Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/xiln0PKNHPn63NynQYQWi8elyQI.roa
File: xiln0PKNHPn63NynQYQWi8elyQI.roa (raw, json)
Hash identifier: CRJ0aPJWRhsQl2QB90C1ZSxLC86dMOJvFtaRH5pTejI=
Subject key identifier: C6:29:67:D0:F2:8D:1C:F9:FA:DC:DC:A7:41:84:16:8B:C7:A5:C9:02
Certificate issuer: /CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Certificate serial: 01821B65F62F7C1C06848D3DA3BAE14AD7E2
Authority key identifier: 9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/xiln0PKNHPn63NynQYQWi8elyQI.roa
Signing time: Wed 20 Jul 2022 11:37:23 +0000
ROA not before: Wed 20 Jul 2022 11:37:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39431
IP address blocks: 176.108.109.0/24 maxlen: 24
176.108.119.0/24 maxlen: 24
193.93.17.0/24 maxlen: 24
193.93.16.0/23 maxlen: 23
193.93.16.0/24 maxlen: 24
193.93.19.0/24 maxlen: 24
193.93.18.0/23 maxlen: 24
193.93.18.0/24 maxlen: 24
2001:678:468::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:82:1b:65:f6:2f:7c:1c:06:84:8d:3d:a3:ba:e1:4a:d7:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9f5ff3de10a31bbf5701c0bdb26c6508017da2ca
Validity
Not Before: Jul 20 11:37:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c62967d0f28d1cf9fadcdca74184168bc7a5c902
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:09:0b:09:c7:df:8d:48:d0:f0:5d:76:33:79:
4e:4a:e0:28:d8:09:72:cf:a7:93:c1:2c:07:b9:a8:
4e:58:d2:54:5f:33:84:a8:ca:15:9c:98:71:f2:e9:
95:b5:d6:55:75:cd:97:8a:76:ff:ea:a4:96:33:c1:
51:a0:53:16:ce:dd:b7:10:a6:9d:b4:56:f5:bd:ac:
9f:1a:34:a3:0d:3c:5b:b6:60:6c:d2:41:2f:35:17:
a3:bf:53:14:b9:09:b3:5c:39:cb:02:a1:e0:5c:9d:
cf:41:b3:ab:d9:d0:97:8e:9d:74:4f:cd:4f:ee:cc:
3a:84:40:3c:1c:c4:6b:45:98:29:f1:4c:56:bb:cf:
ae:6d:8c:68:3d:dc:cc:32:08:8f:9e:8d:b7:1d:b0:
b5:e8:f4:2e:2f:be:25:16:20:8b:06:80:2f:5a:e5:
ee:75:51:d1:7a:93:c2:02:87:dc:04:51:6e:d2:e0:
7b:7c:e2:92:62:f0:34:a4:84:ea:e2:21:e4:de:31:
9c:31:c2:27:ab:56:b0:ae:85:c1:f2:31:68:64:ef:
3b:20:59:ee:09:30:02:1d:b3:d8:91:7d:89:44:74:
33:9d:b4:b1:41:aa:f0:90:5a:b0:31:a4:b2:21:5e:
ac:d0:4a:6a:48:9d:9b:8b:3b:ca:3e:1d:54:55:6b:
24:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:29:67:D0:F2:8D:1C:F9:FA:DC:DC:A7:41:84:16:8B:C7:A5:C9:02
X509v3 Authority Key Identifier:
keyid:9F:5F:F3:DE:10:A3:1B:BF:57:01:C0:BD:B2:6C:65:08:01:7D:A2:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n1_z3hCjG79XAcC9smxlCAF9oso.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/xiln0PKNHPn63NynQYQWi8elyQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/4cae10-37a5-40ef-89d5-5701d01c1e87/1/n1_z3hCjG79XAcC9smxlCAF9oso.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.108.109.0/24
