Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xfxEDaI39q7Fj1dcauoFJLrZv6k.roa
File: xfxEDaI39q7Fj1dcauoFJLrZv6k.roa (raw, json)
Hash identifier: 8IEQMTazIgLu6LGpnlfvJV/Uk+e+bNxg9BwEUv4HfLI=
Subject key identifier: C5:FC:44:0D:A2:37:F6:AE:C5:8F:57:5C:6A:EA:05:24:BA:D9:BF:A9
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 07534453
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xfxEDaI39q7Fj1dcauoFJLrZv6k.roa
Signing time: Fri 11 Feb 2022 09:48:03 +0000
ROA not before: Fri 11 Feb 2022 09:48:03 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60800
IP address blocks: 91.210.101.0/24 maxlen: 24
91.210.100.0/24 maxlen: 24
91.210.103.0/24 maxlen: 24
103.82.0.0/22 maxlen: 24
185.42.16.0/22 maxlen: 24
125.62.72.0/22 maxlen: 24
185.17.172.0/22 maxlen: 24
185.222.112.0/22 maxlen: 24
2a03:ec40::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 122897491 (0x7534453)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Feb 11 09:48:03 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5fc440da237f6aec58f575c6aea0524bad9bfa9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:8b:b3:4e:e6:79:52:0d:74:76:67:05:92:8b:
22:6f:a6:8d:bb:94:91:16:2f:25:be:81:3e:29:e8:
79:f3:19:ad:49:ef:4c:2e:ae:76:dd:09:f8:d9:b7:
eb:25:6e:cd:2b:9b:83:d2:40:ee:ea:b2:c0:ba:06:
5d:cb:d1:31:ee:c8:26:90:e7:11:1d:85:e3:61:a6:
1d:cc:c4:f5:7c:2c:59:43:b3:7b:da:ca:51:e9:ac:
a8:22:a9:bd:30:57:0f:a8:ba:ae:eb:95:d5:c6:63:
a4:40:29:cf:ce:89:7c:80:4d:41:4d:48:e4:cd:52:
5a:61:7a:19:f8:c2:92:e6:1f:b4:41:ad:68:55:8f:
e0:84:d4:32:57:ae:e2:c7:73:3e:f0:72:35:45:b9:
ed:fa:dc:39:a6:cb:88:fb:c2:bb:45:b3:1d:9f:7d:
e1:bb:73:9a:f0:25:87:6d:29:03:d8:34:cd:a7:2c:
49:d7:ab:b4:a7:e9:7e:9f:24:98:de:0b:8f:83:81:
a4:5f:be:1a:1e:d2:93:cc:d0:06:a4:f7:8f:e1:78:
73:c0:f8:a1:33:11:00:8e:71:ff:d7:9e:ce:42:78:
95:27:13:9a:6d:52:5e:07:3e:34:17:0e:21:24:5c:
f9:af:70:c0:7d:e6:a4:6f:a4:5a:f7:1c:3c:63:b5:
5b:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:FC:44:0D:A2:37:F6:AE:C5:8F:57:5C:6A:EA:05:24:BA:D9:BF:A9
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/xfxEDaI39q7Fj1dcauoFJLrZv6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.100.0/23
91.210.103.0/24
103.82.0.0/22
125.62.72.0/22
185.17.172.0/22
185.42.16.0/22
185.222.112.0/22
IPv6:
2a03:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
86:f9:1c:c7:3e:d7:0e:35:4a:40:0d:89:d1:4e:b4:c5:1a:35:
c1:b1:0c:33:5b:56:83:dd:95:a8:a6:3d:67:f3:30:a8:1f:f2:
88:ba:6f:55:00:8f:69:cd:14:a1:b8:2b:11:f3:6b:ee:40:5c:
42:01:81:10:78:88:d3:bc:f9:b6:ef:a9:6c:f5:ac:69:da:54:
9d:fc:d4:2e:ca:09:c1:1b:d4:0b:4c:a1:65:ae:46:5d:6a:6e:
0a:35:31:39:47:06:16:29:54:a9:38:ef:fb:33:9b:c6:70:ff:
7a:11:3d:0f:e9:90:d2:1c:d6:56:f0:b2:45:b6:fb:9b:20:25:
4e:e3:8c:24:df:54:03:e4:cc:3e:9e:87:57:b5:20:20:4a:24:
be:8b:af:c6:70:6e:3d:b9:bf:e1:72:37:bc:e3:b4:f5:e3:0f:
ca:e4:ba:0a:20:3f:09:e2:09:3d:fa:5a:da:5a:09:d3:c4:37:
41:cd:df:d9:61:4f:10:05:8c:6d:8b:76:79:de:e8:de:a3:fb:
10:37:fd:1a:19:b0:7a:41:1d:46:8c:8f:05:2d:20:6e:24:a4:
9e:31:70:05:f7:18:c3:63:e9:d1:94:ab:fd:21:da:e0:b7:3a:
4c:97:19:2d:12:75:7b:72:ec:11:46:f4:00:a0:4e:d9:76:61:
9d:e6:9e:f7
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEB1NEUzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MjYzNzg3ZmQwZjk0YjM3ODEzZWVmMTZiYzgxMzc0MjNlZTNmZWYzMB4XDTIyMDIx
MTA5NDgwM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVmYzQ0MGRhMjM3
ZjZhZWM1OGY1NzVjNmFlYTA1MjRiYWQ5YmZhOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALeLs07meVINdHZnBZKLIm+mjbuUkRYvJb6BPinoefMZrUnv
TC6udt0J+Nm36yVuzSubg9JA7uqywLoGXcvRMe7IJpDnER2F42GmHczE9XwsWUOz
e9rKUemsqCKpvTBXD6i6ruuV1cZjpEApz86JfIBNQU1I5M1SWmF6GfjCkuYftEGt
aFWP4ITUMleu4sdzPvByNUW57frcOabLiPvCu0WzHZ994btzmvAlh20pA9g0zacs
SdertKfpfp8kmN4Lj4OBpF++Gh7Sk8zQBqT3j+F4c8D4oTMRAI5x/9eezkJ4lScT
mm1SXgc+NBcOISRc+a9wwH3mpG+kWvccPGO1W88CAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTF/EQNojf2rsWPV1xq6gUkutm/qTAfBgNVHSMEGDAWgBQyY3h/0PlLN4E+
7xa8gTdCPuP+8zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01tTjRmOUQ1U3plQlB1OFd2SUUzUWo3al92TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjEvNzcwM2VmLTI0MjItNDM3Yy1iOTNkLTU5NWUwYmY1YzYxMy8x
L3hmeEVEYUkzOXE3RmoxZGNhdW9GSkxyWnY2ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjEv
NzcwM2VmLTI0MjItNDM3Yy1iOTNkLTU5NWUwYmY1YzYxMy8xL01tTjRmOUQ1U3pl
QlB1OFd2SUUzUWo3al92TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEAVvSZAMEAFvSZwMEAmdSAAMEAn0+
SAMEArkRrAMEArkqEAMEArnecDANBAIAAjAHAwUDKgPsQDANBgkqhkiG9w0BAQsF
AAOCAQEAhvkcxz7XDjVKQA2J0U60xRo1wbEMM1tWg92VqKY9Z/MwqB/yiLpvVQCP
ac0UobgrEfNr7kBcQgGBEHiI07z5tu+pbPWsadpUnfzULsoJwRvUC0yhZa5GXWpu
CjUxOUcGFilUqTjv+zObxnD/ehE9D+mQ0hzWVvCyRbb7myAlTuOMJN9UA+TMPp6H
V7UgIEokvouvxnBuPbm/4XI3vOO09eMPyuS6CiA/CeIJPfpa2loJ08Q3Qc3f2WFP
EAWMbYt2ed7o3qP7EDf9GhmwekEdRoyPBS0gbiSknjFwBfcYw2Pp0ZSr/SHa4Lc6
TJcZLRJ1e3LsEUb0AKBO2XZhneae9w==
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:39:08 2024 by rpki-client on console-ams.rpki-client.org