Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XIBgsx_oCDH_fpqu2iuUbRgl6MA.roa
File: XIBgsx_oCDH_fpqu2iuUbRgl6MA.roa (raw, json)
Hash identifier: PaWc2sNp/OwhKmWSNm86UWSKhX+xRtGvZAKoPc2Z8zI=
Subject key identifier: 5C:80:60:B3:1F:E8:08:31:FF:7E:9A:AE:DA:2B:94:6D:18:25:E8:C0
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0182F77B82DEFD300AA85E9778E613FC47CA
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XIBgsx_oCDH_fpqu2iuUbRgl6MA.roa
Signing time: Thu 01 Sep 2022 05:17:22 +0000
ROA not before: Thu 01 Sep 2022 05:17:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209242
IP address blocks: 185.174.138.0/24 maxlen: 24
45.8.211.0/24 maxlen: 24
185.109.21.0/24 maxlen: 24
45.133.246.0/24 maxlen: 24
45.133.247.0/24 maxlen: 24
185.221.160.0/24 maxlen: 24
45.142.120.0/24 maxlen: 24
194.53.55.0/24 maxlen: 24
194.53.53.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:f7:7b:82:de:fd:30:0a:a8:5e:97:78:e6:13:fc:47:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: Sep 1 05:17:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c8060b31fe80831ff7e9aaeda2b946d1825e8c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:56:da:55:6d:43:92:56:a1:ec:77:d2:49:54:
5c:ed:b6:ea:ad:7a:a8:72:c3:31:c9:84:17:96:16:
2f:06:c9:a5:16:83:a6:56:0e:6e:42:1e:00:bf:ac:
d4:be:c8:cf:fe:fe:cd:47:e2:b9:bd:28:f0:fc:6f:
d0:10:f5:a9:4a:40:d6:6e:08:af:f5:5e:62:0c:05:
0f:76:92:59:a3:80:ae:6f:17:3d:aa:4f:80:75:7f:
78:5a:3b:b2:47:ad:36:ec:d1:18:ab:83:f3:66:a5:
b5:7f:16:fb:08:2c:db:ca:f8:f7:3a:1c:27:e6:b6:
11:6f:57:2a:2f:ea:2f:67:c1:2f:01:dd:b5:e3:b6:
b4:3e:cb:80:d1:e2:88:07:f8:c5:08:c8:69:2d:8c:
4b:f6:ac:de:67:de:de:d3:b5:c6:96:96:39:ae:64:
64:9f:c9:ac:18:03:c5:9b:1b:f0:65:b0:cb:3c:f8:
83:f1:5d:96:5e:e1:28:39:1b:d7:d7:50:d1:b5:d4:
8d:ac:5c:b8:a3:6b:87:19:f6:0d:b2:84:a2:35:ea:
d9:85:55:22:15:28:b9:4c:67:ff:ca:e5:c5:02:bd:
3a:3b:b2:48:f0:d5:ba:b8:6e:ac:27:cb:8a:24:76:
30:24:4e:86:82:a8:ac:be:c3:12:eb:a3:97:51:3e:
4b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:80:60:B3:1F:E8:08:31:FF:7E:9A:AE:DA:2B:94:6D:18:25:E8:C0
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/XIBgsx_oCDH_fpqu2iuUbRgl6MA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.211.0/24
45.133.246.0/23
45.142.120.0/24
185.109.21.0/24
185.174.138.0/24
185.221.160.0/24
194.53.53.0/24
194.53.55.0/24
Signature Algorithm: sha256WithRSAEncryption
47:c5:a8:37:ce:37:82:df:60:9a:aa:7b:54:e8:b1:25:c8:5b:
f0:09:74:11:9d:3f:77:de:ea:6b:2f:b4:6e:66:96:85:c0:a2:
8e:99:39:27:75:67:44:ee:38:35:fc:db:63:c1:82:4f:15:8b:
73:77:95:21:47:c1:c2:4f:89:b6:e4:45:c5:b0:3f:82:7d:1c:
c3:36:28:43:93:e2:8f:00:2c:b0:93:cb:7b:bc:e7:d5:cf:53:
1d:77:49:49:7d:ac:13:0d:68:dd:6c:fb:47:c8:06:81:76:4b:
95:5e:ca:f1:85:1d:ac:05:e5:f4:b2:28:a6:48:1d:3a:4d:74:
fb:b2:29:47:4a:99:95:b6:1c:89:ef:80:13:4e:f5:e0:94:84:
13:72:fc:be:ad:71:59:f4:a9:21:6b:78:e2:55:55:b3:76:21:
40:93:0c:22:52:48:84:2e:35:95:8e:4c:50:f9:0a:48:00:fe:
0e:7f:a6:51:dd:6f:af:17:b0:be:96:cd:c4:44:16:fb:2f:d0:
79:a5:eb:36:0c:44:48:79:c4:eb:0b:93:9d:02:a4:5e:33:23:
c9:e0:99:f9:02:d5:5f:f6:31:03:70:78:89:10:f1:fe:cd:97:
77:1d:57:b0:c8:4f:65:ed:b3:e4:2e:c4:ef:af:83:65:75:9b:
83:ba:fd:db
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYL3e4Le/TAKqF6XeOYT/EfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjIwOTAxMDUxNzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzgwNjBiMzFmZTgwODMxZmY3ZTlhYWVkYTJiOTQ2ZDE4MjVlOGMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiFbaVW1Dklah7HfSSVRc7bbqrXqo
csMxyYQXlhYvBsmlFoOmVg5uQh4Av6zUvsjP/v7NR+K5vSjw/G/QEPWpSkDWbgiv
9V5iDAUPdpJZo4Cubxc9qk+AdX94WjuyR6027NEYq4PzZqW1fxb7CCzbyvj3Ohwn
5rYRb1cqL+ovZ8EvAd2147a0PsuA0eKIB/jFCMhpLYxL9qzeZ97e07XGlpY5rmRk
n8msGAPFmxvwZbDLPPiD8V2WXuEoORvX11DRtdSNrFy4o2uHGfYNsoSiNerZhVUi
FSi5TGf/yuXFAr06O7JI8NW6uG6sJ8uKJHYwJE6GgqisvsMS66OXUT5LgwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFFyAYLMf6Agx/36artorlG0YJejAMB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWElCZ3N4X29DREhfZnBxdTJpdVViUmdsNk1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQALQjTAwQB
LYX2AwQALY54AwQAuW0VAwQAua6KAwQAud2gAwQAwjU1AwQAwjU3MA0GCSqGSIb3
DQEBCwUAA4IBAQBHxag3zjeC32CaqntU6LElyFvwCXQRnT933uprL7RuZpaFwKKO
mTkndWdE7jg1/NtjwYJPFYtzd5UhR8HCT4m25EXFsD+CfRzDNihDk+KPACywk8t7
vOfVz1Mdd0lJfawTDWjdbPtHyAaBdkuVXsrxhR2sBeX0siimSB06TXT7silHSpmV
thyJ74ATTvXglIQTcvy+rXFZ9Kkha3jiVVWzdiFAkwwiUkiELjWVjkxQ+QpIAP4O
f6ZR3W+vF7C+ls3ERBb7L9B5pes2DERIecTrC5OdAqReMyPJ4Jn5AtVf9jEDcHiJ
EPH+zZd3HVewyE9l7bPkLsTvr4NldZuDuv3b
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:53:08 2024 by rpki-client on console-fra.rpki-client.org