Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/xksrZ9nbMXPyjD19sVoZu0ygnYU.roa
File: xksrZ9nbMXPyjD19sVoZu0ygnYU.roa (raw, json)
Hash identifier: c7yaj1BejV8/3OQ12hlKS1H+maGBiselzipB84t9WVA=
Subject key identifier: C6:4B:2B:67:D9:DB:31:73:F2:8C:3D:7D:B1:5A:19:BB:4C:A0:9D:85
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 0185593C4D0133B67EC4B6923AB962B06A8D
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/xksrZ9nbMXPyjD19sVoZu0ygnYU.roa
Signing time: Wed 28 Dec 2022 14:56:42 +0000
ROA not before: Wed 28 Dec 2022 14:56:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51223
IP address blocks: 185.139.60.0/22 maxlen: 24
185.26.4.0/22 maxlen: 24
89.32.80.0/21 maxlen: 24
89.36.44.0/22 maxlen: 24
178.237.128.0/20 maxlen: 24
212.119.48.0/22 maxlen: 24
176.113.84.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:59:3c:4d:01:33:b6:7e:c4:b6:92:3a:b9:62:b0:6a:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Dec 28 14:56:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c64b2b67d9db3173f28c3d7db15a19bb4ca09d85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:15:5e:2e:36:66:3e:ac:3b:a5:50:16:91:a6:
82:21:30:42:a1:08:c7:42:ef:23:0d:41:e5:e6:31:
0d:1c:1e:10:16:e2:f0:49:a2:f9:3d:38:b9:a8:8f:
69:ca:07:8f:94:85:d3:58:3e:10:e8:98:dc:c4:e2:
24:65:4b:cc:36:92:39:a7:1a:90:2b:57:eb:b4:63:
b7:96:8a:54:2a:02:d8:bd:68:10:bf:ce:df:36:17:
1f:5c:f0:57:19:a0:54:e3:62:0f:23:6e:da:64:90:
6c:5e:16:c3:3b:5b:29:15:10:2e:a5:31:3f:ba:eb:
f7:7d:3f:67:00:c4:e3:aa:21:b4:11:37:df:a9:c3:
fb:a6:44:a0:57:e4:40:ee:85:7b:40:f7:9e:1f:cf:
1e:ee:ea:b0:f0:03:93:fb:04:a3:15:73:a4:20:2d:
f5:40:4c:a8:8b:92:d0:39:9a:a2:bf:7f:72:f7:16:
13:05:73:1a:68:17:f9:2d:30:18:c0:5d:26:f1:1c:
d9:23:47:b5:98:69:59:bb:19:a3:4e:e7:c3:8d:2c:
ca:37:4c:33:4b:bf:be:57:0e:76:e7:1b:f9:6c:40:
c4:77:4c:90:4b:d1:11:70:5a:62:d5:90:f6:c4:59:
ca:50:fe:f0:f1:fe:10:bd:d3:fa:73:65:4a:1b:8d:
3b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4B:2B:67:D9:DB:31:73:F2:8C:3D:7D:B1:5A:19:BB:4C:A0:9D:85
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/xksrZ9nbMXPyjD19sVoZu0ygnYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.80.0/21
89.36.44.0/22
176.113.84.0/22
178.237.128.0/20
185.26.4.0/22
185.139.60.0/22
212.119.48.0/22
Signature Algorithm: sha256WithRSAEncryption
a6:94:df:e6:42:e6:b9:3a:b2:74:59:9a:60:a4:2b:0f:3b:f8:
fc:e7:4d:3f:4e:8b:de:1c:b2:c1:35:48:b9:c7:b4:07:db:d8:
24:4a:bb:7d:7a:79:9c:df:30:0a:0a:76:92:88:d1:20:c0:f3:
11:55:49:1c:50:dc:b9:36:9f:e2:c7:7a:ff:63:48:3b:fd:da:
41:4a:fc:56:df:ea:5c:5c:22:dc:34:2e:50:38:3a:bd:6c:69:
42:d8:7d:03:8d:47:4b:46:57:77:48:15:dd:5c:54:71:2d:c0:
35:f4:f4:1f:ce:1d:5e:2f:2e:71:6d:66:b8:0f:d3:8f:a9:33:
9a:e8:67:73:92:05:30:d6:f4:c4:8e:dc:d7:2d:77:4e:22:15:
20:67:92:2c:ef:e1:67:17:82:22:83:75:9e:c6:31:1c:f3:e5:
d0:06:fa:15:06:e6:ce:65:60:39:44:5a:f8:26:5b:9f:42:39:
9d:d2:72:dc:a2:32:5d:16:b9:82:75:9a:6c:15:e3:93:23:d5:
21:8b:58:53:cc:09:14:6d:72:bf:8e:a5:90:ea:d4:4f:df:3a:
bd:52:92:4e:e2:a6:b4:aa:6c:80:9f:86:ca:c6:c0:21:a0:31:
c9:0b:2b:99:dc:c5:d9:ee:6d:71:d1:1e:b4:58:82:e9:70:45:
a0:30:e6:7c
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYVZPE0BM7Z+xLaSOrlisGqNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjIxMjI4MTQ1NjQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjRiMmI2N2Q5ZGIzMTczZjI4YzNkN2RiMTVhMTliYjRjYTA5ZDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBVeLjZmPqw7pVAWkaaCITBCoQjH
Qu8jDUHl5jENHB4QFuLwSaL5PTi5qI9pygePlIXTWD4Q6JjcxOIkZUvMNpI5pxqQ
K1frtGO3lopUKgLYvWgQv87fNhcfXPBXGaBU42IPI27aZJBsXhbDO1spFRAupTE/
uuv3fT9nAMTjqiG0ETffqcP7pkSgV+RA7oV7QPeeH88e7uqw8AOT+wSjFXOkIC31
QEyoi5LQOZqiv39y9xYTBXMaaBf5LTAYwF0m8RzZI0e1mGlZuxmjTufDjSzKN0wz
S7++Vw525xv5bEDEd0yQS9ERcFpi1ZD2xFnKUP7w8f4QvdP6c2VKG407ywIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFMZLK2fZ2zFz8ow9fbFaGbtMoJ2FMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEveGtzclo5bmJNWFB5akQxOXNWb1p1MHlnbllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDWSBQAwQC
WSQsAwQCsHFUAwQEsu2AAwQCuRoEAwQCuYs8AwQC1HcwMA0GCSqGSIb3DQEBCwUA
A4IBAQCmlN/mQua5OrJ0WZpgpCsPO/j8500/ToveHLLBNUi5x7QH29gkSrt9enmc
3zAKCnaSiNEgwPMRVUkcUNy5Np/ix3r/Y0g7/dpBSvxW3+pcXCLcNC5QODq9bGlC
2H0DjUdLRld3SBXdXFRxLcA19PQfzh1eLy5xbWa4D9OPqTOa6GdzkgUw1vTEjtzX
LXdOIhUgZ5Is7+FnF4Iig3WexjEc8+XQBvoVBubOZWA5RFr4JlufQjmd0nLcojJd
FrmCdZpsFeOTI9Uhi1hTzAkUbXK/jqWQ6tRP3zq9UpJO4qa0qmyAn4bKxsAhoDHJ
CyuZ3MXZ7m1x0R60WILpcEWgMOZ8
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:43:51 2024 by rpki-client on console-ams.rpki-client.org