Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Xffrt9mCZnVXitpD3c7A2LCh1KA.roa
File: Xffrt9mCZnVXitpD3c7A2LCh1KA.roa (raw, json)
Hash identifier: Fs8kxLY42PzdWsvGl+BOjRhvZgURmGddDxZU+MN5Ezs=
Subject key identifier: 5D:F7:EB:B7:D9:82:66:75:57:8A:DA:43:DD:CE:C0:D8:B0:A1:D4:A0
Certificate issuer: /CN=93a229e266b2558899f3547ee63d84ed6594768b
Certificate serial: 13762D59
Authority key identifier: 93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Xffrt9mCZnVXitpD3c7A2LCh1KA.roa
Signing time: Wed 26 Jan 2022 07:46:54 +0000
ROA not before: Wed 26 Jan 2022 07:46:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 56655
IP address blocks: 185.243.217.0/24 maxlen: 24
185.243.216.0/24 maxlen: 24
185.243.218.0/24 maxlen: 24
185.181.60.0/22 maxlen: 24
185.125.168.0/22 maxlen: 24
2a03:94e1::/32 maxlen: 32
2a0a:cd80::/32 maxlen: 32
2a03:94e0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 326511961 (0x13762d59)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93a229e266b2558899f3547ee63d84ed6594768b
Validity
Not Before: Jan 26 07:46:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5df7ebb7d9826675578ada43ddcec0d8b0a1d4a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:3d:91:d0:a2:73:49:30:e3:93:86:1f:1d:93:
dd:92:b4:92:87:ef:46:7d:30:dd:1c:80:3d:45:c3:
9b:eb:9c:fc:fd:55:39:32:81:3d:8e:ed:08:16:7c:
09:22:5a:92:aa:80:6c:95:fb:6d:31:78:f7:26:27:
00:c4:ea:73:5a:50:96:80:b3:f8:9f:d7:03:4a:f6:
d3:59:95:8d:9d:5a:db:fd:d3:42:e7:88:51:d2:57:
b1:10:c0:13:36:0e:8b:56:ba:71:bf:65:bf:92:0d:
71:d4:e4:50:41:e2:7f:80:06:15:6b:ca:5c:6d:09:
99:2c:c9:34:cf:ba:32:48:77:f0:40:a5:ca:7d:3c:
05:05:4f:a5:ff:6b:8d:4c:1f:d6:bd:64:04:17:86:
0c:7d:0f:72:2d:fb:31:29:5d:86:59:8f:1a:67:fc:
9d:2c:d3:a9:3f:de:a3:41:5e:4f:7b:21:a2:b7:b7:
69:24:25:ba:f7:c0:e5:6e:02:23:4b:72:22:22:71:
3a:d2:e5:14:f5:34:a9:bb:72:de:05:25:4f:5a:4a:
30:53:82:95:c8:f9:d1:3b:ef:86:85:c1:46:1f:88:
49:fa:85:5e:69:24:de:c8:a8:df:49:45:7f:c2:72:
0a:78:8b:4e:1e:79:38:e5:88:6b:7c:02:1d:03:34:
9b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F7:EB:B7:D9:82:66:75:57:8A:DA:43:DD:CE:C0:D8:B0:A1:D4:A0
X509v3 Authority Key Identifier:
keyid:93:A2:29:E2:66:B2:55:88:99:F3:54:7E:E6:3D:84:ED:65:94:76:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k6Ip4mayVYiZ81R-5j2E7WWUdos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/Xffrt9mCZnVXitpD3c7A2LCh1KA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c4073a-923b-4ecf-9566-4d777cacd9a4/1/k6Ip4mayVYiZ81R-5j2E7WWUdos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.168.0/22
185.181.60.0/22
185.243.216.0-185.243.218.255
IPv6:
2a03:94e0::/31
2a0a:cd80::/32
