Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/0XUy6xwtyUfZOa0QYHKNrl8SRbs.roa
File: 0XUy6xwtyUfZOa0QYHKNrl8SRbs.roa (raw, json)
Hash identifier: x4Eq1JV5qx7XAVAjOr6U/C4VItWxNoIgW/7HcLpIMWU=
Subject key identifier: D1:75:32:EB:1C:2D:C9:47:D9:39:AD:10:60:72:8D:AE:5F:12:45:BB
Certificate issuer: /CN=aba81f07a493a3e643752e66bd8146f5771adf88
Certificate serial: 05AE6017
Authority key identifier: AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/0XUy6xwtyUfZOa0QYHKNrl8SRbs.roa
Signing time: Sat 01 Jan 2022 05:04:16 +0000
ROA not before: Sat 01 Jan 2022 05:04:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 6663
IP address blocks: 185.63.4.0/22 maxlen: 24
93.114.100.0/22 maxlen: 24
85.204.32.0/22 maxlen: 24
89.238.192.0/18 maxlen: 24
81.24.16.0/20 maxlen: 24
93.113.104.0/22 maxlen: 24
85.204.100.0/22 maxlen: 24
2a02:2720::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 95313943 (0x5ae6017)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aba81f07a493a3e643752e66bd8146f5771adf88
Validity
Not Before: Jan 1 05:04:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=d17532eb1c2dc947d939ad1060728dae5f1245bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fb:66:dc:ba:86:3f:1b:3a:7b:00:dd:e2:15:
4d:ac:dd:f5:62:63:72:87:19:bf:ed:6d:3e:c3:a1:
c4:ad:b6:67:c1:38:8e:a9:8d:29:b0:60:e3:5a:3e:
46:25:8e:b8:a2:ae:b0:89:bc:a7:2d:bc:88:81:48:
46:92:dc:0e:10:31:62:28:7d:4d:a2:34:a0:47:c5:
4b:b0:9f:c9:94:54:38:74:89:15:45:64:f7:c6:18:
bb:e0:da:e5:13:d7:4b:e6:f8:1c:60:e0:26:b2:56:
75:96:32:88:22:ff:6c:7f:75:6a:64:a3:da:d8:35:
0e:d8:76:bf:63:33:46:d1:20:df:c9:44:15:cf:bd:
52:44:ed:54:57:43:38:d0:5d:67:4a:3e:f6:d7:6e:
29:3f:10:e5:94:3f:e4:4c:cb:c3:78:1c:0b:90:a8:
b9:b6:de:d2:89:e1:73:68:16:82:0e:1f:60:88:8a:
33:8b:6b:1a:cc:72:64:65:a8:6f:0f:fd:73:68:97:
80:90:5b:f8:e7:89:3a:76:12:53:ea:af:82:f9:16:
ad:20:f5:8a:f4:04:44:49:37:67:8d:89:03:b2:20:
83:b3:47:78:29:2f:77:51:91:2d:bc:98:f3:fc:a6:
36:04:ec:69:9f:76:d4:53:78:bc:2d:5c:72:a9:fc:
b8:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:75:32:EB:1C:2D:C9:47:D9:39:AD:10:60:72:8D:AE:5F:12:45:BB
X509v3 Authority Key Identifier:
keyid:AB:A8:1F:07:A4:93:A3:E6:43:75:2E:66:BD:81:46:F5:77:1A:DF:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q6gfB6STo-ZDdS5mvYFG9Xca34g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/0XUy6xwtyUfZOa0QYHKNrl8SRbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/84e2ce-1eac-4e12-ac58-51c3ccce72df/1/q6gfB6STo-ZDdS5mvYFG9Xca34g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.16.0/20
85.204.32.0/22
85.204.100.0/22
89.238.192.0/18
93.113.104.0/22
93.114.100.0/22
185.63.4.0/22
IPv6:
2a02:2720::/32
