Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/XvTg4TujL7VSfUFZoVhsHj3oYDY.roa
File: XvTg4TujL7VSfUFZoVhsHj3oYDY.roa (raw, json)
Hash identifier: ONGyLXOH5yxD3sHQ7X/aA/2UcQFs0MmPreQ5bc4hfEc=
Subject key identifier: 5E:F4:E0:E1:3B:A3:2F:B5:52:7D:41:59:A1:58:6C:1E:3D:E8:60:36
Certificate issuer: /CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Certificate serial: 38062B7D
Authority key identifier: 26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/XvTg4TujL7VSfUFZoVhsHj3oYDY.roa
Signing time: Sat 01 Jan 2022 04:04:05 +0000
ROA not before: Sat 01 Jan 2022 04:04:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50673
IP address blocks: 5.188.12.0/24 maxlen: 24
185.79.112.0/22 maxlen: 22
5.188.13.0/24 maxlen: 24
5.188.14.0/24 maxlen: 24
5.188.15.0/24 maxlen: 24
185.8.176.0/22 maxlen: 22
185.12.12.0/22 maxlen: 24
5.188.12.0/22 maxlen: 22
178.21.16.0/21 maxlen: 24
5.255.64.0/19 maxlen: 24
91.221.69.0/24 maxlen: 24
89.47.1.0/24 maxlen: 24
46.249.32.0/19 maxlen: 24
93.158.200.0/21 maxlen: 24
93.158.208.0/20 maxlen: 24
5.178.64.0/21 maxlen: 24
185.53.160.0/22 maxlen: 22
2a03:3f40::/32 maxlen: 32
2a00:1caa::/32 maxlen: 32
2a00:1ca8:77::/48 maxlen: 48
2a00:1ca8::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 939928445 (0x38062b7d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2631166de785a3531bdc8361f1190a8369a7ed6a
Validity
Not Before: Jan 1 04:04:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ef4e0e13ba32fb5527d4159a1586c1e3de86036
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:b8:09:94:f9:ce:cf:1d:79:3f:42:88:89:4c:
77:ea:2c:6e:b5:05:f5:85:05:39:45:a5:84:0d:63:
37:58:1f:de:8d:5f:75:fb:07:9a:1c:6f:11:ed:e6:
4f:1c:15:d1:61:9d:8b:f8:6c:98:10:59:47:b8:aa:
d7:c5:39:5a:ea:3d:f4:47:0f:f1:a3:65:c1:f2:02:
fd:0a:a4:1a:bc:20:f9:c8:5a:5a:0b:3a:7f:aa:a1:
7a:41:4b:13:98:dd:be:27:10:71:eb:4e:d3:49:f9:
7e:94:22:b1:31:2a:71:f9:5d:4b:7c:00:db:8a:fa:
ed:cb:fd:8c:77:eb:31:99:fa:05:86:e8:e4:24:8b:
e4:86:35:06:a6:4f:0e:cc:7c:ff:46:8c:60:b9:74:
80:fc:d0:3d:bb:22:3b:3f:d0:8f:85:af:42:24:77:
4c:79:c6:53:c5:17:76:70:bc:7d:2e:2b:f4:6f:97:
5a:5d:9f:6d:af:58:a1:5d:64:bd:c9:bb:7e:e3:ab:
ac:db:3c:a7:be:38:4e:b3:81:f3:8f:5b:3e:0c:ca:
91:a7:46:37:ae:1b:55:11:08:4e:33:e6:fd:f2:83:
5f:73:c3:3d:0d:3e:9c:ca:ce:b5:c9:82:70:0f:12:
a5:db:c3:42:6f:fa:ae:68:1d:e5:ff:82:c2:25:ac:
37:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:F4:E0:E1:3B:A3:2F:B5:52:7D:41:59:A1:58:6C:1E:3D:E8:60:36
X509v3 Authority Key Identifier:
keyid:26:31:16:6D:E7:85:A3:53:1B:DC:83:61:F1:19:0A:83:69:A7:ED:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/XvTg4TujL7VSfUFZoVhsHj3oYDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/fb0157-6746-4b00-8f8e-b89a26199976/1/JjEWbeeFo1Mb3INh8RkKg2mn7Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.64.0/21
5.188.12.0/22
5.255.64.0/19
46.249.32.0/19
89.47.1.0/24
91.221.69.0/24
