Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/XCjX1ZW7v_tlZVYw08m5o5rAX2w.roa
File: XCjX1ZW7v_tlZVYw08m5o5rAX2w.roa (raw, json)
Hash identifier: fp9OZGVQvw+O8dogwezkjtw/1kW6M/8Sg8TmNFcC4pU=
Subject key identifier: 5C:28:D7:D5:95:BB:BF:FB:65:65:56:30:D3:C9:B9:A3:9A:C0:5F:6C
Certificate issuer: /CN=5bb5f05f12b52076868eefcd14afcec192fe2cf2
Certificate serial: 199BCEC1
Authority key identifier: 5B:B5:F0:5F:12:B5:20:76:86:8E:EF:CD:14:AF:CE:C1:92:FE:2C:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W7XwXxK1IHaGju_NFK_OwZL-LPI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/XCjX1ZW7v_tlZVYw08m5o5rAX2w.roa
Signing time: Sat 01 Jan 2022 09:54:08 +0000
ROA not before: Sat 01 Jan 2022 09:54:08 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57869
IP address blocks: 185.36.70.0/23 maxlen: 23
185.36.68.0/23 maxlen: 23
185.36.68.0/22 maxlen: 22
5.154.228.0/23 maxlen: 23
5.154.168.0/23 maxlen: 23
5.154.250.0/23 maxlen: 23
5.154.248.0/23 maxlen: 23
5.154.248.0/22 maxlen: 22
82.118.0.0/20 maxlen: 20
82.118.0.0/22 maxlen: 22
82.118.4.0/22 maxlen: 22
82.118.3.0/24 maxlen: 24
82.118.2.0/24 maxlen: 24
82.118.11.0/24 maxlen: 24
82.118.10.0/24 maxlen: 24
82.118.9.0/24 maxlen: 24
82.118.8.0/24 maxlen: 24
82.118.7.0/24 maxlen: 24
82.118.8.0/22 maxlen: 22
82.118.6.0/24 maxlen: 24
82.118.5.0/24 maxlen: 24
82.118.14.0/23 maxlen: 23
82.118.12.0/23 maxlen: 23
213.91.96.0/22 maxlen: 22
213.91.104.0/22 maxlen: 22
213.91.100.0/22 maxlen: 22
213.91.108.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 429641409 (0x199bcec1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bb5f05f12b52076868eefcd14afcec192fe2cf2
Validity
Not Before: Jan 1 09:54:08 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c28d7d595bbbffb65655630d3c9b9a39ac05f6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b5:80:48:05:88:a2:ba:81:c2:0d:31:93:51:
fd:b5:55:28:2e:4b:1c:dc:aa:c5:f1:57:36:b0:dc:
07:4a:28:4f:28:de:0e:c5:65:6e:bf:cd:20:4e:2b:
a3:8e:63:3b:5e:3a:b3:87:5c:68:1a:d3:98:96:1d:
f6:89:81:86:d3:b7:74:6e:7a:03:05:27:d0:b1:32:
04:80:4e:58:21:13:b0:04:1d:55:0b:a4:53:14:c5:
6f:c4:1e:e4:db:ea:8b:f4:72:31:a8:c4:8d:f5:9a:
87:28:58:55:93:a6:59:3d:91:b7:8a:3f:04:51:df:
d1:99:fc:4d:3f:e8:74:10:ab:99:84:6f:48:4f:29:
de:14:dd:63:41:41:12:17:a1:f5:c7:6a:f3:a8:1d:
0a:8f:4f:4d:0e:63:67:e3:c9:38:e6:09:2a:06:79:
68:f5:e4:c3:97:d7:83:bb:a2:7a:f4:e6:dd:2d:71:
a5:af:1f:48:24:bc:36:18:5e:5e:dc:3d:aa:e9:7b:
3d:63:17:58:e1:c0:cc:86:49:35:19:37:8a:b6:b8:
55:ac:a0:e0:59:40:be:ef:66:c8:ce:de:9f:9c:23:
d5:c1:c1:a4:83:e8:39:81:7d:85:b6:15:ca:77:15:
69:93:f0:e8:16:3e:e3:b2:38:78:28:41:8b:51:3d:
24:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:28:D7:D5:95:BB:BF:FB:65:65:56:30:D3:C9:B9:A3:9A:C0:5F:6C
X509v3 Authority Key Identifier:
