Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/XIwQ9C4uwTSoDkktEK4l6NSB92Y.roa
File: XIwQ9C4uwTSoDkktEK4l6NSB92Y.roa (raw, json)
Hash identifier: P7mrAlIgH67NLEIJjFwyPOD4amzjCHTv8ShhWQJzVxQ=
Subject key identifier: 5C:8C:10:F4:2E:2E:C1:34:A8:0E:49:2D:10:AE:25:E8:D4:81:F7:66
Certificate issuer: /CN=d00ba633f1e9824076d161a983d8b8e881263982
Certificate serial: 18391BD1
Authority key identifier: D0:0B:A6:33:F1:E9:82:40:76:D1:61:A9:83:D8:B8:E8:81:26:39:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0AumM_HpgkB20WGpg9i46IEmOYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/XIwQ9C4uwTSoDkktEK4l6NSB92Y.roa
Signing time: Sat 01 Jan 2022 14:57:44 +0000
ROA not before: Sat 01 Jan 2022 14:57:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8818
IP address blocks: 46.243.151.0/24 maxlen: 24
128.0.70.0/24 maxlen: 24
185.57.160.0/22 maxlen: 22
178.170.132.0/22 maxlen: 22
37.230.214.0/23 maxlen: 23
37.230.216.0/22 maxlen: 22
37.230.220.0/23 maxlen: 23
194.177.224.0/19 maxlen: 19
178.170.199.0/24 maxlen: 24
188.72.71.0/24 maxlen: 24
178.170.202.0/24 maxlen: 24
178.170.200.0/22 maxlen: 22
178.170.203.0/24 maxlen: 24
178.170.204.0/23 maxlen: 23
178.170.210.0/23 maxlen: 23
178.170.212.0/22 maxlen: 22
37.230.164.0/22 maxlen: 22
178.170.216.0/24 maxlen: 24
88.83.0.0/19 maxlen: 19
37.18.44.0/22 maxlen: 22
178.170.147.0/24 maxlen: 24
178.170.160.0/22 maxlen: 22
88.83.24.0/21 maxlen: 21
2a00:1fa8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 406395857 (0x18391bd1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00ba633f1e9824076d161a983d8b8e881263982
Validity
Not Before: Jan 1 14:57:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c8c10f42e2ec134a80e492d10ae25e8d481f766
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:52:75:db:ba:a1:af:a2:6e:ac:f7:0b:7f:16:
e9:32:77:1e:97:ea:a1:eb:72:2b:27:6b:38:ea:54:
57:24:fd:d9:9c:92:8d:d1:cd:7e:cc:c3:06:0a:27:
fa:a1:82:cd:fc:95:21:a7:26:2f:9d:1c:76:b2:12:
eb:95:66:9d:65:66:29:58:d3:6d:84:d9:b3:4c:9e:
3e:fc:69:ab:28:b8:21:b8:fd:17:c0:9b:b5:d9:f5:
26:06:83:51:17:32:66:61:b3:a9:48:41:06:19:bd:
31:5e:92:73:1e:9c:71:59:08:b2:b1:60:a9:4b:0d:
59:4a:c7:04:8e:10:19:74:c6:9a:64:41:16:e4:bf:
2b:7d:6d:d0:44:13:2e:76:02:50:f1:21:4d:b9:d1:
44:c8:67:99:a6:ff:48:33:3b:56:5d:1e:c4:3b:d2:
f8:31:96:0d:c7:a6:b9:79:d6:f9:bb:b2:e6:3e:3b:
3d:80:61:dc:d7:5c:94:16:92:22:a2:bb:e4:d0:85:
b1:59:49:10:93:62:ad:5a:cc:6c:b0:0c:59:08:b6:
26:59:03:73:21:8a:a6:fd:37:e1:4d:53:11:81:e3:
5b:a6:d3:51:8c:35:8c:51:ba:83:68:9c:ee:ca:e9:
16:ac:67:5c:34:2e:b8:a9:31:29:63:eb:11:1f:26:
d1:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:8C:10:F4:2E:2E:C1:34:A8:0E:49:2D:10:AE:25:E8:D4:81:F7:66
X509v3 Authority Key Identifier:
keyid:D0:0B:A6:33:F1:E9:82:40:76:D1:61:A9:83:D8:B8:E8:81:26:39:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0AumM_HpgkB20WGpg9i46IEmOYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/XIwQ9C4uwTSoDkktEK4l6NSB92Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/408667-0b39-4da0-9aa0-3cc11bc9d594/1/0AumM_HpgkB20WGpg9i46IEmOYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.44.0/22
