Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xEJCpAZGHpmrEb--CorUL3Tbrwo.roa
File: xEJCpAZGHpmrEb--CorUL3Tbrwo.roa (raw, json)
Hash identifier: S3RBzxVbcsTa+rhFv59bZAqYEjUZScb42vtyXxjUWLA=
Subject key identifier: C4:42:42:A4:06:46:1E:99:AB:11:BF:BE:0A:8A:D4:2F:74:DB:AF:0A
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 194F56B6
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xEJCpAZGHpmrEb--CorUL3Tbrwo.roa
Signing time: Sun 27 Mar 2022 07:57:13 +0000
ROA not before: Sun 27 Mar 2022 07:57:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 141159
IP address blocks: 91.189.186.0/24 maxlen: 32
185.142.143.0/24 maxlen: 32
185.182.49.0/24 maxlen: 32
185.133.195.0/24 maxlen: 32
185.182.48.0/24 maxlen: 32
2.57.255.0/24 maxlen: 32
185.171.3.0/24 maxlen: 32
5.253.137.0/24 maxlen: 32
185.236.83.0/24 maxlen: 32
185.224.146.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 424629942 (0x194f56b6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Mar 27 07:57:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c44242a406461e99ab11bfbe0a8ad42f74dbaf0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0b:3f:3b:e7:87:62:90:30:a4:ba:3d:ea:a2:
f5:ca:9a:a3:20:f9:e5:2f:33:c4:7d:58:f8:a0:05:
6f:68:ca:03:27:43:b8:10:f2:80:b1:2b:ad:09:81:
ef:32:fe:4f:f4:d9:1e:7f:cf:69:43:6c:2b:a4:02:
e8:06:dc:df:a0:33:68:b2:30:0e:a9:5a:42:d0:75:
46:36:d4:7e:99:e6:b4:d0:25:ef:65:d3:2f:31:5d:
d9:36:52:2f:9d:1a:c2:79:a8:14:1f:2c:8c:65:b9:
fc:f9:af:93:9b:ee:3c:d4:c4:51:3a:0b:98:46:2d:
79:cd:ba:5e:ea:89:b8:27:8b:e4:40:56:c7:46:c5:
7e:19:14:eb:f7:2c:37:cb:6f:4d:82:a8:72:e6:88:
0a:b3:9e:3c:77:7a:64:99:ef:02:fb:8d:46:82:ae:
ac:07:32:8e:38:ca:04:be:81:3e:f6:59:c1:ad:e0:
bc:0a:99:a9:39:75:7f:4e:dc:c4:2b:24:71:53:4a:
c5:12:86:4a:95:bd:10:74:1e:5e:ab:34:84:6b:1f:
45:28:47:36:ba:13:e9:4d:46:2b:1c:2e:7d:f8:95:
23:dc:c7:5a:a6:c4:d6:53:d8:f8:6f:22:a0:85:40:
fb:64:0f:af:a5:cf:65:fa:c3:42:52:d5:dd:3e:e8:
ce:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:42:42:A4:06:46:1E:99:AB:11:BF:BE:0A:8A:D4:2F:74:DB:AF:0A
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/xEJCpAZGHpmrEb--CorUL3Tbrwo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.255.0/24
5.253.137.0/24
91.189.186.0/24
185.133.195.0/24
185.142.143.0/24
185.171.3.0/24
185.182.48.0/23
185.224.146.0/24
185.236.83.0/24
Signature Algorithm: sha256WithRSAEncryption
59:7b:96:ce:a6:4c:00:fa:e8:03:18:7d:5a:ad:9e:af:91:00:
a3:27:a2:26:65:95:77:62:00:27:7b:ea:19:b3:31:48:6a:3d:
6c:25:df:bb:62:18:0b:39:8e:c3:83:5e:5d:2e:7e:f5:c3:ba:
