Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/XKYsWpFowHgBWd6THHC26PlgA1Y.roa
File: XKYsWpFowHgBWd6THHC26PlgA1Y.roa (raw, json)
Hash identifier: llo733On0JErfdAZKRXjZdHbx+5QMG883MTxjT2rluQ=
Subject key identifier: 5C:A6:2C:5A:91:68:C0:78:01:59:DE:93:1C:70:B6:E8:F9:60:03:56
Certificate issuer: /CN=eb1dc00fd2c1e3eaafceccc1b4ba1f8fd0a4a98c
Certificate serial: 19ECA7DB
Authority key identifier: EB:1D:C0:0F:D2:C1:E3:EA:AF:CE:CC:C1:B4:BA:1F:8F:D0:A4:A9:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6x3AD9LB4-qvzszBtLofj9CkqYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/XKYsWpFowHgBWd6THHC26PlgA1Y.roa
Signing time: Tue 05 Jul 2022 07:40:25 +0000
ROA not before: Tue 05 Jul 2022 07:40:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 62167
IP address blocks: 185.44.163.0/24 maxlen: 24
185.44.160.0/24 maxlen: 24
185.44.160.0/22 maxlen: 22
185.44.162.0/24 maxlen: 24
185.44.161.0/24 maxlen: 24
89.107.29.0/24 maxlen: 24
89.107.28.0/24 maxlen: 24
89.107.28.0/22 maxlen: 22
185.163.82.0/23 maxlen: 23
185.163.81.0/24 maxlen: 24
185.163.80.0/22 maxlen: 22
185.163.80.0/24 maxlen: 24
2a01:7520:5::/48 maxlen: 48
2a01:7520::/32 maxlen: 32
2a01:7520::/48 maxlen: 48
2a01:7520:4::/48 maxlen: 48
2a01:7520:2::/48 maxlen: 48
2a01:7520:8::/48 maxlen: 48
2a01:7520:3::/48 maxlen: 48
2a01:7520:6::/48 maxlen: 48
2a01:7520:1::/48 maxlen: 48
2a01:7520:7::/48 maxlen: 48
2a0b:5800::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 434939867 (0x19eca7db)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb1dc00fd2c1e3eaafceccc1b4ba1f8fd0a4a98c
Validity
Not Before: Jul 5 07:40:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ca62c5a9168c0780159de931c70b6e8f9600356
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fd:9f:ce:85:2b:bd:27:21:be:58:50:dc:96:
1a:1d:96:62:cd:31:18:12:45:88:5c:fe:71:30:8c:
27:77:cd:eb:e1:7e:4b:b4:96:6b:c4:1d:fb:b9:3d:
a1:fd:f8:bc:1b:c0:c1:d9:04:73:8c:6a:a7:76:9d:
11:f8:b5:9c:c5:81:8d:72:92:fd:43:68:0d:19:6d:
5a:0c:de:2b:ea:08:59:20:a4:6e:e0:fc:42:0f:02:
0c:f9:f8:3a:b8:e5:d4:c3:44:48:c0:76:91:94:7d:
68:d7:27:0e:b1:21:b4:6a:31:f9:8f:7e:1d:8f:b5:
7d:37:f7:b7:9f:85:ca:e8:b5:e6:9c:63:28:93:34:
2b:00:0c:46:3c:ab:cb:d0:20:a3:c8:51:2c:2b:96:
33:d6:7e:5b:18:f1:65:ab:a4:f2:dc:b7:c6:19:f3:
28:c2:93:c9:a0:1d:f0:b0:0e:20:c3:42:26:0d:1f:
be:cb:70:7d:4c:c4:15:e4:28:24:40:61:83:97:b3:
1d:bc:cd:29:f5:c5:4a:2d:db:ae:66:88:73:af:ae:
6b:31:55:33:0b:ba:45:05:35:99:80:4b:55:f0:df:
3b:cb:b0:92:a9:5b:1f:f9:3b:87:b2:68:4d:ae:83:
4c:13:63:b2:39:9b:10:aa:c5:9a:83:ae:07:e9:3a:
b1:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:A6:2C:5A:91:68:C0:78:01:59:DE:93:1C:70:B6:E8:F9:60:03:56
X509v3 Authority Key Identifier:
keyid:EB:1D:C0:0F:D2:C1:E3:EA:AF:CE:CC:C1:B4:BA:1F:8F:D0:A4:A9:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6x3AD9LB4-qvzszBtLofj9CkqYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/XKYsWpFowHgBWd6THHC26PlgA1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/6x3AD9LB4-qvzszBtLofj9CkqYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.28.0/22
