Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/xcOtqXqyTftXvmMWD5cZsgR09tI.roa
File: xcOtqXqyTftXvmMWD5cZsgR09tI.roa (raw, json)
Hash identifier: jLCI0UD71KhhhENKwy1OXs1AxGULzqYo9aTWQmmosWY=
Subject key identifier: C5:C3:AD:A9:7A:B2:4D:FB:57:BE:63:16:0F:97:19:B2:04:74:F6:D2
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 389048F3
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/xcOtqXqyTftXvmMWD5cZsgR09tI.roa
Signing time: Sat 01 Jan 2022 05:54:24 +0000
ROA not before: Sat 01 Jan 2022 05:54:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 201315
IP address blocks: 85.254.48.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 948979955 (0x389048f3)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Jan 1 05:54:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5c3ada97ab24dfb57be63160f9719b20474f6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cc:cf:9d:51:4b:a9:03:b5:b7:17:5d:9b:60:
d9:fd:3f:23:97:1a:43:61:4a:59:fe:af:02:70:69:
97:7f:34:d7:1e:98:61:85:36:54:d0:94:cf:e5:6a:
75:43:70:62:75:75:27:eb:df:c9:33:70:d8:73:fb:
2b:4e:87:4a:95:b6:d9:83:a8:fb:de:ee:90:4f:d2:
a6:00:35:7d:22:4f:79:46:48:ce:9c:31:28:f9:4d:
ff:81:db:74:b0:41:ed:09:52:e7:a5:39:cc:5c:12:
2f:d8:a2:64:15:ee:05:cb:b3:59:ff:15:cb:00:db:
65:6b:0b:f4:33:d8:58:1e:88:a6:22:ff:af:51:54:
12:67:17:0a:70:ef:e7:10:34:70:14:99:28:b3:81:
09:1b:ec:99:3e:18:1d:30:5c:07:aa:68:7f:92:fe:
6e:db:ad:50:78:bb:e3:d9:a2:3e:b6:4e:db:d7:2f:
25:6b:1e:88:3e:71:ec:c4:49:be:14:51:60:50:0f:
c2:de:72:3c:42:51:a1:23:69:44:4e:76:13:22:74:
6d:e0:00:f6:37:6b:ce:2f:85:fe:98:47:c3:6e:e0:
6d:fb:5e:23:e2:bd:1a:7a:51:b4:6f:b3:03:d1:0e:
95:b0:4f:41:ac:81:4b:98:b5:3c:01:63:0f:b6:3e:
68:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C3:AD:A9:7A:B2:4D:FB:57:BE:63:16:0F:97:19:B2:04:74:F6:D2
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/xcOtqXqyTftXvmMWD5cZsgR09tI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.254.48.0/24
Signature Algorithm: sha256WithRSAEncryption
32:4a:ee:34:7c:e6:1d:70:85:3f:3b:fc:8d:68:ba:83:3f:fb:
a4:b2:05:e5:d0:81:6f:cf:92:6c:d5:f0:a2:e0:e9:77:d1:d3:
e5:0c:29:db:74:54:58:74:db:15:de:ca:25:4e:48:54:03:42:
dd:b1:33:d9:b2:69:f9:85:1f:1c:8a:d3:dd:40:24:11:56:85:
36:bd:53:2c:fa:12:2f:30:ba:56:fb:1a:de:6f:64:cd:66:8c:
53:fa:81:bc:93:9a:c0:0e:0d:6b:ec:24:45:8f:e7:d7:68:42:
5b:b5:bd:3b:07:51:aa:00:47:3d:3e:47:7b:88:50:58:3e:d5:
77:09:b4:38:e9:91:40:fe:c2:7a:e1:0a:b5:fe:7d:42:e6:8e:
40:de:be:5b:21:1d:fb:8b:11:1a:fe:ae:fd:5e:30:2e:03:93:
08:37:e7:06:6c:38:c9:b5:78:21:d7:29:61:a6:b6:50:04:90:
81:b8:c3:8d:e1:cf:3d:75:ac:52:f3:e1:93:dc:83:24:4e:a2:
7c:57:ca:27:a7:14:38:28:d6:47:4a:c3:fc:19:19:15:19:d9:
83:d9:f3:da:6f:8e:db:19:92:e3:c5:f4:c9:59:61:6d:cb:cf:
41:05:07:25:ea:00:f2:38:21:3b:f3:ae:88:28:3f:71:70:79:
98:27:42:b9
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEOJBI8zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
YjA5NTJjOGJhOGRhZGIxZDM0ZGU2YzZhOTM4NjRhNjA5ZmM0MWVjMB4XDTIyMDEw
MTA1NTQyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVjM2FkYTk3YWIy
NGRmYjU3YmU2MzE2MGY5NzE5YjIwNDc0ZjZkMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/Mz51RS6kDtbcXXZtg2f0/I5caQ2FKWf6vAnBpl3801x6Y
YYU2VNCUz+VqdUNwYnV1J+vfyTNw2HP7K06HSpW22YOo+97ukE/SpgA1fSJPeUZI
zpwxKPlN/4HbdLBB7QlS56U5zFwSL9iiZBXuBcuzWf8VywDbZWsL9DPYWB6IpiL/
r1FUEmcXCnDv5xA0cBSZKLOBCRvsmT4YHTBcB6pof5L+btutUHi749miPrZO29cv
JWseiD5x7MRJvhRRYFAPwt5yPEJRoSNpRE52EyJ0beAA9jdrzi+F/phHw27gbfte
I+K9GnpRtG+zA9EOlbBPQayBS5i1PAFjD7Y+aFkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTFw62perJN+1e+YxYPlxmyBHT20jAfBgNVHSMEGDAWgBSrCVLIuo2tsdNN
5sapOGSmCfxB7DAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3F3bFN5THFOcmJIVFRlYkdxVGhrcGduOFFldy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGUvMzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8x
L3hjT3RxWHF5VGZ0WHZtTVdENWNac2dSMDl0SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGUv
MzU1NWZlLTEyY2QtNDAyYS1hODEwLTU1NTRkNmUxNjg2Zi8xL3F3bFN5THFOcmJI
VFRlYkdxVGhrcGduOFFldy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFX+MDANBgkqhkiG9w0BAQsFAAOC
AQEAMkruNHzmHXCFPzv8jWi6gz/7pLIF5dCBb8+SbNXwouDpd9HT5Qwp23RUWHTb
Fd7KJU5IVANC3bEz2bJp+YUfHIrT3UAkEVaFNr1TLPoSLzC6Vvsa3m9kzWaMU/qB
vJOawA4Na+wkRY/n12hCW7W9OwdRqgBHPT5He4hQWD7Vdwm0OOmRQP7CeuEKtf59
QuaOQN6+WyEd+4sRGv6u/V4wLgOTCDfnBmw4ybV4IdcpYaa2UASQgbjDjeHPPXWs
UvPhk9yDJE6ifFfKJ6cUOCjWR0rD/BkZFRnZg9nz2m+O2xmS48X0yVlhbcvPQQUH
JeoA8jghO/OuiCg/cXB5mCdCuQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:47:38 2023 by rpki-client on console-ams.rpki-client.org