93.158.200.0-93.158.223.255
178.21.16.0/21
185.8.176.0/22
185.12.12.0/22
185.53.160.0/22
185.79.112.0/22
IPv6:
2a00:1ca8::/32
2a00:1caa::/32
2a03:3f40::/32
Signature Algorithm: sha256WithRSAEncryption
5b:dd:77:e1:c7:3c:43:9f:ce:65:9b:3c:74:e8:3c:48:a7:ed:
fb:47:b8:e4:ab:eb:0c:db:70:56:b5:c9:67:98:fd:a0:bf:52:
eb:a6:79:5e:e0:ad:31:ec:7f:8f:af:65:1d:78:2c:da:44:67:
45:85:9f:a9:a2:21:8d:07:74:94:9a:0b:ec:b0:37:c2:3a:07:
09:29:67:69:02:93:5e:f6:78:c8:ee:d1:00:16:c6:59:77:6d:
86:c5:b3:7b:c9:84:89:db:15:21:f6:15:28:dd:97:d5:e2:96:
b7:d0:7b:c1:db:96:d0:5a:b2:19:96:d6:4e:40:eb:63:cc:1c:
22:e5:a6:39:21:9b:da:55:50:72:e5:84:65:1a:c9:ff:0d:7e:
92:16:37:42:85:f7:01:ad:f8:c4:48:da:1a:15:3c:61:e2:d7:
d1:f8:0e:bc:70:f7:00:98:ee:90:49:f3:91:0c:ee:be:15:ad:
29:82:f0:75:39:38:b7:c2:12:ee:8f:04:b8:9e:ae:8c:97:2b:
1e:79:11:b5:1b:c9:14:06:42:28:2b:5a:f6:22:c4:71:68:4b:
45:14:ab:af:88:9c:2f:e1:98:b7:e9:3a:66:57:52:5a:e1:06:
0d:fe:08:9c:fe:bf:f4:47:10:f8:ea:d6:7c:31:1a:ce:74:3f:
dc:aa:b7:3b
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgIEOAYrfTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NjMxMTY2ZGU3ODVhMzUzMWJkYzgzNjFmMTE5MGE4MzY5YTdlZDZhMB4XDTIyMDEw
MTA0MDQwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWVmNGUwZTEzYmEz
MmZiNTUyN2Q0MTU5YTE1ODZjMWUzZGU4NjAzNjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKi4CZT5zs8deT9CiIlMd+osbrUF9YUFOUWlhA1jN1gf3o1f
dfsHmhxvEe3mTxwV0WGdi/hsmBBZR7iq18U5Wuo99EcP8aNlwfIC/QqkGrwg+cha
Wgs6f6qhekFLE5jdvicQcetO00n5fpQisTEqcfldS3wA24r67cv9jHfrMZn6BYbo
5CSL5IY1BqZPDsx8/0aMYLl0gPzQPbsiOz/Qj4WvQiR3THnGU8UXdnC8fS4r9G+X
Wl2fba9YoV1kvcm7fuOrrNs8p744TrOB849bPgzKkadGN64bVREITjPm/fKDX3PD
PQ0+nMrOtcmCcA8SpdvDQm/6rmgd5f+CwiWsN1sCAwEAAaOCAnEwggJtMB0GA1Ud
DgQWBBRe9ODhO6MvtVJ9QVmhWGwePehgNjAfBgNVHSMEGDAWgBQmMRZt54WjUxvc
g2HxGQqDaaftajAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pqRVdiZWVGbzFNYjNJTmg4UmtLZzJtbjdXby5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvZmIwMTU3LTY3NDYtNGIwMC04ZjhlLWI4OWEyNjE5OTk3Ni8x
L1h2VGc0VHVqTDdWU2ZVRlpvVmhzSGozb1lEWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
ZmIwMTU3LTY3NDYtNGIwMC04ZjhlLWI4OWEyNjE5OTk3Ni8xL0pqRVdiZWVGbzFN
YjNJTmg4UmtLZzJtbjdXby5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
hgYIKwYBBQUHAQcBAf8EdzB1MFYEAgABMFADBAMFskADBAIFvAwDBAUF/0ADBAUu
+SADBABZLwEDBABb3UUwDAMEA12eyAMEBV2ewAMEA7IVEAMEArkIsAMEArkMDAME
Ark1oAMEArlPcDAbBAIAAjAVAwUAKgAcqAMFACoAHKoDBQAqAz9AMA0GCSqGSIb3
DQEBCwUAA4IBAQBb3XfhxzxDn85lmzx06DxIp+37R7jkq+sM23BWtclnmP2gv1Lr
pnle4K0x7H+Pr2UdeCzaRGdFhZ+poiGNB3SUmgvssDfCOgcJKWdpApNe9njI7tEA
FsZZd22GxbN7yYSJ2xUh9hUo3ZfV4pa30HvB25bQWrIZltZOQOtjzBwi5aY5IZva
VVBy5YRlGsn/DX6SFjdChfcBrfjESNoaFTxh4tfR+A68cPcAmO6QSfORDO6+Fa0p
gvB1OTi3whLujwS4nq6MlyseeRG1G8kUBkIoK1r2IsRxaEtFFKuviJwv4Zi36Tpm
V1Ja4QYN/gic/r/0RxD46tZ8MRrOdD/cqrc7
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:07 2023 by rpki-client on console-ams.rpki-client.org