Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/Xpzsm4qAMLL7SbGIYbW54akCm2E.roa
File: Xpzsm4qAMLL7SbGIYbW54akCm2E.roa (raw, json)
Hash identifier: azhe/vAORrTwrewTg3WGB+bYwdlaOVBbH8d029IrYj4=
Subject key identifier: 5E:9C:EC:9B:8A:80:30:B2:FB:49:B1:88:61:B5:B9:E1:A9:02:9B:61
Certificate issuer: /CN=94dec641051b026b95c8459150ca47ddaec89668
Certificate serial: 1962CC1B
Authority key identifier: 94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/Xpzsm4qAMLL7SbGIYbW54akCm2E.roa
Signing time: Sat 01 Jan 2022 15:56:27 +0000
ROA not before: Sat 01 Jan 2022 15:56:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21282
IP address blocks: 80.241.4.0/24 maxlen: 24
80.241.0.0/20 maxlen: 20
80.241.1.0/24 maxlen: 24
80.241.2.0/24 maxlen: 24
2a01:7640::/64 maxlen: 64
2a01:7640::/38 maxlen: 38
2a01:7640:0:1::/64 maxlen: 64
2a01:7640::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 425905179 (0x1962cc1b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94dec641051b026b95c8459150ca47ddaec89668
Validity
Not Before: Jan 1 15:56:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e9cec9b8a8030b2fb49b18861b5b9e1a9029b61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:eb:c9:8d:ce:a8:c6:15:4a:73:8b:0b:c7:6d:
80:0e:c6:44:fa:ff:9a:86:22:0d:a5:df:38:06:7a:
7d:e3:27:5d:f2:3b:d7:dc:f2:65:83:e0:2e:1d:70:
dd:bc:3d:01:1c:ff:f2:7b:a2:17:a4:df:9a:1b:77:
ed:6d:dd:09:1e:54:b9:9f:64:7d:48:38:49:d0:56:
83:85:5b:ac:e7:31:88:85:56:67:41:11:79:1f:7d:
d7:58:b0:bd:97:17:f8:41:e2:b3:c5:47:16:a8:0c:
10:cc:55:94:77:ab:7d:c2:cf:67:11:d9:1f:ec:0c:
06:13:29:6a:9e:5e:33:b8:3b:88:a4:91:53:62:97:
c3:45:8e:4f:66:1c:d1:95:99:70:c9:df:b3:1e:e7:
e4:8e:f7:55:9b:a0:a2:eb:12:b0:8a:98:16:3d:cb:
11:e2:ef:64:c0:e1:80:7f:b0:3a:fb:53:c1:45:b4:
e6:8e:c0:1e:c0:c9:e9:b8:36:b7:b4:6e:cf:25:19:
fe:95:24:f7:be:4c:41:7e:19:ee:7c:15:c9:28:6a:
61:14:cb:d5:ca:87:b7:2e:b8:38:19:88:ad:39:03:
db:24:d8:5f:02:d1:a4:1c:d6:c6:90:35:94:74:5f:
f2:4e:cc:1a:82:2c:c0:97:b6:a6:23:be:a3:29:80:
44:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:9C:EC:9B:8A:80:30:B2:FB:49:B1:88:61:B5:B9:E1:A9:02:9B:61
X509v3 Authority Key Identifier:
keyid:94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/Xpzsm4qAMLL7SbGIYbW54akCm2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.241.0.0/20
IPv6:
2a01:7640::/38
Signature Algorithm: sha256WithRSAEncryption
42:04:13:22:ee:57:c1:af:17:56:20:0c:d9:a0:35:63:25:0b:
2f:6f:f7:18:3a:18:21:d9:46:7f:f0:90:91:fc:5e:33:3d:5f:
51:3b:5a:e4:6a:50:20:f1:d3:8a:c9:04:a7:b9:78:35:96:76:
81:4d:38:e9:f7:ed:32:1a:0f:e0:78:46:3e:1b:db:8c:3c:cc:
4f:e0:5b:0d:49:ad:c2:03:7c:28:a3:32:50:0b:3b:f9:62:d5:
9f:37:cd:57:3e:3d:b0:5d:b5:ca:cc:dc:83:0a:2d:7e:c2:ed:
e8:2c:ef:72:ec:d9:03:77:a4:89:30:1c:54:04:92:05:2c:98:
54:39:0e:2f:a5:95:53:2a:dc:d4:68:85:97:2f:12:c7:31:b0:
94:30:44:9f:c2:3f:1a:b2:07:b7:83:64:ac:92:cf:64:d4:b1:
e8:92:90:d3:16:3e:58:e0:07:89:0d:5f:cb:c5:37:63:1c:10:
54:ba:81:b9:ea:d4:10:70:4a:b6:b3:3d:c6:8f:1b:46:43:4e:
55:0f:32:2f:a2:95:5a:3a:3f:67:51:0b:9a:db:7d:05:f9:c6:
b7:82:5a:9a:bf:19:8b:b0:b6:cc:51:35:46:58:5f:aa:13:62:
7d:b1:56:bf:18:0c:30:d1:79:f8:b5:3c:fe:9b:22:88:e0:b0:
2c:a3:d1:4b
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgIEGWLMGzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NGRlYzY0MTA1MWIwMjZiOTVjODQ1OTE1MGNhNDdkZGFlYzg5NjY4MB4XDTIyMDEw
MTE1NTYyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWU5Y2VjOWI4YTgw
MzBiMmZiNDliMTg4NjFiNWI5ZTFhOTAyOWI2MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ3ryY3OqMYVSnOLC8dtgA7GRPr/moYiDaXfOAZ6feMnXfI7
19zyZYPgLh1w3bw9ARz/8nuiF6Tfmht37W3dCR5UuZ9kfUg4SdBWg4VbrOcxiIVW
Z0EReR9911iwvZcX+EHis8VHFqgMEMxVlHerfcLPZxHZH+wMBhMpap5eM7g7iKSR
U2KXw0WOT2Yc0ZWZcMnfsx7n5I73VZugousSsIqYFj3LEeLvZMDhgH+wOvtTwUW0
5o7AHsDJ6bg2t7RuzyUZ/pUk975MQX4Z7nwVyShqYRTL1cqHty64OBmIrTkD2yTY
XwLRpBzWxpA1lHRf8k7MGoIswJe2piO+oymARJ0CAwEAAaOCAhkwggIVMB0GA1Ud
DgQWBBRenOybioAwsvtJsYhhtbnhqQKbYTAfBgNVHSMEGDAWgBSU3sZBBRsCa5XI
RZFQykfdrsiWaDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xON0dRUVViQW11VnlFV1JVTXBIM2E3SWxtZy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2IvMzUxMTEzLWVkODUtNDJiMi1iNjRmLTllYTY0ODYyYTlhYi8x
L1hwenNtNHFBTUxMN1NiR0lZYlc1NGFrQ20yRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Iv
MzUxMTEzLWVkODUtNDJiMi1iNjRmLTllYTY0ODYyYTlhYi8xL2xON0dRUVViQW11
VnlFV1JVTXBIM2E3SWxtZy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAv
BggrBgEFBQcBBwEB/wQgMB4wDAQCAAEwBgMEBFDxADAOBAIAAjAIAwYCKgF2QAAw
DQYJKoZIhvcNAQELBQADggEBAEIEEyLuV8GvF1YgDNmgNWMlCy9v9xg6GCHZRn/w
kJH8XjM9X1E7WuRqUCDx04rJBKe5eDWWdoFNOOn37TIaD+B4Rj4b24w8zE/gWw1J
rcIDfCijMlALO/li1Z83zVc+PbBdtcrM3IMKLX7C7egs73Ls2QN3pIkwHFQEkgUs
mFQ5Di+llVMq3NRohZcvEscxsJQwRJ/CPxqyB7eDZKySz2TUseiSkNMWPljgB4kN
X8vFN2McEFS6gbnq1BBwSrazPcaPG0ZDTlUPMi+ilVo6P2dRC5rbfQX5xreCWpq/
GYuwtsxRNUZYX6oTYn2xVr8YDDDRefi1PP6bIojgsCyj0Us=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:44:24 2024 by rpki-client on console-ams.rpki-client.org