Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XfojT8QXM-PJO_fQQEY58YYcy7g.roa
File: XfojT8QXM-PJO_fQQEY58YYcy7g.roa (raw, json)
Hash identifier: 2zeb6MccLzZ5L04Ot5fnaXrkOdMRVqg9RDx0vT+TCvI=
Subject key identifier: 5D:FA:23:4F:C4:17:33:E3:C9:3B:F7:D0:40:46:39:F1:86:1C:CB:B8
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 425A17A6
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XfojT8QXM-PJO_fQQEY58YYcy7g.roa
Signing time: Sat 01 Jan 2022 14:03:00 +0000
ROA not before: Sat 01 Jan 2022 14:03:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14618
IP address blocks: 192.36.247.0/24 maxlen: 24
193.234.120.0/22 maxlen: 24
192.71.255.0/24 maxlen: 24
192.71.254.0/23 maxlen: 23
192.71.84.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1113200550 (0x425a17a6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 14:03:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dfa234fc41733e3c93bf7d0404639f1861ccbb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e9:82:42:29:dd:72:20:a1:c2:94:b6:fc:89:
f2:8e:77:9d:ab:fb:c6:80:ad:e9:91:24:75:db:06:
82:5a:2a:02:7e:a8:30:88:be:71:3b:ef:37:09:39:
67:8a:0d:8e:2b:71:a6:be:74:1a:c2:19:fd:86:a8:
9e:55:85:df:6a:37:7d:93:86:fd:90:fc:03:64:5b:
bd:3a:c4:e6:87:e4:15:e3:58:bd:88:3d:e9:06:e2:
d0:7b:57:9a:90:81:0f:94:13:46:4f:6b:b5:6d:bc:
53:01:04:36:15:fd:a3:7c:1b:e5:e4:82:5b:43:48:
8d:bb:21:03:09:fc:e8:35:1d:1c:35:81:43:bf:f7:
04:69:94:fd:9e:9a:63:49:ec:45:19:fb:04:fe:c5:
5f:39:e7:8d:02:a2:07:aa:08:b7:2c:dd:dd:78:11:
3d:77:5f:07:a7:a2:5d:e9:94:3e:ef:00:c5:44:4e:
4a:bb:59:51:77:1a:d6:07:11:66:26:50:34:14:ec:
1d:35:7e:cc:47:fb:5f:c9:21:7b:c4:94:17:be:4c:
d0:7f:e7:d5:56:af:f4:33:95:22:11:11:62:8b:00:
57:8c:c8:57:8e:76:e3:91:bd:08:a9:a9:84:5c:19:
08:5c:68:09:5a:a9:bb:8e:86:a5:c5:26:04:a2:92:
f7:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:FA:23:4F:C4:17:33:E3:C9:3B:F7:D0:40:46:39:F1:86:1C:CB:B8
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/XfojT8QXM-PJO_fQQEY58YYcy7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.247.0/24
192.71.84.0/24
192.71.254.0/23
193.234.120.0/22
Signature Algorithm: sha256WithRSAEncryption
0a:75:78:a8:4b:ec:c9:02:fb:4d:ce:26:15:9b:e4:e4:d0:72:
48:5c:2a:4d:7e:f7:e3:bf:31:27:07:1a:8f:d0:f9:de:11:99:
ca:10:87:b8:fc:d9:53:ff:1f:9d:75:8c:ed:a9:e9:fd:c3:49:
98:da:b9:05:86:5e:02:c3:7b:0a:93:8b:f4:3f:62:7e:ce:28:
