Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/XGlWj-DErBJg6-kDB3rEn_PqegU.roa
File: XGlWj-DErBJg6-kDB3rEn_PqegU.roa (raw, json)
Hash identifier: P3QJvJFJx5lY9EvQQbprGwnYcZ7gSWu5FUQt1om2TmM=
Subject key identifier: 5C:69:56:8F:E0:C4:AC:12:60:EB:E9:03:07:7A:C4:9F:F3:EA:7A:05
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 056BB461
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/XGlWj-DErBJg6-kDB3rEn_PqegU.roa
Signing time: Sat 01 Jan 2022 15:07:21 +0000
ROA not before: Sat 01 Jan 2022 15:07:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43350
IP address blocks: 85.203.44.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 90944609 (0x56bb461)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 1 15:07:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c69568fe0c4ac1260ebe903077ac49ff3ea7a05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2b:aa:3e:16:cd:17:bd:07:65:24:18:9a:1e:
ea:13:ab:97:a5:09:4c:bc:7a:83:ab:1e:b7:12:fb:
33:b2:a1:1d:f9:2c:49:8b:2e:e5:64:76:ae:49:74:
53:09:e3:15:11:c3:bd:d3:95:e6:69:bd:b2:ec:e3:
59:e4:3c:19:12:ad:59:64:c6:74:69:a3:1d:bf:7d:
a2:97:45:50:f8:e0:df:c7:b0:32:4f:6b:19:cf:2e:
e9:7d:fc:54:93:4d:ca:76:b4:09:23:f2:7a:f7:11:
16:20:ae:d5:4e:c1:3c:1c:e4:51:ed:1d:17:71:d6:
0d:f8:29:aa:6d:b0:09:47:10:97:e6:f1:53:72:eb:
22:ca:74:88:7d:d0:c3:40:bf:c8:ca:11:2f:a9:46:
9b:9a:45:3b:d1:8e:75:62:a2:f6:e0:77:ee:db:87:
bf:47:eb:16:86:d1:5f:d3:3b:67:20:26:b0:82:c1:
00:77:a3:9a:42:af:f0:e0:4e:d6:80:b7:e2:85:b0:
38:27:2a:a6:fd:2b:71:fb:35:a2:c2:4b:04:09:0a:
49:43:ab:fa:a2:06:39:f6:81:1c:b2:75:c2:37:56:
0f:32:ff:f8:31:f4:bd:53:35:53:48:4e:c1:02:77:
a3:72:be:b2:7f:09:5a:c0:4b:e3:50:93:f5:52:27:
12:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:69:56:8F:E0:C4:AC:12:60:EB:E9:03:07:7A:C4:9F:F3:EA:7A:05
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/XGlWj-DErBJg6-kDB3rEn_PqegU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.44.0/24
Signature Algorithm: sha256WithRSAEncryption
86:b9:c7:fe:24:2f:61:fd:21:a3:cf:56:46:ac:c1:1d:98:1c:
b2:c3:b6:c6:c6:0c:56:63:65:03:97:52:4c:b0:32:1f:44:d3:
a6:56:bf:5a:b5:4b:4c:a6:8c:15:01:a6:bc:2f:11:41:eb:11:
b4:3d:94:2e:72:3a:d0:49:54:80:7e:b0:a3:95:11:a3:19:c7:
16:58:15:3a:e4:a7:dc:35:50:8c:4b:de:e9:c1:70:26:35:17:
5f:11:64:7c:8c:de:4c:8e:20:96:0e:7f:58:82:4f:76:92:f3:
94:e2:b6:6d:80:2c:5b:fe:08:6b:57:d6:86:17:8f:21:ce:f6:
68:a0:30:03:eb:fc:54:f6:eb:48:d9:f9:d7:04:fd:eb:3e:17:
04:9b:2e:1b:e0:bd:91:db:62:60:c1:f2:55:89:11:1b:b9:30:
a2:f5:8f:2d:66:32:58:de:c2:7c:7c:7e:93:ff:c4:18:0e:7e:
6f:6d:50:fa:d8:54:c1:0c:d8:28:9a:2d:28:15:87:70:7a:03:
bc:d4:eb:46:e1:03:ac:7f:9b:30:92:48:a3:f5:50:5c:58:bf:
be:1a:36:f8:2b:1f:c4:4e:7e:f2:6f:2e:b9:a5:3f:dd:39:3b:
09:a6:c5:20:8b:b6:c7:8b:d1:84:2c:9d:a1:84:9f:4f:a4:31:
6b:7a:6c:f8
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBWu0YTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NDViZGY2ZWVjMDgzNzBhZTFmNjdlODNmOTliNWFjMWZlMjY4NzJjMB4XDTIyMDEw
MTE1MDcyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM2OTU2OGZlMGM0
YWMxMjYwZWJlOTAzMDc3YWM0OWZmM2VhN2EwNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKorqj4WzRe9B2UkGJoe6hOrl6UJTLx6g6setxL7M7KhHfks
SYsu5WR2rkl0UwnjFRHDvdOV5mm9suzjWeQ8GRKtWWTGdGmjHb99opdFUPjg38ew
Mk9rGc8u6X38VJNNyna0CSPyevcRFiCu1U7BPBzkUe0dF3HWDfgpqm2wCUcQl+bx
U3LrIsp0iH3Qw0C/yMoRL6lGm5pFO9GOdWKi9uB37tuHv0frFobRX9M7ZyAmsILB
AHejmkKv8OBO1oC34oWwOCcqpv0rcfs1osJLBAkKSUOr+qIGOfaBHLJ1wjdWDzL/
+DH0vVM1U0hOwQJ3o3K+sn8JWsBL41CT9VInElUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcaVaP4MSsEmDr6QMHesSf8+p6BTAfBgNVHSMEGDAWgBTUW99u7Ag3CuH2
foP5m1rB/iaHLDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFGdmZidXdJTndyaDluNkQtWnRhd2Y0bWh5dy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDEvZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8x
L1hHbFdqLURFckJKZzYta0RCM3JFbl9QcWVnVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDEv
ZTJkZmZmLThiYTgtNGJjZi1hYzMxLTk4NDYzODU5ZWNjMS8xLzFGdmZidXdJTndy
aDluNkQtWnRhd2Y0bWh5dy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXLLDANBgkqhkiG9w0BAQsFAAOC
AQEAhrnH/iQvYf0ho89WRqzBHZgcssO2xsYMVmNlA5dSTLAyH0TTpla/WrVLTKaM
FQGmvC8RQesRtD2ULnI60ElUgH6wo5URoxnHFlgVOuSn3DVQjEve6cFwJjUXXxFk
fIzeTI4glg5/WIJPdpLzlOK2bYAsW/4Ia1fWhhePIc72aKAwA+v8VPbrSNn51wT9
6z4XBJsuG+C9kdtiYMHyVYkRG7kwovWPLWYyWN7CfHx+k//EGA5+b21Q+thUwQzY
KJotKBWHcHoDvNTrRuEDrH+bMJJIo/VQXFi/vho2+CsfxE5+8m8uuaU/3Tk7CabF
IIu2x4vRhCydoYSfT6Qxa3ps+A==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:07 2023 by rpki-client on console-fra.rpki-client.org