Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/xanFqvJAEOsbQaYjNZF7SGKaN_Q.roa
File: xanFqvJAEOsbQaYjNZF7SGKaN_Q.roa (raw, json)
Hash identifier: lD1TEqrytEqbDcXDBDDoiHLajotQCcs+ia8yPCZMPN8=
Subject key identifier: C5:A9:C5:AA:F2:40:10:EB:1B:41:A6:23:35:91:7B:48:62:9A:37:F4
Certificate issuer: /CN=09b4bf37f39eec62982c4b63709fab5d146c7373
Certificate serial: 0A1880B2
Authority key identifier: 09:B4:BF:37:F3:9E:EC:62:98:2C:4B:63:70:9F:AB:5D:14:6C:73:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/xanFqvJAEOsbQaYjNZF7SGKaN_Q.roa
Signing time: Sat 01 Jan 2022 15:01:24 +0000
ROA not before: Sat 01 Jan 2022 15:01:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 35393
IP address blocks: 185.158.44.0/22 maxlen: 24
185.111.228.0/22 maxlen: 24
188.208.198.0/23 maxlen: 24
94.247.24.0/21 maxlen: 24
92.39.240.0/20 maxlen: 24
84.246.224.0/21 maxlen: 24
2a02:23e0::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 169377970 (0xa1880b2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09b4bf37f39eec62982c4b63709fab5d146c7373
Validity
Not Before: Jan 1 15:01:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5a9c5aaf24010eb1b41a62335917b48629a37f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:e1:64:c1:76:db:e5:fb:ec:98:4e:05:ac:8b:
33:48:d9:10:f5:ec:a5:c0:91:e1:55:b3:d1:97:31:
e1:52:86:df:f5:b4:39:cb:07:a5:4a:8e:ed:4f:d9:
e9:b4:96:ab:2e:c3:36:e3:f7:60:97:8b:b4:96:1e:
58:c0:a8:b6:68:2a:86:b4:02:ad:46:73:a2:1c:8f:
35:ef:67:8e:47:75:24:cd:b2:b3:20:2d:8f:1f:00:
93:92:9f:03:06:39:82:35:a4:60:98:9f:28:4d:11:
c9:3c:a4:8c:c1:06:c1:75:d8:69:f0:72:a9:52:bb:
e6:b4:3b:eb:89:f5:4f:49:c3:f0:ca:df:0a:a5:7f:
e1:af:bd:47:5f:2b:21:95:84:69:f2:48:a6:e3:0d:
bb:3b:35:d1:fe:3e:aa:88:75:3d:96:f4:25:9d:83:
1d:40:07:4e:2b:b8:90:2e:4b:50:fd:a2:91:08:23:
37:ee:8e:7c:a5:03:cf:d7:3c:4b:24:53:b5:f5:da:
a6:1a:9d:3c:4d:f6:4c:42:52:7b:6f:48:f3:ee:af:
3d:f5:06:3a:94:08:66:40:6f:24:c5:2d:bb:3a:57:
f8:48:56:7b:57:21:bd:e0:49:7a:52:45:e7:0f:7a:
02:1e:bc:77:43:fd:14:96:ce:3b:79:43:32:9e:b1:
15:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A9:C5:AA:F2:40:10:EB:1B:41:A6:23:35:91:7B:48:62:9A:37:F4
X509v3 Authority Key Identifier:
keyid:09:B4:BF:37:F3:9E:EC:62:98:2C:4B:63:70:9F:AB:5D:14:6C:73:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/xanFqvJAEOsbQaYjNZF7SGKaN_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3716d9-473f-4af3-a1d3-24e6c0d4fad7/1/CbS_N_Oe7GKYLEtjcJ-rXRRsc3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.246.224.0/21
92.39.240.0/20
94.247.24.0/21
185.111.228.0/22
185.158.44.0/22
188.208.198.0/23
IPv6:
2a02:23e0::/32
Signature Algorithm: sha256WithRSAEncryption