37.230.164.0/22
37.230.214.0-37.230.221.255
46.243.151.0/24
88.83.0.0/19
128.0.70.0/24
178.170.132.0/22
178.170.147.0/24
178.170.160.0/22
178.170.199.0-178.170.205.255
178.170.210.0-178.170.216.255
185.57.160.0/22
188.72.71.0/24
194.177.224.0/19
IPv6:
2a00:1fa8::/32
Signature Algorithm: sha256WithRSAEncryption
74:f8:91:97:f4:36:2f:e9:48:1f:78:ff:a1:e5:69:63:a2:b0:
48:ba:97:04:7a:84:83:75:35:36:ad:1c:60:4e:bf:57:5e:68:
fd:57:d0:34:97:73:e5:38:7c:3f:de:cf:a9:90:58:ca:c1:b1:
79:72:14:7b:4e:1d:dc:97:4e:ab:d0:43:af:91:c6:6e:1a:83:
06:0d:56:60:ef:f8:b0:aa:d1:2b:4c:0c:74:9d:46:9f:8f:d1:
b9:15:f0:73:c9:ba:2b:3c:05:61:ed:91:46:17:9f:62:f4:18:
6a:4a:d9:d1:d0:c3:ca:f9:61:f1:ba:c1:d7:47:82:1e:10:b6:
f6:b4:27:6a:70:e1:37:a1:94:39:b1:e4:6a:90:01:83:d5:8a:
82:36:29:28:af:f9:06:d7:8a:59:1d:cf:48:29:a1:09:38:da:
36:9e:e1:e0:08:df:70:5a:03:d2:6d:79:05:4e:a6:64:69:5d:
25:de:f8:32:56:8a:76:b8:3c:af:50:aa:d3:42:af:44:a0:e3:
2c:e2:12:0d:e0:dd:dd:b3:ed:6c:55:e3:d1:6f:e8:79:39:ea:
83:c3:9f:a9:d8:b8:07:71:6f:46:35:84:1d:76:15:c9:9a:8d:
1a:e1:e8:d0:26:95:91:cb:37:00:a8:ed:63:05:f6:d1:33:6f:
bc:21:31:1f
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgIEGDkb0TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MDBiYTYzM2YxZTk4MjQwNzZkMTYxYTk4M2Q4YjhlODgxMjYzOTgyMB4XDTIyMDEw
MTE0NTc0NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM4YzEwZjQyZTJl
YzEzNGE4MGU0OTJkMTBhZTI1ZThkNDgxZjc2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKVSddu6oa+ibqz3C38W6TJ3HpfqoetyKydrOOpUVyT92ZyS
jdHNfszDBgon+qGCzfyVIacmL50cdrIS65VmnWVmKVjTbYTZs0yePvxpqyi4Ibj9
F8Cbtdn1JgaDURcyZmGzqUhBBhm9MV6Scx6ccVkIsrFgqUsNWUrHBI4QGXTGmmRB
FuS/K31t0EQTLnYCUPEhTbnRRMhnmab/SDM7Vl0exDvS+DGWDcemuXnW+buy5j47
PYBh3NdclBaSIqK75NCFsVlJEJNirVrMbLAMWQi2JlkDcyGKpv034U1TEYHjW6bT
UYw1jFG6g2ic7srpFqxnXDQuuKkxKWPrER8m0YECAwEAAaOCAoEwggJ9MB0GA1Ud
DgQWBBRcjBD0Li7BNKgOSS0QriXo1IH3ZjAfBgNVHSMEGDAWgBTQC6Yz8emCQHbR
YamD2LjogSY5gjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBBdW1NX0hwZ2tCMjBXR3BnOWk0NklFbU9ZSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGEvNDA4NjY3LTBiMzktNGRhMC05YWEwLTNjYzExYmM5ZDU5NC8x
L1hJd1E5QzR1d1RTb0Rra3RFSzRsNk5TQjkyWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGEv
NDA4NjY3LTBiMzktNGRhMC05YWEwLTNjYzExYmM5ZDU5NC8xLzBBdW1NX0hwZ2tC
MjBXR3BnOWk0NklFbU9ZSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
lgYIKwYBBQUHAQcBAf8EgYYwgYMwcgQCAAEwbAMEAiUSLAMEAiXmpDAMAwQBJebW
AwQBJebcAwQALvOXAwQFWFMAAwQAgABGAwQCsqqEAwQAsqqTAwQCsqqgMAwDBACy
qscDBAGyqswwDAMEAbKq0gMEALKq2AMEArk5oAMEALxIRwMEBcKx4DANBAIAAjAH
AwUAKgAfqDANBgkqhkiG9w0BAQsFAAOCAQEAdPiRl/Q2L+lIH3j/oeVpY6KwSLqX
BHqEg3U1Nq0cYE6/V15o/VfQNJdz5Th8P97PqZBYysGxeXIUe04d3JdOq9BDr5HG
bhqDBg1WYO/4sKrRK0wMdJ1Gn4/RuRXwc8m6KzwFYe2RRhefYvQYakrZ0dDDyvlh
8brB10eCHhC29rQnanDhN6GUObHkapABg9WKgjYpKK/5BteKWR3PSCmhCTjaNp7h
4AjfcFoD0m15BU6mZGldJd74MlaKdrg8r1Cq00KvRKDjLOISDeDd3bPtbFXj0W/o
eTnqg8Ofqdi4B3FvRjWEHXYVyZqNGuHo0CaVkcs3AKjtYwX20TNvvCExHw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:47 2023 by rpki-client on console-ams.rpki-client.org