Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/xa7tU1bmMvtoxnsrOVcRTqmTUlo.roa
File: xa7tU1bmMvtoxnsrOVcRTqmTUlo.roa (raw, json)
Hash identifier: eL/ONTDuNEJkZ618kB23LtfjdG0D11lh0y3E+rGTmeY=
Subject key identifier: C5:AE:ED:53:56:E6:32:FB:68:C6:7B:2B:39:57:11:4E:A9:93:52:5A
Certificate issuer: /CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Certificate serial: 0C1B402B
Authority key identifier: DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/xa7tU1bmMvtoxnsrOVcRTqmTUlo.roa
Signing time: Sat 01 Jan 2022 09:56:05 +0000
ROA not before: Sat 01 Jan 2022 09:56:05 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205747
IP address blocks: 185.188.196.0/22 maxlen: 24
2a0b:d080::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 203112491 (0xc1b402b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de804c9c8a43397d16779aa934f7067388fc7d7c
Validity
Not Before: Jan 1 09:56:05 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5aeed5356e632fb68c67b2b3957114ea993525a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:5d:9d:9d:eb:87:27:67:a1:60:2e:9b:02:ea:
f2:96:67:42:7f:c3:d5:61:da:46:6c:d6:29:4a:1d:
30:23:0c:0c:08:8c:cf:54:fe:fb:5c:b6:35:fa:46:
2a:a1:e4:9c:18:d7:9a:4d:87:23:28:11:e1:90:dd:
c4:ca:d4:f3:5d:94:bb:fb:a1:bc:7b:77:11:eb:1a:
fc:90:60:a3:18:fa:d7:32:01:9a:a6:a4:57:81:f2:
c8:f6:33:a2:2c:38:02:e5:b6:b7:94:05:54:88:0e:
c0:ca:d4:bc:71:e1:8f:93:cf:44:a2:bf:28:9c:22:
1c:22:c5:db:03:d9:c9:95:b9:bf:7c:2d:b7:b8:cd:
ed:cf:8a:e5:e6:5b:5d:36:43:d6:4a:8b:81:23:fd:
a0:4d:11:06:ab:9d:ab:17:21:89:79:a3:ee:b3:e6:
fd:18:88:ab:ee:48:0d:b7:ab:f8:1b:9d:60:db:62:
ae:13:92:5d:e1:c2:1a:b0:de:dc:50:2d:c4:7c:04:
5a:a0:81:d9:bc:20:8b:0b:65:bf:f5:b9:74:9b:06:
08:8e:f7:06:cb:fd:0c:c6:2f:c7:73:78:14:71:c9:
fc:ea:f1:1c:7f:f9:5e:13:34:4e:fc:2a:42:f9:f7:
7a:29:b9:2c:91:d0:fa:7c:99:89:f6:c4:c9:55:89:
0e:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AE:ED:53:56:E6:32:FB:68:C6:7B:2B:39:57:11:4E:A9:93:52:5A
X509v3 Authority Key Identifier:
keyid:DE:80:4C:9C:8A:43:39:7D:16:77:9A:A9:34:F7:06:73:88:FC:7D:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/xa7tU1bmMvtoxnsrOVcRTqmTUlo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/96254c-fc0e-4f58-95e2-af4e5241bf20/1/3oBMnIpDOX0Wd5qpNPcGc4j8fXw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.188.196.0/22
IPv6:
2a0b:d080::/32
Signature Algorithm: sha256WithRSAEncryption
49:6e:2e:b5:ee:f5:4e:1e:b5:f1:42:71:15:cb:ea:fc:8b:2f:
46:e2:18:32:76:c6:4b:c9:be:1e:d7:02:85:2c:2c:02:f0:44:
c3:d5:c7:ac:ed:9d:ec:ed:a0:46:8c:19:9c:61:75:de:8b:0d:
74:6b:cf:67:26:de:26:70:eb:3e:6b:e9:f5:c0:8b:5a:a9:d2:
6f:97:ba:31:db:72:23:58:f5:bf:25:2e:19:19:ea:c3:72:24:
76:c9:37:61:06:b5:d1:e5:15:22:44:41:ef:0b:43:98:4e:db:
ce:4d:a6:1f:d4:7f:ee:ca:81:8b:a7:5e:ce:7a:af:82:e3:a6:
03:97:93:ce:c2:a5:92:7c:37:c5:cc:9b:46:d8:13:5b:f8:cc:
d9:84:6d:24:cc:2c:ae:e8:0f:39:0c:35:d9:a6:cb:8b:98:fc:
06:11:29:2e:60:a2:dd:bc:5e:ec:0e:b7:94:6d:88:ec:07:03:
c6:df:5d:65:be:85:25:4a:9a:9d:e0:36:0b:71:4a:84:00:ba:
d6:48:35:1a:16:e8:9f:07:b9:0e:d2:e8:9c:81:d8:eb:b1:f0:
32:e2:ff:53:c7:b3:e9:c9:e1:40:ff:17:97:4f:31:18:0f:a4:
31:73:36:0a:0a:91:4b:53:56:7a:fd:be:bb:a2:92:13:47:80:
d2:9d:c4:fb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEDBtAKzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
ZTgwNGM5YzhhNDMzOTdkMTY3NzlhYTkzNGY3MDY3Mzg4ZmM3ZDdjMB4XDTIyMDEw
MTA5NTYwNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVhZWVkNTM1NmU2
MzJmYjY4YzY3YjJiMzk1NzExNGVhOTkzNTI1YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ1dnZ3rhydnoWAumwLq8pZnQn/D1WHaRmzWKUodMCMMDAiM
z1T++1y2NfpGKqHknBjXmk2HIygR4ZDdxMrU812Uu/uhvHt3Eesa/JBgoxj61zIB
mqakV4HyyPYzoiw4AuW2t5QFVIgOwMrUvHHhj5PPRKK/KJwiHCLF2wPZyZW5v3wt
t7jN7c+K5eZbXTZD1kqLgSP9oE0RBqudqxchiXmj7rPm/RiIq+5IDber+BudYNti
rhOSXeHCGrDe3FAtxHwEWqCB2bwgiwtlv/W5dJsGCI73Bsv9DMYvx3N4FHHJ/Orx
HH/5XhM0TvwqQvn3eim5LJHQ+nyZifbEyVWJDr0CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTFru1TVuYy+2jGeys5VxFOqZNSWjAfBgNVHSMEGDAWgBTegEycikM5fRZ3
mqk09wZziPx9fDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNvQk1uSXBET1gwV2Q1cXBOUGNHYzRqOGZYdy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTQvOTYyNTRjLWZjMGUtNGY1OC05NWUyLWFmNGU1MjQxYmYyMC8x
L3hhN3RVMWJtTXZ0b3huc3JPVmNSVHFtVFVsby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTQv
OTYyNTRjLWZjMGUtNGY1OC05NWUyLWFmNGU1MjQxYmYyMC8xLzNvQk1uSXBET1gw
V2Q1cXBOUGNHYzRqOGZYdy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArm8xDANBAIAAjAHAwUAKgvQgDAN
BgkqhkiG9w0BAQsFAAOCAQEASW4ute71Th618UJxFcvq/IsvRuIYMnbGS8m+HtcC
hSwsAvBEw9XHrO2d7O2gRowZnGF13osNdGvPZybeJnDrPmvp9cCLWqnSb5e6Mdty
I1j1vyUuGRnqw3Ikdsk3YQa10eUVIkRB7wtDmE7bzk2mH9R/7sqBi6deznqvguOm
A5eTzsKlknw3xcybRtgTW/jM2YRtJMwsrugPOQw12abLi5j8BhEpLmCi3bxe7A63
lG2I7AcDxt9dZb6FJUqaneA2C3FKhAC61kg1Ghbonwe5DtLonIHY67HwMuL/U8ez
6cnhQP8Xl08xGA+kMXM2CgqRS1NWev2+u6KSE0eA0p3E+w==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:25 2023 by rpki-client on console-fra.rpki-client.org