Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/xcVSCqawf_RbBMbZJbspF3VUXy0.roa
File: xcVSCqawf_RbBMbZJbspF3VUXy0.roa (raw, json)
Hash identifier: yOBYsogWneEe3AdNZ0GXRUlzcsLWR6JtmgsyiF0nHYM=
Subject key identifier: C5:C5:52:0A:A6:B0:7F:F4:5B:04:C6:D9:25:BB:29:17:75:54:5F:2D
Certificate issuer: /CN=0e91de17437a0025fd1ede10f710f17a3080b3ab
Certificate serial: 01831322AE55CCF5FF1F0EF0C44C037D575A
Authority key identifier: 0E:91:DE:17:43:7A:00:25:FD:1E:DE:10:F7:10:F1:7A:30:80:B3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/xcVSCqawf_RbBMbZJbspF3VUXy0.roa
Signing time: Tue 06 Sep 2022 14:09:43 +0000
ROA not before: Tue 06 Sep 2022 14:09:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205763
IP address blocks: 185.207.124.0/24 maxlen: 24
185.207.125.0/24 maxlen: 24
185.207.127.0/24 maxlen: 24
185.207.126.0/24 maxlen: 24
2a0b:2340::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:13:22:ae:55:cc:f5:ff:1f:0e:f0:c4:4c:03:7d:57:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e91de17437a0025fd1ede10f710f17a3080b3ab
Validity
Not Before: Sep 6 14:09:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5c5520aa6b07ff45b04c6d925bb291775545f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:76:00:ae:7c:da:24:de:53:bb:21:81:44:7c:
44:34:7c:66:5d:74:ef:a7:1b:5f:c8:1a:b2:a6:6c:
8c:23:01:cd:a6:b5:64:b0:02:b6:09:ba:88:17:1c:
6b:72:d5:a2:f0:67:ae:ab:52:3b:79:3d:2d:86:91:
95:af:37:e6:b1:7d:5d:74:db:f5:94:7d:70:fb:fe:
d3:7c:0f:1e:8c:7b:69:dc:c3:70:54:7e:5f:89:3f:
b8:f0:2e:a7:19:0e:1f:2f:de:92:77:3d:89:d4:40:
9c:3c:93:a0:90:03:db:d2:91:b1:de:ec:73:53:9a:
8d:92:f6:e4:0b:b6:e2:44:f5:d9:df:a6:ab:89:72:
62:75:89:f8:fd:3d:5e:1d:d0:42:79:da:f5:d8:14:
c3:67:b7:3f:bd:b0:1c:cb:e7:d9:ab:d2:45:5a:70:
76:fd:85:12:53:5f:83:a2:83:70:01:dc:a7:16:f4:
2c:01:74:83:7d:de:ad:19:6b:eb:f1:c1:f4:85:ea:
d3:ad:17:ca:5d:09:ab:43:e7:ef:0e:fa:ea:ee:37:
6d:60:b2:b5:52:1b:8d:f6:77:5a:86:4f:cf:aa:13:
3b:59:c7:20:56:2b:8b:d6:74:11:15:ad:20:6f:22:
21:09:3f:51:82:7e:8b:67:f0:54:01:12:02:cb:f0:
96:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C5:52:0A:A6:B0:7F:F4:5B:04:C6:D9:25:BB:29:17:75:54:5F:2D
X509v3 Authority Key Identifier:
keyid:0E:91:DE:17:43:7A:00:25:FD:1E:DE:10:F7:10:F1:7A:30:80:B3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/xcVSCqawf_RbBMbZJbspF3VUXy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/baef57-c484-4523-b14e-88ebbf99780b/1/DpHeF0N6ACX9Ht4Q9xDxejCAs6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.124.0/22
IPv6:
2a0b:2340::/29
Signature Algorithm: sha256WithRSAEncryption
