Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/384d03-f479-4bb2-a8ad-ad510e05da92/1/X9XRZI_ojsgLDaJChm1twMfeKOA.roa
File: X9XRZI_ojsgLDaJChm1twMfeKOA.roa (raw, json)
Hash identifier: S+sfpRlEOSpB26JPzvdoi6RkDrOqFlqPT8sMjzuwZ48=
Subject key identifier: 5F:D5:D1:64:8F:E8:8E:C8:0B:0D:A2:42:86:6D:6D:C0:C7:DE:28:E0
Certificate issuer: /CN=66729f9d0786f68a1ecd5c5a92bc392d8691975e
Certificate serial: 02BA1BCA
Authority key identifier: 66:72:9F:9D:07:86:F6:8A:1E:CD:5C:5A:92:BC:39:2D:86:91:97:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZnKfnQeG9ooezVxakrw5LYaRl14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/384d03-f479-4bb2-a8ad-ad510e05da92/1/X9XRZI_ojsgLDaJChm1twMfeKOA.roa
Signing time: Sat 01 Jan 2022 11:55:45 +0000
ROA not before: Sat 01 Jan 2022 11:55:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205718
IP address blocks: 185.226.168.0/22 maxlen: 22
2a09:fbc0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 45751242 (0x2ba1bca)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66729f9d0786f68a1ecd5c5a92bc392d8691975e
Validity
Not Before: Jan 1 11:55:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5fd5d1648fe88ec80b0da242866d6dc0c7de28e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:2c:7d:42:f0:dd:4e:fb:0a:e6:1a:4a:d1:3a:
30:dc:e0:04:fb:55:10:30:85:d4:7e:8c:2a:5a:ff:
9e:26:a2:09:e7:63:19:d5:cb:9d:84:c3:5e:36:a0:
f7:11:95:07:00:75:29:8c:c4:e2:32:20:71:66:9e:
9f:68:4c:49:f1:81:c1:ab:95:19:78:90:ea:5e:c3:
87:ea:45:af:22:05:c7:44:28:0e:0d:7a:00:fc:4c:
0e:99:fd:aa:5a:ab:9c:4f:e3:16:be:ce:ff:79:64:
9c:95:9a:8b:52:0e:3e:74:83:1e:77:e1:de:f8:f6:
73:70:9f:fc:07:d2:a9:d3:d1:c6:c9:d5:75:79:f9:
21:ea:f9:50:8e:be:cb:27:39:c9:c6:10:a7:6c:29:
56:1b:40:ec:d3:2f:62:d7:13:31:7d:9c:ee:5b:d8:
b1:05:56:30:de:f5:66:0d:56:1f:8c:4b:0c:ae:90:
b0:e2:60:c8:7e:70:f0:99:ad:9a:c7:48:67:a0:4c:
a8:37:3d:db:8d:c9:e7:eb:73:e5:ad:ee:6b:58:3e:
ca:7b:08:6b:49:fd:bd:fd:22:e7:80:5d:31:b9:df:
27:2b:98:ee:72:a4:18:af:29:41:9d:63:05:85:77:
05:db:38:b1:df:64:13:fc:c9:2c:61:df:6d:c3:5d:
f7:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:D5:D1:64:8F:E8:8E:C8:0B:0D:A2:42:86:6D:6D:C0:C7:DE:28:E0
X509v3 Authority Key Identifier:
keyid:66:72:9F:9D:07:86:F6:8A:1E:CD:5C:5A:92:BC:39:2D:86:91:97:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZnKfnQeG9ooezVxakrw5LYaRl14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/384d03-f479-4bb2-a8ad-ad510e05da92/1/X9XRZI_ojsgLDaJChm1twMfeKOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/384d03-f479-4bb2-a8ad-ad510e05da92/1/ZnKfnQeG9ooezVxakrw5LYaRl14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.226.168.0/22