Signature Algorithm: sha256WithRSAEncryption
02:f2:cd:80:ed:f7:f4:52:09:e6:c3:dd:81:6d:9e:4e:61:4c:
68:9b:3a:23:3a:b3:be:dc:f7:fd:03:42:f7:0b:5a:d9:54:ba:
aa:dd:88:a0:0b:60:32:0e:df:22:78:4f:df:c3:ee:87:58:4d:
6a:83:95:a0:59:7b:32:3c:92:32:87:3a:bc:c2:5b:94:d1:bd:
8e:3b:91:ec:a4:b5:34:fb:10:d1:ae:97:13:da:c2:d1:f5:cd:
1c:5e:fd:c6:10:5c:03:73:fa:6c:2c:2a:50:ff:d8:3d:ac:42:
fe:6a:55:3d:54:6d:fa:b1:38:3f:0d:05:5a:37:65:f7:81:98:
58:f1:2d:ff:02:52:ea:4b:e3:65:77:b3:ea:ca:13:26:9f:fa:
1f:68:eb:dd:cc:91:7f:44:2b:75:dc:e6:49:6b:06:95:86:64:
94:90:1e:ff:68:96:4d:3c:83:19:22:a5:7d:12:24:ce:5c:5d:
47:75:e1:96:06:26:8c:9c:e5:b9:2a:a9:41:58:1b:d8:11:03:
25:a1:85:e8:b6:d8:cd:1d:cd:70:79:9f:5a:7f:10:09:09:d8:
12:b1:05:c2:93:2d:c6:a5:df:4d:65:9c:ca:f5:2c:3a:e1:b6:
b2:6e:72:83:f8:d3:0b:ba:49:b4:27:af:ed:a1:82:68:8d:75:
ed:fb:2f:26
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgIEBa5gFzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YmE4MWYwN2E0OTNhM2U2NDM3NTJlNjZiZDgxNDZmNTc3MWFkZjg4MB4XDTIyMDEw
MTA1MDQxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZDE3NTMyZWIxYzJk
Yzk0N2Q5MzlhZDEwNjA3MjhkYWU1ZjEyNDViYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMf7Zty6hj8bOnsA3eIVTazd9WJjcocZv+1tPsOhxK22Z8E4
jqmNKbBg41o+RiWOuKKusIm8py28iIFIRpLcDhAxYih9TaI0oEfFS7CfyZRUOHSJ
FUVk98YYu+Da5RPXS+b4HGDgJrJWdZYyiCL/bH91amSj2tg1Dth2v2MzRtEg38lE
Fc+9UkTtVFdDONBdZ0o+9tduKT8Q5ZQ/5EzLw3gcC5Coubbe0onhc2gWgg4fYIiK
M4trGsxyZGWobw/9c2iXgJBb+OeJOnYSU+qvgvkWrSD1ivQEREk3Z42JA7Igg7NH
eCkvd1GRLbyY8/ymNgTsaZ921FN4vC1ccqn8uLsCAwEAAaOCAjwwggI4MB0GA1Ud
DgQWBBTRdTLrHC3JR9k5rRBgco2uXxJFuzAfBgNVHSMEGDAWgBSrqB8HpJOj5kN1
Lma9gUb1dxrfiDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3E2Z2ZCNlNUby1aRGRTNW12WUZHOVhjYTM0Zy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzQvODRlMmNlLTFlYWMtNGUxMi1hYzU4LTUxYzNjY2NlNzJkZi8x
LzBYVXk2eHd0eVVmWk9hMFFZSEtOcmw4U1Jicy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzQv
ODRlMmNlLTFlYWMtNGUxMi1hYzU4LTUxYzNjY2NlNzJkZi8xL3E2Z2ZCNlNUby1a
RGRTNW12WUZHOVhjYTM0Zy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBS
BggrBgEFBQcBBwEB/wRDMEEwMAQCAAEwKgMEBFEYEAMEAlXMIAMEAlXMZAMEBlnu
wAMEAl1xaAMEAl1yZAMEArk/BDANBAIAAjAHAwUAKgInIDANBgkqhkiG9w0BAQsF
AAOCAQEAAvLNgO339FIJ5sPdgW2eTmFMaJs6Izqzvtz3/QNC9wta2VS6qt2IoAtg
Mg7fInhP38Puh1hNaoOVoFl7MjySMoc6vMJblNG9jjuR7KS1NPsQ0a6XE9rC0fXN
HF79xhBcA3P6bCwqUP/YPaxC/mpVPVRt+rE4Pw0FWjdl94GYWPEt/wJS6kvjZXez
6soTJp/6H2jr3cyRf0QrddzmSWsGlYZklJAe/2iWTTyDGSKlfRIkzlxdR3XhlgYm
jJzluSqpQVgb2BEDJaGF6LbYzR3NcHmfWn8QCQnYErEFwpMtxqXfTWWcyvUsOuG2
sm5yg/jTC7pJtCev7aGCaI117fsvJg==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:03:33 2023 by rpki-client on console-fra.rpki-client.org