Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/XenNz2HMDCZsuBwDdJG7seVJh-I.roa
File: XenNz2HMDCZsuBwDdJG7seVJh-I.roa (raw, json)
Hash identifier: MmuvhhvTIRtWEcmJ4/dV1MLIdGEXqwn3NAFNmDy5GnE=
Subject key identifier: 5D:E9:CD:CF:61:CC:0C:26:6C:B8:1C:03:74:91:BB:B1:E5:49:87:E2
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 01839DB4B1F420BA9F18844B429835F3D312
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/XenNz2HMDCZsuBwDdJG7seVJh-I.roa
Signing time: Mon 03 Oct 2022 11:56:48 +0000
ROA not before: Mon 03 Oct 2022 11:56:48 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48037
IP address blocks: 147.181.64.0/18 maxlen: 24
147.181.98.0/24 maxlen: 24
147.181.96.0/24 maxlen: 24
147.181.97.0/24 maxlen: 24
147.181.99.0/24 maxlen: 24
147.181.103.0/24 maxlen: 24
147.181.112.0/24 maxlen: 24
147.181.109.0/24 maxlen: 24
147.181.108.0/24 maxlen: 24
147.181.117.0/24 maxlen: 24
147.181.113.0/24 maxlen: 24
147.181.114.0/24 maxlen: 24
147.181.40.0/22 maxlen: 24
2a04:9a03:1010::/44 maxlen: 44
2a04:9a00:1004::/48 maxlen: 48
2a04:9a00:1124::/48 maxlen: 48
2a04:9a00:1121::/48 maxlen: 48
2a04:9a00:111c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:9d:b4:b1:f4:20:ba:9f:18:84:4b:42:98:35:f3:d3:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Oct 3 11:56:48 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5de9cdcf61cc0c266cb81c037491bbb1e54987e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:0c:ad:bb:35:0a:03:55:fe:8e:f6:9c:41:e2:
bd:f5:c1:5b:bb:0c:0b:38:92:9e:93:23:30:4f:0a:
58:10:fc:0b:c0:ad:f6:09:fa:80:b9:65:fa:d4:56:
37:e3:8a:a3:a4:f8:84:40:0d:79:5b:c0:2c:e1:a5:
76:bd:c7:86:b9:4a:ac:47:bc:41:89:66:e1:94:51:
75:65:47:03:4c:28:34:bc:48:1d:86:3e:80:5b:f9:
40:a5:df:bc:76:8f:e2:95:64:d8:d8:21:0f:c0:ad:
cd:a7:a3:13:20:e1:ac:2e:d0:67:b0:1e:65:ab:c7:
76:87:bc:68:49:24:22:c5:3d:ed:ad:65:c5:93:2f:
89:68:93:b3:e2:fb:20:41:e3:0e:71:35:d6:0a:2d:
0d:a5:5a:f8:27:57:62:40:92:3f:5d:ff:1f:09:30:
c5:73:7a:31:5c:fa:4f:07:87:7c:14:1c:0c:f4:18:
7a:d7:47:e5:90:de:34:fb:36:fa:cb:0f:92:6c:7f:
c9:3f:3a:47:e0:74:7d:bf:48:7d:eb:2a:f7:69:5f:
d7:d2:3f:12:3a:4c:76:53:43:54:b3:dc:6d:76:6e:
e3:99:66:62:43:9b:af:59:6e:9c:33:c3:2f:4f:28:
bc:b0:94:3f:c1:04:64:e0:e8:b2:f4:47:c2:ad:6f:
0f:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E9:CD:CF:61:CC:0C:26:6C:B8:1C:03:74:91:BB:B1:E5:49:87:E2
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/XenNz2HMDCZsuBwDdJG7seVJh-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.40.0/22
