Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/xXG3HwpIaBOnEiL2O5J0D16fjBQ.roa
File: xXG3HwpIaBOnEiL2O5J0D16fjBQ.roa (raw, json)
Hash identifier: I5EEVz1rDAB+fKlW4yFczY2p/5nXKjhNZ41nsF+gzH0=
Subject key identifier: C5:71:B7:1F:0A:48:68:13:A7:12:22:F6:3B:92:74:0F:5E:9F:8C:14
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 134CE21A
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/xXG3HwpIaBOnEiL2O5J0D16fjBQ.roa
Signing time: Sat 01 Jan 2022 05:54:04 +0000
ROA not before: Sat 01 Jan 2022 05:54:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44395
IP address blocks: 109.75.40.0/21 maxlen: 24
46.162.192.0/18 maxlen: 24
46.36.112.0/20 maxlen: 24
178.78.160.0/20 maxlen: 24
212.34.224.0/19 maxlen: 24
37.157.212.0/22 maxlen: 24
37.157.209.0/24 maxlen: 24
37.157.210.0/24 maxlen: 24
37.157.208.0/22 maxlen: 24
37.157.208.0/20 maxlen: 24
212.34.232.0/21 maxlen: 24
178.78.176.0/21 maxlen: 24
37.157.216.0/22 maxlen: 24
37.157.216.0/21 maxlen: 24
188.115.192.0/18 maxlen: 24
37.157.220.0/22 maxlen: 24
81.16.0.0/20 maxlen: 24
185.86.193.0/24 maxlen: 24
82.199.192.0/20 maxlen: 24
109.75.36.0/22 maxlen: 24
178.78.128.0/19 maxlen: 24
109.75.34.0/23 maxlen: 24
178.78.128.0/18 maxlen: 24
141.136.64.0/19 maxlen: 24
212.34.240.0/21 maxlen: 24
212.34.240.0/20 maxlen: 24
46.162.240.0/20 maxlen: 24
37.252.64.0/19 maxlen: 24
92.43.136.0/22 maxlen: 24
92.43.136.0/21 maxlen: 24
92.43.140.0/22 maxlen: 24
185.59.68.0/22 maxlen: 24
5.77.128.0/17 maxlen: 24
46.241.128.0/17 maxlen: 24
2a00:cc40::/29 maxlen: 29
2a01:4a00::/32 maxlen: 32
2a03:1080::/32 maxlen: 32
2a00:cc40::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 323805722 (0x134ce21a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Jan 1 05:54:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c571b71f0a486813a71222f63b92740f5e9f8c14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:aa:0c:93:29:e0:8b:a2:1d:76:55:ab:17:1a:
90:83:df:ec:73:96:4d:29:6f:70:43:69:bf:5f:13:
51:55:90:94:c4:b4:52:4f:41:14:01:eb:36:a1:21:
3f:59:ed:c7:2d:13:17:a4:8a:8a:b6:e1:d5:ac:ad:
12:96:54:7f:71:62:4f:ae:81:25:d8:ca:33:26:78:
ff:6f:58:79:e1:c3:77:d9:ce:72:2b:25:29:f9:e1:
43:15:8a:f4:da:65:c3:d9:48:bf:7f:31:6a:d3:93:
b4:e9:aa:83:57:05:51:97:b8:86:92:98:1f:40:34:
76:15:b6:83:6c:8f:52:b0:0b:e1:4b:62:d5:51:62:
87:03:de:dd:c5:14:2c:2d:b5:f1:ef:1e:6e:6e:49:
b7:9d:01:e7:22:09:5c:8a:59:b7:b7:45:56:95:7e:
1b:59:d2:cd:d3:33:7f:64:e0:fe:00:03:db:76:ae:
3c:24:54:d0:98:1f:ba:4f:a8:0b:65:65:89:d5:9f:
f4:d5:5c:71:77:a8:bc:02:c6:85:c1:13:a8:51:a8:
52:fa:fd:f2:9c:cf:59:af:80:04:d3:aa:aa:dc:ed:
72:c3:a1:8e:60:f6:99:1b:d4:54:c9:4b:c0:af:1b:
7a:d3:48:0a:41:9f:d6:67:86:3b:34:76:e9:5c:f6:
a1:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:71:B7:1F:0A:48:68:13:A7:12:22:F6:3B:92:74:0F:5E:9F:8C:14
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/xXG3HwpIaBOnEiL2O5J0D16fjBQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.77.128.0/17
37.157.208.0/20
37.252.64.0/19
46.36.112.0/20
46.162.192.0/18
46.241.128.0/17
