Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/XQtyPDJvjq483lgDRAsuwhhaSms.roa
File: XQtyPDJvjq483lgDRAsuwhhaSms.roa (raw, json)
Hash identifier: 98L5sxflGfWAX2Qo+a5D4LlCWPQtNyPoG5omo6HRoyo=
Subject key identifier: 5D:0B:72:3C:32:6F:8E:AE:3C:DE:58:03:44:0B:2E:C2:18:5A:4A:6B
Certificate issuer: /CN=e754c347d68d15493de71bb962f0a567e134d603
Certificate serial: 0185069828AE09D342778D728A6DE2E51DFD
Authority key identifier: E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/XQtyPDJvjq483lgDRAsuwhhaSms.roa
Signing time: Mon 12 Dec 2022 13:48:33 +0000
ROA not before: Mon 12 Dec 2022 13:48:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 198.105.120.0/22 maxlen: 24
185.135.212.0/22 maxlen: 24
45.43.88.0/22 maxlen: 24
198.105.96.0/22 maxlen: 24
198.105.104.0/22 maxlen: 24
198.105.112.0/24 maxlen: 24
198.105.118.0/23 maxlen: 24
198.105.114.0/23 maxlen: 24
198.105.113.0/24 maxlen: 24
155.254.36.0/22 maxlen: 24
155.254.40.0/22 maxlen: 22
155.254.44.0/22 maxlen: 24
155.254.50.0/23 maxlen: 24
155.254.52.0/22 maxlen: 24
155.254.56.0/22 maxlen: 24
45.43.92.0/22 maxlen: 24
185.53.131.0/24 maxlen: 24
185.53.128.0/24 maxlen: 24
185.53.130.0/24 maxlen: 24
185.53.129.0/24 maxlen: 24
185.83.219.0/24 maxlen: 24
185.83.218.0/24 maxlen: 24
185.83.216.0/24 maxlen: 24
185.83.217.0/24 maxlen: 24
107.181.137.0/24 maxlen: 24
107.181.156.0/22 maxlen: 22
91.210.64.0/22 maxlen: 24
103.206.232.0/22 maxlen: 24
162.220.246.0/23 maxlen: 24
94.177.5.0/24 maxlen: 24
43.239.88.0/22 maxlen: 22
87.239.252.0/23 maxlen: 24
2a02:2ca0::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:06:98:28:ae:09:d3:42:77:8d:72:8a:6d:e2:e5:1d:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e754c347d68d15493de71bb962f0a567e134d603
Validity
Not Before: Dec 12 13:48:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d0b723c326f8eae3cde5803440b2ec2185a4a6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:17:56:0f:b6:d3:71:98:48:e9:63:28:af:14:
14:16:62:a6:04:4a:f0:43:c9:d2:4b:98:7f:70:16:
61:d1:62:f5:d0:d0:ee:45:2c:4c:2d:b3:07:1a:7c:
64:2c:91:54:c4:c0:06:f8:2a:a0:76:95:9b:b5:aa:
a7:1d:4e:91:00:76:83:92:9e:0d:2c:94:75:65:18:
6e:6f:75:b4:c6:3b:da:e4:be:86:e9:7b:73:1a:5c:
7a:d6:2e:cc:1a:5c:57:12:68:68:30:9f:6f:89:a0:
ca:72:11:41:c6:1c:6d:5e:ac:de:13:5b:20:cf:8a:
91:e1:32:de:76:37:d5:e9:f7:d5:df:65:57:3c:c7:
39:b6:74:e5:68:ab:b4:0d:de:b2:9d:77:7f:ef:ac:
34:e1:1f:a7:1d:87:7a:11:89:00:89:e6:b4:bf:cc:
19:78:68:87:54:76:48:42:b7:11:ab:30:05:6e:07:
d4:99:e8:e2:52:1b:cd:c0:38:dd:c5:5a:63:a0:b7:
e8:a8:c2:fc:25:bc:f2:5a:18:1d:b8:5d:51:fa:76:
1a:20:23:b5:ab:0e:c1:0e:df:3b:b5:f4:f2:2c:0d:
6c:08:14:b6:40:c4:07:cb:13:c4:01:cc:46:7c:be:
e5:8f:5f:aa:51:77:df:75:76:8e:1c:f3:64:17:07:
d4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:0B:72:3C:32:6F:8E:AE:3C:DE:58:03:44:0B:2E:C2:18:5A:4A:6B
X509v3 Authority Key Identifier:
keyid:E7:54:C3:47:D6:8D:15:49:3D:E7:1B:B9:62:F0:A5:67:E1:34:D6:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/51TDR9aNFUk95xu5YvClZ-E01gM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/XQtyPDJvjq483lgDRAsuwhhaSms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/46db3a-a573-4f28-b43b-37b62d223924/1/51TDR9aNFUk95xu5YvClZ-E01gM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.239.88.0/22
