Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/XXP2M_nuz6FmYojVO3M6hs9APng.roa
File: XXP2M_nuz6FmYojVO3M6hs9APng.roa (raw, json)
Hash identifier: a77w2nWSy9Io7WwEqy6HE0xBcyVh2QPzT3w+TsWzq7k=
Subject key identifier: 5D:73:F6:33:F9:EE:CF:A1:66:62:88:D5:3B:73:3A:86:CF:40:3E:78
Certificate issuer: /CN=1534838bb317b8186699f0a4485db6d9da1908d2
Certificate serial: 018463AE151A2EB261A342580FBDBA736A52
Authority key identifier: 15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/XXP2M_nuz6FmYojVO3M6hs9APng.roa
Signing time: Thu 10 Nov 2022 22:34:23 +0000
ROA not before: Thu 10 Nov 2022 22:34:23 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2602
IP address blocks: 193.168.64.0/18 maxlen: 24
158.64.0.0/16 maxlen: 24
185.149.136.0/22 maxlen: 22
2001:a18::/29 maxlen: 48
2001:a18:ff00::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:63:ae:15:1a:2e:b2:61:a3:42:58:0f:bd:ba:73:6a:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1534838bb317b8186699f0a4485db6d9da1908d2
Validity
Not Before: Nov 10 22:34:23 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d73f633f9eecfa1666288d53b733a86cf403e78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4c:ac:1c:0d:99:4b:3f:c7:1b:01:cd:7e:55:
70:89:61:dd:34:4d:7a:f0:28:ad:68:ce:9b:d8:5e:
00:50:fd:5a:16:ff:a5:49:4d:55:23:ca:eb:03:d8:
bc:93:84:cd:7f:51:fe:2b:37:ee:d0:ff:1f:21:2c:
76:b8:78:09:05:84:eb:53:bd:d9:bd:59:39:96:57:
13:89:ff:5d:24:aa:dc:e0:4e:2d:47:01:a1:df:6b:
ec:8d:6b:9b:79:55:f2:fd:8d:69:e2:be:53:30:67:
d9:49:cb:c3:77:2e:97:07:30:29:f4:a3:01:60:de:
f8:31:0d:00:26:f1:d2:92:04:5a:39:90:8d:2b:9d:
32:67:84:13:e2:33:d6:93:8a:9a:47:f6:6a:f8:6e:
6a:ac:8d:63:f2:c6:4b:88:50:ee:b6:43:ca:56:4e:
56:ea:7a:3d:f6:ef:fd:ac:8d:91:62:ce:45:08:e4:
e2:45:d6:fc:ed:e1:83:d8:b2:df:bb:e4:7c:a0:f4:
f9:d2:32:aa:6a:42:4a:58:49:5b:b6:4e:b6:5a:00:
7f:56:bf:f6:14:fd:62:2d:1c:8e:06:b8:08:72:df:
ff:a9:87:e3:ef:e5:39:da:77:89:5f:ce:4c:93:c9:
4a:ac:5c:c8:4e:d6:4b:b8:c6:e1:aa:35:e9:ef:75:
10:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:73:F6:33:F9:EE:CF:A1:66:62:88:D5:3B:73:3A:86:CF:40:3E:78
X509v3 Authority Key Identifier:
keyid:15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/XXP2M_nuz6FmYojVO3M6hs9APng.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.64.0.0/16
185.149.136.0/22
193.168.64.0/18
IPv6:
2001:a18::/29
Signature Algorithm: sha256WithRSAEncryption