185.44.160.0/22
185.163.80.0/22
IPv6:
2a01:7520::/32
2a0b:5800::/32
Signature Algorithm: sha256WithRSAEncryption
28:6e:6d:04:8a:0d:df:9d:a6:31:5b:37:31:3f:ce:f2:65:e7:
c4:82:15:0c:3b:ed:5f:7a:bc:2f:b4:16:6e:d4:65:bd:d9:d3:
38:d8:74:1d:71:88:d7:b5:bc:84:c4:4d:67:14:f0:92:3c:38:
4d:13:b8:ca:04:ff:8d:4e:fe:a6:8c:f6:e6:b5:a6:9f:aa:2c:
0c:e8:f2:27:07:91:f1:13:12:0a:15:a3:b3:fb:2a:1a:79:cf:
e1:ec:19:ad:df:3d:2e:aa:37:27:1f:c0:57:e1:42:be:8a:09:
60:8f:57:29:78:68:82:e6:cc:81:24:b5:4a:d3:cb:9d:4a:68:
8c:7e:2c:9b:6b:fe:84:ef:c8:8f:9b:de:db:66:c6:b4:1c:c7:
99:21:ee:02:f5:3a:19:fa:d9:da:fa:17:70:2e:e0:9d:b7:41:
0e:d9:e0:b5:5a:3f:69:d7:b3:ed:95:d3:d8:d1:b1:7f:7f:c0:
3a:1b:6f:3f:20:05:c8:07:ec:63:42:3c:7d:a6:d0:81:29:a2:
d6:8f:23:ef:e6:52:05:7f:c5:ae:d1:84:89:95:e9:50:47:0d:
93:0b:cf:fa:a8:fc:74:61:63:f8:17:37:73:ec:cc:17:87:70:
bd:c8:e5:2e:26:70:90:3e:c0:19:66:bd:ba:af:ab:15:e3:2c:
51:5a:b1:f2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgIEGeyn2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
YjFkYzAwZmQyYzFlM2VhYWZjZWNjYzFiNGJhMWY4ZmQwYTRhOThjMB4XDTIyMDcw
NTA3NDAyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNhNjJjNWE5MTY4
YzA3ODAxNTlkZTkzMWM3MGI2ZThmOTYwMDM1NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKz9n86FK70nIb5YUNyWGh2WYs0xGBJFiFz+cTCMJ3fN6+F+
S7SWa8Qd+7k9of34vBvAwdkEc4xqp3adEfi1nMWBjXKS/UNoDRltWgzeK+oIWSCk
buD8Qg8CDPn4Orjl1MNESMB2kZR9aNcnDrEhtGox+Y9+HY+1fTf3t5+Fyui15pxj
KJM0KwAMRjyry9Ago8hRLCuWM9Z+WxjxZauk8ty3xhnzKMKTyaAd8LAOIMNCJg0f
vstwfUzEFeQoJEBhg5ezHbzNKfXFSi3brmaIc6+uazFVMwu6RQU1mYBLVfDfO8uw
kqlbH/k7h7JoTa6DTBNjsjmbEKrFmoOuB+k6saMCAwEAAaOCAiswggInMB0GA1Ud
DgQWBBRcpixakWjAeAFZ3pMccLbo+WADVjAfBgNVHSMEGDAWgBTrHcAP0sHj6q/O
zMG0uh+P0KSpjDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzZ4M0FEOUxCNC1xdnpzekJ0TG9majlDa3FZdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvNWFiNTg1LWIyOWItNGU3MS04MDM4LTkwZTIxZGYwMWU5MS8x
L1hLWXNXcEZvd0hnQldkNlRISEMyNlBsZ0ExWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
NWFiNTg1LWIyOWItNGU3MS04MDM4LTkwZTIxZGYwMWU5MS8xLzZ4M0FEOUxCNC1x
dnpzekJ0TG9majlDa3FZdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBB
BggrBgEFBQcBBwEB/wQyMDAwGAQCAAEwEgMEAllrHAMEArksoAMEArmjUDAUBAIA
AjAOAwUAKgF1IAMFACoLWAAwDQYJKoZIhvcNAQELBQADggEBAChubQSKDd+dpjFb
NzE/zvJl58SCFQw77V96vC+0Fm7UZb3Z0zjYdB1xiNe1vITETWcU8JI8OE0TuMoE
/41O/qaM9ua1pp+qLAzo8icHkfETEgoVo7P7Khp5z+HsGa3fPS6qNycfwFfhQr6K
CWCPVyl4aILmzIEktUrTy51KaIx+LJtr/oTvyI+b3ttmxrQcx5kh7gL1Ohn62dr6
F3Au4J23QQ7Z4LVaP2nXs+2V09jRsX9/wDobbz8gBcgH7GNCPH2m0IEpotaPI+/m
UgV/xa7RhImV6VBHDZMLz/qo/HRhY/gXN3PszBeHcL3I5S4mcJA+wBlmvbqvqxXj
LFFasfI=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:27 2023 by rpki-client on console-ams.rpki-client.org