Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XGmPj8SF7X-Sr3AH-2F_mG7eOMg.roa
File: XGmPj8SF7X-Sr3AH-2F_mG7eOMg.roa (raw, json)
Hash identifier: 8u0woXdTKuZze2OEPNQw/fdR/BPG2fwjA+1OexgXLow=
Subject key identifier: 5C:69:8F:8F:C4:85:ED:7F:92:AF:70:07:FB:61:7F:98:6E:DE:38:C8
Certificate issuer: /CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Certificate serial: 0183E0B242946FAE378B7C7E609EB72886B4
Authority key identifier: 9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XGmPj8SF7X-Sr3AH-2F_mG7eOMg.roa
Signing time: Sun 16 Oct 2022 12:08:42 +0000
ROA not before: Sun 16 Oct 2022 12:08:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48359
IP address blocks: 91.239.214.0/24 maxlen: 24
185.126.42.0/23 maxlen: 23
109.232.5.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:e0:b2:42:94:6f:ae:37:8b:7c:7e:60:9e:b7:28:86:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a1e69368abd34538fe77ddaabcdc835af595eba
Validity
Not Before: Oct 16 12:08:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c698f8fc485ed7f92af7007fb617f986ede38c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:dc:81:ea:50:8d:1d:11:03:d7:36:cb:bd:8a:
e3:f5:69:0a:44:d4:03:0a:fe:39:d3:03:88:df:22:
b8:6e:38:3a:f6:10:33:95:01:d4:85:c3:b2:e2:51:
21:b3:4e:a4:ac:f9:10:30:2d:49:aa:1a:f5:e0:2d:
9d:79:10:76:4f:ce:d7:13:a0:a7:3a:9d:92:bc:41:
11:0b:14:98:d2:a4:a4:08:2b:a5:0a:5d:df:a2:a9:
92:11:a0:9d:69:41:0c:b3:24:27:29:2f:84:f4:f8:
6e:df:cf:71:34:68:3a:47:8e:0c:16:a3:e2:53:56:
32:a4:b0:71:49:de:56:d5:54:cc:73:2d:69:6a:5e:
ec:a8:41:54:55:ac:13:27:da:44:f1:2c:2a:27:a2:
62:80:43:2c:0d:55:b6:57:84:be:4c:d2:0d:56:8e:
ef:8d:c3:8c:17:ad:cc:cc:0b:fd:3f:70:66:cc:ed:
60:c4:a1:42:e5:3e:c2:be:eb:0e:72:c3:a0:01:92:
3f:d8:f1:c4:09:b2:ec:59:5b:e0:c2:95:37:86:62:
f3:c1:2f:b2:13:1e:12:dd:a7:35:02:aa:9b:ca:ad:
e3:74:ee:ab:89:1a:4d:b0:e4:c2:79:7d:d1:17:03:
17:db:de:77:67:9c:41:a5:03:bb:cd:7f:11:a6:85:
7a:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:69:8F:8F:C4:85:ED:7F:92:AF:70:07:FB:61:7F:98:6E:DE:38:C8
X509v3 Authority Key Identifier:
keyid:9A:1E:69:36:8A:BD:34:53:8F:E7:7D:DA:AB:CD:C8:35:AF:59:5E:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mh5pNoq9NFOP533aq83INa9ZXro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/XGmPj8SF7X-Sr3AH-2F_mG7eOMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/7886f4-5fcc-4d44-bd62-10982e040d53/1/mh5pNoq9NFOP533aq83INa9ZXro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.214.0/24
109.232.5.0/24
