Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/Xlz9ZK2MISho1B9iBn2VOdwTTRI.roa
File: Xlz9ZK2MISho1B9iBn2VOdwTTRI.roa (raw, json)
Hash identifier: 5KkRqqBjgNoQm/oQsHulnJTIwAeRxgATBhJEGLCsIA4=
Subject key identifier: 5E:5C:FD:64:AD:8C:21:28:68:D4:1F:62:06:7D:95:39:DC:13:4D:12
Certificate issuer: /CN=18e2aed9af3a4be560aa19b92846c5fbe11c9b19
Certificate serial: 0184CFA530FB82094ECF320999A0F0B0FBAB
Authority key identifier: 18:E2:AE:D9:AF:3A:4B:E5:60:AA:19:B9:28:46:C5:FB:E1:1C:9B:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/Xlz9ZK2MISho1B9iBn2VOdwTTRI.roa
Signing time: Thu 01 Dec 2022 21:43:40 +0000
ROA not before: Thu 01 Dec 2022 21:43:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41230
IP address blocks: 78.109.176.0/20 maxlen: 20
31.205.192.0/18 maxlen: 18
31.205.0.0/18 maxlen: 18
31.205.0.0/16 maxlen: 16
31.205.128.0/18 maxlen: 18
45.154.248.0/22 maxlen: 22
185.198.228.0/22 maxlen: 23
185.134.138.0/24 maxlen: 24
185.134.136.0/23 maxlen: 23
45.81.120.0/22 maxlen: 22
185.134.139.0/24 maxlen: 24
31.205.64.0/18 maxlen: 18
185.134.144.0/22 maxlen: 22
213.143.0.0/19 maxlen: 19
176.119.145.0/24 maxlen: 24
81.23.48.0/20 maxlen: 20
185.134.128.0/22 maxlen: 22
2a00:1a10::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:cf:a5:30:fb:82:09:4e:cf:32:09:99:a0:f0:b0:fb:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e2aed9af3a4be560aa19b92846c5fbe11c9b19
Validity
Not Before: Dec 1 21:43:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e5cfd64ad8c212868d41f62067d9539dc134d12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b7:60:2c:ce:c7:2a:1a:19:42:52:e9:49:7b:
d1:4d:39:f3:44:07:70:7b:41:f9:98:37:3c:29:8c:
96:54:4c:e5:cf:e5:02:9b:d5:08:d8:63:44:42:b4:
f4:33:bc:3e:6f:bb:b8:67:cb:23:37:3e:da:34:75:
01:c7:28:45:14:44:02:ac:cd:66:9e:34:96:bb:a3:
84:e2:51:ac:f4:6c:4d:aa:28:99:1f:52:38:a4:c6:
80:09:03:ec:6a:c6:25:a7:52:69:f3:f3:29:30:62:
bf:e6:63:34:7c:6a:68:61:8f:98:bc:a4:25:d8:5c:
14:d9:64:53:ab:57:df:0b:bb:b4:11:d2:d2:93:05:
09:3e:19:3c:ee:de:83:30:b5:b7:9b:29:71:8c:19:
5e:ee:4e:fb:40:7e:2a:4c:03:bf:c3:a0:d9:e6:a3:
33:45:f6:65:41:2e:8c:62:fd:95:c1:8e:a4:dd:05:
ab:95:ea:f3:e3:49:35:75:1c:64:4d:8c:9a:50:5e:
fe:36:58:39:01:89:ac:bb:be:59:33:62:0b:3c:7c:
08:d5:32:90:e6:3d:10:6f:27:aa:ff:3d:61:d0:b9:
46:3e:97:40:bc:c4:01:f8:7f:ab:f3:98:90:fc:d3:
5c:33:16:5c:ca:38:51:1a:eb:75:77:bb:fe:2e:b5:
47:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5C:FD:64:AD:8C:21:28:68:D4:1F:62:06:7D:95:39:DC:13:4D:12
X509v3 Authority Key Identifier:
keyid:18:E2:AE:D9:AF:3A:4B:E5:60:AA:19:B9:28:46:C5:FB:E1:1C:9B:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOKu2a86S-Vgqhm5KEbF--Ecmxk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/Xlz9ZK2MISho1B9iBn2VOdwTTRI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/2391ed-f285-4286-af2f-d2551cdde4af/1/GOKu2a86S-Vgqhm5KEbF--Ecmxk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.205.0.0/16
