Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/XRo5zqEN017Cn4iyjnw6p26jU-Q.roa
File: XRo5zqEN017Cn4iyjnw6p26jU-Q.roa (raw, json)
Hash identifier: FrKurTJIq69MOnNfvbpYmup4RjPphtss4pBsRhrp6/Q=
Subject key identifier: 5D:1A:39:CE:A1:0D:D3:5E:C2:9F:88:B2:8E:7C:3A:A7:6E:A3:53:E4
Certificate issuer: /CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Certificate serial: 1499FA
Authority key identifier: 4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/XRo5zqEN017Cn4iyjnw6p26jU-Q.roa
Signing time: Mon 02 May 2022 18:01:06 +0000
ROA not before: Mon 02 May 2022 18:01:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8751
IP address blocks: 93.113.13.0/24 maxlen: 32
85.204.224.0/21 maxlen: 32
85.204.232.0/24 maxlen: 32
85.204.236.0/22 maxlen: 32
85.204.236.0/24 maxlen: 32
85.204.234.0/23 maxlen: 32
86.107.224.0/20 maxlen: 32
93.113.0.0/20 maxlen: 32
86.107.246.0/23 maxlen: 32
93.113.11.0/24 maxlen: 32
188.215.112.0/24 maxlen: 32
188.215.112.0/23 maxlen: 32
188.215.118.0/24 maxlen: 32
188.215.112.0/21 maxlen: 32
188.215.114.0/24 maxlen: 32
37.156.71.0/24 maxlen: 32
2a03:7420::/48 maxlen: 48
2001:67c:2580::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1350138 (0x1499fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4d70af1a99886c9101d135f54bd2bdef358b266e
Validity
Not Before: May 2 18:01:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d1a39cea10dd35ec29f88b28e7c3aa76ea353e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:2c:40:57:58:1e:81:30:54:d6:5a:84:3f:c3:
90:ab:49:07:12:20:88:f2:e9:63:ea:b1:ac:38:7a:
0d:24:2c:a0:83:db:9e:3c:09:b4:6b:fc:19:58:66:
8a:7a:cb:d7:e5:fa:b8:e0:e0:50:60:8f:7b:79:71:
97:6c:47:d7:0c:0c:c6:5c:5c:7a:9a:18:d6:d3:41:
50:fa:a6:30:e0:a7:16:6c:14:87:9d:58:eb:2a:80:
6d:2f:ee:b5:c0:d5:92:48:5a:10:51:48:8a:70:20:
29:09:f6:72:98:17:9e:75:98:55:c5:5d:3d:c5:2a:
df:39:5a:88:bc:b9:7d:ce:57:8e:4d:1b:31:5a:d8:
f7:b0:77:b5:68:37:d5:eb:ef:52:67:1e:87:42:ad:
2c:dc:42:99:07:15:75:61:99:7b:95:7b:26:b1:11:
c4:c8:f5:f6:f0:50:39:2a:0a:f7:96:a2:ef:b8:d7:
c2:c9:25:5b:17:61:db:64:ce:66:0d:55:4b:a6:af:
cc:a5:ef:c5:da:4f:37:e3:f1:9d:9a:aa:fa:35:71:
3d:14:0b:37:05:d4:3e:32:59:60:38:c5:ff:fe:7c:
b7:97:6d:d7:8e:4f:ce:c1:14:8a:df:d0:33:24:ce:
98:a6:66:0f:21:3a:bd:ee:82:18:0c:81:26:a9:30:
6f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:1A:39:CE:A1:0D:D3:5E:C2:9F:88:B2:8E:7C:3A:A7:6E:A3:53:E4
X509v3 Authority Key Identifier:
keyid:4D:70:AF:1A:99:88:6C:91:01:D1:35:F5:4B:D2:BD:EF:35:8B:26:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TXCvGpmIbJEB0TX1S9K97zWLJm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/XRo5zqEN017Cn4iyjnw6p26jU-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/a98fc7-7935-4eae-962a-461ab0ecee01/1/TXCvGpmIbJEB0TX1S9K97zWLJm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.71.0/24
85.204.224.0-85.204.232.255
