Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/xD7fTZ_KYv4fLmDXrgG4fOneGkI.roa
File: xD7fTZ_KYv4fLmDXrgG4fOneGkI.roa (raw, json)
Hash identifier: yva9iUp0y7xXHz0hUY/Mu42miNfiHOyBidJK/g6E4z8=
Subject key identifier: C4:3E:DF:4D:9F:CA:62:FE:1F:2E:60:D7:AE:01:B8:7C:E9:DE:1A:42
Certificate issuer: /CN=5a141c5090824d0a17c29ec4050e21007113fbda
Certificate serial: 369BEF18
Authority key identifier: 5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/xD7fTZ_KYv4fLmDXrgG4fOneGkI.roa
Signing time: Sat 01 Jan 2022 07:03:39 +0000
ROA not before: Sat 01 Jan 2022 07:03:39 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3257
IP address blocks: 185.85.76.0/22 maxlen: 22
91.190.168.0/21 maxlen: 21
5.63.24.0/21 maxlen: 21
2a02:798::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 916188952 (0x369bef18)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a141c5090824d0a17c29ec4050e21007113fbda
Validity
Not Before: Jan 1 07:03:39 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c43edf4d9fca62fe1f2e60d7ae01b87ce9de1a42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:3d:d6:35:d3:3e:be:b6:ca:42:21:26:d8:32:
8e:bd:23:16:e0:90:00:56:f8:ba:bc:f9:67:65:33:
1a:b7:4e:32:c0:8f:cd:8e:13:43:eb:9c:7b:5e:ee:
bc:09:ab:53:55:48:2e:a7:5f:85:92:2f:e9:79:52:
31:c4:64:d2:6e:04:e7:4b:c3:68:ab:60:57:a2:20:
56:d7:b9:01:2f:bc:bd:c9:16:4d:98:69:a8:19:54:
63:f6:85:97:83:1b:5e:ca:2c:2e:0f:33:c2:55:ce:
e1:e3:a8:79:65:55:db:20:6e:00:46:62:6f:cf:f9:
7e:99:13:3a:8b:e0:1b:4c:9d:58:f1:1f:bd:b5:73:
3b:4c:fd:da:16:4c:8a:f2:9d:7c:40:3c:45:77:6f:
f7:52:3e:82:da:b9:df:5c:e9:ac:5d:8b:c7:c7:9d:
23:69:6b:c0:02:9e:79:ae:ba:0c:51:0d:4b:5c:2b:
c6:e2:87:58:46:18:28:e4:5f:54:40:27:3e:be:8a:
aa:a2:5c:10:e6:25:70:dc:2b:a1:9f:8f:ef:88:5d:
4f:45:5d:10:ca:c5:d6:d3:29:4b:7d:81:7a:59:2e:
c1:1d:1e:94:b0:c0:f4:65:d9:9b:aa:28:65:c3:89:
82:6c:61:64:f8:33:d0:d2:9b:a4:fb:a3:2b:68:6e:
c8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:3E:DF:4D:9F:CA:62:FE:1F:2E:60:D7:AE:01:B8:7C:E9:DE:1A:42
X509v3 Authority Key Identifier:
keyid:5A:14:1C:50:90:82:4D:0A:17:C2:9E:C4:05:0E:21:00:71:13:FB:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WhQcUJCCTQoXwp7EBQ4hAHET-9o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/xD7fTZ_KYv4fLmDXrgG4fOneGkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/b20e90-bf6e-4e25-87d5-eceeff8e84e0/1/WhQcUJCCTQoXwp7EBQ4hAHET-9o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.24.0/21
91.190.168.0/21
185.85.76.0/22
IPv6:
2a02:798::/32
Signature Algorithm: sha256WithRSAEncryption
11:f7:97:c2:c1:77:1b:64:17:3d:8f:d9:09:58:03:19:1b:78:
d1:03:97:22:19:a4:ea:87:6a:4c:e6:64:48:f4:6e:58:31:6e:
86:b9:3b:02:bf:8f:9b:6e:f2:b0:38:5e:13:85:de:2f:ba:cc:
f3:df:0d:01:6a:7e:b3:ad:69:a3:b1:b3:d4:05:54:7b:4d:c9:
c6:7d:d4:7a:4c:1a:bf:95:a5:a5:35:c4:9c:ed:42:e8:bb:38:
36:1e:28:c8:34:c5:e1:e2:aa:61:52:2b:76:8e:c0:58:55:a3:
15:7e:e3:60:73:91:8f:d2:32:e6:10:7c:85:39:73:be:e4:ee:
a6:8e:4c:ff:5a:12:da:98:79:c0:21:83:00:1b:ca:86:82:58:
1d:d8:a5:ca:9d:84:76:ba:65:4f:a2:d6:68:cc:ce:54:af:4f:
20:84:fc:9c:85:52:9a:fe:9a:cd:ce:c1:66:4e:89:24:b8:68:
f5:bb:1a:fe:6d:12:14:ef:5f:e6:f6:fe:91:68:8e:8e:a6:39:
e7:90:8b:7e:52:05:bb:fd:63:e4:5a:97:45:a0:54:0a:83:de:
93:ce:ac:99:5f:0d:87:9f:07:eb:ee:4a:4a:d9:62:df:b0:0a:
db:29:47:57:84:21:fa:2d:09:7b:15:2a:4e:11:70:f3:e3:b4:
ed:fc:57:bb
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIENpvvGDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YTE0MWM1MDkwODI0ZDBhMTdjMjllYzQwNTBlMjEwMDcxMTNmYmRhMB4XDTIyMDEw
MTA3MDMzOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQzZWRmNGQ5ZmNh
NjJmZTFmMmU2MGQ3YWUwMWI4N2NlOWRlMWE0MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMQ91jXTPr62ykIhJtgyjr0jFuCQAFb4urz5Z2UzGrdOMsCP
zY4TQ+uce17uvAmrU1VILqdfhZIv6XlSMcRk0m4E50vDaKtgV6IgVte5AS+8vckW
TZhpqBlUY/aFl4MbXsosLg8zwlXO4eOoeWVV2yBuAEZib8/5fpkTOovgG0ydWPEf
vbVzO0z92hZMivKdfEA8RXdv91I+gtq531zprF2Lx8edI2lrwAKeea66DFENS1wr
xuKHWEYYKORfVEAnPr6KqqJcEOYlcNwroZ+P74hdT0VdEMrF1tMpS32BelkuwR0e
lLDA9GXZm6ooZcOJgmxhZPgz0NKbpPujK2huyAMCAwEAAaOCAiQwggIgMB0GA1Ud
DgQWBBTEPt9Nn8pi/h8uYNeuAbh86d4aQjAfBgNVHSMEGDAWgBRaFBxQkIJNChfC
nsQFDiEAcRP72jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1doUWNVSkNDVFFvWHdwN0VCUTRoQUhFVC05by5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWUvYjIwZTkwLWJmNmUtNGUyNS04N2Q1LWVjZWVmZjhlODRlMC8x
L3hEN2ZUWl9LWXY0ZkxtRFhyZ0c0Zk9uZUdrSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWUv
YjIwZTkwLWJmNmUtNGUyNS04N2Q1LWVjZWVmZjhlODRlMC8xL1doUWNVSkNDVFFv
WHdwN0VCUTRoQUhFVC05by5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA6
BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEAwU/GAMEA1u+qAMEArlVTDANBAIA
AjAHAwUAKgIHmDANBgkqhkiG9w0BAQsFAAOCAQEAEfeXwsF3G2QXPY/ZCVgDGRt4
0QOXIhmk6odqTOZkSPRuWDFuhrk7Ar+Pm27ysDheE4XeL7rM898NAWp+s61po7Gz
1AVUe03Jxn3Uekwav5WlpTXEnO1C6Ls4Nh4oyDTF4eKqYVIrdo7AWFWjFX7jYHOR
j9Iy5hB8hTlzvuTupo5M/1oS2ph5wCGDABvKhoJYHdilyp2EdrplT6LWaMzOVK9P
IIT8nIVSmv6azc7BZk6JJLho9bsa/m0SFO9f5vb+kWiOjqY555CLflIFu/1j5FqX
RaBUCoPek86smV8Nh58H6+5KStli37AK2ylHV4Qh+i0JexUqThFw8+O07fxXuw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:58 2023 by rpki-client on console-ams.rpki-client.org