Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/Xiza_LA2NnBmP_5xZO-InAv6w24.roa
File: Xiza_LA2NnBmP_5xZO-InAv6w24.roa (raw, json)
Hash identifier: uNaSO3opOPc82Dvj2xvPHrHO1JTYCPKnpDNwa7zJUT8=
Subject key identifier: 5E:2C:DA:FC:B0:36:36:70:66:3F:FE:71:64:EF:88:9C:0B:FA:C3:6E
Certificate issuer: /CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Certificate serial: 01853E2C18A16E51181291B70475B538F52C
Authority key identifier: C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/Xiza_LA2NnBmP_5xZO-InAv6w24.roa
Signing time: Fri 23 Dec 2022 08:49:15 +0000
ROA not before: Fri 23 Dec 2022 08:49:15 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47285
IP address blocks: 194.147.150.0/24 maxlen: 24
185.105.236.0/24 maxlen: 24
185.105.238.0/24 maxlen: 24
45.139.8.0/24 maxlen: 24
194.180.209.0/24 maxlen: 24
2a12:2600::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:3e:2c:18:a1:6e:51:18:12:91:b7:04:75:b5:38:f5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c87b594e5e6713a5b80a5481a5ce71e652d84573
Validity
Not Before: Dec 23 08:49:15 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e2cdafcb0363670663ffe7164ef889c0bfac36e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fe:a9:05:ef:50:fc:b0:5a:ab:01:fd:2e:02:
f2:45:e1:c1:fa:90:5a:0f:d3:56:93:1f:3e:a2:65:
b3:7d:37:26:4b:5f:8f:45:22:d0:c3:08:2a:db:98:
22:94:2b:0a:84:12:38:cb:17:95:f3:ec:21:b6:83:
6d:5f:20:7d:62:09:d8:2d:f6:86:4c:6d:a3:33:1f:
07:33:83:d5:f6:2c:5a:b0:cb:a1:62:52:0c:fc:4e:
92:dd:68:63:1c:1c:6d:c1:5f:61:04:e5:4e:d2:0c:
93:d8:b8:a5:45:af:ef:6d:76:af:25:d2:37:70:41:
a5:7e:df:8c:b0:f1:8f:0f:76:ce:6d:f2:1e:c8:79:
d6:9e:b2:47:7f:12:59:88:07:78:4b:b8:d4:6a:14:
e9:c3:d2:b5:89:0a:fb:15:54:92:c5:87:69:ba:80:
5e:dc:9f:fc:b3:a9:42:31:55:a4:8e:c2:3e:5b:f0:
ac:d3:59:b1:17:a8:f5:81:f4:c7:6d:62:19:c0:f1:
ca:99:49:08:42:cf:f0:6d:f2:4a:58:b9:98:9c:80:
f7:eb:73:ee:bb:38:9f:4e:97:58:ae:73:6f:74:2a:
83:35:f0:fc:e0:e8:08:3d:84:01:71:f7:52:31:8f:
8c:db:31:3d:de:ba:b4:7a:3c:ea:15:12:fd:20:5b:
49:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:2C:DA:FC:B0:36:36:70:66:3F:FE:71:64:EF:88:9C:0B:FA:C3:6E
X509v3 Authority Key Identifier:
keyid:C8:7B:59:4E:5E:67:13:A5:B8:0A:54:81:A5:CE:71:E6:52:D8:45:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yHtZTl5nE6W4ClSBpc5x5lLYRXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/Xiza_LA2NnBmP_5xZO-InAv6w24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/824f78-dee2-47bc-af2f-38cb6e416f3a/1/yHtZTl5nE6W4ClSBpc5x5lLYRXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.8.0/24
185.105.236.0/24
185.105.238.0/24
