Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xVEegf-Bh0ox1KyjX9QkNyEsmQE.roa
File: xVEegf-Bh0ox1KyjX9QkNyEsmQE.roa (raw, json)
Hash identifier: l0zSXeJZ+LflJy7JZl5LOdA06TXhFPf3qA+WTiTEiGg=
Subject key identifier: C5:51:1E:81:FF:81:87:4A:31:D4:AC:A3:5F:D4:24:37:21:2C:99:01
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 0183CBBC4A6A1CDF866D0D94366181BAD4ED
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xVEegf-Bh0ox1KyjX9QkNyEsmQE.roa
Signing time: Wed 12 Oct 2022 10:27:38 +0000
ROA not before: Wed 12 Oct 2022 10:27:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208582
IP address blocks: 185.51.8.0/22 maxlen: 24
2a01:aee0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:cb:bc:4a:6a:1c:df:86:6d:0d:94:36:61:81:ba:d4:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Oct 12 10:27:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5511e81ff81874a31d4aca35fd42437212c9901
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:f4:2a:38:15:c4:21:1e:01:a0:fc:a8:3e:c5:
6c:74:1e:32:0e:9d:64:fb:b0:fa:cc:d6:e6:ae:60:
af:1f:5d:ee:ec:a1:6d:16:e3:a9:35:98:ef:50:e1:
df:fb:dc:c0:ed:51:95:ce:6c:96:f4:4b:d4:2c:26:
be:5c:15:ce:43:c0:d9:a1:e3:4b:46:ef:2d:e2:55:
0b:a0:a2:dc:78:e4:94:57:29:75:03:da:3e:d4:40:
bb:40:a1:57:f2:60:ad:fc:6f:d5:46:1c:8f:15:fb:
6d:e1:ff:ef:a8:bf:89:84:b6:87:07:68:66:fb:ba:
b2:97:4d:4c:9f:aa:7d:62:a4:69:4e:96:36:da:50:
e6:bd:6b:7e:4e:9f:9a:fc:8e:3c:25:6d:c5:25:b1:
b9:1c:63:c4:81:be:14:4e:0b:79:f4:4c:78:bb:56:
8f:80:e7:7c:23:e1:70:82:4f:ef:fa:68:e2:a9:3f:
39:9c:a9:31:8f:5a:49:ae:ab:ee:81:85:99:e4:8d:
bd:92:d6:94:dc:0d:0b:92:e0:d1:e1:66:b6:68:84:
68:4e:29:e9:31:c1:7f:46:27:6d:8c:ad:c9:ad:53:
3b:d0:86:02:f4:f9:38:76:05:16:88:37:ee:fd:b7:
40:bd:8b:89:e6:6a:10:f9:eb:ae:14:74:33:f4:79:
95:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:51:1E:81:FF:81:87:4A:31:D4:AC:A3:5F:D4:24:37:21:2C:99:01
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xVEegf-Bh0ox1KyjX9QkNyEsmQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.8.0/22
IPv6:
2a01:aee0::/32
Signature Algorithm: sha256WithRSAEncryption
24:47:f4:18:6f:32:d7:bf:dd:3a:72:00:a6:51:5a:0c:21:7a:
86:12:bf:b8:4d:b5:7d:a2:fd:04:3a:fe:14:a0:a0:30:62:6a:
7b:c0:9c:01:d3:f9:58:da:ab:70:71:bd:e4:8d:2b:8f:48:e0:
69:c9:ea:df:24:d5:a4:b2:25:30:79:92:42:99:10:ca:c8:f7:
33:68:8d:eb:6f:a2:59:b6:7e:9f:b3:aa:fc:6f:95:09:30:9a:
42:12:5c:a7:96:8b:61:72:2f:27:32:6d:c7:e8:98:37:4d:5c:
f7:47:e3:82:db:61:95:a1:8a:22:5c:39:3d:f6:de:db:bd:45:
75:0d:25:52:67:e6:ea:39:23:78:92:7d:23:42:30:c3:80:bf:
57:85:93:3d:94:ba:1e:81:b0:6e:86:33:16:7c:b6:ee:7d:8e:
37:21:fd:38:18:6a:6e:24:13:31:98:c8:48:5e:75:9e:e5:41:
0f:1e:9d:0b:da:12:a4:87:29:8a:95:ad:68:91:b0:67:2c:32:
03:0e:f9:aa:70:ad:e8:f2:c9:a1:9e:10:86:e4:d9:ad:40:cf:
18:7b:99:38:d7:aa:61:85:c2:c9:41:29:fe:c6:ed:ce:91:e6:
51:15:6d:16:9b:16:e2:fa:84:ca:61:8f:f4:3c:85:38:a0:7d:
63:d6:49:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYPLvEpqHN+GbQ2UNmGButTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjIxMDEyMTAyNzM4WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTUxMWU4MWZmODE4NzRhMzFkNGFjYTM1ZmQ0MjQzNzIxMmM5OTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsPQqOBXEIR4BoPyoPsVsdB4yDp1k
+7D6zNbmrmCvH13u7KFtFuOpNZjvUOHf+9zA7VGVzmyW9EvULCa+XBXOQ8DZoeNL
Ru8t4lULoKLceOSUVyl1A9o+1EC7QKFX8mCt/G/VRhyPFftt4f/vqL+JhLaHB2hm
+7qyl01Mn6p9YqRpTpY22lDmvWt+Tp+a/I48JW3FJbG5HGPEgb4UTgt59Ex4u1aP
gOd8I+Fwgk/v+mjiqT85nKkxj1pJrqvugYWZ5I29ktaU3A0LkuDR4Wa2aIRoTinp
McF/RidtjK3JrVM70IYC9Pk4dgUWiDfu/bdAvYuJ5moQ+euuFHQz9HmV4wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMVRHoH/gYdKMdSso1/UJDchLJkBMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEveFZFZWdmLUJoMG94MUt5alg5UWtOeUVzbVFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuTMIMA0E
AgACMAcDBQAqAa7gMA0GCSqGSIb3DQEBCwUAA4IBAQAkR/QYbzLXv906cgCmUVoM
IXqGEr+4TbV9ov0EOv4UoKAwYmp7wJwB0/lY2qtwcb3kjSuPSOBpyerfJNWksiUw
eZJCmRDKyPczaI3rb6JZtn6fs6r8b5UJMJpCElynlothci8nMm3H6Jg3TVz3R+OC
22GVoYoiXDk99t7bvUV1DSVSZ+bqOSN4kn0jQjDDgL9XhZM9lLoegbBuhjMWfLbu
fY43If04GGpuJBMxmMhIXnWe5UEPHp0L2hKkhymKla1okbBnLDIDDvmqcK3o8smh
nhCG5NmtQM8Ye5k416phhcLJQSn+xu3OkeZRFW0Wmxbi+oTKYY/0PIU4oH1j1knj
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:50:44 2024 by rpki-client on console-fra.rpki-client.org