Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/X4Y2tlXnB9b8kRIlqcmAmDVwkHc.roa
File: X4Y2tlXnB9b8kRIlqcmAmDVwkHc.roa (raw, json)
Hash identifier: BetZq7R/rl1riAXkqwcGsMPU/eqP5PLjx1vk0SbeCnc=
Subject key identifier: 5F:86:36:B6:55:E7:07:D6:FC:91:12:25:A9:C9:80:98:35:70:90:77
Certificate issuer: /CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Certificate serial: 370E2A7F
Authority key identifier: 8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/X4Y2tlXnB9b8kRIlqcmAmDVwkHc.roa
Signing time: Tue 01 Mar 2022 07:03:55 +0000
ROA not before: Tue 01 Mar 2022 07:03:55 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 29600
IP address blocks: 95.131.112.0/21 maxlen: 21
83.136.136.0/21 maxlen: 21
80.70.16.0/20 maxlen: 20
85.15.192.0/18 maxlen: 18
2a01:a880::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 923675263 (0x370e2a7f)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f175225f386ce980119f69884f9be7c6a2b3b33
Validity
Not Before: Mar 1 07:03:55 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f8636b655e707d6fc911225a9c9809835709077
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:48:e5:37:5d:6b:44:14:05:2b:0e:f2:83:dc:
9f:01:56:92:a4:5e:df:ec:db:d9:78:c7:47:f3:aa:
ec:a2:c2:9e:10:50:45:de:d6:76:39:a7:83:cd:2a:
5e:90:13:2b:b0:da:1c:e1:14:17:87:dc:76:8a:91:
ab:cc:86:5c:b7:39:e1:7c:c0:b1:24:38:04:9a:2d:
97:f7:fa:76:ae:f8:60:3d:33:c7:20:5a:6a:93:8c:
72:e5:34:a6:55:05:d5:f2:e4:09:b3:85:e3:25:72:
05:92:98:27:29:1c:c8:6a:a3:17:b3:64:85:68:f4:
66:19:dc:5c:42:73:91:b5:50:d5:c4:a1:cf:aa:19:
5a:f5:7e:7e:92:72:ee:e5:9d:34:5d:2d:3d:46:c2:
0d:5f:2a:b3:98:a9:c3:59:8c:aa:fb:c0:d7:73:00:
b9:d7:27:51:a4:fe:0f:73:95:02:27:d5:91:8e:49:
1e:a9:84:cc:94:c9:c9:38:a1:56:68:d2:e5:77:27:
8f:0a:c4:99:da:7a:d0:91:97:29:ba:84:88:bc:32:
af:fa:f7:44:83:11:51:bc:37:a1:94:a6:f1:cc:df:
f7:ca:c5:b4:9d:13:48:58:42:2a:44:3c:1f:d7:63:
8e:64:0d:e9:4c:ea:30:98:be:18:86:b1:7e:9a:20:
48:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:86:36:B6:55:E7:07:D6:FC:91:12:25:A9:C9:80:98:35:70:90:77
X509v3 Authority Key Identifier:
keyid:8F:17:52:25:F3:86:CE:98:01:19:F6:98:84:F9:BE:7C:6A:2B:3B:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxdSJfOGzpgBGfaYhPm-fGorOzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/X4Y2tlXnB9b8kRIlqcmAmDVwkHc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/5ec7ca-a402-4c5d-a1b7-61b772d751ec/1/jxdSJfOGzpgBGfaYhPm-fGorOzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.70.16.0/20
83.136.136.0/21
85.15.192.0/18
95.131.112.0/21
IPv6:
2a01:a880::/29
Signature Algorithm: sha256WithRSAEncryption