185.126.42.0/23
Signature Algorithm: sha256WithRSAEncryption
20:2a:aa:b6:21:76:38:20:67:4e:48:81:77:62:40:7a:ca:07:
11:c5:14:22:ea:b8:79:db:20:9f:68:34:f3:7e:1d:8a:98:2b:
6f:ce:4e:51:b7:81:a1:97:e3:4e:c5:45:c6:ef:70:a1:73:19:
ee:50:8d:31:8a:61:a6:2a:15:d7:eb:ea:5e:f1:79:f5:57:b0:
6c:d9:7a:9f:72:50:33:6f:fd:b1:39:06:5c:1a:36:1f:fa:2b:
55:49:91:16:82:8d:fb:be:68:d0:56:03:f9:72:d9:5e:f6:49:
bb:f7:43:df:15:96:ab:04:f6:ac:88:07:cb:63:49:c6:30:1f:
ab:19:00:86:8c:c0:88:92:18:54:6c:07:8c:78:49:64:cd:d1:
9d:d4:cf:33:64:dc:04:82:4e:dc:fa:f0:fe:b1:43:9f:42:0d:
68:52:04:9b:53:c1:49:4c:ab:64:aa:29:69:af:15:d8:91:34:
db:27:ce:4a:e1:fd:53:82:75:dd:27:fc:45:0c:a3:f9:1e:bb:
ea:47:b3:07:d9:7a:cb:2a:5f:84:fe:8d:14:e6:d8:99:4b:c4:
21:c4:4d:d7:6a:48:6b:89:af:1d:b8:ac:56:87:75:56:0c:8b:
97:60:94:e6:67:fa:62:91:d2:42:8a:82:97:a8:4b:17:55:27:
cd:8e:17:65
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYPgskKUb643i3x+YJ63KIa0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMWU2OTM2OGFiZDM0NTM4ZmU3N2RkYWFiY2RjODM1YWY1
OTVlYmEwHhcNMjIxMDE2MTIwODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzY5OGY4ZmM0ODVlZDdmOTJhZjcwMDdmYjYxN2Y5ODZlZGUzOGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtyB6lCNHRED1zbLvYrj9WkKRNQD
Cv450wOI3yK4bjg69hAzlQHUhcOy4lEhs06krPkQMC1Jqhr14C2deRB2T87XE6Cn
Op2SvEERCxSY0qSkCCulCl3foqmSEaCdaUEMsyQnKS+E9Phu389xNGg6R44MFqPi
U1YypLBxSd5W1VTMcy1pal7sqEFUVawTJ9pE8SwqJ6JigEMsDVW2V4S+TNINVo7v
jcOMF63MzAv9P3BmzO1gxKFC5T7CvusOcsOgAZI/2PHECbLsWVvgwpU3hmLzwS+y
Ex4S3ac1Aqqbyq3jdO6riRpNsOTCeX3RFwMX2953Z5xBpQO7zX8RpoV6YwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFxpj4/Ehe1/kq9wB/thf5hu3jjIMB8GA1UdIwQY
MBaAFJoeaTaKvTRTj+d92qvNyDWvWV66MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjIt
MTA5ODJlMDQwZDUzLzEvWEdtUGo4U0Y3WC1TcjNBSC0yRl9tRzdlT01nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi83ODg2ZjQtNWZjYy00ZDQ0LWJkNjItMTA5ODJlMDQwZDUz
LzEvbWg1cE5vcTlORk9QNTMzYXE4M0lOYTlaWHJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+/WAwQA
begFAwQBuX4qMA0GCSqGSIb3DQEBCwUAA4IBAQAgKqq2IXY4IGdOSIF3YkB6ygcR
xRQi6rh52yCfaDTzfh2KmCtvzk5Rt4Ghl+NOxUXG73ChcxnuUI0ximGmKhXX6+pe
8Xn1V7Bs2XqfclAzb/2xOQZcGjYf+itVSZEWgo37vmjQVgP5ctle9km790PfFZar
BPasiAfLY0nGMB+rGQCGjMCIkhhUbAeMeElkzdGd1M8zZNwEgk7c+vD+sUOfQg1o
UgSbU8FJTKtkqilprxXYkTTbJ85K4f1TgnXdJ/xFDKP5HrvqR7MH2XrLKl+E/o0U
5tiZS8QhxE3Xakhria8duKxWh3VWDIuXYJTmZ/pikdJCioKXqEsXVSfNjhdl
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:10 2024 by rpki-client on console-fra.rpki-client.org