Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/xt4WZdfxYk-nHw7dnZgvElskzFw.roa
File: xt4WZdfxYk-nHw7dnZgvElskzFw.roa (raw, json)
Hash identifier: jUnh1SweLIvW+6PHGTCEgvBCJWAPA9DkVxyoXulqm3s=
Subject key identifier: C6:DE:16:65:D7:F1:62:4F:A7:1F:0E:DD:9D:98:2F:12:5B:24:CC:5C
Certificate issuer: /CN=e50c22c66b85fac98de83d761ef4243437ab0393
Certificate serial: 01847A0B80297EBBFF86419CBBF37669DDCA
Authority key identifier: E5:0C:22:C6:6B:85:FA:C9:8D:E8:3D:76:1E:F4:24:34:37:AB:03:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5QwixmuF-smN6D12HvQkNDerA5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/xt4WZdfxYk-nHw7dnZgvElskzFw.roa
Signing time: Tue 15 Nov 2022 06:48:04 +0000
ROA not before: Tue 15 Nov 2022 06:48:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29240
IP address blocks: 185.217.236.0/22 maxlen: 22
185.244.244.0/22 maxlen: 24
213.255.160.0/19 maxlen: 19
185.77.244.0/22 maxlen: 22
193.142.16.0/23 maxlen: 23
2a01:18::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:7a:0b:80:29:7e:bb:ff:86:41:9c:bb:f3:76:69:dd:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e50c22c66b85fac98de83d761ef4243437ab0393
Validity
Not Before: Nov 15 06:48:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6de1665d7f1624fa71f0edd9d982f125b24cc5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:fa:e2:01:c1:7c:89:10:b1:05:fc:99:c0:8f:
f0:7c:32:fe:e5:87:41:3e:93:86:4b:66:7a:96:52:
c3:98:66:7d:e8:57:73:74:cc:82:aa:7e:15:5c:c9:
fe:25:ca:25:2d:03:2a:cd:e6:5b:18:c3:6a:12:1c:
52:32:6f:bf:d7:bd:d0:32:5b:86:8f:bb:78:50:92:
77:58:79:c5:db:94:52:14:d0:19:e2:8e:8a:4b:79:
ed:ef:f4:0f:b1:db:f6:b2:c7:10:9c:51:75:b5:ab:
2b:5a:f5:83:5c:32:b3:78:60:5d:cf:7c:38:b5:ea:
20:e8:1a:bb:e8:70:2e:0e:f4:d4:05:22:b8:ee:c0:
8e:9f:84:88:7d:8b:8a:56:c2:7c:99:70:36:fd:e7:
6a:04:18:7b:c3:da:03:19:12:22:ab:1d:be:5c:ec:
e0:58:81:7e:22:48:08:3e:e6:42:33:80:ff:44:f5:
5b:0a:aa:3a:c9:5f:04:a5:82:3b:98:2d:be:55:b0:
05:d6:0c:8f:d1:1e:b4:68:ce:8f:18:44:46:6e:e5:
e2:10:63:79:1b:49:15:66:13:de:d3:dd:d4:ac:7e:
04:15:78:6d:62:eb:0f:58:04:12:65:16:b2:09:e2:
3e:77:f9:ed:3f:8e:ad:69:d0:5a:09:1d:69:70:13:
3c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:DE:16:65:D7:F1:62:4F:A7:1F:0E:DD:9D:98:2F:12:5B:24:CC:5C
X509v3 Authority Key Identifier:
keyid:E5:0C:22:C6:6B:85:FA:C9:8D:E8:3D:76:1E:F4:24:34:37:AB:03:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5QwixmuF-smN6D12HvQkNDerA5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/xt4WZdfxYk-nHw7dnZgvElskzFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/2b7fe9-2a87-4c57-b108-9214278108a8/1/5QwixmuF-smN6D12HvQkNDerA5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.77.244.0/22
185.217.236.0/22
