Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/xd6tKDCPpe2LqMnmodOaJ-g_Yz8.roa
File: xd6tKDCPpe2LqMnmodOaJ-g_Yz8.roa (raw, json)
Hash identifier: xuwjowXHl5Yq5cCCLr2xuJ4aT6R4lf3wPxnp03WJKIc=
Subject key identifier: C5:DE:AD:28:30:8F:A5:ED:8B:A8:C9:E6:A1:D3:9A:27:E8:3F:63:3F
Certificate issuer: /CN=1d9a09c5107e7e44ca78dc72d519737ed3dd311a
Certificate serial: 0188DDAC33E74D29825EE8B5D19C88B18657
Authority key identifier: 1D:9A:09:C5:10:7E:7E:44:CA:78:DC:72:D5:19:73:7E:D3:DD:31:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HZoJxRB-fkTKeNxy1RlzftPdMRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/xd6tKDCPpe2LqMnmodOaJ-g_Yz8.roa
Signing time: Wed 21 Jun 2023 11:17:10 +0000
ROA not before: Wed 21 Jun 2023 11:17:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201035
IP address blocks: 46.253.240.0/23 maxlen: 23
46.253.240.0/24 maxlen: 24
46.253.240.0/20 maxlen: 24
46.253.241.0/24 maxlen: 24
46.253.245.0/24 maxlen: 24
46.253.246.0/23 maxlen: 23
46.253.246.0/24 maxlen: 24
46.253.244.0/22 maxlen: 22
46.253.244.0/23 maxlen: 23
46.253.244.0/24 maxlen: 24
46.253.249.0/24 maxlen: 24
46.253.247.0/24 maxlen: 24
46.253.248.0/24 maxlen: 24
46.253.248.0/23 maxlen: 23
46.253.254.0/24 maxlen: 24
46.253.254.0/23 maxlen: 23
46.253.255.0/24 maxlen: 24
185.209.104.0/22 maxlen: 22
185.209.104.0/23 maxlen: 23
185.209.104.0/24 maxlen: 24
185.209.105.0/24 maxlen: 24
185.209.106.0/23 maxlen: 23
185.209.106.0/24 maxlen: 24
185.209.107.0/24 maxlen: 24
2a04:1c40::/31 maxlen: 31
2a04:1c40::/30 maxlen: 30
2a04:1c40::/29 maxlen: 29
2a04:1c41::/33 maxlen: 33
2a04:1c44::/32 maxlen: 34
2a04:1c47:c000::/34 maxlen: 34
2a04:1c40:c000::/34 maxlen: 34
2a04:1c40::/32 maxlen: 32
2a04:1c40::/33 maxlen: 33
2a04:1c42::/32 maxlen: 32
2a04:1c42::/40 maxlen: 40
2a04:1c42::/34 maxlen: 34
2a04:1c42:4000::/34 maxlen: 34
2a04:1c42:c000::/34 maxlen: 34
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:dd:ac:33:e7:4d:29:82:5e:e8:b5:d1:9c:88:b1:86:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1d9a09c5107e7e44ca78dc72d519737ed3dd311a
Validity
Not Before: Jun 21 11:17:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5dead28308fa5ed8ba8c9e6a1d39a27e83f633f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:4d:65:29:ab:04:2c:e4:ba:74:b0:ed:59:d8:
40:f7:06:41:c5:45:02:24:ac:54:67:e3:37:c2:fd:
62:bc:0a:37:dd:50:5a:71:08:a3:b3:53:40:cb:f6:
38:69:3a:29:b5:ff:aa:02:a5:16:a6:ac:b9:69:f3:
5b:77:05:00:56:77:0f:a1:3b:a1:8d:dc:7e:c0:b8:
a3:ac:95:f3:57:8f:c7:ff:20:0e:a5:42:ed:15:93:
05:80:41:d0:24:16:86:8c:cf:d2:45:3c:5f:be:4b:
05:7f:7c:f1:7e:6a:45:82:9d:b1:1e:34:9a:29:06:
95:74:3d:f1:b4:96:aa:3e:23:ec:f0:bd:8e:63:c3:
20:3f:e2:db:31:d9:bf:08:26:33:a5:8b:8d:76:db:
cb:5e:31:d7:20:7a:af:7b:f7:a3:e4:58:05:91:49:
e6:9b:df:0e:e5:a6:60:45:e5:d3:8f:c2:bd:05:6e:
07:f3:be:d4:30:c3:e1:9c:23:1f:f4:67:70:bf:5f:
a2:37:2d:53:c9:1e:7d:b0:6b:65:95:f8:37:aa:ee:
2e:fa:a7:7d:ab:f4:46:ce:a5:58:50:aa:26:1b:e0:
b7:f6:b0:66:5d:c9:bc:ca:77:a7:97:df:74:56:25:
bc:0e:c1:67:6b:d1:48:9b:21:4f:8b:40:73:93:54:
e2:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DE:AD:28:30:8F:A5:ED:8B:A8:C9:E6:A1:D3:9A:27:E8:3F:63:3F