147.181.64.0/18
IPv6:
2a04:9a00:1004::/48
2a04:9a00:111c::/48
2a04:9a00:1121::/48
2a04:9a00:1124::/48
2a04:9a03:1010::/44
Signature Algorithm: sha256WithRSAEncryption
40:dc:3a:2f:16:25:d4:98:4f:20:59:50:05:af:6b:e5:07:30:
8c:52:ef:c4:7a:b2:e8:50:0e:ae:5c:24:4b:37:d5:d7:63:5c:
d9:d9:2f:2e:85:33:b9:35:e1:3d:9f:a1:9c:41:3c:99:0e:40:
cf:06:97:af:c7:9f:3b:88:74:fb:b1:f9:67:9a:1c:e2:31:e4:
5d:c7:66:ad:90:22:c1:39:52:65:70:d6:ee:65:d5:40:70:79:
ee:71:bf:25:d1:02:dd:38:f1:be:91:ab:43:2a:a1:2d:f3:b5:
f5:e8:ab:fe:96:6b:5e:e1:9c:c3:67:61:ad:57:07:57:e8:db:
fa:35:3a:05:78:4a:ba:d9:24:9c:51:86:20:50:08:db:89:dd:
32:41:26:c1:ae:86:9c:b2:e0:84:57:25:33:bb:2c:51:65:9b:
f5:94:cd:ca:7c:83:c5:c0:b0:c0:89:da:cb:41:0f:0c:d7:83:
c2:20:ad:01:dd:20:e6:d9:80:77:7e:1f:19:69:cf:b6:45:ff:
3f:6a:a5:d3:4e:6f:a2:3a:74:78:fa:5e:5d:ab:67:6f:b5:1d:
4f:70:65:79:55:f9:5e:70:49:65:1c:16:41:48:17:d1:97:8b:
d9:b6:b5:92:04:de:dd:98:b6:5f:b5:78:bd:11:17:55:6c:b3:
96:58:88:b3
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAYOdtLH0ILqfGIRLQpg189MSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjIxMDAzMTE1NjQ4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU5Y2RjZjYxY2MwYzI2NmNiODFjMDM3NDkxYmJiMWU1NDk4N2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugytuzUKA1X+jvacQeK99cFbuwwL
OJKekyMwTwpYEPwLwK32CfqAuWX61FY344qjpPiEQA15W8As4aV2vceGuUqsR7xB
iWbhlFF1ZUcDTCg0vEgdhj6AW/lApd+8do/ilWTY2CEPwK3Np6MTIOGsLtBnsB5l
q8d2h7xoSSQixT3trWXFky+JaJOz4vsgQeMOcTXWCi0NpVr4J1diQJI/Xf8fCTDF
c3oxXPpPB4d8FBwM9Bh610flkN40+zb6yw+SbH/JPzpH4HR9v0h96yr3aV/X0j8S
Okx2U0NUs9xtdm7jmWZiQ5uvWW6cM8MvTyi8sJQ/wQRk4Oiy9EfCrW8PCwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFF3pzc9hzAwmbLgcA3SRu7HlSYfiMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvWGVuTnoySE1EQ1pzdUJ3RGRKRzdzZVZKaC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQCk7UoAwQG
k7VAMDMEAgACMC0DBwAqBJoAEAQDBwAqBJoAERwDBwAqBJoAESEDBwAqBJoAESQD
BwQqBJoDEBAwDQYJKoZIhvcNAQELBQADggEBAEDcOi8WJdSYTyBZUAWva+UHMIxS
78R6suhQDq5cJEs31ddjXNnZLy6FM7k14T2foZxBPJkOQM8Gl6/HnzuIdPux+Wea
HOIx5F3HZq2QIsE5UmVw1u5l1UBwee5xvyXRAt048b6Rq0MqoS3ztfXoq/6Wa17h
nMNnYa1XB1fo2/o1OgV4SrrZJJxRhiBQCNuJ3TJBJsGuhpyy4IRXJTO7LFFlm/WU
zcp8g8XAsMCJ2stBDwzXg8IgrQHdIObZgHd+Hxlpz7ZF/z9qpdNOb6I6dHj6Xl2r
Z2+1HU9wZXlV+V5wSWUcFkFIF9GXi9m2tZIE3t2Ytl+1eL0RF1Vss5ZYiLM=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:54 2024 by rpki-client on console-fra.rpki-client.org