Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/bdaeb7-52d5-49ff-9a4b-df05d489da17/1/XNTckwjUa67yfsSycnwN_RKiEgc.roa
File: XNTckwjUa67yfsSycnwN_RKiEgc.roa (raw, json)
Hash identifier: isiAafTu4Pa/P09BPnfNOWdoCFLlBdXBT3hRJsW6Da8=
Subject key identifier: 5C:D4:DC:93:08:D4:6B:AE:F2:7E:C4:B2:72:7C:0D:FD:12:A2:12:07
Certificate issuer: /CN=096e293ba380dcc75f00106443668f51002555b7
Certificate serial: 06E787EA
Authority key identifier: 09:6E:29:3B:A3:80:DC:C7:5F:00:10:64:43:66:8F:51:00:25:55:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CW4pO6OA3MdfABBkQ2aPUQAlVbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/bdaeb7-52d5-49ff-9a4b-df05d489da17/1/XNTckwjUa67yfsSycnwN_RKiEgc.roa
Signing time: Sat 01 Jan 2022 14:05:28 +0000
ROA not before: Sat 01 Jan 2022 14:05:28 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 60435
IP address blocks: 45.157.4.0/24 maxlen: 24
45.157.5.0/24 maxlen: 24
45.157.6.0/24 maxlen: 24
185.29.17.0/24 maxlen: 24
185.29.16.0/24 maxlen: 24
185.29.18.0/24 maxlen: 24
185.29.19.0/24 maxlen: 24
193.242.154.0/24 maxlen: 24
2a00:a362::/32 maxlen: 32
2a00:a360::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115836906 (0x6e787ea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=096e293ba380dcc75f00106443668f51002555b7
Validity
Not Before: Jan 1 14:05:28 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cd4dc9308d46baef27ec4b2727c0dfd12a21207
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:04:10:f1:73:f6:56:54:75:0b:0d:7f:84:89:
58:21:cd:75:65:2c:c2:af:59:a9:e2:32:d5:7c:94:
42:10:dd:22:89:c3:04:d6:67:52:90:5a:d9:44:39:
22:df:be:3d:7b:a0:4c:73:3c:5b:dc:76:44:5a:9e:
98:96:01:31:ca:18:53:21:0f:5e:2b:5e:30:91:76:
69:a4:36:c2:28:09:cd:e4:d8:ec:fb:42:6c:55:51:
50:ba:0b:eb:62:6e:a6:6d:87:c6:45:83:c8:1f:5d:
d9:14:bb:40:b0:70:c2:46:5d:6d:a1:15:78:a8:5c:
75:d3:48:36:a4:c9:8e:d2:a9:15:a5:74:e1:c4:60:
98:fe:da:24:9b:5f:6a:e7:cf:ad:f8:e9:62:24:1b:
cb:ef:c6:53:41:5d:43:88:a6:bf:41:7d:9d:a1:b2:
89:11:97:01:a6:33:0f:12:af:47:1c:f9:e2:8a:ed:
1e:8a:00:86:bb:0e:95:49:08:98:21:20:87:a5:9a:
19:c5:0b:3f:b2:a0:7d:b6:06:81:16:7a:b3:67:75:
21:bf:03:6e:61:70:6c:8a:59:a5:f9:12:5c:f7:74:
dd:0d:f1:00:a2:55:5a:17:9b:98:d9:53:72:b9:4b:
9c:5f:ed:f9:23:b0:43:64:98:09:ad:bd:c3:95:6e:
1b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D4:DC:93:08:D4:6B:AE:F2:7E:C4:B2:72:7C:0D:FD:12:A2:12:07
X509v3 Authority Key Identifier:
keyid:09:6E:29:3B:A3:80:DC:C7:5F:00:10:64:43:66:8F:51:00:25:55:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CW4pO6OA3MdfABBkQ2aPUQAlVbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bdaeb7-52d5-49ff-9a4b-df05d489da17/1/XNTckwjUa67yfsSycnwN_RKiEgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/bdaeb7-52d5-49ff-9a4b-df05d489da17/1/CW4pO6OA3MdfABBkQ2aPUQAlVbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.157.4.0-45.157.6.255