09:b4:8b:73:0d:92:e9:44:31:cd:84:91:68:87:77:43:71:b7:
a1:9d:14:c2:88:03:f8:6f:6c:37:fb:52:1a:0f:ef:23:86:b1:
38:17:e7:86:8b:79:91:fd:cb:41:a8:f1:c6:33:fa:1e:76:b3:
76:15:a6:f4:93:48:2b:6d:a0:31:16:d0:5e:d8:83:fc:6f:f2:
62:07:4a:ab:6f:ff:fc:4f:65:12:7d:ee:ad:c4:77:25:4c:3a:
62:cb:05:4b:17:a0:f2:af:6e:67:8e:48:dd:73:52:76:eb:fd:
2a:29:96:47:2c:13:6d:5f:b7:b3:13:ec:24:b7:40:d7:98:01:
52:26:87:2f:b9:10:15:b7:bf:34:10:96:6b:53:1b:60:14:f2:
7b:fc:3e:7c:8f:ab:3e:24:1e:b1:cf:7f:31:b2:d3:c2:b9:83:
28:b1:cc:af:41:50:c2:3a:f3:08:ac:80:53:b5:2b:ac:25:0d:
41:e3:27:38:5c:b6:30:a1:be:4e:c8:2e:dc:44:b3:f5:6b:07:
cb:8e:dd:ab:17:b7:4d:82:a1:78:71:cc:2f:ca:1b:a8:d4:aa:
7d:23:92:d1:d1:42:92:1d:e6:3a:13:87:18:5f:eb:a5:26:6b:
5c:64:c6:d4:f8:8f:0f:4d:eb:10:51:a5:0b:19:18:bd:c6:77:
0a:05:c8:cc
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIENw4qfzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
ZjE3NTIyNWYzODZjZTk4MDExOWY2OTg4NGY5YmU3YzZhMmIzYjMzMB4XDTIyMDMw
MTA3MDM1NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY4NjM2YjY1NWU3
MDdkNmZjOTExMjI1YTljOTgwOTgzNTcwOTA3NzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK5I5Tdda0QUBSsO8oPcnwFWkqRe3+zb2XjHR/Oq7KLCnhBQ
Rd7Wdjmng80qXpATK7DaHOEUF4fcdoqRq8yGXLc54XzAsSQ4BJotl/f6dq74YD0z
xyBaapOMcuU0plUF1fLkCbOF4yVyBZKYJykcyGqjF7NkhWj0ZhncXEJzkbVQ1cSh
z6oZWvV+fpJy7uWdNF0tPUbCDV8qs5ipw1mMqvvA13MAudcnUaT+D3OVAifVkY5J
HqmEzJTJyTihVmjS5XcnjwrEmdp60JGXKbqEiLwyr/r3RIMRUbw3oZSm8czf98rF
tJ0TSFhCKkQ8H9djjmQN6UzqMJi+GIaxfpogSD0CAwEAAaOCAiowggImMB0GA1Ud
DgQWBBRfhja2VecH1vyREiWpyYCYNXCQdzAfBgNVHSMEGDAWgBSPF1Il84bOmAEZ
9piE+b58ais7MzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2p4ZFNKZk9HenBnQkdmYVloUG0tZkdvck96TS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvNWVjN2NhLWE0MDItNGM1ZC1hMWI3LTYxYjc3MmQ3NTFlYy8x
L1g0WTJ0bFhuQjliOGtSSWxxY21BbURWd2tIYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
NWVjN2NhLWE0MDItNGM1ZC1hMWI3LTYxYjc3MmQ3NTFlYy8xL2p4ZFNKZk9HenBn
QkdmYVloUG0tZkdvck96TS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEBFBGEAMEA1OIiAMEBlUPwAMEA1+D
cDANBAIAAjAHAwUDKgGogDANBgkqhkiG9w0BAQsFAAOCAQEACbSLcw2S6UQxzYSR
aId3Q3G3oZ0UwogD+G9sN/tSGg/vI4axOBfnhot5kf3LQajxxjP6HnazdhWm9JNI
K22gMRbQXtiD/G/yYgdKq2///E9lEn3urcR3JUw6YssFSxeg8q9uZ45I3XNSduv9
KimWRywTbV+3sxPsJLdA15gBUiaHL7kQFbe/NBCWa1MbYBTye/w+fI+rPiQesc9/
MbLTwrmDKLHMr0FQwjrzCKyAU7UrrCUNQeMnOFy2MKG+Tsgu3ESz9WsHy47dqxe3
TYKheHHML8obqNSqfSOS0dFCkh3mOhOHGF/rpSZrXGTG1PiPD03rEFGlCxkYvcZ3
CgXIzA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:45 2023 by rpki-client on console-ams.rpki-client.org