Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/X4jkra_iv8Gaawaw9vgP36QhZJw.roa
File: X4jkra_iv8Gaawaw9vgP36QhZJw.roa (raw, json)
Hash identifier: YM+szxtxT6FFvi8oz+LJptvKQlC6ZIS+WXWA+Xt4qt4=
Subject key identifier: 5F:88:E4:AD:AF:E2:BF:C1:9A:6B:06:B0:F6:F8:0F:DF:A4:21:64:9C
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 178E3690
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/X4jkra_iv8Gaawaw9vgP36QhZJw.roa
Signing time: Sat 01 Jan 2022 04:53:50 +0000
ROA not before: Sat 01 Jan 2022 04:53:50 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3356
IP address blocks: 5.183.204.0/24 maxlen: 32
5.183.205.0/24 maxlen: 32
45.82.206.0/24 maxlen: 32
45.14.46.0/24 maxlen: 32
45.82.207.0/24 maxlen: 32
2.59.174.0/24 maxlen: 32
2.59.175.0/24 maxlen: 32
45.15.38.0/24 maxlen: 32
213.232.104.0/24 maxlen: 32
45.15.39.0/24 maxlen: 32
45.67.17.0/24 maxlen: 32
45.67.16.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 395196048 (0x178e3690)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 1 04:53:50 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f88e4adafe2bfc19a6b06b0f6f80fdfa421649c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:06:97:b9:d5:3f:f4:36:8c:f6:db:ac:d0:cc:
23:d3:95:22:fe:8d:91:f2:60:be:69:55:a2:64:6b:
a0:c6:37:16:c3:5a:a9:05:2f:d0:23:1a:4e:7a:0d:
45:aa:d5:a1:b0:42:85:e7:b1:aa:a2:21:67:e8:08:
8c:14:3e:76:9a:46:f7:27:85:9f:1a:8a:3b:2c:45:
bb:be:01:58:ce:4b:bf:93:96:fb:4e:58:fd:b5:05:
18:80:24:26:ce:7f:df:a3:91:38:0c:07:a1:e2:64:
64:3e:2e:ae:02:50:76:a6:07:04:c8:a7:0d:09:d8:
64:01:87:97:68:a5:0a:1c:64:7f:b2:32:f8:c5:e0:
a4:64:e9:49:d4:03:2f:26:d7:2a:90:22:fe:a5:d4:
9c:81:2c:50:a5:6a:e9:2e:ed:45:03:6b:f9:01:a6:
ea:62:57:88:5d:f2:bf:ea:40:6d:f4:46:bd:53:da:
d7:b7:a4:df:42:b8:04:b9:f6:24:bc:78:fb:3b:9b:
d9:bc:de:55:4d:4b:01:9e:2f:61:4b:ef:18:b3:f0:
59:48:bf:83:f1:9f:0d:50:35:9b:41:ec:80:55:f2:
56:a0:14:97:47:3f:3d:7d:2e:b0:18:6e:ce:de:2b:
a7:9f:5e:90:32:3b:83:7e:5c:26:d2:10:33:c8:ed:
e1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:88:E4:AD:AF:E2:BF:C1:9A:6B:06:B0:F6:F8:0F:DF:A4:21:64:9C
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/X4jkra_iv8Gaawaw9vgP36QhZJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.174.0/23
5.183.204.0/23
45.14.46.0/24
45.15.38.0/23
45.67.16.0/23
45.82.206.0/23
213.232.104.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:b0:47:82:53:34:90:3d:b7:6c:52:c6:69:a8:3a:3d:e1:32:
23:ef:30:ac:dd:f0:36:98:d2:2a:29:88:85:0f:57:ab:95:7b:
46:7f:14:7f:d1:1c:b4:0a:f3:e8:a3:b2:76:23:3a:3c:14:b4:
1b:ae:46:4d:7a:58:c7:35:5f:b1:e1:88:6a:80:48:06:bd:94:
ca:4e:13:7f:bf:2a:9a:ef:fd:18:95:21:a7:af:bc:e2:ac:4c:
df:7d:53:86:a3:5f:ad:d4:83:98:9a:4c:a6:aa:1a:80:fc:fe:
7a:d0:79:7d:30:78:02:e5:f0:cc:99:e5:0d:ae:70:f6:63:8a:
1f:07:e4:bc:11:e0:c8:fa:d4:29:49:14:d2:f8:46:78:12:ef:
dc:55:0f:b2:8a:1e:47:b5:ec:ca:07:81:8f:fd:65:20:b2:6f:
09:90:77:77:75:0b:b8:f2:f5:e1:82:bb:66:8c:d3:7b:4b:b2:
70:7c:2e:92:2a:1e:5e:27:0d:71:78:21:89:aa:39:00:cc:03:
20:6a:12:b9:ec:4e:41:72:bb:a8:65:39:f6:8c:3d:4c:e8:ce:
43:00:2a:d1:76:e0:87:93:03:07:a3:08:ec:b0:bf:37:7e:c6:
ca:5d:7c:49:a4:2c:d1:63:60:e2:80:29:bc:89:9c:d6:a7:4c:
0a:23:64:91
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgIEF442kDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDEw
MTA0NTM1MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY4OGU0YWRhZmUy
YmZjMTlhNmIwNmIwZjZmODBmZGZhNDIxNjQ5YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL4Gl7nVP/Q2jPbbrNDMI9OVIv6NkfJgvmlVomRroMY3FsNa
qQUv0CMaTnoNRarVobBCheexqqIhZ+gIjBQ+dppG9yeFnxqKOyxFu74BWM5Lv5OW
+05Y/bUFGIAkJs5/36OROAwHoeJkZD4urgJQdqYHBMinDQnYZAGHl2ilChxkf7Iy
+MXgpGTpSdQDLybXKpAi/qXUnIEsUKVq6S7tRQNr+QGm6mJXiF3yv+pAbfRGvVPa
17ek30K4BLn2JLx4+zub2bzeVU1LAZ4vYUvvGLPwWUi/g/GfDVA1m0HsgFXyVqAU
l0c/PX0usBhuzt4rp59ekDI7g35cJtIQM8jt4T8CAwEAAaOCAi0wggIpMB0GA1Ud
DgQWBBRfiOStr+K/wZprBrD2+A/fpCFknDAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L1g0amtyYV9pdjhHYWF3YXc5dmdQMzZRaFpKdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBD
BggrBgEFBQcBBwEB/wQ0MDIwMAQCAAEwKgMEAQI7rgMEAQW3zAMEAC0OLgMEAS0P
JgMEAS1DEAMEAS1SzgMEANXoaDANBgkqhkiG9w0BAQsFAAOCAQEAbLBHglM0kD23
bFLGaag6PeEyI+8wrN3wNpjSKimIhQ9Xq5V7Rn8Uf9EctArz6KOydiM6PBS0G65G
TXpYxzVfseGIaoBIBr2Uyk4Tf78qmu/9GJUhp6+84qxM331ThqNfrdSDmJpMpqoa
gPz+etB5fTB4AuXwzJnlDa5w9mOKHwfkvBHgyPrUKUkU0vhGeBLv3FUPsooeR7Xs
ygeBj/1lILJvCZB3d3ULuPL14YK7ZozTe0uycHwukioeXicNcXghiao5AMwDIGoS
uexOQXK7qGU59ow9TOjOQwAq0Xbgh5MDB6MI7LC/N37Gyl18SaQs0WNg4oApvImc
1qdMCiNkkQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:18 2023 by rpki-client on console-fra.rpki-client.org