Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/xncuGILJA85DZrF8-0iM2znVfZI.roa
File: xncuGILJA85DZrF8-0iM2znVfZI.roa (raw, json)
Hash identifier: 9HpZxj1XYdSPTDl18NTlqsZrrNxxv8YymtQC4GAvInk=
Subject key identifier: C6:77:2E:18:82:C9:03:CE:43:66:B1:7C:FB:48:8C:DB:39:D5:7D:92
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 0356BAB6
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/xncuGILJA85DZrF8-0iM2znVfZI.roa
Signing time: Fri 04 Feb 2022 04:49:20 +0000
ROA not before: Fri 04 Feb 2022 04:49:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43260
IP address blocks: 92.51.10.0/24 maxlen: 24
92.51.11.0/24 maxlen: 24
92.51.8.0/24 maxlen: 24
92.51.9.0/24 maxlen: 24
92.51.20.0/24 maxlen: 24
92.51.22.0/24 maxlen: 24
92.51.23.0/24 maxlen: 24
92.51.21.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 56015542 (0x356bab6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Feb 4 04:49:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6772e1882c903ce4366b17cfb488cdb39d57d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:5d:ca:c9:c3:4e:70:46:95:eb:70:5a:da:f4:
e5:5c:ff:a5:2d:22:ff:e8:02:3f:ee:9b:ad:e3:af:
8d:89:e0:f7:95:31:13:24:1d:59:a7:92:89:c6:be:
4f:ce:53:d7:2a:69:5e:81:6f:71:93:0a:50:f1:6c:
d7:6a:f0:79:2c:d4:2c:e4:97:b2:de:4b:bc:62:37:
81:ea:24:37:2b:5e:f2:0d:75:ae:5b:d9:6e:f9:3b:
74:d4:31:73:d2:3c:14:75:c3:d0:a4:7e:7a:f6:e0:
be:78:83:e8:7c:38:20:9e:c0:70:95:05:b4:7d:3f:
19:43:92:51:3e:f8:4d:c2:5b:20:75:a2:3e:21:0c:
c8:f8:96:10:b7:00:e4:42:af:8b:84:26:f2:80:e6:
3e:fc:c4:0b:08:1d:f3:09:12:5d:e1:2f:df:e4:47:
5f:08:49:a1:ea:39:ab:d7:eb:a9:b6:2c:01:f7:3f:
e3:67:67:26:3c:e8:ff:99:d9:fa:ac:94:7f:1e:f5:
4b:ef:e2:c3:eb:7d:5f:9d:e5:f9:3a:db:a3:08:d2:
08:29:d4:92:7d:96:df:90:1e:1c:0b:ed:17:83:42:
cb:60:4b:2e:cd:9b:d1:76:68:71:fd:9b:42:20:60:
35:71:01:c9:31:c8:db:97:23:c4:3f:70:8a:67:54:
a8:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:77:2E:18:82:C9:03:CE:43:66:B1:7C:FB:48:8C:DB:39:D5:7D:92
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/xncuGILJA85DZrF8-0iM2znVfZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.8.0/22
92.51.20.0/22
Signature Algorithm: sha256WithRSAEncryption
62:98:0f:5e:1a:dd:c4:6c:b4:7f:6a:7a:d7:b4:e2:2a:3f:de:
9a:cc:41:aa:38:b0:cf:57:f1:a5:a8:8e:7f:d6:28:e3:00:b4:
74:81:40:5a:ce:b8:a9:1d:23:70:11:1c:22:1c:b2:5b:c9:a3:
8f:4c:d9:c5:a9:ad:7d:8d:f4:d7:0f:70:45:57:20:54:b8:eb:
93:5a:3f:bc:aa:3b:9f:20:f7:ed:d0:c5:b3:8d:6c:da:6a:0a:
c9:24:36:47:c5:84:07:46:3e:35:59:9a:97:4d:c8:c2:2c:fa:
c2:0d:fb:0c:e6:fa:52:7a:f3:b4:7c:0b:af:4d:89:a0:d4:b3:
fa:6a:dc:60:b0:ef:18:45:7c:f2:c0:07:15:d5:ba:f7:0d:7b:
c2:6b:1f:54:cc:3c:74:89:b1:1e:19:21:b0:55:96:fb:ef:1d:
40:2e:b1:86:c4:ed:c2:bc:e8:b0:ab:32:24:0e:07:05:2a:3a:
9f:e3:e0:55:88:f6:a8:c3:ef:3c:03:bf:b2:6a:fb:67:35:e4:
1a:9c:a5:57:2d:6c:22:4a:95:bb:81:e0:52:71:08:75:dd:f7:
57:bc:58:d5:1a:85:9e:2c:16:28:73:04:b1:af:5e:25:b3:89:
36:aa:5a:91:4f:53:4d:7a:4e:38:be:14:06:34:58:dc:47:be:
66:3c:42:ca
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEA1a6tjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
ZjU3YzJkOWQ5M2FjN2NmOWIyZjE3Y2FhNzg1OWI2OTg1YjM5YjlkMB4XDTIyMDIw
NDA0NDkyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3NzJlMTg4MmM5
MDNjZTQzNjZiMTdjZmI0ODhjZGIzOWQ1N2Q5MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIhdysnDTnBGletwWtr05Vz/pS0i/+gCP+6breOvjYng95Ux
EyQdWaeSica+T85T1yppXoFvcZMKUPFs12rweSzULOSXst5LvGI3geokNyte8g11
rlvZbvk7dNQxc9I8FHXD0KR+evbgvniD6Hw4IJ7AcJUFtH0/GUOSUT74TcJbIHWi
PiEMyPiWELcA5EKvi4Qm8oDmPvzECwgd8wkSXeEv3+RHXwhJoeo5q9frqbYsAfc/
42dnJjzo/5nZ+qyUfx71S+/iw+t9X53l+TrbowjSCCnUkn2W35AeHAvtF4NCy2BL
Ls2b0XZocf2bQiBgNXEByTHI25cjxD9wimdUqNUCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBTGdy4YgskDzkNmsXz7SIzbOdV9kjAfBgNVHSMEGDAWgBTvV8LZ2TrHz5sv
F8qnhZtphbObnTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzcxZkMyZGs2eDgtYkx4ZktwNFdiYVlXem01MC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvMWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8x
L3huY3VHSUxKQTg1RFpyRjgtMGlNMnpuVmZaSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
MWUwNGI4LTEwMzEtNDNmOS05NjY3LThlNmY4NzhkYjVmNC8xLzcxZkMyZGs2eDgt
Ykx4ZktwNFdiYVlXem01MC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlwzCAMEAlwzFDANBgkqhkiG9w0B
AQsFAAOCAQEAYpgPXhrdxGy0f2p617TiKj/emsxBqjiwz1fxpaiOf9Yo4wC0dIFA
Ws64qR0jcBEcIhyyW8mjj0zZxamtfY301w9wRVcgVLjrk1o/vKo7nyD37dDFs41s
2moKySQ2R8WEB0Y+NVmal03Iwiz6wg37DOb6UnrztHwLr02JoNSz+mrcYLDvGEV8
8sAHFdW69w17wmsfVMw8dImxHhkhsFWW++8dQC6xhsTtwrzosKsyJA4HBSo6n+Pg
VYj2qMPvPAO/smr7ZzXkGpylVy1sIkqVu4HgUnEIdd33V7xY1RqFniwWKHMEsa9e
JbOJNqpakU9TTXpOOL4UBjRY3Ee+ZjxCyg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:54:39 2024 by rpki-client on console-fra.rpki-client.org