Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/XyYSWHf73zSHZHZlDmO8bmRI5gA.roa
File: XyYSWHf73zSHZHZlDmO8bmRI5gA.roa (raw, json)
Hash identifier: n2YRx349i4CO8UiNFb0ZXbGP0PZjXrkepR1JVPiTIJ8=
Subject key identifier: 5F:26:12:58:77:FB:DF:34:87:64:76:65:0E:63:BC:6E:64:48:E6:00
Certificate issuer: /CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Certificate serial: 0B991B93
Authority key identifier: 2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/XyYSWHf73zSHZHZlDmO8bmRI5gA.roa
Signing time: Sat 01 Jan 2022 01:51:25 +0000
ROA not before: Sat 01 Jan 2022 01:51:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 202090
IP address blocks: 178.159.44.0/24 maxlen: 24
178.159.46.0/24 maxlen: 24
178.159.47.0/24 maxlen: 24
178.159.45.0/24 maxlen: 24
185.99.142.0/24 maxlen: 24
185.99.142.0/23 maxlen: 24
185.99.143.0/24 maxlen: 24
185.65.137.0/24 maxlen: 24
193.176.180.0/24 maxlen: 24
193.176.181.0/24 maxlen: 24
193.176.183.0/24 maxlen: 24
193.176.182.0/24 maxlen: 24
81.91.191.0/24 maxlen: 24
81.91.190.0/24 maxlen: 24
185.47.152.0/23 maxlen: 23
2a0c:b1c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 194583443 (0xb991b93)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Validity
Not Before: Jan 1 01:51:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f26125877fbdf34876476650e63bc6e6448e600
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:68:6e:17:70:19:16:05:99:5f:17:52:70:e8:
6f:57:ea:84:15:31:25:09:36:09:ea:52:a3:6c:5b:
44:91:c6:59:9e:c4:23:2b:cc:8f:4e:40:5d:21:93:
e0:80:fd:5f:0c:0c:5e:3f:7e:f6:c0:36:47:16:99:
b1:95:a8:93:4c:3c:65:da:5d:31:f2:36:ef:3a:c0:
3e:74:ec:11:e7:39:48:42:f4:e0:0a:d3:74:03:77:
e5:e0:af:dc:3f:16:b1:da:8b:10:6b:4d:f3:ae:a5:
e6:90:fc:19:e1:7c:ed:d5:3b:7c:aa:8c:7a:58:05:
fb:bb:26:e5:00:f6:1f:a9:ce:bf:36:39:eb:49:08:
b1:52:ab:68:b2:92:d9:30:7e:8a:ab:5b:ea:0b:a5:
23:a0:4a:2a:fb:f0:5f:41:57:92:91:05:a5:45:4c:
c9:36:fd:c0:99:0b:c0:42:cc:2d:0b:8e:79:05:b7:
01:41:10:5a:fa:29:ff:75:13:86:50:f6:b1:a5:e3:
ca:59:24:4f:2c:24:0c:c7:9d:16:cd:40:72:4b:7e:
1b:8b:73:64:3d:29:d7:14:b7:d9:2d:ca:da:2a:fe:
a4:13:9e:27:91:46:4f:2c:d8:d4:b8:bd:e4:bf:3a:
8c:9e:31:90:05:b3:e7:3b:fd:85:63:73:f9:bf:60:
13:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:26:12:58:77:FB:DF:34:87:64:76:65:0E:63:BC:6E:64:48:E6:00
X509v3 Authority Key Identifier:
keyid:2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/XyYSWHf73zSHZHZlDmO8bmRI5gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.190.0/23
178.159.44.0/22
185.47.152.0/23
185.65.137.0/24
185.99.142.0/23
193.176.180.0/22
IPv6:
2a0c:b1c0::/32