185.29.16.0/22
193.242.154.0/24
IPv6:
2a00:a360::/32
2a00:a362::/32
Signature Algorithm: sha256WithRSAEncryption
3b:e3:7a:82:42:c0:1b:48:38:a2:bf:2d:da:c9:63:09:2f:30:
a3:7b:74:18:6c:33:aa:7a:86:e6:d9:5c:19:80:a6:e6:4d:e5:
e8:63:4b:24:f7:44:3a:e6:f7:55:3f:8b:9b:96:1a:68:4a:8c:
cb:98:5b:97:20:08:2e:d5:d1:18:1b:7a:5e:6e:e8:1b:d9:d3:
db:4a:03:29:e7:b7:29:f2:18:d8:c6:58:30:f6:8f:b0:9c:65:
37:91:85:12:99:f0:85:c6:52:97:c6:52:3c:fe:a6:a8:1e:72:
3a:3c:1b:7b:97:a6:22:9c:8b:3d:db:c8:7d:d7:df:28:e2:41:
39:2e:11:12:33:5e:fd:ca:75:a1:20:94:b6:e6:7e:2c:d1:1c:
51:14:fb:e1:8d:c2:89:24:04:a5:7e:bf:34:1c:34:8b:d0:b9:
97:4b:6f:34:5a:15:dc:66:be:03:5b:fb:4f:cf:3a:19:2e:9f:
a9:18:12:ca:63:32:af:ff:8e:0f:c4:b0:46:7d:7c:eb:cf:c0:
53:be:04:d6:af:cb:16:33:b0:74:be:18:2f:ca:09:9b:bc:62:
bf:18:76:2b:f6:13:5e:53:8d:fb:03:0e:3e:de:01:13:4b:a7:
4d:03:88:b2:b6:17:ad:63:72:ff:00:cb:de:9a:61:39:41:72:
05:e3:ae:40
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgIEBueH6jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OTZlMjkzYmEzODBkY2M3NWYwMDEwNjQ0MzY2OGY1MTAwMjU1NWI3MB4XDTIyMDEw
MTE0MDUyOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNkNGRjOTMwOGQ0
NmJhZWYyN2VjNGIyNzI3YzBkZmQxMmEyMTIwNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIkEEPFz9lZUdQsNf4SJWCHNdWUswq9ZqeIy1XyUQhDdIonD
BNZnUpBa2UQ5It++PXugTHM8W9x2RFqemJYBMcoYUyEPXiteMJF2aaQ2wigJzeTY
7PtCbFVRULoL62Jupm2HxkWDyB9d2RS7QLBwwkZdbaEVeKhcddNINqTJjtKpFaV0
4cRgmP7aJJtfaufPrfjpYiQby+/GU0FdQ4imv0F9naGyiRGXAaYzDxKvRxz54ort
HooAhrsOlUkImCEgh6WaGcULP7KgfbYGgRZ6s2d1Ib8DbmFwbIpZpfkSXPd03Q3x
AKJVWhebmNlTcrlLnF/t+SOwQ2SYCa29w5VuGwECAwEAAaOCAjMwggIvMB0GA1Ud
DgQWBBRc1NyTCNRrrvJ+xLJyfA39EqISBzAfBgNVHSMEGDAWgBQJbik7o4Dcx18A
EGRDZo9RACVVtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NXNHBPNk9BM01kZkFCQmtRMmFQVVFBbFZiYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvYmRhZWI3LTUyZDUtNDlmZi05YTRiLWRmMDVkNDg5ZGExNy8x
L1hOVGNrd2pVYTY3eWZzU3ljbndOX1JLaUVnYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
YmRhZWI3LTUyZDUtNDlmZi05YTRiLWRmMDVkNDg5ZGExNy8xL0NXNHBPNk9BM01k
ZkFCQmtRMmFQVVFBbFZiYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBJ
BggrBgEFBQcBBwEB/wQ6MDgwIAQCAAEwGjAMAwQCLZ0EAwQALZ0GAwQCuR0QAwQA
wfKaMBQEAgACMA4DBQAqAKNgAwUAKgCjYjANBgkqhkiG9w0BAQsFAAOCAQEAO+N6
gkLAG0g4or8t2sljCS8wo3t0GGwzqnqG5tlcGYCm5k3l6GNLJPdEOub3VT+Lm5Ya
aEqMy5hblyAILtXRGBt6Xm7oG9nT20oDKee3KfIY2MZYMPaPsJxlN5GFEpnwhcZS
l8ZSPP6mqB5yOjwbe5emIpyLPdvIfdffKOJBOS4REjNe/cp1oSCUtuZ+LNEcURT7
4Y3CiSQEpX6/NBw0i9C5l0tvNFoV3Ga+A1v7T886GS6fqRgSymMyr/+OD8SwRn18
68/AU74E1q/LFjOwdL4YL8oJm7xivxh2K/YTXlON+wMOPt4BE0unTQOIsrYXrWNy
/wDL3pphOUFyBeOuQA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:58 2023 by rpki-client on console-fra.rpki-client.org