81.16.0.0/20
82.199.192.0/20
92.43.136.0/21
109.75.34.0-109.75.47.255
141.136.64.0/19
178.78.128.0/18
185.59.68.0/22
185.86.193.0/24
188.115.192.0/18
212.34.224.0/19
IPv6:
2a00:cc40::/29
2a01:4a00::/32
2a03:1080::/32
Signature Algorithm: sha256WithRSAEncryption
30:1c:97:50:3c:dd:96:05:61:38:f0:7e:30:cf:3c:19:58:2a:
b6:53:41:ec:fb:b9:b2:25:a7:a8:a1:ee:9a:e6:cc:5a:4e:8d:
4e:4b:e0:99:52:7c:50:24:c4:12:e0:71:e6:f0:46:4a:05:5c:
7f:73:29:58:36:22:52:52:87:b7:e8:17:df:a1:95:1f:27:4b:
25:28:d5:76:7b:fd:a7:ad:d3:bf:4a:ef:31:6d:d7:fe:46:9d:
6d:47:2e:c9:16:e3:d5:6e:cd:be:90:a8:9b:c2:17:fe:7f:e0:
fc:74:1c:71:be:38:fc:1e:a4:82:2f:68:c4:af:66:bb:49:b6:
59:78:dc:ee:f9:5a:31:eb:0b:ad:27:ef:ce:d2:76:b8:14:54:
05:1f:02:cd:25:7d:0f:ae:f2:56:60:fc:97:94:18:44:59:2e:
ac:11:9f:c7:cb:c8:f7:49:8b:f1:e9:03:c0:e2:e6:3d:fc:5b:
80:f6:46:0d:09:30:a8:8f:43:e3:93:fb:48:74:40:50:b9:07:
a9:8f:df:bd:06:ed:51:fe:6c:65:5c:1c:bf:a0:33:5c:8a:55:
a3:0a:82:da:a3:bd:e9:c1:82:1c:85:af:9d:a7:5f:b5:81:e3:
8e:8f:35:0a:1e:c4:6f:e1:8b:ee:e6:d5:89:00:cf:7f:2c:56:
4b:bb:b9:b5
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgIEE0ziGjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
YzkwYzM1NmUyODY0ZjQzODk0ODU3NDQzNTU1ZDhiNWMwMzUyODE5MB4XDTIyMDEw
MTA1NTQwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzU3MWI3MWYwYTQ4
NjgxM2E3MTIyMmY2M2I5Mjc0MGY1ZTlmOGMxNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+qDJMp4IuiHXZVqxcakIPf7HOWTSlvcENpv18TUVWQlMS0
Uk9BFAHrNqEhP1ntxy0TF6SKirbh1aytEpZUf3FiT66BJdjKMyZ4/29YeeHDd9nO
cislKfnhQxWK9Nplw9lIv38xatOTtOmqg1cFUZe4hpKYH0A0dhW2g2yPUrAL4Uti
1VFihwPe3cUULC218e8ebm5Jt50B5yIJXIpZt7dFVpV+G1nSzdMzf2Tg/gAD23au
PCRU0Jgfuk+oC2VlidWf9NVccXeovALGhcETqFGoUvr98pzPWa+ABNOqqtztcsOh
jmD2mRvUVMlLwK8betNICkGf1meGOzR26Vz2oZcCAwEAAaOCAoswggKHMB0GA1Ud
DgQWBBTFcbcfCkhoE6cSIvY7knQPXp+MFDAfBgNVHSMEGDAWgBQMkMNW4oZPQ4lI
V0Q1Vdi1wDUoGTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0RKRERWdUtHVDBPSlNGZEVOVlhZdGNBMUtCay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYzgvYWM1YTU2LTE2M2EtNDk3YS05NTQ3LWUzNzk5YWRlOWRmZS8x
L3hYRzNId3BJYUJPbkVpTDJPNUowRDE2ZmpCUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzgv
YWM1YTU2LTE2M2EtNDk3YS05NTQ3LWUzNzk5YWRlOWRmZS8xL0RKRERWdUtHVDBP
SlNGZEVOVlhZdGNBMUtCay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCB
oAYIKwYBBQUHAQcBAf8EgZAwgY0wbgQCAAEwaAMEBwVNgAMEBCWd0AMEBSX8QAME
BC4kcAMEBi6iwAMEBy7xgAMEBFEQAAMEBFLHwAMEA1wriDAMAwQBbUsiAwQEbUsg
AwQFjYhAAwQGsk6AAwQCuTtEAwQAuVbBAwQGvHPAAwQF1CLgMBsEAgACMBUDBQMq
AMxAAwUAKgFKAAMFACoDEIAwDQYJKoZIhvcNAQELBQADggEBADAcl1A83ZYFYTjw
fjDPPBlYKrZTQez7ubIlp6ih7prmzFpOjU5L4JlSfFAkxBLgcebwRkoFXH9zKVg2
IlJSh7foF9+hlR8nSyUo1XZ7/aet079K7zFt1/5GnW1HLskW49Vuzb6QqJvCF/5/
4Px0HHG+OPwepIIvaMSvZrtJtll43O75WjHrC60n787SdrgUVAUfAs0lfQ+u8lZg
/JeUGERZLqwRn8fLyPdJi/HpA8Di5j38W4D2Rg0JMKiPQ+OT+0h0QFC5B6mP370G
7VH+bGVcHL+gM1yKVaMKgtqjvenBghyFr52nX7WB446PNQoexG/hi+7m1YkAz38s
Vku7ubU=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:07:44 2023 by rpki-client on console-ams.rpki-client.org