keyid:5B:B5:F0:5F:12:B5:20:76:86:8E:EF:CD:14:AF:CE:C1:92:FE:2C:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W7XwXxK1IHaGju_NFK_OwZL-LPI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/XCjX1ZW7v_tlZVYw08m5o5rAX2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/98adc1-6ff8-4959-a344-db6ca6e4d4a3/1/W7XwXxK1IHaGju_NFK_OwZL-LPI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.168.0/23
5.154.228.0/23
5.154.248.0/22
82.118.0.0/20
185.36.68.0/22
213.91.96.0/20
Signature Algorithm: sha256WithRSAEncryption
71:9d:5a:4f:3a:50:27:5c:e4:66:d3:4a:9e:9c:76:56:00:06:
19:e5:12:85:91:a7:07:36:47:7e:6b:55:bc:53:f1:1b:c3:57:
7b:52:29:12:fd:1b:76:3d:32:cf:35:1d:98:20:72:54:85:2b:
2d:6e:45:b0:70:cf:95:ff:2e:1c:9c:5b:f4:54:79:34:1e:e3:
a3:7a:23:d5:97:69:62:45:af:6d:f7:84:15:33:8c:00:b3:40:
8d:a1:e4:ae:23:cc:12:ab:cd:54:3d:bd:05:fd:8a:1d:dd:dd:
20:05:50:57:a8:1d:09:61:90:dd:53:81:10:0a:bd:e9:c0:b4:
c6:6e:73:3f:55:b7:fe:05:bf:7c:b3:65:80:a5:41:de:66:f8:
22:b2:0f:48:5d:de:72:ec:16:0f:7a:88:ce:07:b5:a2:89:a1:
6e:6a:7e:38:6f:61:53:25:b2:5f:fb:87:97:76:b3:f1:6a:0b:
df:12:71:51:fa:f8:f3:fd:d1:02:d6:fd:f2:4e:33:35:71:6d:
b3:5a:f9:c5:3b:21:7f:44:57:22:63:58:cf:1d:bd:94:02:61:
8d:64:b4:4e:27:be:7b:a2:11:bf:80:83:7d:29:ec:04:d5:5a:
fa:d8:e6:0c:cd:54:fe:5f:ec:8a:bf:c8:41:aa:6f:2b:8a:5b:
b6:ce:7e:78
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgIEGZvOwTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YmI1ZjA1ZjEyYjUyMDc2ODY4ZWVmY2QxNGFmY2VjMTkyZmUyY2YyMB4XDTIyMDEw
MTA5NTQwOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMyOGQ3ZDU5NWJi
YmZmYjY1NjU1NjMwZDNjOWI5YTM5YWMwNWY2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJy1gEgFiKK6gcINMZNR/bVVKC5LHNyqxfFXNrDcB0ooTyje
DsVlbr/NIE4ro45jO146s4dcaBrTmJYd9omBhtO3dG56AwUn0LEyBIBOWCETsAQd
VQukUxTFb8Qe5Nvqi/RyMajEjfWahyhYVZOmWT2Rt4o/BFHf0Zn8TT/odBCrmYRv
SE8p3hTdY0FBEheh9cdq86gdCo9PTQ5jZ+PJOOYJKgZ5aPXkw5fXg7uievTm3S1x
pa8fSCS8NhheXtw9qul7PWMXWOHAzIZJNRk3ira4Vayg4FlAvu9myM7en5wj1cHB
pIPoOYF9hbYVyncVaZPw6BY+47I4eChBi1E9JAUCAwEAAaOCAicwggIjMB0GA1Ud
DgQWBBRcKNfVlbu/+2VlVjDTybmjmsBfbDAfBgNVHSMEGDAWgBRbtfBfErUgdoaO
780Ur87Bkv4s8jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1c3WHdYeEsxSUhhR2p1X05GS19Pd1pMLUxQSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzEvOThhZGMxLTZmZjgtNDk1OS1hMzQ0LWRiNmNhNmU0ZDRhMy8x
L1hDalgxWlc3dl90bFpWWXcwOG01bzVyQVgydy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzEv
OThhZGMxLTZmZjgtNDk1OS1hMzQ0LWRiNmNhNmU0ZDRhMy8xL1c3WHdYeEsxSUhh
R2p1X05GS19Pd1pMLUxQSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA9
BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAQWaqAMEAQWa5AMEAgWa+AMEBFJ2
AAMEArkkRAMEBNVbYDANBgkqhkiG9w0BAQsFAAOCAQEAcZ1aTzpQJ1zkZtNKnpx2
VgAGGeUShZGnBzZHfmtVvFPxG8NXe1IpEv0bdj0yzzUdmCByVIUrLW5FsHDPlf8u
HJxb9FR5NB7jo3oj1ZdpYkWvbfeEFTOMALNAjaHkriPMEqvNVD29Bf2KHd3dIAVQ
V6gdCWGQ3VOBEAq96cC0xm5zP1W3/gW/fLNlgKVB3mb4IrIPSF3ecuwWD3qIzge1
oomhbmp+OG9hUyWyX/uHl3az8WoL3xJxUfr48/3RAtb98k4zNXFts1r5xTshf0RX
ImNYzx29lAJhjWS0Tie+e6IRv4CDfSnsBNVa+tjmDM1U/l/sir/IQapvK4pbts5+
eA==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:35 2024 by rpki-client on console-fra.rpki-client.org