Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/xRIZlSk9GNYjA98oP_exA952LaM.roa
File: xRIZlSk9GNYjA98oP_exA952LaM.roa (raw, json)
Hash identifier: GQ3NPPHD1oOOCDxrwMuq51UvTwBpcNQfKn8TsJ6WqI8=
Subject key identifier: C5:12:19:95:29:3D:18:D6:23:03:DF:28:3F:F7:B1:03:DE:76:2D:A3
Certificate issuer: /CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Certificate serial: 45A10947
Authority key identifier: E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/xRIZlSk9GNYjA98oP_exA952LaM.roa
Signing time: Thu 19 May 2022 13:31:29 +0000
ROA not before: Thu 19 May 2022 13:31:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8218
IP address blocks: 158.255.96.0/19 maxlen: 19
158.255.106.0/24 maxlen: 24
91.194.208.0/23 maxlen: 24
195.216.192.0/23 maxlen: 24
141.255.136.0/21 maxlen: 21
83.167.32.0/19 maxlen: 19
94.103.128.0/20 maxlen: 20
213.179.76.0/22 maxlen: 22
193.34.130.0/23 maxlen: 24
185.110.192.0/22 maxlen: 22
213.152.0.0/19 maxlen: 19
46.255.176.0/21 maxlen: 21
212.69.160.0/19 maxlen: 19
193.227.248.0/23 maxlen: 24
2001:1b48::/32 maxlen: 32
2a00:1f60::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1168181575 (0x45a10947)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e479af1716dc461e5bb3f876215bcb94e8808ba0
Validity
Not Before: May 19 13:31:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5121995293d18d62303df283ff7b103de762da3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:43:b1:90:a2:58:59:56:0d:9d:77:a6:d7:9a:
f8:85:88:b5:cb:bf:dd:6a:df:d4:b6:bf:75:b0:59:
ab:50:a1:b6:4f:27:9a:07:5a:3d:6b:ce:32:2a:10:
bd:79:1f:8e:59:55:f6:06:c6:40:55:59:50:57:fc:
e4:c0:4f:fa:97:aa:3c:24:44:4e:8b:c2:93:25:29:
fe:4b:90:d6:c7:33:9d:67:0d:c7:e5:6b:b8:2c:8d:
3f:bc:f8:33:6f:3a:48:f5:5c:32:dc:a3:ee:1c:06:
24:78:69:dc:22:2f:b8:6e:f4:80:4b:d0:4d:92:d9:
ba:41:90:8c:57:c9:ab:ff:57:24:a2:67:30:86:5c:
3a:4d:96:5c:06:40:7b:c5:9d:ec:3f:56:10:75:40:
3b:c0:59:e6:a4:5f:f1:2d:70:db:15:52:c1:ee:19:
2b:08:83:4c:13:66:3b:ea:1b:10:11:42:44:b7:b8:
b3:dd:67:05:e4:51:10:22:6b:ec:6b:eb:76:35:30:
c8:10:73:17:de:06:c6:ef:3d:a8:dc:57:f3:cb:39:
88:c5:a2:1e:b4:bd:cb:d7:06:68:91:53:08:e1:ce:
e8:4c:4a:7e:e7:9e:d7:47:69:aa:58:1b:c5:e3:1b:
22:2e:a1:90:e3:94:35:3a:97:6f:48:a6:92:67:78:
55:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:12:19:95:29:3D:18:D6:23:03:DF:28:3F:F7:B1:03:DE:76:2D:A3
X509v3 Authority Key Identifier:
keyid:E4:79:AF:17:16:DC:46:1E:5B:B3:F8:76:21:5B:CB:94:E8:80:8B:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HmvFxbcRh5bs_h2IVvLlOiAi6A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/xRIZlSk9GNYjA98oP_exA952LaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/63299a-86b2-49ff-b6e2-241eab61483f/1/5HmvFxbcRh5bs_h2IVvLlOiAi6A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.176.0/21
83.167.32.0/19
91.194.208.0/23
94.103.128.0/20
141.255.136.0/21
158.255.96.0/19
185.110.192.0/22
