Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/X3B0A3odTCnMxF0Lf16iafbBctU.roa
File: X3B0A3odTCnMxF0Lf16iafbBctU.roa (raw, json)
Hash identifier: TJr7i8KhWQN0o0qrP+FP1Oig3NTfgF81V31/R9Pu9oE=
Subject key identifier: 5F:70:74:03:7A:1D:4C:29:CC:C4:5D:0B:7F:5E:A2:69:F6:C1:72:D5
Certificate issuer: /CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Certificate serial: 01852A419A63907A48E429411FC396D0C21E
Authority key identifier: 2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/X3B0A3odTCnMxF0Lf16iafbBctU.roa
Signing time: Mon 19 Dec 2022 12:00:20 +0000
ROA not before: Mon 19 Dec 2022 12:00:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50837
IP address blocks: 185.12.4.0/22 maxlen: 24
178.22.64.0/21 maxlen: 24
93.123.82.0/23 maxlen: 24
91.92.71.0/24 maxlen: 24
93.123.14.0/23 maxlen: 24
31.171.240.0/20 maxlen: 24
94.156.200.0/22 maxlen: 24
2a01:9980::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2a:41:9a:63:90:7a:48:e4:29:41:1f:c3:96:d0:c2:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a4472336c9d02a488cdd77534d65fb1465ec09a
Validity
Not Before: Dec 19 12:00:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f7074037a1d4c29ccc45d0b7f5ea269f6c172d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ae:e9:c2:30:de:b7:09:3c:68:2e:86:d5:d9:
be:60:35:94:65:db:14:47:92:ba:5c:98:ed:2e:73:
5b:ca:b7:3e:77:6c:b6:d1:b8:08:6b:88:49:df:b1:
98:70:52:3b:be:1a:a5:82:a1:b9:3a:75:af:bb:07:
d0:50:3f:ed:61:24:d9:4b:61:a4:28:32:47:57:01:
0d:45:40:02:a1:4e:b1:02:96:cb:f3:d7:43:45:d4:
e2:21:6f:da:b3:33:b1:8a:0e:cc:e9:af:6e:6e:22:
8a:cb:7f:8e:37:06:62:22:6d:90:c0:b7:e4:39:d7:
be:af:30:7e:79:fb:81:78:6c:f4:c2:98:22:72:89:
84:79:ef:1a:b8:63:bf:d4:41:4c:6c:6f:d9:7d:21:
d3:2c:cb:0f:1c:05:92:43:72:68:fa:f1:3b:5d:a3:
d6:90:44:4c:ad:1e:4f:2d:04:2d:bc:bb:9f:01:66:
65:9c:a1:86:93:05:4c:a9:45:cc:86:a0:bc:eb:a9:
d2:4c:cd:f1:be:ce:a0:80:85:97:e6:2c:cf:ff:47:
17:7e:67:02:1b:06:23:49:f8:9f:38:f8:45:9b:b2:
0d:2a:b6:b6:68:f2:4b:7c:c2:66:90:cd:2e:54:b4:
25:30:41:5c:d4:9f:da:e6:58:de:cc:3e:48:f5:0d:
04:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:70:74:03:7A:1D:4C:29:CC:C4:5D:0B:7F:5E:A2:69:F6:C1:72:D5
X509v3 Authority Key Identifier:
keyid:2A:44:72:33:6C:9D:02:A4:88:CD:D7:75:34:D6:5F:B1:46:5E:C0:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KkRyM2ydAqSIzdd1NNZfsUZewJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/X3B0A3odTCnMxF0Lf16iafbBctU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/01db82-4172-4405-ab55-0086d02385d6/1/KkRyM2ydAqSIzdd1NNZfsUZewJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.240.0/20
91.92.71.0/24
93.123.14.0/23