ec:a1:63:c5:8f:00:d9:f0:6f:8d:0f:4f:5f:08:fe:90:e2:43:
1e:58:05:76:0e:12:2d:9d:f0:5b:30:bb:fa:17:88:25:7a:c4:
41:97:04:0d:2b:45:27:be:c2:8c:c5:f6:64:7e:cc:41:6a:bd:
08:b1:1e:01:93:5f:c6:68:bd:19:af:23:db:fe:91:75:41:34:
69:b5:5c:0d:da:e1:8f:13:70:c9:d4:e3:7a:92:14:44:2e:f7:
12:36:88:a4:04:48:3c:47:5b:b5:f4:e5:d1:7a:6b:0b:46:e4:
b6:10:88:5e:a1:bd:b5:6d:39:d4:0f:83:40:af:48:ca:f0:2d:
97:fd:33:d9:e9:ca:53:39:09:60:d3:93:89:72:30:3b:b4:d6:
f7:47:65:37:2a:ba:62:30:de:63:4c:8b:f8:4d:43:e7:8b:a1:
1c:75:59:b6:b6:a6:cf:25:d3:33:75:b0:1c:47:39:3d:fc:18:
08:38:9b:20
-----BEGIN CERTIFICATE-----
MIIFATCCA+mgAwIBAgIEQloXpjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
MTM1YzdmNTcxZWVmZWI2NzQwNGFiNmM0NWZkNDc1NTUxYWRhZjFiMB4XDTIyMDEw
MTE0MDMwMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRmYTIzNGZjNDE3
MzNlM2M5M2JmN2QwNDA0NjM5ZjE4NjFjY2JiODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK3pgkIp3XIgocKUtvyJ8o53nav7xoCt6ZEkddsGgloqAn6o
MIi+cTvvNwk5Z4oNjitxpr50GsIZ/YaonlWF32o3fZOG/ZD8A2RbvTrE5ofkFeNY
vYg96Qbi0HtXmpCBD5QTRk9rtW28UwEENhX9o3wb5eSCW0NIjbshAwn86DUdHDWB
Q7/3BGmU/Z6aY0nsRRn7BP7FXznnjQKiB6oItyzd3XgRPXdfB6eiXemUPu8AxURO
SrtZUXca1gcRZiZQNBTsHTV+zEf7X8khe8SUF75M0H/n1Vav9DOVIhERYosAV4zI
V45245G9CKmphFwZCFxoCVqpu46GpcUmBKKS9y8CAwEAAaOCAhswggIXMB0GA1Ud
DgQWBBRd+iNPxBcz48k799BARjnxhhzLuDAfBgNVHSMEGDAWgBQhNcf1ce7+tnQE
q2xF/UdVUa2vGzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0lUWEg5WEh1X3JaMEJLdHNSZjFIVlZHdHJ4cy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDkvNjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8x
L1hmb2pUOFFYTS1QSk9fZlFRRVk1OFlZY3k3Zy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDkv
NjgwYjc4LTk2YWYtNGE4NS1hYzAyLTk0M2QwMzMyMTMyNi8xL0lUWEg5WEh1X3Ja
MEJLdHNSZjFIVlZHdHJ4cy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAx
BggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAMAk9wMEAMBHVAMEAcBH/gMEAsHq
eDANBgkqhkiG9w0BAQsFAAOCAQEACnV4qEvsyQL7Tc4mFZvk5NBySFwqTX73478x
Jwcaj9D53hGZyhCHuPzZU/8fnXWM7anp/cNJmNq5BYZeAsN7CpOL9D9ifs4o7KFj
xY8A2fBvjQ9PXwj+kOJDHlgFdg4SLZ3wWzC7+heIJXrEQZcEDStFJ77CjMX2ZH7M
QWq9CLEeAZNfxmi9Ga8j2/6RdUE0abVcDdrhjxNwydTjepIURC73EjaIpARIPEdb
tfTl0XprC0bkthCIXqG9tW051A+DQK9IyvAtl/0z2enKUzkJYNOTiXIwO7TW90dl
Nyq6YjDeY0yL+E1D54uhHHVZtramzyXTM3WwHEc5PfwYCDibIA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:08:38 2023 by rpki-client on console-ams.rpki-client.org