IPv6:
2a09:fbc0::/32
Signature Algorithm: sha256WithRSAEncryption
3f:8f:c3:8f:2a:5d:6f:97:bc:af:18:17:ef:48:ae:18:35:cf:
f1:f6:51:f3:31:e1:a4:96:d0:ff:9b:ff:ab:11:eb:bf:8b:43:
45:76:dc:b7:17:6b:61:ba:43:20:14:17:5f:2e:d6:54:28:01:
54:b4:8a:16:97:25:17:40:20:a9:46:8e:41:93:b4:71:1a:8f:
f7:d1:55:9d:03:07:39:cf:aa:91:16:8e:4a:b1:f5:2a:46:fc:
8f:37:92:84:a5:ed:22:6f:33:b1:93:2f:87:16:9d:69:6a:71:
76:98:0c:8c:14:33:23:eb:31:6f:79:3e:71:02:5b:73:e1:a8:
9a:c8:79:c1:e7:c9:2b:bf:8c:92:a2:f9:01:ee:67:c4:e3:3f:
77:f5:ec:37:10:d1:8b:f0:c0:a5:9e:fe:cf:5c:7f:fa:00:5d:
a7:c6:8c:20:c3:04:cc:35:be:0b:fa:17:db:6b:f2:19:f2:15:
cb:b2:c8:cd:35:e2:2e:bf:ad:74:b9:e4:3f:06:8d:83:c9:43:
d6:2f:ec:ff:bd:e4:5b:5a:2c:07:13:de:c3:95:f2:12:bb:69:
79:93:b3:2d:3f:d1:50:0b:57:57:40:58:15:0b:06:90:63:ea:
e0:41:16:e4:55:07:a1:19:d3:58:f0:b6:d5:57:01:26:67:ca:
04:c7:24:1a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEArobyjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NjcyOWY5ZDA3ODZmNjhhMWVjZDVjNWE5MmJjMzkyZDg2OTE5NzVlMB4XDTIyMDEw
MTExNTU0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWZkNWQxNjQ4ZmU4
OGVjODBiMGRhMjQyODY2ZDZkYzBjN2RlMjhlMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMIsfULw3U77CuYaStE6MNzgBPtVEDCF1H6MKlr/niaiCedj
GdXLnYTDXjag9xGVBwB1KYzE4jIgcWaen2hMSfGBwauVGXiQ6l7Dh+pFryIFx0Qo
Dg16APxMDpn9qlqrnE/jFr7O/3lknJWai1IOPnSDHnfh3vj2c3Cf/AfSqdPRxsnV
dXn5Ier5UI6+yyc5ycYQp2wpVhtA7NMvYtcTMX2c7lvYsQVWMN71Zg1WH4xLDK6Q
sOJgyH5w8JmtmsdIZ6BMqDc9243J5+tz5a3ua1g+ynsIa0n9vf0i54BdMbnfJyuY
7nKkGK8pQZ1jBYV3Bds4sd9kE/zJLGHfbcNd91cCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRf1dFkj+iOyAsNokKGbW3Ax94o4DAfBgNVHSMEGDAWgBRmcp+dB4b2ih7N
XFqSvDkthpGXXjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1puS2ZuUWVHOW9vZXpWeGFrcnc1TFlhUmwxNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMTcvMzg0ZDAzLWY0NzktNGJiMi1hOGFkLWFkNTEwZTA1ZGE5Mi8x
L1g5WFJaSV9vanNnTERhSkNobTF0d01mZUtPQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMTcv
Mzg0ZDAzLWY0NzktNGJiMi1hOGFkLWFkNTEwZTA1ZGE5Mi8xL1puS2ZuUWVHOW9v
ZXpWeGFrcnc1TFlhUmwxNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArniqDANBAIAAjAHAwUAKgn7wDAN
BgkqhkiG9w0BAQsFAAOCAQEAP4/Djypdb5e8rxgX70iuGDXP8fZR8zHhpJbQ/5v/
qxHrv4tDRXbctxdrYbpDIBQXXy7WVCgBVLSKFpclF0AgqUaOQZO0cRqP99FVnQMH
Oc+qkRaOSrH1Kkb8jzeShKXtIm8zsZMvhxadaWpxdpgMjBQzI+sxb3k+cQJbc+Go
msh5wefJK7+MkqL5Ae5nxOM/d/XsNxDRi/DApZ7+z1x/+gBdp8aMIMMEzDW+C/oX
22vyGfIVy7LIzTXiLr+tdLnkPwaNg8lD1i/s/73kW1osBxPew5XyErtpeZOzLT/R
UAtXV0BYFQsGkGPq4EEW5FUHoRnTWPC21VcBJmfKBMckGg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:20:40 2024 by rpki-client on console-fra.rpki-client.org