X509v3 Authority Key Identifier:
keyid:1D:9A:09:C5:10:7E:7E:44:CA:78:DC:72:D5:19:73:7E:D3:DD:31:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HZoJxRB-fkTKeNxy1RlzftPdMRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/xd6tKDCPpe2LqMnmodOaJ-g_Yz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/1f325e-4de7-477e-8b57-6320a356e434/1/HZoJxRB-fkTKeNxy1RlzftPdMRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.240.0/20
185.209.104.0/22
IPv6:
2a04:1c40::/29
Signature Algorithm: sha256WithRSAEncryption
6a:a3:b6:4f:18:e5:f3:cc:51:df:c5:bd:24:89:9f:5f:ce:ce:
9b:40:ce:39:5a:e6:12:9c:2d:58:0d:2f:f5:41:d4:35:39:40:
63:7b:70:18:1a:ad:68:91:b9:e1:67:68:e8:3d:57:4e:1d:cf:
ac:ac:75:08:ce:c5:e8:76:6c:eb:ff:51:23:08:de:f7:61:68:
93:18:46:ca:40:0a:22:03:1e:f8:3d:30:70:2e:82:e3:2a:29:
81:b4:7d:47:56:b9:f9:73:e3:b6:b0:b4:91:36:94:eb:67:9e:
74:5d:ff:01:97:87:25:bb:55:ed:8b:8b:de:fe:15:43:6e:86:
59:c1:4e:49:7a:00:2f:24:b5:3f:30:ec:72:23:28:5a:b2:10:
87:25:4a:87:95:a3:94:f8:46:e8:06:7b:c8:5c:ff:1f:0d:a2:
56:cf:81:78:4e:67:2b:10:ed:b2:8a:23:4a:6b:76:38:ca:de:
9a:10:a4:9c:80:f6:d8:d3:91:fa:17:5e:c2:98:96:fb:47:c7:
22:f5:5a:32:54:3b:9a:b7:33:22:ab:d1:30:79:27:09:ae:92:
11:17:2f:a4:bf:25:7e:06:f4:b4:3c:fe:9e:45:cd:60:cb:05:
b3:26:df:5f:11:18:0e:b9:18:d7:5a:50:53:4e:e1:2b:e5:db:
ea:c5:5c:55
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYjdrDPnTSmCXui10ZyIsYZXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkOWEwOWM1MTA3ZTdlNDRjYTc4ZGM3MmQ1MTk3MzdlZDNk
ZDMxMWEwHhcNMjMwNjIxMTExNzEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRlYWQyODMwOGZhNWVkOGJhOGM5ZTZhMWQzOWEyN2U4M2Y2MzNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoE1lKasELOS6dLDtWdhA9wZBxUUC
JKxUZ+M3wv1ivAo33VBacQijs1NAy/Y4aToptf+qAqUWpqy5afNbdwUAVncPoTuh
jdx+wLijrJXzV4/H/yAOpULtFZMFgEHQJBaGjM/SRTxfvksFf3zxfmpFgp2xHjSa
KQaVdD3xtJaqPiPs8L2OY8MgP+LbMdm/CCYzpYuNdtvLXjHXIHqve/ej5FgFkUnm
m98O5aZgReXTj8K9BW4H877UMMPhnCMf9Gdwv1+iNy1TyR59sGtllfg3qu4u+qd9
q/RGzqVYUKomG+C39rBmXcm8ynenl990ViW8DsFna9FImyFPi0Bzk1Ti/QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMXerSgwj6Xti6jJ5qHTmifoP2M/MB8GA1UdIwQY
MBaAFB2aCcUQfn5EynjcctUZc37T3TEaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSFpvSnhSQi1ma1RLZU54eTFSbHpmdFBkTVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8xZjMyNWUtNGRlNy00NzdlLThiNTct
NjMyMGEzNTZlNDM0LzEveGQ2dEtEQ1BwZTJMcU1ubW9kT2FKLWdfWXo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8xZjMyNWUtNGRlNy00NzdlLThiNTctNjMyMGEzNTZlNDM0
LzEvSFpvSnhSQi1ma1RLZU54eTFSbHpmdFBkTVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQELv3wAwQC
udFoMA0EAgACMAcDBQMqBBxAMA0GCSqGSIb3DQEBCwUAA4IBAQBqo7ZPGOXzzFHf
xb0kiZ9fzs6bQM45WuYSnC1YDS/1QdQ1OUBje3AYGq1okbnhZ2joPVdOHc+srHUI
zsXodmzr/1EjCN73YWiTGEbKQAoiAx74PTBwLoLjKimBtH1HVrn5c+O2sLSRNpTr
Z550Xf8Bl4clu1Xti4ve/hVDboZZwU5JegAvJLU/MOxyIyhashCHJUqHlaOU+Ebo
BnvIXP8fDaJWz4F4TmcrEO2yiiNKa3Y4yt6aEKScgPbY05H6F17CmJb7R8ci9Voy
VDuatzMiq9EweScJrpIRFy+kvyV+BvS0PP6eRc1gywWzJt9fERgOuRjXWlBTTuEr
5dvqxVxV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:41 2025 by rpki-client