45.81.120.0/22
45.154.248.0/22
78.109.176.0/20
81.23.48.0/20
176.119.145.0/24
185.134.128.0/22
185.134.136.0/22
185.134.144.0/22
185.198.228.0/22
213.143.0.0/19
IPv6:
2a00:1a10::/29
Signature Algorithm: sha256WithRSAEncryption
7a:c4:77:b5:47:18:59:d3:91:42:28:76:2d:46:c9:f3:d1:27:
67:89:10:3d:db:b5:d1:33:01:2a:40:e3:3e:ac:1b:49:5e:54:
cc:c2:c2:c3:3b:d4:c0:0a:ff:24:1f:23:52:cf:32:74:ba:e2:
fd:f3:f3:e6:e0:95:32:df:bd:0b:ad:94:48:e6:d8:98:cd:b5:
10:9f:4c:97:e0:d8:e3:2a:77:ba:fd:7f:5b:39:b4:c8:23:41:
db:cd:94:9e:94:4e:08:aa:de:4f:b8:af:fd:ac:1f:49:fd:a2:
64:74:36:35:88:9a:67:5b:fb:a9:e6:4c:48:a5:20:6b:c5:bf:
e3:56:02:c8:4c:63:90:13:e6:5c:83:ce:07:75:9c:91:1e:97:
48:1a:bd:e9:18:20:88:a2:b1:ba:35:2a:0a:0f:e1:66:0b:c5:
4c:37:2d:01:ff:bc:a3:6f:db:30:5e:ea:88:66:0e:57:98:9e:
6f:45:99:58:63:f7:53:b5:71:f1:6a:06:fd:86:cb:d6:e2:8e:
3a:62:b0:59:96:51:b3:1f:13:66:db:92:72:6b:2d:6f:d6:84:
e6:e9:22:34:63:a9:c4:e5:06:f5:81:21:f0:16:55:7d:0c:98:
59:69:ed:f1:fa:03:ab:43:dd:2e:2b:34:48:c9:74:6b:55:8f:
16:4d:5e:dd
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAYTPpTD7gglOzzIJmaDwsPurMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTJhZWQ5YWYzYTRiZTU2MGFhMTliOTI4NDZjNWZiZTEx
YzliMTkwHhcNMjIxMjAxMjE0MzQwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTVjZmQ2NGFkOGMyMTI4NjhkNDFmNjIwNjdkOTUzOWRjMTM0ZDEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLdgLM7HKhoZQlLpSXvRTTnzRAdw
e0H5mDc8KYyWVEzlz+UCm9UI2GNEQrT0M7w+b7u4Z8sjNz7aNHUBxyhFFEQCrM1m
njSWu6OE4lGs9GxNqiiZH1I4pMaACQPsasYlp1Jp8/MpMGK/5mM0fGpoYY+YvKQl
2FwU2WRTq1ffC7u0EdLSkwUJPhk87t6DMLW3mylxjBle7k77QH4qTAO/w6DZ5qMz
RfZlQS6MYv2VwY6k3QWrlerz40k1dRxkTYyaUF7+Nlg5AYmsu75ZM2ILPHwI1TKQ
5j0Qbyeq/z1h0LlGPpdAvMQB+H+r85iQ/NNcMxZcyjhRGut1d7v+LrVHXwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFF5c/WStjCEoaNQfYgZ9lTncE00SMB8GA1UdIwQY
MBaAFBjirtmvOkvlYKoZuShGxfvhHJsZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09LdTJhODZTLVZncWhtNUtFYkYtLUVjbXhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi8yMzkxZWQtZjI4NS00Mjg2LWFmMmYt
ZDI1NTFjZGRlNGFmLzEvWGx6OVpLMk1JU2hvMUI5aUJuMlZPZHdUVFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi8yMzkxZWQtZjI4NS00Mjg2LWFmMmYtZDI1NTFjZGRlNGFm
LzEvR09LdTJhODZTLVZncWhtNUtFYkYtLUVjbXhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBHBAIAATBBAwMAH80DBAIt
UXgDBAItmvgDBARObbADBARRFzADBACwd5EDBAK5hoADBAK5hogDBAK5hpADBAK5
xuQDBAXVjwAwDQQCAAIwBwMFAyoAGhAwDQYJKoZIhvcNAQELBQADggEBAHrEd7VH
GFnTkUIodi1GyfPRJ2eJED3btdEzASpA4z6sG0leVMzCwsM71MAK/yQfI1LPMnS6
4v3z8+bglTLfvQutlEjm2JjNtRCfTJfg2OMqd7r9f1s5tMgjQdvNlJ6UTgiq3k+4
r/2sH0n9omR0NjWImmdb+6nmTEilIGvFv+NWAshMY5AT5lyDzgd1nJEel0gavekY
IIiisbo1KgoP4WYLxUw3LQH/vKNv2zBe6ohmDleYnm9FmVhj91O1cfFqBv2Gy9bi
jjpisFmWUbMfE2bbknJrLW/WhObpIjRjqcTlBvWBIfAWVX0MmFlp7fH6A6tD3S4r
NEjJdGtVjxZNXt0=
-----END CERTIFICATE-----
Generated at Wed Dec 27 18:41:34 2023 by rpki-client on console.sobornost.net