Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/X5BnsaUxB4LHPaV5LckZZ56kEsY.roa
File: X5BnsaUxB4LHPaV5LckZZ56kEsY.roa (raw, json)
Hash identifier: +9TKIq4pDer0xFmtZ2JSwBZBeDxoPdngl2+lD8iAXG8=
Subject key identifier: 5F:90:67:B1:A5:31:07:82:C7:3D:A5:79:2D:C9:19:67:9E:A4:12:C6
Certificate issuer: /CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c
Certificate serial: 0184E2215F5ECF4EB111D5A2E16183BF6473
Authority key identifier: 0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/X5BnsaUxB4LHPaV5LckZZ56kEsY.roa
Signing time: Mon 05 Dec 2022 11:52:28 +0000
ROA not before: Mon 05 Dec 2022 11:52:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60671
IP address blocks: 185.27.41.0/24 maxlen: 24
185.27.40.0/24 maxlen: 24
185.27.40.0/23 maxlen: 23
2a04:33c0::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e2:21:5f:5e:cf:4e:b1:11:d5:a2:e1:61:83:bf:64:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0cbbd0114d97196750d48c5e1256ed055a5e9e2c
Validity
Not Before: Dec 5 11:52:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f9067b1a5310782c73da5792dc919679ea412c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:6d:27:ee:0a:22:df:d9:20:d7:b4:d3:18:5e:
49:5f:87:b3:31:13:b4:c0:85:b8:2e:bb:c8:4c:00:
4f:f8:ed:91:cb:43:81:39:2a:16:1b:da:d2:60:a4:
28:41:4c:db:ce:d4:7f:c3:60:02:f4:e3:7d:3a:a4:
48:98:e5:cc:5b:74:64:1a:1b:d7:9b:51:6a:57:aa:
cf:43:92:c8:4d:23:af:6a:8e:d4:60:a0:8d:08:fe:
32:34:46:4c:16:6d:8b:a0:ac:a3:19:c6:17:2e:b0:
85:35:dc:87:67:70:07:9c:0e:d9:62:32:0e:30:03:
db:37:c7:56:64:f9:a9:23:4e:b3:24:c5:4a:91:aa:
64:a3:97:a6:6e:27:20:13:66:e8:7e:11:a3:28:28:
5a:0c:d6:b5:63:32:61:d9:03:bf:1b:4b:f3:46:b1:
8e:4f:7e:cc:46:16:5a:ad:76:92:f8:e3:c8:ed:87:
ec:ba:fd:14:7d:71:9c:cc:97:cc:03:45:65:6b:07:
ea:0f:ae:1d:80:bd:03:15:45:d0:2a:7b:36:b4:d3:
75:1d:07:12:16:7e:8f:4a:b5:9f:97:45:3f:ab:fd:
e9:3c:0b:7d:c2:12:07:46:2b:c7:57:61:26:af:4d:
7f:f1:d3:b4:65:02:fc:6e:05:a9:3e:23:96:a6:b7:
ef:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:90:67:B1:A5:31:07:82:C7:3D:A5:79:2D:C9:19:67:9E:A4:12:C6
X509v3 Authority Key Identifier:
keyid:0C:BB:D0:11:4D:97:19:67:50:D4:8C:5E:12:56:ED:05:5A:5E:9E:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DLvQEU2XGWdQ1IxeElbtBVpeniw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/X5BnsaUxB4LHPaV5LckZZ56kEsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/2a1b4e-d754-443c-a360-afb566cdfac6/1/DLvQEU2XGWdQ1IxeElbtBVpeniw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.27.40.0/23
IPv6:
2a04:33c0::/40
Signature Algorithm: sha256WithRSAEncryption
3b:17:64:d5:a5:7f:a2:df:3f:61:46:2e:f1:7b:e1:da:60:7e:
68:bd:74:aa:72:4f:73:08:88:8b:7e:52:da:32:c7:4b:0e:73:
15:0c:27:68:6e:aa:8b:53:3d:4f:a3:fb:d3:e2:3d:db:50:74:
e4:4b:9a:03:99:5b:fc:0a:64:42:07:bc:8e:1e:c7:ae:c0:b6:
3e:9f:df:50:da:90:eb:70:aa:09:92:2a:59:e4:07:a7:83:38:
d8:00:24:2b:3a:28:a3:51:57:80:db:4b:e6:de:af:e4:8e:be:
9b:7e:ab:e8:dd:e9:df:60:aa:19:92:0a:f7:c7:4d:d2:1b:34:
66:b7:5a:c4:ae:4d:f4:92:66:c8:a9:69:cd:ce:15:03:6c:3e:
81:f4:c2:75:03:64:55:fb:ed:bf:24:e5:3e:08:38:ca:98:ac:
4a:15:d8:a1:a8:e7:ee:8e:db:14:25:74:47:66:de:6d:87:ed:
50:54:e8:13:cb:c3:ba:e4:f6:6d:a6:2e:ce:8a:e3:24:56:35:
83:c7:0d:fe:e5:d9:25:af:86:94:3b:6e:76:b1:f7:66:85:bd:
ab:45:58:e7:41:bf:00:d5:cf:dc:8c:14:95:eb:16:ae:fd:f8:
f3:c9:1f:08:f1:ce:21:72:6f:62:b4:ef:12:94:02:79:bb:7a:
99:22:0f:4a
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYTiIV9ez06xEdWi4WGDv2RzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjYmJkMDExNGQ5NzE5Njc1MGQ0OGM1ZTEyNTZlZDA1NWE1
ZTllMmMwHhcNMjIxMjA1MTE1MjI4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjkwNjdiMWE1MzEwNzgyYzczZGE1NzkyZGM5MTk2NzllYTQxMmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkG0n7goi39kg17TTGF5JX4ezMRO0
wIW4LrvITABP+O2Ry0OBOSoWG9rSYKQoQUzbztR/w2AC9ON9OqRImOXMW3RkGhvX
m1FqV6rPQ5LITSOvao7UYKCNCP4yNEZMFm2LoKyjGcYXLrCFNdyHZ3AHnA7ZYjIO
MAPbN8dWZPmpI06zJMVKkapko5embicgE2bofhGjKChaDNa1YzJh2QO/G0vzRrGO
T37MRhZarXaS+OPI7Yfsuv0UfXGczJfMA0VlawfqD64dgL0DFUXQKns2tNN1HQcS
Fn6PSrWfl0U/q/3pPAt9whIHRivHV2Emr01/8dO0ZQL8bgWpPiOWprfv0wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFF+QZ7GlMQeCxz2leS3JGWeepBLGMB8GA1UdIwQY
MBaAFAy70BFNlxlnUNSMXhJW7QVaXp4sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAt
YWZiNTY2Y2RmYWM2LzEvWDVCbnNhVXhCNExIUGFWNUxja1paNTZrRXNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC8yYTFiNGUtZDc1NC00NDNjLWEzNjAtYWZiNTY2Y2RmYWM2
LzEvREx2UUVVMlhHV2RRMUl4ZUVsYnRCVnBlbml3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQBuRsoMA4E
AgACMAgDBgAqBDPAADANBgkqhkiG9w0BAQsFAAOCAQEAOxdk1aV/ot8/YUYu8Xvh
2mB+aL10qnJPcwiIi35S2jLHSw5zFQwnaG6qi1M9T6P70+I921B05EuaA5lb/Apk
Qge8jh7HrsC2Pp/fUNqQ63CqCZIqWeQHp4M42AAkKzooo1FXgNtL5t6v5I6+m36r
6N3p32CqGZIK98dN0hs0ZrdaxK5N9JJmyKlpzc4VA2w+gfTCdQNkVfvtvyTlPgg4
ypisShXYoajn7o7bFCV0R2bebYftUFToE8vDuuT2baYuzorjJFY1g8cN/uXZJa+G
lDtudrH3ZoW9q0VY50G/ANXP3IwUlesWrv3488kfCPHOIXJvYrTvEpQCebt6mSIP
Sg==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:37 2023 by rpki-client on console-fra.rpki-client.org