Signature Algorithm: sha256WithRSAEncryption
19:c7:39:a4:11:3a:36:81:7b:68:ce:03:fe:af:fe:25:b0:11:
fd:3c:31:c5:9c:31:8e:de:35:0a:db:a4:68:14:08:55:b4:c0:
9d:ea:2e:68:a8:0d:77:bc:ef:f4:16:d1:64:5b:80:8b:61:1d:
4a:eb:d9:1d:62:f5:4f:f6:51:b4:80:00:4a:2d:39:8e:07:1e:
e7:7f:ef:39:e6:c5:22:81:3f:78:40:d1:02:08:3a:05:40:00:
51:da:0d:45:c1:c6:c8:f7:09:7f:e3:d8:9d:e7:b2:c2:5a:f1:
7d:56:f2:fb:ce:ed:b7:77:94:b7:7d:0d:92:b1:79:f5:8f:29:
c3:18:0d:83:74:8c:64:09:e3:3b:58:91:e4:4e:cb:89:11:25:
0a:11:38:d3:52:82:d0:ca:3e:54:fc:86:ff:e0:50:2d:13:ae:
97:95:97:f0:a0:4f:ab:7c:c8:2f:5e:c5:7b:9c:89:25:f2:6a:
cd:83:88:f1:73:09:23:fe:d9:3d:51:9e:5b:d3:f8:e6:94:5a:
2d:49:d4:78:c4:d2:b1:53:89:4c:8e:74:cc:82:f8:ab:e7:83:
20:d8:25:6e:50:68:38:5a:84:9e:49:e8:29:3c:5f:ab:02:c3:
b4:74:4f:32:fb:85:c8:89:6d:65:c0:34:84:f1:b6:8d:73:a0:
17:49:11:08
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEE3YtWTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
M2EyMjllMjY2YjI1NTg4OTlmMzU0N2VlNjNkODRlZDY1OTQ3NjhiMB4XDTIyMDEy
NjA3NDY1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRmN2ViYjdkOTgy
NjY3NTU3OGFkYTQzZGRjZWMwZDhiMGExZDRhMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAI49kdCic0kw45OGHx2T3ZK0kofvRn0w3RyAPUXDm+uc/P1V
OTKBPY7tCBZ8CSJakqqAbJX7bTF49yYnAMTqc1pQloCz+J/XA0r201mVjZ1a2/3T
QueIUdJXsRDAEzYOi1a6cb9lv5INcdTkUEHif4AGFWvKXG0JmSzJNM+6Mkh38ECl
yn08BQVPpf9rjUwf1r1kBBeGDH0Pci37MSldhlmPGmf8nSzTqT/eo0FeT3shore3
aSQluvfA5W4CI0tyIiJxOtLlFPU0qbty3gUlT1pKMFOClcj50TvvhoXBRh+ISfqF
Xmkk3sio30lFf8JyCniLTh55OOWIa3wCHQM0m98CAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRd9+u32YJmdVeK2kPdzsDYsKHUoDAfBgNVHSMEGDAWgBSToiniZrJViJnz
VH7mPYTtZZR2izAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2s2SXA0bWF5VllpWjgxUi01ajJFN1dXVWRvcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTQvYzQwNzNhLTkyM2ItNGVjZi05NTY2LTRkNzc3Y2FjZDlhNC8x
L1hmZnJ0OW1DWm5WWGl0cEQzYzdBMkxDaDFLQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTQv
YzQwNzNhLTkyM2ItNGVjZi05NTY2LTRkNzc3Y2FjZDlhNC8xL2s2SXA0bWF5Vllp
WjgxUi01ajJFN1dXVWRvcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwIAQCAAEwGgMEArl9qAMEArm1PDAMAwQDufPYAwQA
ufPaMBQEAgACMA4DBQEqA5TgAwUAKgrNgDANBgkqhkiG9w0BAQsFAAOCAQEAGcc5
pBE6NoF7aM4D/q/+JbAR/TwxxZwxjt41CtukaBQIVbTAneouaKgNd7zv9BbRZFuA
i2EdSuvZHWL1T/ZRtIAASi05jgce53/vOebFIoE/eEDRAgg6BUAAUdoNRcHGyPcJ
f+PYneeywlrxfVby+87tt3eUt30NkrF59Y8pwxgNg3SMZAnjO1iR5E7LiRElChE4
01KC0Mo+VPyG/+BQLROul5WX8KBPq3zIL17Fe5yJJfJqzYOI8XMJI/7ZPVGeW9P4
5pRaLUnUeMTSsVOJTI50zIL4q+eDINglblBoOFqEnknoKTxfqwLDtHRPMvuFyIlt
ZcA0hPG2jXOgF0kRCA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:21 2024 by rpki-client on console-fra.rpki-client.org