22:50:b1:f8:cd:fc:70:22:23:9f:f0:98:7b:42:54:64:ac:12:
a0:ec:ae:fd:34:d1:80:02:dd:ee:fc:a4:d9:98:11:48:51:84:
8f:9d:9f:27:02:b6:75:8b:52:61:9c:31:17:aa:7f:fa:70:1d:
7b:64:e8:b1:aa:4c:a4:4f:26:7c:8b:f4:22:80:f8:82:8e:eb:
31:dd:19:1a:82:a3:e0:c3:12:c7:b1:ff:6b:2a:08:19:c8:e8:
6e:09:d3:b3:42:4e:bb:1c:72:3f:24:51:b5:ea:d1:7c:cd:ef:
05:89:4e:dc:a5:db:bf:c6:ee:c3:b4:e0:6b:1c:f2:4d:ed:58:
15:78:a6:51:9d:c1:56:bb:5b:09:dc:a0:70:57:b1:d2:f2:55:
6a:7e:01:d5:24:e8:78:a5:42:c1:54:55:18:1d:25:ba:4f:98:
b9:25:6c:bc:6f:3b:62:78:ba:81:e5:08:85:87:84:4b:aa:80:
cb:68:a2:38:0f:bb:91:5b:22:0c:d3:8b:12:cb:fb:7b:36:fc:
f4:df:1f:65:32:6e:fb:f3:a1:13:1a:58:56:ea:19:34:9f:95:
d4:e0:fa:94:6d:60:83:1b:fb:e7:f6:fc:13:db:ca:19:08:f4:
9a:85:c4:13:2a:3a:94:8b:ec:ee:11:48:ce:3d:5f:64:13:d8:
34:ee:60:40
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYRjrhUaLrJho0JYD726c2pSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MzQ4MzhiYjMxN2I4MTg2Njk5ZjBhNDQ4NWRiNmQ5ZGEx
OTA4ZDIwHhcNMjIxMTEwMjIzNDIzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDczZjYzM2Y5ZWVjZmExNjY2Mjg4ZDUzYjczM2E4NmNmNDAzZTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUysHA2ZSz/HGwHNflVwiWHdNE16
8CitaM6b2F4AUP1aFv+lSU1VI8rrA9i8k4TNf1H+Kzfu0P8fISx2uHgJBYTrU73Z
vVk5llcTif9dJKrc4E4tRwGh32vsjWubeVXy/Y1p4r5TMGfZScvDdy6XBzAp9KMB
YN74MQ0AJvHSkgRaOZCNK50yZ4QT4jPWk4qaR/Zq+G5qrI1j8sZLiFDutkPKVk5W
6no99u/9rI2RYs5FCOTiRdb87eGD2LLfu+R8oPT50jKqakJKWElbtk62WgB/Vr/2
FP1iLRyOBrgIct//qYfj7+U52neJX85Mk8lKrFzITtZLuMbhqjXp73UQ8wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF1z9jP57s+hZmKI1TtzOobPQD54MB8GA1UdIwQY
MBaAFBU0g4uzF7gYZpnwpEhdttnaGQjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUt
M2ExNDRjNzBlMGIwLzEvWFhQMk1fbnV6NkZtWW9qVk8zTTZoczlBUG5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUtM2ExNDRjNzBlMGIw
LzEvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAnkADBAK5
lYgDBAbBqEAwDQQCAAIwBwMFAyABChgwDQYJKoZIhvcNAQELBQADggEBACJQsfjN
/HAiI5/wmHtCVGSsEqDsrv000YAC3e78pNmYEUhRhI+dnycCtnWLUmGcMReqf/pw
HXtk6LGqTKRPJnyL9CKA+IKO6zHdGRqCo+DDEsex/2sqCBnI6G4J07NCTrsccj8k
UbXq0XzN7wWJTtyl27/G7sO04Gsc8k3tWBV4plGdwVa7WwncoHBXsdLyVWp+AdUk
6HilQsFUVRgdJbpPmLklbLxvO2J4uoHlCIWHhEuqgMtoojgPu5FbIgzTixLL+3s2
/PTfH2UybvvzoRMaWFbqGTSfldTg+pRtYIMb++f2/BPbyhkI9JqFxBMqOpSL7O4R
SM49X2QT2DTuYEA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:51:23 2024 by rpki-client on console-ams.rpki-client.org