36:b8:09:f6:00:f5:45:06:e9:7b:44:ed:03:e0:23:25:ab:a2:
d4:16:09:fd:11:6b:6a:7d:11:90:c6:df:c8:ec:f8:86:8a:c5:
90:c8:3b:df:ec:af:f0:3d:64:75:d3:79:df:9a:0b:4a:74:c5:
82:92:05:0d:dd:c5:ce:60:b6:54:f8:ea:d9:f3:50:a1:1c:81:
7f:dc:4f:c9:7f:08:40:e8:ff:a5:ad:00:4d:c7:81:de:77:20:
4c:64:20:1c:98:72:64:a9:2d:c1:dc:d6:21:16:83:c5:83:92:
ba:29:50:3a:2d:ce:2d:5f:5b:fe:e7:e8:07:b2:6b:fe:6c:d1:
86:da:45:90:41:c8:c5:2e:e4:1f:d2:fd:bd:19:d5:9d:cc:a2:
c0:ee:a6:cd:6a:20:53:ee:22:7b:9d:73:f3:7e:03:df:d8:ab:
01:f2:76:cc:21:f7:76:96:b1:0d:5b:ab:5a:3d:22:e0:ca:a4:
50:df:af:3e:e1:6b:aa:d5:05:2e:4e:8a:fe:b1:22:9b:9b:53:
1a:8c:6b:53:1f:74:75:6f:93:d4:ef:c0:1a:86:7b:8b:00:22:
cd:9d:63:22:0b:3a:fb:55:6a:61:a8:f3:5c:f3:a1:1e:05:b3:
6e:3e:c7:8b:8e:84:9d:6f:9c:10:73:68:4c:44:af:da:22:8e:
85:4d:09:8f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYMTIq5VzPX/Hw7wxEwDfVdaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlOTFkZTE3NDM3YTAwMjVmZDFlZGUxMGY3MTBmMTdhMzA4
MGIzYWIwHhcNMjIwOTA2MTQwOTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM1NTIwYWE2YjA3ZmY0NWIwNGM2ZDkyNWJiMjkxNzc1NTQ1ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHYArnzaJN5TuyGBRHxENHxmXXTv
pxtfyBqypmyMIwHNprVksAK2CbqIFxxrctWi8Geuq1I7eT0thpGVrzfmsX1ddNv1
lH1w+/7TfA8ejHtp3MNwVH5fiT+48C6nGQ4fL96Sdz2J1ECcPJOgkAPb0pGx3uxz
U5qNkvbkC7biRPXZ36ariXJidYn4/T1eHdBCedr12BTDZ7c/vbAcy+fZq9JFWnB2
/YUSU1+DooNwAdynFvQsAXSDfd6tGWvr8cH0herTrRfKXQmrQ+fvDvrq7jdtYLK1
UhuN9ndahk/PqhM7WccgViuL1nQRFa0gbyIhCT9Rgn6LZ/BUARICy/CW3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMXFUgqmsH/0WwTG2SW7KRd1VF8tMB8GA1UdIwQY
MBaAFA6R3hdDegAl/R7eEPcQ8XowgLOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHBIZUYwTjZBQ1g5SHQ0UTl4RHhlakNBczZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9iYWVmNTctYzQ4NC00NTIzLWIxNGUt
ODhlYmJmOTk3ODBiLzEveGNWU0NxYXdmX1JiQk1iWkpic3BGM1ZVWHkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9iYWVmNTctYzQ4NC00NTIzLWIxNGUtODhlYmJmOTk3ODBi
LzEvRHBIZUYwTjZBQ1g5SHQ0UTl4RHhlakNBczZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuc98MA0E
AgACMAcDBQMqCyNAMA0GCSqGSIb3DQEBCwUAA4IBAQA2uAn2APVFBul7RO0D4CMl
q6LUFgn9EWtqfRGQxt/I7PiGisWQyDvf7K/wPWR103nfmgtKdMWCkgUN3cXOYLZU
+OrZ81ChHIF/3E/JfwhA6P+lrQBNx4HedyBMZCAcmHJkqS3B3NYhFoPFg5K6KVA6
Lc4tX1v+5+gHsmv+bNGG2kWQQcjFLuQf0v29GdWdzKLA7qbNaiBT7iJ7nXPzfgPf
2KsB8nbMIfd2lrENW6taPSLgyqRQ368+4Wuq1QUuTor+sSKbm1MajGtTH3R1b5PU
78AahnuLACLNnWMiCzr7VWphqPNc86EeBbNuPseLjoSdb5wQc2hMRK/aIo6FTQmP
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:24 2024 by rpki-client on console-fra.rpki-client.org