Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/XRejMtXtWcM3gy7qo-q8aV4vTRw.roa
File: XRejMtXtWcM3gy7qo-q8aV4vTRw.roa (raw, json)
Hash identifier: pdWWsjhZ251v9ETMXRw3I/kKJYVgrHrQXhrxy6WXMeE=
Subject key identifier: 5D:17:A3:32:D5:ED:59:C3:37:83:2E:EA:A3:EA:BC:69:5E:2F:4D:1C
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 0182699622EDE699B2899676D2711A2DB1BE
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/XRejMtXtWcM3gy7qo-q8aV4vTRw.roa
Signing time: Thu 04 Aug 2022 16:00:23 +0000
ROA not before: Thu 04 Aug 2022 16:00:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199552
IP address blocks: 146.66.219.0/24 maxlen: 24
146.66.218.0/24 maxlen: 24
188.74.128.0/24 maxlen: 24
178.157.125.0/24 maxlen: 24
5.157.136.0/24 maxlen: 24
5.157.139.0/24 maxlen: 24
188.119.162.0/24 maxlen: 24
37.35.55.0/24 maxlen: 24
178.157.92.0/24 maxlen: 24
178.157.108.0/24 maxlen: 24
178.157.111.0/24 maxlen: 24
178.157.110.0/24 maxlen: 24
188.119.144.0/22 maxlen: 22
5.157.240.0/21 maxlen: 21
188.74.155.0/24 maxlen: 24
91.235.123.0/24 maxlen: 24
188.74.171.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:69:96:22:ed:e6:99:b2:89:96:76:d2:71:1a:2d:b1:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Aug 4 16:00:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d17a332d5ed59c337832eeaa3eabc695e2f4d1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:de:d3:d4:9f:58:52:d5:28:f1:4e:ce:93:dc:
d6:63:ca:8a:29:ca:8b:07:d5:13:37:ed:2a:82:8f:
27:eb:a4:bc:5a:af:0b:6b:9b:bf:b5:c9:d6:b2:8c:
2b:f2:a4:d4:16:98:e2:3c:41:e4:d5:89:cf:36:4f:
02:c2:2c:0f:a5:fb:06:7f:81:20:c8:91:f7:bd:af:
57:9d:3d:2c:aa:c4:58:ee:d0:df:34:66:18:21:93:
36:a4:49:3c:d4:4f:76:0e:89:d7:39:7a:91:b2:f7:
56:ec:95:69:39:e3:0a:55:59:61:53:45:89:cc:a6:
1d:cf:f7:a7:3d:91:c9:b2:71:de:2e:13:44:db:79:
52:8e:7b:5f:d7:57:e0:fe:66:37:3c:d5:53:ff:eb:
4d:0b:34:09:5e:67:77:e7:b0:74:c9:55:54:72:61:
a3:1a:9c:60:d6:a8:6d:a7:f5:39:8c:68:ce:b8:8a:
a6:85:31:0c:35:bc:36:aa:9e:f2:1c:62:e6:c1:c9:
82:fc:8c:e9:6e:16:e2:2b:43:23:95:dd:32:8b:f9:
a9:1d:3a:7d:84:fd:87:da:3f:92:c5:f1:97:36:8b:
99:8b:cc:5c:8c:7f:d4:ab:70:2e:b5:c7:4e:70:92:
e5:83:4f:f7:40:48:08:50:25:34:7e:ec:28:52:c9:
c3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:17:A3:32:D5:ED:59:C3:37:83:2E:EA:A3:EA:BC:69:5E:2F:4D:1C
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/XRejMtXtWcM3gy7qo-q8aV4vTRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0/24
5.157.139.0/24
5.157.240.0/21
37.35.55.0/24
91.235.123.0/24