93.123.82.0/23
94.156.200.0/22
178.22.64.0/21
185.12.4.0/22
IPv6:
2a01:9980::/32
Signature Algorithm: sha256WithRSAEncryption
68:08:cd:d4:e0:ed:9a:fb:0a:d6:89:95:79:3f:5b:59:ec:64:
e9:92:cb:4d:4f:b8:90:b6:bb:36:13:a7:b1:21:fb:cd:d6:e3:
29:97:0a:9b:de:97:26:cc:ba:fd:b2:97:9b:57:21:9b:a5:52:
60:34:20:c3:71:69:05:95:ba:20:ad:5d:e1:1b:f4:48:9d:b4:
2b:fe:db:82:a1:15:6e:58:8f:3d:88:b9:c7:30:56:cb:e4:b0:
eb:25:b4:84:13:42:ae:ea:23:4e:a6:62:15:fa:70:13:ae:b7:
04:1b:e4:de:78:90:7a:ef:40:f6:12:c7:8b:c2:be:8b:0a:8e:
25:15:77:58:94:72:b9:8d:71:84:b0:db:37:08:7d:70:a1:64:
3e:8a:fe:11:65:71:1b:8d:a3:2d:6e:b7:8a:26:b9:b1:be:b4:
cc:d0:14:ae:80:64:bf:3c:70:84:a8:95:58:7a:9f:be:79:88:
6c:95:87:38:ad:1d:45:51:ac:8f:d3:65:8a:07:39:ce:f3:bd:
a3:86:a1:83:de:f2:94:19:5c:fa:0d:94:16:dc:fc:61:8d:35:
84:42:4d:95:ac:8b:c9:12:82:14:18:8c:75:85:17:dd:99:76:
10:57:be:b1:6a:dd:b0:2e:93:43:52:12:fb:24:01:4c:78:af:
9c:c5:bb:23
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYUqQZpjkHpI5ClBH8OW0MIeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhNDQ3MjMzNmM5ZDAyYTQ4OGNkZDc3NTM0ZDY1ZmIxNDY1
ZWMwOWEwHhcNMjIxMjE5MTIwMDIwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjcwNzQwMzdhMWQ0YzI5Y2NjNDVkMGI3ZjVlYTI2OWY2YzE3MmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK7pwjDetwk8aC6G1dm+YDWUZdsU
R5K6XJjtLnNbyrc+d2y20bgIa4hJ37GYcFI7vhqlgqG5OnWvuwfQUD/tYSTZS2Gk
KDJHVwENRUACoU6xApbL89dDRdTiIW/aszOxig7M6a9ubiKKy3+ONwZiIm2QwLfk
Ode+rzB+efuBeGz0wpgicomEee8auGO/1EFMbG/ZfSHTLMsPHAWSQ3Jo+vE7XaPW
kERMrR5PLQQtvLufAWZlnKGGkwVMqUXMhqC866nSTM3xvs6ggIWX5izP/0cXfmcC
GwYjSfifOPhFm7INKra2aPJLfMJmkM0uVLQlMEFc1J/a5ljezD5I9Q0ENwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFF9wdAN6HUwpzMRdC39eomn2wXLVMB8GA1UdIwQY
MBaAFCpEcjNsnQKkiM3XdTTWX7FGXsCaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUt
MDA4NmQwMjM4NWQ2LzEvWDNCMEEzb2RUQ25NeEYwTGYxNmlhZmJCY3RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8wMWRiODItNDE3Mi00NDA1LWFiNTUtMDA4NmQwMjM4NWQ2
LzEvS2tSeU0yeWRBcVNJemRkMU5OWmZzVVpld0pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEH6vwAwQA
W1xHAwQBXXsOAwQBXXtSAwQCXpzIAwQDshZAAwQCuQwEMA0EAgACMAcDBQAqAZmA
MA0GCSqGSIb3DQEBCwUAA4IBAQBoCM3U4O2a+wrWiZV5P1tZ7GTpkstNT7iQtrs2
E6exIfvN1uMplwqb3pcmzLr9spebVyGbpVJgNCDDcWkFlbogrV3hG/RInbQr/tuC
oRVuWI89iLnHMFbL5LDrJbSEE0Ku6iNOpmIV+nATrrcEG+TeeJB670D2EseLwr6L
Co4lFXdYlHK5jXGEsNs3CH1woWQ+iv4RZXEbjaMtbreKJrmxvrTM0BSugGS/PHCE
qJVYep++eYhslYc4rR1FUayP02WKBznO872jhqGD3vKUGVz6DZQW3PxhjTWEQk2V
rIvJEoIUGIx1hRfdmXYQV76xat2wLpNDUhL7JAFMeK+cxbsj
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:36:33 2024 by rpki-client on console-ams.rpki-client.org