185.244.244.0/22
193.142.16.0/23
213.255.160.0/19
IPv6:
2a01:18::/32
Signature Algorithm: sha256WithRSAEncryption
83:02:02:67:31:8a:ec:fe:a5:21:82:df:e5:5c:16:6b:67:1f:
2a:b5:ab:18:2c:09:7e:a7:61:47:9b:4c:58:89:6b:6d:0b:05:
dc:e9:c9:db:3f:e9:ac:6b:10:84:91:62:38:f7:f2:ed:95:b5:
85:c9:fe:71:2d:86:e7:a5:ae:cb:29:9c:7c:b3:a2:1f:5c:c5:
14:b2:27:41:33:31:12:99:96:ae:81:7c:ee:31:84:dd:1d:fa:
f6:cc:f8:ff:9e:9c:d6:17:03:d7:15:a8:5b:26:ae:84:4b:1b:
86:9f:c0:1f:bf:71:ca:d7:14:ce:0d:7b:61:29:12:37:24:2a:
79:e5:5d:00:90:17:62:6b:d7:d0:07:25:5c:f0:f1:38:b3:24:
61:b6:15:99:bb:64:9e:5d:3c:df:b7:1b:e3:50:16:7b:59:92:
ea:86:12:10:d1:37:8e:95:e6:c2:d7:37:14:bc:85:3e:62:bb:
72:26:f0:d2:71:d2:17:44:ca:f6:3a:06:b3:b7:d2:ff:8b:49:
0b:3b:b2:6d:09:c4:41:53:97:c7:64:7a:8c:76:04:7d:38:33:
21:54:57:75:70:33:9d:25:01:f8:ae:01:c6:e9:5f:ab:3f:06:
6f:b3:f0:6d:5f:11:de:37:a4:d8:69:50:10:18:34:43:a3:8b:
7e:84:f8:20
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYR6C4Apfrv/hkGcu/N2ad3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1MGMyMmM2NmI4NWZhYzk4ZGU4M2Q3NjFlZjQyNDM0Mzdh
YjAzOTMwHhcNMjIxMTE1MDY0ODA0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmRlMTY2NWQ3ZjE2MjRmYTcxZjBlZGQ5ZDk4MmYxMjViMjRjYzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3PriAcF8iRCxBfyZwI/wfDL+5YdB
PpOGS2Z6llLDmGZ96FdzdMyCqn4VXMn+JcolLQMqzeZbGMNqEhxSMm+/173QMluG
j7t4UJJ3WHnF25RSFNAZ4o6KS3nt7/QPsdv2sscQnFF1tasrWvWDXDKzeGBdz3w4
teog6Bq76HAuDvTUBSK47sCOn4SIfYuKVsJ8mXA2/edqBBh7w9oDGRIiqx2+XOzg
WIF+IkgIPuZCM4D/RPVbCqo6yV8EpYI7mC2+VbAF1gyP0R60aM6PGERGbuXiEGN5
G0kVZhPe093UrH4EFXhtYusPWAQSZRayCeI+d/ntP46tadBaCR1pcBM8zQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFMbeFmXX8WJPpx8O3Z2YLxJbJMxcMB8GA1UdIwQY
MBaAFOUMIsZrhfrJjeg9dh70JDQ3qwOTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVF3aXhtdUYtc21ONkQxMkh2UWtORGVyQTVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy8yYjdmZTktMmE4Ny00YzU3LWIxMDgt
OTIxNDI3ODEwOGE4LzEveHQ0V1pkZnhZay1uSHc3ZG5aZ3ZFbHNrekZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy8yYjdmZTktMmE4Ny00YzU3LWIxMDgtOTIxNDI3ODEwOGE4
LzEvNVF3aXhtdUYtc21ONkQxMkh2UWtORGVyQTVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuU30AwQC
udnsAwQCufT0AwQBwY4QAwQF1f+gMA0EAgACMAcDBQAqAQAYMA0GCSqGSIb3DQEB
CwUAA4IBAQCDAgJnMYrs/qUhgt/lXBZrZx8qtasYLAl+p2FHm0xYiWttCwXc6cnb
P+msaxCEkWI49/LtlbWFyf5xLYbnpa7LKZx8s6IfXMUUsidBMzESmZaugXzuMYTd
Hfr2zPj/npzWFwPXFahbJq6ESxuGn8Afv3HK1xTODXthKRI3JCp55V0AkBdia9fQ
ByVc8PE4syRhthWZu2SeXTzftxvjUBZ7WZLqhhIQ0TeOlebC1zcUvIU+YrtyJvDS
cdIXRMr2Ogazt9L/i0kLO7JtCcRBU5fHZHqMdgR9ODMhVFd1cDOdJQH4rgHG6V+r
PwZvs/BtXxHeN6TYaVAQGDRDo4t+hPgg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:56:17 2024 by rpki-client on console-fra.rpki-client.org