Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XT4KnYIelBlibYsnrq6mVx3fx2A.roa
File: XT4KnYIelBlibYsnrq6mVx3fx2A.roa (raw, json)
Hash identifier: Xb8pMGXRC+Gswrxgs8pEWLK7k0h1YsaJ16METb6R0BM=
Subject key identifier: 5D:3E:0A:9D:82:1E:94:19:62:6D:8B:27:AE:AE:A6:57:1D:DF:C7:60
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 3899D7B8
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XT4KnYIelBlibYsnrq6mVx3fx2A.roa
Signing time: Sat 01 Jan 2022 05:54:29 +0000
ROA not before: Sat 01 Jan 2022 05:54:29 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212717
IP address blocks: 85.254.28.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 949606328 (0x3899d7b8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:29 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d3e0a9d821e9419626d8b27aeaea6571ddfc760
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:e1:d8:16:e3:57:cf:b1:1d:76:d1:23:a7:54:
c6:6a:ae:fc:59:1f:0a:b1:27:39:7a:eb:51:4e:04:
ac:b2:07:60:7e:06:cd:9d:cd:66:d6:99:80:d0:65:
36:46:ec:f0:fa:bb:17:9c:98:02:f1:c6:a2:18:9b:
9a:f0:62:58:46:a0:f5:cc:2c:ba:e8:33:4f:5c:5f:
bd:ff:0d:bc:8d:8e:33:e1:87:10:8e:e9:00:0a:99:
7c:8c:65:3a:d1:e2:44:47:12:ae:9d:cc:72:33:8f:
82:37:70:71:80:91:34:bd:a3:7a:cf:e5:4b:7b:a2:
b9:f4:32:25:60:70:8f:4d:67:c3:e4:7a:7a:28:4e:
c4:49:55:5f:c8:fd:0f:56:00:fd:3d:bd:00:ff:3b:
d3:26:1b:ab:45:73:71:13:bf:16:07:e6:7c:5b:fc:
f3:b4:93:d7:37:64:89:7b:47:92:b8:5c:28:00:9a:
45:e1:0b:57:35:bf:93:3f:85:65:94:f1:4b:f2:d5:
48:0d:f1:ef:e3:1f:9e:8d:7c:6f:cb:ce:fe:01:dc:
ea:80:14:51:6f:1b:99:bd:e8:43:df:10:c1:19:1a:
e6:fb:2f:18:d0:48:a5:82:e2:26:9f:1a:51:e6:a7:
87:64:8e:07:8b:ab:57:da:1e:28:33:eb:92:62:95:
44:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3E:0A:9D:82:1E:94:19:62:6D:8B:27:AE:AE:A6:57:1D:DF:C7:60
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/XT4KnYIelBlibYsnrq6mVx3fx2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.28.0/24
Signature Algorithm: sha256WithRSAEncryption
80:64:34:65:4a:30:72:e3:c1:1a:86:f9:e4:97:98:97:d6:04:
42:13:46:09:1c:dc:07:07:02:32:f7:e4:5a:c4:78:d8:26:78:
4c:fd:ee:6b:fe:b4:96:b9:3f:18:ce:df:ce:7e:77:35:7b:3e:
e6:1b:36:cc:65:e7:d5:ce:ac:11:e9:4d:60:22:0c:01:74:54:
7f:33:13:ee:85:9b:f9:65:1a:11:06:50:5b:ee:a4:a7:99:8c:
86:88:9c:cd:ac:d8:a1:91:12:2a:ae:14:75:82:6c:26:ee:51:
38:c5:84:55:d6:fe:0f:1b:9f:cf:e2:31:31:28:a3:b0:3b:58:
d7:f5:dc:b8:1e:88:16:67:c7:05:21:55:40:f4:72:5a:87:12:
7e:03:82:2b:53:b3:4c:c5:fa:83:ff:87:38:39:51:ec:e3:65:
de:51:14:08:81:e6:36:6d:57:ae:9b:3e:78:3b:5a:3d:de:c9:
e0:ac:7c:00:17:ba:22:ce:9e:91:95:04:84:c7:44:e0:06:20:
e7:6b:82:54:e1:ab:58:69:aa:9a:d4:39:85:f5:f8:08:96:60:
19:cd:2f:98:b4:a2:9e:ae:65:c0:63:2e:39:8a:c3:e0:33:f8:
d5:14:61:4e:b7:ea:09:a1:00:a2:da:fa:af:41:0b:37:d6:01:
ec:63:99:d5
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOJnXuDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQyOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQzZTBhOWQ4MjFl
OTQxOTYyNmQ4YjI3YWVhZWE2NTcxZGRmYzc2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKrh2BbjV8+xHXbRI6dUxmqu/FkfCrEnOXrrUU4ErLIHYH4G
zZ3NZtaZgNBlNkbs8Pq7F5yYAvHGohibmvBiWEag9cwsuugzT1xfvf8NvI2OM+GH
EI7pAAqZfIxlOtHiREcSrp3McjOPgjdwcYCRNL2jes/lS3uiufQyJWBwj01nw+R6
eihOxElVX8j9D1YA/T29AP870yYbq0VzcRO/FgfmfFv887ST1zdkiXtHkrhcKACa
ReELVzW/kz+FZZTxS/LVSA3x7+Mfno18b8vO/gHc6oAUUW8bmb3oQ98QwRka5vsv
GNBIpYLiJp8aUeanh2SOB4urV9oeKDPrkmKVRDECAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdPgqdgh6UGWJtiyeurqZXHd/HYDAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L1hUNEtuWUllbEJsaWJZc25ycTZtVngzZngyQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFX+HDANBgkqhkiG9w0BAQsFAAOC
AQEAgGQ0ZUowcuPBGob55JeYl9YEQhNGCRzcBwcCMvfkWsR42CZ4TP3ua/60lrk/
GM7fzn53NXs+5hs2zGXn1c6sEelNYCIMAXRUfzMT7oWb+WUaEQZQW+6kp5mMhoic
zazYoZESKq4UdYJsJu5ROMWEVdb+Dxufz+IxMSijsDtY1/XcuB6IFmfHBSFVQPRy
WocSfgOCK1OzTMX6g/+HODlR7ONl3lEUCIHmNm1Xrps+eDtaPd7J4Kx8ABe6Is6e
kZUEhMdE4AYg52uCVOGrWGmqmtQ5hfX4CJZgGc0vmLSinq5lwGMuOYrD4DP41RRh
TrfqCaEAotr6r0ELN9YB7GOZ1Q==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:43:45 2023 by rpki-client on console-fra.rpki-client.org