Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/cx1CZ_5CZRZCuwtvxrjUf4UqAmM.roa
File: cx1CZ_5CZRZCuwtvxrjUf4UqAmM.roa (raw, json)
Hash identifier: MXS6Ksgsas4Z8nTDI6wiwJCClVqdI5pHePdiRvN5xvs=
Subject key identifier: 73:1D:42:67:FE:42:65:16:42:BB:0B:6F:C6:B8:D4:7F:85:2A:02:63
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 23718A
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/cx1CZ_5CZRZCuwtvxrjUf4UqAmM.roa
Signing time: Sat 01 Jan 2022 00:54:09 +0000
ROA not before: Sat 01 Jan 2022 00:54:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48519
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2322826 (0x23718a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 00:54:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=731d4267fe42651642bb0b6fc6b8d47f852a0263
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5b:02:d5:fc:d8:24:ce:8d:f2:ac:33:40:25:
27:1f:59:28:d5:d9:90:18:bc:9e:f4:bb:87:af:2f:
92:2e:85:fa:3b:58:26:c5:cc:aa:f2:92:34:f5:cb:
e1:31:15:e3:51:9f:83:06:b7:d3:fd:25:31:98:4a:
ae:ab:c0:a3:f9:cb:dd:89:50:32:69:a5:4e:6d:90:
8e:fe:2e:02:be:d1:c6:1e:ad:5c:19:d5:dd:d8:47:
49:e4:f2:50:85:0c:81:f8:99:a8:4b:08:6b:47:97:
fa:70:20:07:07:88:37:51:76:4a:d2:0e:1c:03:86:
41:80:81:65:da:51:e9:5c:58:56:73:2c:dd:9e:4e:
35:5c:05:4d:1e:d6:7f:79:42:96:8a:a0:95:19:5a:
58:ef:37:8e:9f:74:8c:ab:99:b8:22:3e:5b:a2:96:
c5:9b:31:4a:03:d5:04:aa:f0:ae:b9:55:2c:ee:d1:
1c:dd:c8:e4:f8:3c:cd:64:00:13:a8:fd:94:40:56:
89:3a:2b:2b:39:ba:d2:18:08:df:01:6c:9f:e4:60:
66:3a:f0:48:71:e9:3a:63:08:ee:e4:9d:53:9f:14:
86:15:30:b4:7d:f8:db:5e:ab:57:98:81:54:68:56:
84:67:63:03:86:7d:d9:c9:d8:36:bd:99:a2:b3:ff:
2a:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:1D:42:67:FE:42:65:16:42:BB:0B:6F:C6:B8:D4:7F:85:2A:02:63
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/cx1CZ_5CZRZCuwtvxrjUf4UqAmM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
23:04:18:c7:93:02:c7:75:84:92:84:98:76:74:56:13:98:d7:
68:31:46:70:9b:b1:59:96:0e:5e:30:f8:01:e1:e7:08:64:a8:
1d:6b:29:8b:d4:f7:3e:01:8b:2e:88:f1:97:0d:dc:52:20:d0:
be:42:0c:3e:56:e9:08:66:14:9b:82:58:47:13:94:ed:09:26:
94:e4:88:c5:39:ba:25:52:61:6d:2d:a4:b9:f2:68:a8:3e:be:
5d:4d:83:a6:78:ef:19:d4:0c:da:65:33:01:14:d0:99:9d:d9:
d7:b5:84:6f:5a:aa:78:be:f0:20:81:08:48:f8:96:2e:92:d0:
ef:4f:27:62:cb:03:83:53:75:69:18:ae:f9:87:ac:7d:df:eb:
d5:97:a0:1b:63:91:b9:d9:39:bf:19:9a:01:ba:ef:ee:89:9e:
9c:08:aa:7d:62:5c:bc:89:81:53:96:e6:31:f7:85:21:bb:37:
a8:f5:fa:48:ef:3d:18:d9:21:5f:96:55:52:82:cb:e7:fe:a5:
5c:38:9f:33:4b:47:08:55:b2:b8:6a:53:9d:52:40:09:56:d7:
05:af:10:8a:ae:a8:4a:a4:16:63:44:e9:d0:a0:20:8e:7b:98:
e8:1e:23:22:4c:07:7b:22:86:b3:f6:8d:95:48:bf:d2:32:8c:
b2:10:14:e2
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgIDI3GKMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDVl
ZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIyZWNmOTMwHhcNMjIwMTAx
MDA1NDA5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg3MzFkNDI2N2ZlNDI2
NTE2NDJiYjBiNmZjNmI4ZDQ3Zjg1MmEwMjYzMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAsFsC1fzYJM6N8qwzQCUnH1ko1dmQGLye9LuHry+SLoX6O1gm
xcyq8pI09cvhMRXjUZ+DBrfT/SUxmEquq8Cj+cvdiVAyaaVObZCO/i4CvtHGHq1c
GdXd2EdJ5PJQhQyB+JmoSwhrR5f6cCAHB4g3UXZK0g4cA4ZBgIFl2lHpXFhWcyzd
nk41XAVNHtZ/eUKWiqCVGVpY7zeOn3SMq5m4Ij5bopbFmzFKA9UEqvCuuVUs7tEc
3cjk+DzNZAATqP2UQFaJOisrObrSGAjfAWyf5GBmOvBIcek6Ywju5J1TnxSGFTC0
ffjbXqtXmIFUaFaEZ2MDhn3Zydg2vZmis/8q4wIDAQABo4ICJTCCAiEwHQYDVR0O
BBYEFHMdQmf+QmUWQrsLb8a41H+FKgJjMB8GA1UdIwQYMBaAFF7gBL76VT3bNVZP
t3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
WHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0LzEv
Y3gxQ1pfNUNaUlpDdXd0dnhyalVmNFVxQW1NLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8z
YzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0LzEvWHVBRXZ2cFZQZHMx
VmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDsG
CCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoEAgACMBQwEgMHASoAHD4A
lgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAIwQYx5MCx3WEkoSYdnRWE5jX
aDFGcJuxWZYOXjD4AeHnCGSoHWspi9T3PgGLLojxlw3cUiDQvkIMPlbpCGYUm4JY
RxOU7QkmlOSIxTm6JVJhbS2kufJoqD6+XU2DpnjvGdQM2mUzARTQmZ3Z17WEb1qq
eL7wIIEISPiWLpLQ708nYssDg1N1aRiu+Yesfd/r1ZegG2ORudk5vxmaAbrv7ome
nAiqfWJcvImBU5bmMfeFIbs3qPX6SO89GNkhX5ZVUoLL5/6lXDifM0tHCFWyuGpT
nVJACVbXBa8Qiq6oSqQWY0Tp0KAgjnuY6B4jIkwHeyKGs/aNlUi/0jKMshAU4g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:19:00 2024 by rpki-client on console-fra.rpki-client.org