193.34.130.0/23
193.227.248.0/23
195.216.192.0/23
212.69.160.0/19
213.152.0.0/19
213.179.76.0/22
IPv6:
2001:1b48::/32
2a00:1f60::/32
Signature Algorithm: sha256WithRSAEncryption
32:ff:76:f4:74:5f:99:99:6f:ef:c7:a5:e2:ad:d6:0c:72:f3:
21:bd:70:95:df:87:30:65:bc:3d:69:11:48:6b:24:f3:ad:92:
97:5b:fe:54:24:a1:18:69:84:21:30:b9:38:d3:67:ba:b8:6c:
39:b4:fd:59:e7:4b:25:e3:71:da:e5:56:cb:00:e6:ef:7c:fd:
db:3c:3e:3c:e9:90:50:64:fb:86:f9:3c:d6:7f:1e:ad:cc:f0:
4b:7e:09:3c:1b:09:b5:51:48:33:f7:90:84:1d:87:96:90:3e:
f9:b8:93:89:5b:02:89:bc:d9:8f:be:40:ec:fa:c3:a8:35:43:
91:30:d2:53:05:c6:b9:bf:fa:dc:a0:ba:2e:d8:13:c7:6e:66:
fb:74:77:47:db:c8:de:6e:62:cc:a9:e5:9f:be:4d:f9:ed:bf:
a3:aa:54:58:2e:58:3c:2e:bd:48:a1:07:28:e2:8e:7e:c4:a6:
2a:7c:a2:6c:21:a1:cd:72:b9:38:67:4c:41:3f:9f:ae:f1:d0:
42:dc:21:2c:81:d3:60:5d:2d:dd:2b:22:3c:c2:8a:18:a9:bf:
86:8f:50:72:41:d9:cf:23:d8:9a:53:d9:92:0d:aa:3a:1b:71:
01:26:0b:ff:9c:a5:7c:d4:59:37:95:bd:ce:23:f6:8b:90:7f:
eb:f5:08:79
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIERaEJRzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhl
NDc5YWYxNzE2ZGM0NjFlNWJiM2Y4NzYyMTViY2I5NGU4ODA4YmEwMB4XDTIyMDUx
OTEzMzEyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzUxMjE5OTUyOTNk
MThkNjIzMDNkZjI4M2ZmN2IxMDNkZTc2MmRhMzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOVDsZCiWFlWDZ13ptea+IWItcu/3Wrf1La/dbBZq1Chtk8n
mgdaPWvOMioQvXkfjllV9gbGQFVZUFf85MBP+peqPCRETovCkyUp/kuQ1scznWcN
x+VruCyNP7z4M286SPVcMtyj7hwGJHhp3CIvuG70gEvQTZLZukGQjFfJq/9XJKJn
MIZcOk2WXAZAe8Wd7D9WEHVAO8BZ5qRf8S1w2xVSwe4ZKwiDTBNmO+obEBFCRLe4
s91nBeRRECJr7GvrdjUwyBBzF94Gxu89qNxX88s5iMWiHrS9y9cGaJFTCOHO6ExK
fuee10dpqlgbxeMbIi6hkOOUNTqXb0imkmd4VXsCAwEAAaOCAmcwggJjMB0GA1Ud
DgQWBBTFEhmVKT0Y1iMD3yg/97ED3nYtozAfBgNVHSMEGDAWgBTkea8XFtxGHluz
+HYhW8uU6ICLoDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzVIbXZGeGJjUmg1YnNfaDJJVnZMbE9pQWk2QS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjkvNjMyOTlhLTg2YjItNDlmZi1iNmUyLTI0MWVhYjYxNDgzZi8x
L3hSSVpsU2s5R05ZakE5OG9QX2V4QTk1MkxhTS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjkv
NjMyOTlhLTg2YjItNDlmZi1iNmUyLTI0MWVhYjYxNDgzZi8xLzVIbXZGeGJjUmg1
YnNfaDJJVnZMbE9pQWk2QS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjB9
BggrBgEFBQcBBwEB/wRuMGwwVAQCAAEwTgMEAy7/sAMEBVOnIAMEAVvC0AMEBF5n
gAMEA43/iAMEBZ7/YAMEArluwAMEAcEiggMEAcHj+AMEAcPYwAMEBdRFoAMEBdWY
AAMEAtWzTDAUBAIAAjAOAwUAIAEbSAMFACoAH2AwDQYJKoZIhvcNAQELBQADggEB
ADL/dvR0X5mZb+/HpeKt1gxy8yG9cJXfhzBlvD1pEUhrJPOtkpdb/lQkoRhphCEw
uTjTZ7q4bDm0/VnnSyXjcdrlVssA5u98/ds8PjzpkFBk+4b5PNZ/Hq3M8Et+CTwb
CbVRSDP3kIQdh5aQPvm4k4lbAom82Y++QOz6w6g1Q5Ew0lMFxrm/+tygui7YE8du
Zvt0d0fbyN5uYsyp5Z++Tfntv6OqVFguWDwuvUihByjijn7Epip8omwhoc1yuThn
TEE/n67x0ELcISyB02BdLd0rIjzCihipv4aPUHJB2c8j2JpT2ZINqjobcQEmC/+c
pXzUWTeVvc4j9ouQf+v1CHk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:53:36 2024 by rpki-client on console-ams.rpki-client.org