25:7e:19:6f:1c:03:99:48:ab:4b:ed:55:51:b4:cd:80:b2:d9:
e0:de:1f:02:f9:b8:55:53:ed:b8:47:34:c0:3e:57:4c:9d:88:
0a:a9:e9:26:e3:df:e0:9c:82:0b:56:4b:6c:0b:24:0e:96:3e:
45:80:47:d5:9e:50:53:58:75:f1:98:01:d2:d7:d6:08:63:33:
1f:f3:23:2c:18:24:3a:1e:72:2b:e3:c2:ee:22:5a:a7:c0:cd:
6a:18:e5:ca:23:1e:1f:41:df:d7:c1:09:f2:f8:fa:e9:70:87:
59:43:62:48:c4:65:c2:98:e6:fb:5f:85:c4:04:b8:61:15:83:
24:08:2e:04:0b:85:b1:ab:34:21:a6:0a:cc:b5:1d:8c:25:ae:
ab:fa:da:8f:2b:0a:71:df:ba:51:c7:c6:22:a0:7c:5a:38:bf:
6e:62:81:48:75:77:ff:91:70:42:68:99:2d:5d:ff:a7:ba:d3:
b9:47:5e:d2:29:3b:ea:fa:0b:04:32:d1:e0:7b:b5:18:d3:81:
8d:83:88:9b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgIEGU9WtjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
YzhmZDFhOGFlNTk5NmMxZTU2OTJjMWE4YzQyYmZlOWMzYmE1NzQ1MB4XDTIyMDMy
NzA3NTcxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQ0MjQyYTQwNjQ2
MWU5OWFiMTFiZmJlMGE4YWQ0MmY3NGRiYWYwYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKcLPzvnh2KQMKS6Peqi9cqaoyD55S8zxH1Y+KAFb2jKAydD
uBDygLErrQmB7zL+T/TZHn/PaUNsK6QC6Abc36AzaLIwDqlaQtB1RjbUfpnmtNAl
72XTLzFd2TZSL50awnmoFB8sjGW5/Pmvk5vuPNTEUToLmEYtec26XuqJuCeL5EBW
x0bFfhkU6/csN8tvTYKocuaICrOePHd6ZJnvAvuNRoKurAcyjjjKBL6BPvZZwa3g
vAqZqTl1f07cxCskcVNKxRKGSpW9EHQeXqs0hGsfRShHNroT6U1GKxwuffiVI9zH
WqbE1lPY+G8ioIVA+2QPr6XPZfrDQlLV3T7ozj0CAwEAAaOCAjkwggI1MB0GA1Ud
DgQWBBTEQkKkBkYemasRv74KitQvdNuvCjAfBgNVHSMEGDAWgBRsj9GorlmWweVp
LBqMQr/pw7pXRTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2JJX1JxSzVabHNIbGFTd2FqRUtfNmNPNlYwVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDAvNDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8x
L3hFSkNwQVpHSHBtckViLS1Db3JVTDNUYnJ3by5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDAv
NDkyNTkwLWEwMmYtNDQzZS1hYWEzLWZlYWMyNmVhZWNjMi8xL2JJX1JxSzVabHNI
bGFTd2FqRUtfNmNPNlYwVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBP
BggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAAI5/wMEAAX9iQMEAFu9ugMEALmF
wwMEALmOjwMEALmrAwMEAbm2MAMEALngkgMEALnsUzANBgkqhkiG9w0BAQsFAAOC
AQEAWXuWzqZMAProAxh9Wq2er5EAoyeiJmWVd2IAJ3vqGbMxSGo9bCXfu2IYCzmO
w4NeXS5+9cO6JX4ZbxwDmUirS+1VUbTNgLLZ4N4fAvm4VVPtuEc0wD5XTJ2ICqnp
JuPf4JyCC1ZLbAskDpY+RYBH1Z5QU1h18ZgB0tfWCGMzH/MjLBgkOh5yK+PC7iJa
p8DNahjlyiMeH0Hf18EJ8vj66XCHWUNiSMRlwpjm+1+FxAS4YRWDJAguBAuFsas0
IaYKzLUdjCWuq/rajysKcd+6UcfGIqB8Wji/bmKBSHV3/5FwQmiZLV3/p7rTuUde
0ik76voLBDLR4Hu1GNOBjYOImw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:09 2023 by rpki-client on console-ams.rpki-client.org