176.108.119.0/24
193.93.16.0/22
IPv6:
2001:678:468::/48
Signature Algorithm: sha256WithRSAEncryption
99:97:23:03:75:ae:81:cf:f6:bf:7d:78:04:ca:71:48:9b:f7:
43:41:5f:84:fa:48:9f:0e:46:b2:56:0c:60:9c:c3:3d:2d:a3:
1c:f7:f6:fa:11:81:22:a4:c3:bf:99:8b:11:58:a2:15:14:80:
51:ec:d8:a5:bf:da:d5:5b:d5:b3:7c:69:4d:85:fa:aa:27:f0:
f4:77:ef:88:0c:53:18:6a:13:6c:4d:04:30:99:f5:b1:0d:68:
84:b5:eb:d6:67:a3:37:3c:8d:42:8e:80:6c:97:24:f8:e3:76:
ed:37:8d:40:ad:eb:4c:c4:b0:01:61:85:42:26:88:00:4a:95:
7b:46:98:5f:3f:41:fe:19:ba:7b:e1:d8:c8:ee:a4:70:f7:f7:
9f:1e:74:7f:95:28:ff:2b:f6:87:e1:ae:b0:ad:ac:47:01:ca:
68:0b:89:02:e3:28:18:99:08:21:42:c1:ed:e8:0a:70:d0:f2:
20:c6:93:19:57:3e:67:71:f4:18:e0:e8:a2:f7:41:0a:86:3c:
69:d4:19:ce:17:76:ae:db:0f:c9:d5:3a:8a:3a:46:17:af:0f:
64:8f:96:d8:a0:db:9b:a8:b6:1f:84:02:b3:cb:cb:c9:b2:f9:
f4:62:3b:1a:be:d3:13:6a:a2:b9:fb:5b:8f:5f:a6:65:52:d5:
3b:b4:47:2e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYIbZfYvfBwGhI09o7rhStfiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmNWZmM2RlMTBhMzFiYmY1NzAxYzBiZGIyNmM2NTA4MDE3
ZGEyY2EwHhcNMjIwNzIwMTEzNzIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjI5NjdkMGYyOGQxY2Y5ZmFkY2RjYTc0MTg0MTY4YmM3YTVjOTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAkLCcffjUjQ8F12M3lOSuAo2Aly
z6eTwSwHuahOWNJUXzOEqMoVnJhx8umVtdZVdc2Xinb/6qSWM8FRoFMWzt23EKad
tFb1vayfGjSjDTxbtmBs0kEvNRejv1MUuQmzXDnLAqHgXJ3PQbOr2dCXjp10T81P
7sw6hEA8HMRrRZgp8UxWu8+ubYxoPdzMMgiPno23HbC16PQuL74lFiCLBoAvWuXu
dVHRepPCAofcBFFu0uB7fOKSYvA0pITq4iHk3jGcMcInq1awroXB8jFoZO87IFnu
CTACHbPYkX2JRHQznbSxQarwkFqwMaSyIV6s0EpqSJ2bizvKPh1UVWskNwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMYpZ9DyjRz5+tzcp0GEFovHpckCMB8GA1UdIwQY
MBaAFJ9f894Qoxu/VwHAvbJsZQgBfaLKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUt
NTcwMWQwMWMxZTg3LzEveGlsbjBQS05IUG42M055blFZUVdpOGVseVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi80Y2FlMTAtMzdhNS00MGVmLTg5ZDUtNTcwMWQwMWMxZTg3
LzEvbjFfejNoQ2pHNzlYQWNDOXNteGxDQUY5b3NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAsGxtAwQA
sGx3AwQCwV0QMA8EAgACMAkDBwAgAQZ4BGgwDQYJKoZIhvcNAQELBQADggEBAJmX
IwN1roHP9r99eATKcUib90NBX4T6SJ8ORrJWDGCcwz0toxz39voRgSKkw7+ZixFY
ohUUgFHs2KW/2tVb1bN8aU2F+qon8PR374gMUxhqE2xNBDCZ9bENaIS169Znozc8
jUKOgGyXJPjjdu03jUCt60zEsAFhhUImiABKlXtGmF8/Qf4Zunvh2MjupHD3958e
dH+VKP8r9ofhrrCtrEcBymgLiQLjKBiZCCFCwe3oCnDQ8iDGkxlXPmdx9Bjg6KL3
QQqGPGnUGc4Xdq7bD8nVOoo6RhevD2SPltig25uoth+EArPLy8my+fRiOxq+0xNq
orn7W49fpmVS1Tu0Ry4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:00 2024 by rpki-client on console-fra.rpki-client.org