Signature Algorithm: sha256WithRSAEncryption
ba:11:a3:38:ec:78:13:06:64:66:1c:c7:73:2f:2f:7a:82:61:
59:29:cb:79:61:bc:e2:47:a4:ad:c8:b8:fd:7c:cf:d1:39:b1:
99:ee:12:49:6d:11:24:ff:12:10:3f:7f:9f:71:9b:0d:68:1a:
29:ee:a6:e9:c7:bb:ca:ff:49:cc:4b:6b:fb:c6:f1:e1:db:ae:
7b:01:7f:77:cf:d7:45:54:bc:63:d2:3e:be:30:dd:37:0c:1e:
f3:93:b0:60:fb:2a:d0:50:43:12:44:dd:89:e5:e4:33:3d:20:
42:1f:15:b1:3e:96:3c:ae:bd:f3:51:87:7e:1a:c8:a7:1c:a8:
0d:0d:71:82:10:3f:12:e0:b1:f4:bd:48:3e:36:2a:b3:a6:ac:
62:f0:8f:cb:d3:9d:d3:95:53:54:b0:3f:95:9d:9c:fe:58:ca:
b2:ac:0e:65:c4:61:22:13:6b:3b:98:4f:97:60:19:50:4d:d0:
e0:0b:59:db:6e:a4:5b:5d:6c:07:bd:4c:cd:05:9b:89:25:ab:
4c:1d:df:58:0e:71:74:a5:bc:84:a9:f0:04:a7:40:5f:63:b4:
bb:7d:66:b2:14:9a:22:8e:92:25:5c:cd:f2:c8:1e:c1:58:63:
b9:82:92:1a:f8:40:35:af:b8:29:f3:a3:ef:0b:a1:0e:ae:06:
7a:2e:0d:a7
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEC5kbkzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
YjllZmI1ODc4ZDNiMzYzNGRjMWNjYjkwYWM0OGUwYjg5ZDFjODc5MB4XDTIyMDEw
MTAxNTEyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYyNjEyNTg3N2Zi
ZGYzNDg3NjQ3NjY1MGU2M2JjNmU2NDQ4ZTYwMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIdobhdwGRYFmV8XUnDob1fqhBUxJQk2CepSo2xbRJHGWZ7E
IyvMj05AXSGT4ID9XwwMXj9+9sA2RxaZsZWok0w8ZdpdMfI27zrAPnTsEec5SEL0
4ArTdAN35eCv3D8WsdqLEGtN866l5pD8GeF87dU7fKqMelgF+7sm5QD2H6nOvzY5
60kIsVKraLKS2TB+iqtb6gulI6BKKvvwX0FXkpEFpUVMyTb9wJkLwELMLQuOeQW3
AUEQWvop/3UThlD2saXjylkkTywkDMedFs1Ackt+G4tzZD0p1xS32S3K2ir+pBOe
J5FGTyzY1Li95L86jJ4xkAWz5zv9hWNz+b9gEx0CAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBRfJhJYd/vfNIdkdmUOY7xuZEjmADAfBgNVHSMEGDAWgBQrnvtYeNOzY03B
zLkKxI4LidHIeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0s1NzdXSGpUczJOTndjeTVDc1NPQzRuUnlIay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvY2YvZDAzNjA4LTNjNjctNDIzZC1iMThkLTRiY2QzZDU4NDYzYS8x
L1h5WVNXSGY3M3pTSFpIWmxEbU84Ym1SSTVnQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvY2Yv
ZDAzNjA4LTNjNjctNDIzZC1iMThkLTRiY2QzZDU4NDYzYS8xL0s1NzdXSGpUczJO
TndjeTVDc1NPQzRuUnlIay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEAVFbvgMEArKfLAMEAbkvmAMEALlB
iQMEAbljjgMEAsGwtDANBAIAAjAHAwUAKgyxwDANBgkqhkiG9w0BAQsFAAOCAQEA
uhGjOOx4EwZkZhzHcy8veoJhWSnLeWG84kekrci4/XzP0Tmxme4SSW0RJP8SED9/
n3GbDWgaKe6m6ce7yv9JzEtr+8bx4duuewF/d8/XRVS8Y9I+vjDdNwwe85OwYPsq
0FBDEkTdieXkMz0gQh8VsT6WPK6981GHfhrIpxyoDQ1xghA/EuCx9L1IPjYqs6as
YvCPy9Od05VTVLA/lZ2c/ljKsqwOZcRhIhNrO5hPl2AZUE3Q4AtZ226kW11sB71M
zQWbiSWrTB3fWA5xdKW8hKnwBKdAX2O0u31mshSaIo6SJVzN8sgewVhjuYKSGvhA
Na+4KfOj7wuhDq4Gei4Npw==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:41:05 2025 by rpki-client