Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/Xavk-WCBR7BSEfuXmHu3LUfxSk0.roa
File: Xavk-WCBR7BSEfuXmHu3LUfxSk0.roa (raw, json)
Hash identifier: x+7ELywH7K/RY+iw5xfSURAZQ+hmlkgTfOQtjhCr5fY=
Subject key identifier: 5D:AB:E4:F9:60:81:47:B0:52:11:FB:97:98:7B:B7:2D:47:F1:4A:4D
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 0A2E4EE7
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/Xavk-WCBR7BSEfuXmHu3LUfxSk0.roa
Signing time: Sat 01 Jan 2022 14:59:16 +0000
ROA not before: Sat 01 Jan 2022 14:59:16 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 134121
IP address blocks: 85.239.36.0/22 maxlen: 22
85.239.50.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 170807015 (0xa2e4ee7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 1 14:59:16 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dabe4f9608147b05211fb97987bb72d47f14a4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:c0:5a:47:4e:eb:a5:03:5c:f9:af:2b:bc:58:
20:18:7d:7a:66:6b:cf:da:59:d0:d8:b7:83:7f:9b:
6b:96:1c:ae:f3:49:03:d7:55:87:5c:8d:fd:b4:91:
34:de:61:33:d9:a1:7e:0e:b6:33:92:5c:4f:39:4e:
8a:f4:80:d5:46:73:8e:2f:78:fb:db:73:4f:6c:b6:
c6:0a:8e:e1:ad:6c:29:fb:a8:81:7c:c0:4b:a6:3b:
0f:af:66:e2:da:1e:51:52:ac:53:66:f3:f6:9b:4a:
16:f4:13:24:eb:c1:2b:e5:d1:bf:1f:8f:b9:f1:9c:
d9:76:06:19:0d:5e:75:05:1f:6e:27:79:5d:b9:18:
65:99:fc:48:03:f6:05:45:00:d1:8c:13:db:24:d7:
76:59:3d:b9:d7:f9:3c:7c:78:5a:a1:dc:a5:78:ba:
1a:01:bc:7c:03:a8:79:1e:23:27:eb:f0:6e:8f:c3:
9c:f1:0b:28:f7:e3:f7:28:84:1c:52:9c:f3:43:6b:
7f:7f:db:66:ec:20:2a:09:f2:b7:7f:28:7e:64:b5:
d7:6a:9b:44:9d:01:59:b2:d1:55:34:75:be:87:da:
8d:97:1e:39:cb:16:9d:6b:c1:d2:37:fd:c7:be:eb:
8b:e3:fc:3e:98:52:44:d8:f6:f4:20:53:3e:5c:53:
85:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:AB:E4:F9:60:81:47:B0:52:11:FB:97:98:7B:B7:2D:47:F1:4A:4D
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/Xavk-WCBR7BSEfuXmHu3LUfxSk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.36.0/22
85.239.50.0/24
Signature Algorithm: sha256WithRSAEncryption
12:99:eb:87:e0:39:6f:26:93:0b:4a:32:85:c9:db:5e:53:a8:
50:0f:84:2e:c1:d8:b7:17:f3:70:34:b1:cd:28:1b:a9:6e:dd:
2f:e5:30:06:f7:9b:cb:00:1e:3e:9d:3d:64:3d:af:9c:ec:4e:
45:cf:fd:0a:71:12:b4:97:cd:ee:e3:77:10:29:f4:3a:53:53:
7b:16:ac:4d:28:2f:a6:4c:3d:6e:87:c3:77:3d:c2:78:5e:b7:
2f:ce:ba:a7:f5:ff:95:59:7d:c3:39:20:01:57:9c:5d:5c:53:
cf:54:88:77:83:11:b2:ff:b4:b1:1a:9c:21:a0:7d:b2:35:d7:
56:27:26:9c:73:65:09:c3:f2:a5:c6:4c:bc:d8:10:7c:3c:a9:
93:6e:2f:f4:13:9b:d0:a1:a8:bd:78:08:54:6b:9e:6f:96:3f:
3b:53:be:95:bf:33:38:94:2e:6d:6e:26:cf:0e:dc:e9:ac:39:
10:e0:25:01:1a:85:3f:5f:10:ce:bb:ae:ad:16:e2:28:29:c5:
4b:93:87:8b:fd:b9:67:33:07:6b:8e:76:81:21:57:15:23:a8:
c0:34:4a:eb:96:60:f2:3d:7f:76:92:3d:2c:61:2e:1b:59:ed:
15:7d:38:4a:58:08:4e:e5:49:27:99:ab:86:bb:2b:4b:76:bb:
51:80:a4:11
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIECi5O5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
YjdlYzk0MjNiZjkwYzgxZDIyZDk0ODQxYzEwMzU3YTU0MjYwMzc5MB4XDTIyMDEw
MTE0NTkxNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRhYmU0Zjk2MDgx
NDdiMDUyMTFmYjk3OTg3YmI3MmQ0N2YxNGE0ZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHAWkdO66UDXPmvK7xYIBh9emZrz9pZ0Ni3g3+ba5YcrvNJ
A9dVh1yN/bSRNN5hM9mhfg62M5JcTzlOivSA1UZzji94+9tzT2y2xgqO4a1sKfuo
gXzAS6Y7D69m4toeUVKsU2bz9ptKFvQTJOvBK+XRvx+PufGc2XYGGQ1edQUfbid5
XbkYZZn8SAP2BUUA0YwT2yTXdlk9udf5PHx4WqHcpXi6GgG8fAOoeR4jJ+vwbo/D
nPELKPfj9yiEHFKc80Nrf3/bZuwgKgnyt38ofmS112qbRJ0BWbLRVTR1vofajZce
OcsWnWvB0jf9x77ri+P8PphSRNj29CBTPlxThYsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRdq+T5YIFHsFIR+5eYe7ctR/FKTTAfBgNVHSMEGDAWgBQ7fslCO/kMgdIt
lIQcEDV6VCYDeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L08zN0pRanY1RElIU0xaU0VIQkExZWxRbUEzay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZjMvOGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8x
L1hhdmstV0NCUjdCU0VmdVhtSHUzTFVmeFNrMC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjMv
OGVhNDdmLWVmZjMtNDYyNy05NGVkLTFkMTBmM2M3MGJiNC8xL08zN0pRanY1RElI
U0xaU0VIQkExZWxRbUEzay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAlXvJAMEAFXvMjANBgkqhkiG9w0B
AQsFAAOCAQEAEpnrh+A5byaTC0oyhcnbXlOoUA+ELsHYtxfzcDSxzSgbqW7dL+Uw
BvebywAePp09ZD2vnOxORc/9CnEStJfN7uN3ECn0OlNTexasTSgvpkw9bofDdz3C
eF63L866p/X/lVl9wzkgAVecXVxTz1SId4MRsv+0sRqcIaB9sjXXVicmnHNlCcPy
pcZMvNgQfDypk24v9BOb0KGovXgIVGueb5Y/O1O+lb8zOJQubW4mzw7c6aw5EOAl
ARqFP18QzruurRbiKCnFS5OHi/25ZzMHa452gSFXFSOowDRK65Zg8j1/dpI9LGEu
G1ntFX04SlgITuVJJ5mrhrsrS3a7UYCkEQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:59:31 2024 by rpki-client on console-fra.rpki-client.org