45.43.88.0/21
87.239.252.0/23
91.210.64.0/22
94.177.5.0/24
103.206.232.0/22
107.181.137.0/24
107.181.156.0/22
155.254.36.0-155.254.47.255
155.254.50.0-155.254.59.255
162.220.246.0/23
185.53.128.0/22
185.83.216.0/22
185.135.212.0/22
198.105.96.0/22
198.105.104.0/22
198.105.112.0/22
198.105.118.0-198.105.123.255
IPv6:
2a02:2ca0::/29
Signature Algorithm: sha256WithRSAEncryption
88:6f:80:2a:d9:98:43:a3:f8:42:2d:e9:f3:fc:83:80:47:b1:
04:0b:63:96:12:56:4e:77:39:31:e0:09:d0:48:ac:e2:42:fd:
e6:81:ab:95:0c:a0:4b:d0:68:a3:d9:a7:10:31:ee:47:95:79:
c8:50:6d:1b:ea:ac:0b:10:a7:8c:c1:81:9f:58:13:86:75:fe:
d0:91:08:d0:36:f2:a4:38:3e:7e:9b:ee:bd:8a:aa:51:c7:31:
65:64:c9:24:af:03:35:69:9e:26:46:ad:2d:a0:57:54:b8:d8:
26:20:98:9c:5f:71:e7:3d:12:6f:1a:82:33:80:c6:aa:7e:9f:
3a:27:29:2e:61:87:d0:33:9c:b4:03:1f:95:0e:fc:54:ed:32:
51:b6:0b:1a:07:8a:21:ea:87:66:17:f9:ac:d8:a6:e6:75:e7:
9b:b3:1d:4c:06:96:b9:c6:b5:96:0a:8e:53:cc:0c:b5:bd:a8:
2a:37:46:65:84:d4:1a:1a:eb:4f:bf:94:6c:b2:b0:07:92:33:
84:51:87:48:ec:8f:b9:ea:b3:9c:d7:67:98:5b:5c:3b:dd:07:
b9:a7:30:5c:ed:05:2a:18:cf:f7:55:5b:54:f5:fc:7a:ff:5a:
21:7e:c4:3e:50:be:12:41:68:e7:10:d6:e9:b9:bc:ce:dd:32:
8f:61:fd:9d
-----BEGIN CERTIFICATE-----
MIIFjzCCBHegAwIBAgISAYUGmCiuCdNCd41yim3i5R39MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3NTRjMzQ3ZDY4ZDE1NDkzZGU3MWJiOTYyZjBhNTY3ZTEz
NGQ2MDMwHhcNMjIxMjEyMTM0ODMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDBiNzIzYzMyNmY4ZWFlM2NkZTU4MDM0NDBiMmVjMjE4NWE0YTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRdWD7bTcZhI6WMorxQUFmKmBErw
Q8nSS5h/cBZh0WL10NDuRSxMLbMHGnxkLJFUxMAG+CqgdpWbtaqnHU6RAHaDkp4N
LJR1ZRhub3W0xjva5L6G6XtzGlx61i7MGlxXEmhoMJ9viaDKchFBxhxtXqzeE1sg
z4qR4TLedjfV6ffV32VXPMc5tnTlaKu0Dd6ynXd/76w04R+nHYd6EYkAiea0v8wZ
eGiHVHZIQrcRqzAFbgfUmejiUhvNwDjdxVpjoLfoqML8JbzyWhgduF1R+nYaICO1
qw7BDt87tfTyLA1sCBS2QMQHyxPEAcxGfL7lj1+qUXffdXaOHPNkFwfUYQIDAQAB
o4ICmzCCApcwHQYDVR0OBBYEFF0Lcjwyb46uPN5YA0QLLsIYWkprMB8GA1UdIwQY
MBaAFOdUw0fWjRVJPecbuWLwpWfhNNYDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2It
MzdiNjJkMjIzOTI0LzEvWFF0eVBESnZqcTQ4M2xnRFJBc3V3aGhhU21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80NmRiM2EtYTU3My00ZjI4LWI0M2ItMzdiNjJkMjIzOTI0
LzEvNTFURFI5YU5GVWs5NXh1NVl2Q2xaLUUwMWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGwBggrBgEFBQcBBwEB/wSBoDCBnTCBiwQCAAEwgYQDBAIr
71gDBAMtK1gDBAFX7/wDBAJb0kADBABesQUDBAJnzugDBABrtYkDBAJrtZwwDAME
Apv+JAMEBJv+IDAMAwQBm/4yAwQCm/44AwQBotz2AwQCuTWAAwQCuVPYAwQCuYfU
AwQCxmlgAwQCxmloAwQCxmlwMAwDBAHGaXYDBALGaXgwDQQCAAIwBwMFAyoCLKAw
DQYJKoZIhvcNAQELBQADggEBAIhvgCrZmEOj+EIt6fP8g4BHsQQLY5YSVk53OTHg
CdBIrOJC/eaBq5UMoEvQaKPZpxAx7keVechQbRvqrAsQp4zBgZ9YE4Z1/tCRCNA2
8qQ4Pn6b7r2KqlHHMWVkySSvAzVpniZGrS2gV1S42CYgmJxfcec9Em8agjOAxqp+
nzonKS5hh9AznLQDH5UO/FTtMlG2CxoHiiHqh2YX+azYpuZ155uzHUwGlrnGtZYK
jlPMDLW9qCo3RmWE1Boa60+/lGyysAeSM4RRh0jsj7nqs5zXZ5hbXDvdB7mnMFzt
BSoYz/dVW1T1/Hr/WiF+xD5QvhJBaOcQ1um5vM7dMo9h/Z0=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:26 2025 by rpki-client