Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/XMbRHCJlwWy1ZDtVorLnyemc9_E.roa
File: XMbRHCJlwWy1ZDtVorLnyemc9_E.roa (raw, json)
Hash identifier: yBLRH7s27CxpsmOfcADOVSx+bCB8apeB9Gn0wCL6wj8=
Subject key identifier: 5C:C6:D1:1C:22:65:C1:6C:B5:64:3B:55:A2:B2:E7:C9:E9:9C:F7:F1
Certificate issuer: /CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Certificate serial: 1C3C2127
Authority key identifier: A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/XMbRHCJlwWy1ZDtVorLnyemc9_E.roa
Signing time: Sat 01 Jan 2022 14:57:59 +0000
ROA not before: Sat 01 Jan 2022 14:57:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39122
IP address blocks: 185.17.238.0/23 maxlen: 23
2a03:dd41::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 473702695 (0x1c3c2127)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a749aca85dc66c83ce55ecdc045c96075ca7debc
Validity
Not Before: Jan 1 14:57:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cc6d11c2265c16cb5643b55a2b2e7c9e99cf7f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:bf:7a:6c:52:75:81:ef:5a:2f:13:b6:6c:31:
83:7d:7f:5c:18:5f:24:5c:de:b9:56:c4:b8:41:f3:
64:c7:53:e5:f0:d5:f0:fd:31:72:42:d5:98:a0:8a:
8a:be:40:a5:f4:b5:98:27:6a:56:a7:5c:0f:85:34:
ac:ab:35:46:b9:96:de:c5:5f:9a:41:8a:03:c6:42:
8e:7f:71:61:60:4e:24:5b:8d:26:8f:a8:99:a8:6d:
1a:b5:29:98:fd:0a:4a:eb:b4:c4:27:c9:50:c6:94:
a5:f0:85:82:a1:98:d9:99:74:a9:28:cf:41:ea:b4:
69:0e:61:a6:f7:5f:fa:cb:c6:14:8d:ea:c9:7e:89:
c9:9a:69:59:88:dc:db:94:25:66:76:87:a0:98:59:
a4:c2:d9:6a:0a:ae:ae:f3:f0:77:8d:14:54:8a:f5:
d8:e4:e7:d1:cb:6e:e4:2b:ec:86:23:ed:b2:d9:6e:
6a:81:d3:ed:2c:41:f2:a4:86:16:35:f0:d1:06:3c:
55:15:26:f3:f9:f8:11:9d:06:ac:ee:a0:ef:29:3a:
7e:e7:c8:18:72:05:63:32:79:87:ce:8b:75:8d:3e:
95:f3:9e:98:63:8b:d3:b4:91:ab:c3:29:03:b4:9d:
70:d5:4a:ed:19:d2:53:25:ce:58:05:f9:cc:54:da:
0e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:C6:D1:1C:22:65:C1:6C:B5:64:3B:55:A2:B2:E7:C9:E9:9C:F7:F1
X509v3 Authority Key Identifier:
keyid:A7:49:AC:A8:5D:C6:6C:83:CE:55:EC:DC:04:5C:96:07:5C:A7:DE:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0msqF3GbIPOVezcBFyWB1yn3rw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/XMbRHCJlwWy1ZDtVorLnyemc9_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/33e508-127d-4946-b3cc-4c9f43f878ab/1/p0msqF3GbIPOVezcBFyWB1yn3rw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.238.0/23
IPv6:
2a03:dd41::/32
Signature Algorithm: sha256WithRSAEncryption
17:0d:39:b5:47:f3:8e:5f:11:9e:fd:ff:be:4c:3f:e9:50:a8:
a8:db:3b:5d:46:ae:46:fb:e6:76:83:cb:1b:9c:5c:00:87:87:
24:07:9e:c2:d2:58:29:2c:83:1f:44:e2:ac:c8:67:95:66:d3:
bd:5c:0c:69:bd:6e:28:32:95:65:06:49:a6:b1:ea:6a:9b:68:
79:3e:e9:df:a7:84:e2:79:05:24:c6:f6:ab:82:0a:54:fe:7e:
e9:d2:62:dc:08:c1:9f:e2:fd:a4:d1:37:6c:20:6f:0d:2d:dd:
db:6e:c2:84:56:09:4d:af:f4:b4:1f:bc:4b:62:09:dd:63:23:
1e:1a:35:d6:b9:59:c6:8b:77:66:6c:27:0a:1e:3a:b4:13:f4:
73:a8:c6:bb:7f:20:cf:69:b1:66:e0:f9:bd:82:1c:05:d7:b8:
69:1a:b9:c2:bf:9a:14:f8:5d:ef:a7:ce:e7:d3:59:e8:f2:a7:
44:7c:98:24:59:ba:64:02:9e:88:26:fe:c9:8b:77:a1:e7:d0:
4f:54:30:aa:79:dc:29:89:05:94:16:03:31:06:2a:ed:1f:ce:
85:e9:cd:28:2e:55:61:6b:17:c5:6c:ca:58:fd:f5:dc:0b:22:
37:9c:29:0d:62:f9:21:17:45:8a:a3:b6:22:2f:93:d5:05:7b:
81:24:5f:92
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEHDwhJzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
NzQ5YWNhODVkYzY2YzgzY2U1NWVjZGMwNDVjOTYwNzVjYTdkZWJjMB4XDTIyMDEw
MTE0NTc1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNjNmQxMWMyMjY1
YzE2Y2I1NjQzYjU1YTJiMmU3YzllOTljZjdmMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMC/emxSdYHvWi8Ttmwxg31/XBhfJFzeuVbEuEHzZMdT5fDV
8P0xckLVmKCKir5ApfS1mCdqVqdcD4U0rKs1RrmW3sVfmkGKA8ZCjn9xYWBOJFuN
Jo+omahtGrUpmP0KSuu0xCfJUMaUpfCFgqGY2Zl0qSjPQeq0aQ5hpvdf+svGFI3q
yX6JyZppWYjc25QlZnaHoJhZpMLZagqurvPwd40UVIr12OTn0ctu5CvshiPtstlu
aoHT7SxB8qSGFjXw0QY8VRUm8/n4EZ0GrO6g7yk6fufIGHIFYzJ5h86LdY0+lfOe
mGOL07SRq8MpA7SdcNVK7RnSUyXOWAX5zFTaDkkCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRcxtEcImXBbLVkO1WisufJ6Zz38TAfBgNVHSMEGDAWgBSnSayoXcZsg85V
7NwEXJYHXKfevDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3AwbXNxRjNHYklQT1ZlemNCRnlXQjF5bjNydy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMDMvMzNlNTA4LTEyN2QtNDk0Ni1iM2NjLTRjOWY0M2Y4NzhhYi8x
L1hNYlJIQ0psd1d5MVpEdFZvckxueWVtYzlfRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMDMv
MzNlNTA4LTEyN2QtNDk0Ni1iM2NjLTRjOWY0M2Y4NzhhYi8xL3AwbXNxRjNHYklQ
T1ZlemNCRnlXQjF5bjNydy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEAbkR7jANBAIAAjAHAwUAKgPdQTAN
BgkqhkiG9w0BAQsFAAOCAQEAFw05tUfzjl8Rnv3/vkw/6VCoqNs7XUauRvvmdoPL
G5xcAIeHJAeewtJYKSyDH0TirMhnlWbTvVwMab1uKDKVZQZJprHqaptoeT7p36eE
4nkFJMb2q4IKVP5+6dJi3AjBn+L9pNE3bCBvDS3d227ChFYJTa/0tB+8S2IJ3WMj
Hho11rlZxot3ZmwnCh46tBP0c6jGu38gz2mxZuD5vYIcBde4aRq5wr+aFPhd76fO
59NZ6PKnRHyYJFm6ZAKeiCb+yYt3oefQT1QwqnncKYkFlBYDMQYq7R/OhenNKC5V
YWsXxWzKWP313AsiN5wpDWL5IRdFiqO2Ii+T1QV7gSRfkg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:16:52 2024 by rpki-client on console-fra.rpki-client.org