2xEypsoGt4gDhd7rjew0KGTQHCwE5yr3JQhqrzTtAtD4MYIrFmzb9/U52J
+NXlMlQE8Sb1MFDiH7hqi5bgNrCfcd5Ubzdk7eATImYiAntFDNKa9EoVOdKixQ31
xhNoA8g9DXV8UZymSSvMNw6oqNe+kptxMO0wEfCTDlWfE80Wuy9y1bFF+bn8+WIm
qt2FoSPjZAAsXYBbb5QhXl+YyZnNpBYnmxFgoDtg5xHCaMKUu7jIpeY=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:58:59 2023 by rpki-client on console-fra.rpki-client.org