85.204.234.0-85.204.239.255
86.107.224.0/20
86.107.246.0/23
93.113.0.0/20
188.215.112.0/21
IPv6:
2001:67c:2580::/48
2a03:7420::/48
Signature Algorithm: sha256WithRSAEncryption
b9:a8:11:00:e0:18:e9:c6:f7:f8:b6:83:9f:ed:0e:c6:68:45:
fb:99:f2:9b:73:e6:36:6f:45:e0:cf:f6:dc:78:74:0e:04:c3:
ff:49:97:c4:d9:2b:8e:5a:4d:5f:71:a6:77:16:03:11:7e:c8:
d2:f9:f4:95:73:d3:d9:e4:03:c3:51:a1:07:a1:02:11:c5:84:
44:d4:9a:e8:fc:47:1a:d6:a4:8d:6e:34:a4:d5:93:3e:b2:b2:
f5:6a:7c:d3:e3:90:71:4c:c3:c4:ec:5e:19:ae:4a:13:d9:5f:
88:77:d9:f7:58:1b:41:fb:a5:47:6f:a1:fb:1b:09:8d:53:c1:
33:8c:14:fd:6a:c9:98:96:5c:c2:b9:cd:a8:4d:b8:04:f7:9a:
6b:9a:43:d7:10:40:14:36:38:da:e0:2a:85:3f:3e:e7:67:4f:
47:5d:ec:0a:61:ef:bd:d9:c5:b8:f8:a5:83:d7:a7:7f:5c:66:
77:3e:53:3e:8d:c1:a1:16:e3:b4:38:57:c5:07:c9:00:93:8c:
51:94:b5:51:ad:76:99:e9:75:a6:9a:9e:bb:7e:48:ff:f4:ca:
c0:bd:b7:97:8e:4c:89:64:c6:33:6d:a3:ac:5a:b1:df:ae:bf:
11:23:ec:08:a3:b1:3c:e5:c6:a1:da:79:d6:8c:47:ed:1f:ea:
7c:3b:96:b2
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgIDFJn6MA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDRk
NzBhZjFhOTk4ODZjOTEwMWQxMzVmNTRiZDJiZGVmMzU4YjI2NmUwHhcNMjIwNTAy
MTgwMTA2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZDFhMzljZWExMGRk
MzVlYzI5Zjg4YjI4ZTdjM2FhNzZlYTM1M2U0MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAoyxAV1gegTBU1lqEP8OQq0kHEiCI8ulj6rGsOHoNJCygg9ue
PAm0a/wZWGaKesvX5fq44OBQYI97eXGXbEfXDAzGXFx6mhjW00FQ+qYw4KcWbBSH
nVjrKoBtL+61wNWSSFoQUUiKcCApCfZymBeedZhVxV09xSrfOVqIvLl9zleOTRsx
Wtj3sHe1aDfV6+9SZx6HQq0s3EKZBxV1YZl7lXsmsRHEyPX28FA5Kgr3lqLvuNfC
ySVbF2HbZM5mDVVLpq/Mpe/F2k834/Gdmqr6NXE9FAs3BdQ+MllgOMX//ny3l23X
jk/OwRSK39AzJM6YpmYPITq97oIYDIEmqTBv5QIDAQABo4ICVzCCAlMwHQYDVR0O
BBYEFF0aOc6hDdNewp+Iso58Oqduo1PkMB8GA1UdIwQYMBaAFE1wrxqZiGyRAdE1
9UvSve81iyZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VFhDdkdwbUliSkVCMFRYMVM5Szk3eldMSm00LmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lMi9hOThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAxLzEv
WFJvNXpxRU4wMTdDbjRpeWpudzZwMjZqVS1RLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9h
OThmYzctNzkzNS00ZWFlLTk2MmEtNDYxYWIwZWNlZTAxLzEvVFhDdkdwbUliSkVC
MFRYMVM5Szk3eldMSm00LmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMG0G
CCsGAQUFBwEHAQH/BF4wXDBABAIAATA6AwQAJZxHMAwDBAVVzOADBABVzOgwDAME
AVXM6gMEBFXM4AMEBFZr4AMEAVZr9gMEBF1xAAMEA7zXcDAYBAIAAjASAwcAIAEG
fCWAAwcAKgN0IAAAMA0GCSqGSIb3DQEBCwUAA4IBAQC5qBEA4Bjpxvf4toOf7Q7G
aEX7mfKbc+Y2b0Xgz/bceHQOBMP/SZfE2SuOWk1fcaZ3FgMRfsjS+fSVc9PZ5APD
UaEHoQIRxYRE1Jro/Eca1qSNbjSk1ZM+srL1anzT45BxTMPE7F4ZrkoT2V+Id9n3
WBtB+6VHb6H7GwmNU8EzjBT9asmYllzCuc2oTbgE95prmkPXEEAUNjja4CqFPz7n
Z09HXewKYe+92cW4+KWD16d/XGZ3PlM+jcGhFuO0OFfFB8kAk4xRlLVRrXaZ6XWm
mp67fkj/9MrAvbeXjkyJZMYzbaOsWrHfrr8RI+wIo7E85cah2nnWjEftH+p8O5ay
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:08 2025 by rpki-client