dd:e6:47:83:72:91:c7:c5:77:83:3d:25:a3:5a:ef:3e:cf:b9:
a5:67:80:af:91:de:c3:ca:7f:64:bb:fb:a5:2c:ef:53:d7:d3:
d9:af:d2:5e:98:ff:96:ea:c1:97:9a:8d:f0:2d:4b:59:1e:a4:
a5:1d:da:9b:66:5a:35:b5:15:60:ee:b1:a7:60:e5:1a:6a:b6:
4f:fe:88:87:2b:ac:8b:5c:d5:47:c0:79:cc:52:a5:46:87:3d:
28:0c:ba:b9:a0:c0:91:e2:c4:91:a0:37:a9:c5:e4:7d:05:f1:
b2:95:66:70:97:db:f9:0e:01:de:96:be:74:58:6c:cd:e6:83:
b1:dc:23:cf:2f:d6:4e:d2:06:45:ca:27:ba:da:2d:77:db:9b:
99:58:c5:39:a2:b7:1b:78:79:a6:eb:de:4e:7c:96:b2:54:4f:
02:f8:06:82:b5:94:ca:ed:6d:2a:7a:62:c9:2c:2c:c2:c0:05:
19:d3:e6:7a:da:a2:cf:ca:a8:3b:d5:fb:2a:b8:3d:e2:73:70:
f8:5a:2b:ee:54:57:05:21:de:61:2b:19:4d:c1:a6:01:ab:a9:
e6:ab:54:34:37:ea:c4:53:b3:a5:41:66:64:a0:ec:38:77:1e:
8b:72:a7:58:57:90:7e:d3:8a:7c:7b:3e:15:f4:5a:43:83:85:
fd:92:ec:6f
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgIEChiAsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygw
OWI0YmYzN2YzOWVlYzYyOTgyYzRiNjM3MDlmYWI1ZDE0NmM3MzczMB4XDTIyMDEw
MTE1MDEyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVhOWM1YWFmMjQw
MTBlYjFiNDFhNjIzMzU5MTdiNDg2MjlhMzdmNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALbhZMF22+X77JhOBayLM0jZEPXspcCR4VWz0Zcx4VKG3/W0
OcsHpUqO7U/Z6bSWqy7DNuP3YJeLtJYeWMCotmgqhrQCrUZzohyPNe9njkd1JM2y
syAtjx8Ak5KfAwY5gjWkYJifKE0RyTykjMEGwXXYafByqVK75rQ764n1T0nD8Mrf
CqV/4a+9R18rIZWEafJIpuMNuzs10f4+qoh1PZb0JZ2DHUAHTiu4kC5LUP2ikQgj
N+6OfKUDz9c8SyRTtfXaphqdPE32TEJSe29I8+6vPfUGOpQIZkBvJMUtuzpX+EhW
e1chveBJelJF5w96Ah68d0P9FJbOO3lDMp6xFdUCAwEAAaOCAjYwggIyMB0GA1Ud
DgQWBBTFqcWq8kAQ6xtBpiM1kXtIYpo39DAfBgNVHSMEGDAWgBQJtL83857sYpgs
S2Nwn6tdFGxzczAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0NiU19OX09lN0dLWUxFdGpjSi1yWFJSc2MzTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWYvMzcxNmQ5LTQ3M2YtNGFmMy1hMWQzLTI0ZTZjMGQ0ZmFkNy8x
L3hhbkZxdkpBRU9zYlFhWWpOWkY3U0dLYU5fUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWYv
MzcxNmQ5LTQ3M2YtNGFmMy1hMWQzLTI0ZTZjMGQ0ZmFkNy8xL0NiU19OX09lN0dL
WUxFdGpjSi1yWFJSc2MzTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBM
BggrBgEFBQcBBwEB/wQ9MDswKgQCAAEwJAMEA1T24AMEBFwn8AMEA173GAMEArlv
5AMEArmeLAMEAbzQxjANBAIAAjAHAwUAKgIj4DANBgkqhkiG9w0BAQsFAAOCAQEA
3eZHg3KRx8V3gz0lo1rvPs+5pWeAr5Hew8p/ZLv7pSzvU9fT2a/SXpj/lurBl5qN
8C1LWR6kpR3am2ZaNbUVYO6xp2DlGmq2T/6Ihyusi1zVR8B5zFKlRoc9KAy6uaDA
keLEkaA3qcXkfQXxspVmcJfb+Q4B3pa+dFhszeaDsdwjzy/WTtIGRconutotd9ub
mVjFOaK3G3h5puveTnyWslRPAvgGgrWUyu1tKnpiySwswsAFGdPmetqiz8qoO9X7
Krg94nNw+For7lRXBSHeYSsZTcGmAaup5qtUNDfqxFOzpUFmZKDsOHcei3KnWFeQ
ftOKfHs+FfRaQ4OF/ZLsbw==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:59 2023 by rpki-client on console-ams.rpki-client.org