194.147.150.0/24
194.180.209.0/24
IPv6:
2a12:2600::/29
Signature Algorithm: sha256WithRSAEncryption
8e:e8:83:49:b6:8f:6b:a4:b6:8c:b8:6d:9c:c9:d7:b1:01:55:
27:5f:b6:09:d6:b9:cf:84:41:87:14:a3:70:44:18:25:63:c7:
9f:10:a4:11:04:16:ab:42:1d:2c:69:ca:c2:e6:1a:d1:cd:d0:
da:79:53:22:69:f3:3a:79:40:50:51:62:3b:0a:6f:75:8d:5e:
78:3e:b8:40:a3:4b:4f:7d:4b:19:48:d1:73:de:26:fc:20:ca:
15:93:09:54:01:1c:e1:6b:7e:67:33:f2:8c:d9:0d:10:14:bc:
64:43:16:ed:4d:51:4d:9f:5c:cd:fa:38:a4:a1:55:cd:67:4f:
c2:f7:28:0b:9d:ea:d0:43:f7:d8:f1:cf:f0:d1:e9:d0:a2:01:
bd:93:8d:75:b2:83:52:3a:40:12:02:29:9d:4c:67:c9:bf:f4:
f3:19:a2:45:a9:d3:84:f7:21:e0:6d:67:13:f7:da:e5:e4:4f:
b0:4e:c1:38:b5:9e:ad:99:3d:52:08:83:05:74:32:79:50:0e:
c6:69:a8:cd:e9:88:84:a9:b8:4d:a8:40:40:94:89:07:7f:54:
67:45:85:94:5c:8e:91:3b:a6:7c:59:fa:b4:57:7d:b9:81:20:
d7:5f:4a:d0:3c:48:df:12:db:7f:fc:53:b8:eb:c8:4a:f6:56:
34:d2:e7:6b
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYU+LBihblEYEpG3BHW1OPUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4N2I1OTRlNWU2NzEzYTViODBhNTQ4MWE1Y2U3MWU2NTJk
ODQ1NzMwHhcNMjIxMjIzMDg0OTE1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTJjZGFmY2IwMzYzNjcwNjYzZmZlNzE2NGVmODg5YzBiZmFjMzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/6pBe9Q/LBaqwH9LgLyReHB+pBa
D9NWkx8+omWzfTcmS1+PRSLQwwgq25gilCsKhBI4yxeV8+whtoNtXyB9YgnYLfaG
TG2jMx8HM4PV9ixasMuhYlIM/E6S3WhjHBxtwV9hBOVO0gyT2LilRa/vbXavJdI3
cEGlft+MsPGPD3bObfIeyHnWnrJHfxJZiAd4S7jUahTpw9K1iQr7FVSSxYdpuoBe
3J/8s6lCMVWkjsI+W/Cs01mxF6j1gfTHbWIZwPHKmUkIQs/wbfJKWLmYnID363Pu
uzifTpdYrnNvdCqDNfD84OgIPYQBcfdSMY+M2zE93rq0ejzqFRL9IFtJYwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFF4s2vywNjZwZj/+cWTviJwL+sNuMB8GA1UdIwQY
MBaAFMh7WU5eZxOluApUgaXOceZS2EVzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYt
MzhjYjZlNDE2ZjNhLzEvWGl6YV9MQTJObkJtUF81eFpPLUluQXY2dzI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84MjRmNzgtZGVlMi00N2JjLWFmMmYtMzhjYjZlNDE2ZjNh
LzEveUh0WlRsNW5FNlc0Q2xTQnBjNXg1bExZUlhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQALYsIAwQA
uWnsAwQAuWnuAwQAwpOWAwQAwrTRMA0EAgACMAcDBQMqEiYAMA0GCSqGSIb3DQEB
CwUAA4IBAQCO6INJto9rpLaMuG2cydexAVUnX7YJ1rnPhEGHFKNwRBglY8efEKQR
BBarQh0sacrC5hrRzdDaeVMiafM6eUBQUWI7Cm91jV54PrhAo0tPfUsZSNFz3ib8
IMoVkwlUARzha35nM/KM2Q0QFLxkQxbtTVFNn1zN+jikoVXNZ0/C9ygLnerQQ/fY
8c/w0enQogG9k411soNSOkASAimdTGfJv/TzGaJFqdOE9yHgbWcT99rl5E+wTsE4
tZ6tmT1SCIMFdDJ5UA7GaajN6YiEqbhNqEBAlIkHf1RnRYWUXI6RO6Z8Wfq0V325
gSDXX0rQPEjfEtt//FO468hK9lY00udr
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:20 2023 by rpki-client on console-fra.rpki-client.org