146.66.218.0/23
178.157.92.0/24
178.157.108.0/24
178.157.110.0/23
178.157.125.0/24
188.74.128.0/24
188.74.155.0/24
188.74.171.0/24
188.119.144.0/22
188.119.162.0/24
Signature Algorithm: sha256WithRSAEncryption
35:81:19:c4:97:f9:ba:35:b7:01:a0:f4:56:80:b6:56:16:f0:
ee:f3:3d:92:23:9a:4f:9b:8c:c4:75:e1:0b:50:24:81:47:9f:
08:e6:4a:5e:bc:01:3a:10:00:ca:2b:c7:24:1b:51:69:5c:8e:
66:22:a3:57:c9:a7:79:7f:88:63:c8:19:95:79:a7:af:79:31:
71:c8:c7:26:51:14:ac:6e:dd:3a:e0:a3:dc:da:6f:32:45:04:
df:3a:f1:d3:7c:4b:66:4c:1a:4e:2a:13:db:55:f3:4c:aa:0e:
33:9c:42:37:d1:df:d3:4a:6c:da:1d:71:71:fb:76:e8:e2:0f:
24:68:91:16:64:11:e5:37:29:67:7e:f6:c0:ca:c2:9e:c7:03:
c8:77:f2:54:fe:79:53:df:ba:44:bf:7d:68:c0:a3:6b:c9:dd:
ee:ac:b2:d0:c5:59:b7:2e:6f:50:7f:59:5f:49:09:68:6a:fc:
7c:54:eb:24:20:a3:40:97:36:46:2c:10:99:ca:95:e1:b3:65:
94:65:c4:40:18:24:eb:ec:e8:41:91:2b:57:dd:da:38:f7:50:
a7:77:6f:98:ac:6a:50:48:55:09:f5:45:1a:56:d7:cd:f9:44:
66:51:84:51:a0:4a:ec:5b:81:1f:ee:3f:cb:e2:3c:e3:2a:fa:
63:1a:d4:61
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAYJpliLt5pmyiZZ20nEaLbG+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjIwODA0MTYwMDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDE3YTMzMmQ1ZWQ1OWMzMzc4MzJlZWFhM2VhYmM2OTVlMmY0ZDFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t7T1J9YUtUo8U7Ok9zWY8qKKcqL
B9UTN+0qgo8n66S8Wq8La5u/tcnWsowr8qTUFpjiPEHk1YnPNk8CwiwPpfsGf4Eg
yJH3va9XnT0sqsRY7tDfNGYYIZM2pEk81E92DonXOXqRsvdW7JVpOeMKVVlhU0WJ
zKYdz/enPZHJsnHeLhNE23lSjntf11fg/mY3PNVT/+tNCzQJXmd357B0yVVUcmGj
Gpxg1qhtp/U5jGjOuIqmhTEMNbw2qp7yHGLmwcmC/IzpbhbiK0Mjld0yi/mpHTp9
hP2H2j+SxfGXNouZi8xcjH/Uq3AutcdOcJLlg0/3QEgIUCU0fuwoUsnDVwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFF0XozLV7VnDN4Mu6qPqvGleL00cMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvWFJlak10WHRXY00zZ3k3cW8tcThhVjR2VFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQABZ2IAwQA
BZ2LAwQDBZ3wAwQAJSM3AwQAW+t7AwQBkkLaAwQAsp1cAwQAsp1sAwQBsp1uAwQA
sp19AwQAvEqAAwQAvEqbAwQAvEqrAwQCvHeQAwQAvHeiMA0GCSqGSIb3DQEBCwUA
A4IBAQA1gRnEl/m6NbcBoPRWgLZWFvDu8z2SI5pPm4zEdeELUCSBR58I5kpevAE6
EADKK8ckG1FpXI5mIqNXyad5f4hjyBmVeaeveTFxyMcmURSsbt064KPc2m8yRQTf
OvHTfEtmTBpOKhPbVfNMqg4znEI30d/TSmzaHXFx+3bo4g8kaJEWZBHlNylnfvbA
ysKexwPId/JU/nlT37pEv31owKNryd3urLLQxVm3Lm9Qf1lfSQloavx8VOskIKNA
lzZGLBCZypXhs2WUZcRAGCTr7OhBkStX3do491Cnd2+YrGpQSFUJ9UUaVtfN+URm
UYRRoErsW4Ef7j/L4jzjKvpjGtRh
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:23:50 2024 by rpki-client on console-ams.rpki-client.org