Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/XB6KZvIfumKhAkvNDPXL8BmIp2U.roa
File: XB6KZvIfumKhAkvNDPXL8BmIp2U.roa (raw, json)
Hash identifier: jySL33tNWyJ8jNAQQmMZIr9u1MUuoktgYZzt6YiAoaA=
Subject key identifier: 5C:1E:8A:66:F2:1F:BA:62:A1:02:4B:CD:0C:F5:CB:F0:19:88:A7:65
Certificate issuer: /CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Certificate serial: 028FBBFD
Authority key identifier: D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/XB6KZvIfumKhAkvNDPXL8BmIp2U.roa
Signing time: Wed 01 Jun 2022 21:43:20 +0000
ROA not before: Wed 01 Jun 2022 21:43:20 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210055
IP address blocks: 185.214.171.0/24 maxlen: 24
176.119.132.0/22 maxlen: 22
176.119.132.0/24 maxlen: 24
176.119.134.0/24 maxlen: 24
176.119.133.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42974205 (0x28fbbfd)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d17bf4fbea894f43eeb3db1b216e57766e01ab81
Validity
Not Before: Jun 1 21:43:20 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c1e8a66f21fba62a1024bcd0cf5cbf01988a765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:d1:b6:9c:90:15:25:27:99:c5:c7:ef:8e:87:
5c:e2:78:4a:12:54:f9:12:f8:a6:69:96:29:fb:0a:
09:b5:f9:5c:04:c9:76:d4:7f:aa:4f:15:69:e4:7a:
93:3f:69:b1:6c:51:b9:b3:ee:a8:48:91:f6:a0:73:
e1:ab:6d:1e:e0:ac:a0:b5:ce:83:9a:47:ac:b1:68:
92:b6:60:c3:ce:65:3b:98:6f:a2:8e:b0:6e:08:27:
cf:0a:a2:5a:e7:be:b4:67:8b:1d:13:79:69:db:a0:
5c:5f:31:2d:12:7b:b1:ab:9f:01:10:3c:ac:a1:79:
02:98:2d:69:70:5c:8d:4f:ef:9b:f2:b2:1d:67:0d:
75:de:f8:70:52:61:0a:4c:20:8b:0e:f0:c5:97:39:
1d:4e:f3:04:47:70:5d:51:1e:cc:91:ce:78:00:6f:
ef:35:66:a1:f2:f3:d9:0c:e0:95:27:a1:c4:e0:c2:
38:2c:5b:56:97:66:55:e2:8e:e0:c2:e7:ff:03:c9:
b9:8f:8b:81:d4:f3:27:99:ae:5a:2a:b1:c6:6c:af:
44:81:e4:12:ae:8e:53:28:da:6e:7b:e3:20:2a:97:
25:db:d3:c5:c6:05:89:77:42:b6:7f:92:a5:f9:a7:
9d:ec:60:06:51:59:99:a8:fb:bc:73:6a:b1:b0:4c:
ab:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:1E:8A:66:F2:1F:BA:62:A1:02:4B:CD:0C:F5:CB:F0:19:88:A7:65
X509v3 Authority Key Identifier:
keyid:D1:7B:F4:FB:EA:89:4F:43:EE:B3:DB:1B:21:6E:57:76:6E:01:AB:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/XB6KZvIfumKhAkvNDPXL8BmIp2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/421529-73e2-4916-8bd2-2c201d30ae05/1/0Xv0--qJT0Pus9sbIW5Xdm4Bq4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.119.132.0/22
185.214.171.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:58:ba:5d:49:67:0c:e4:c2:97:f0:81:23:d9:b0:51:08:bf:
cc:04:dc:43:d0:5b:f7:fa:2a:39:05:49:ac:8c:15:67:99:5b:
c0:a7:5b:3e:8b:e7:af:90:b9:04:73:e3:0e:51:3f:51:31:ef:
10:46:73:9f:86:0e:95:88:ab:4e:f8:73:9e:b0:19:a6:24:c3:
fe:97:77:63:94:c4:cd:a0:46:4a:57:61:f9:79:c9:f6:32:00:
5c:6c:20:22:73:28:48:4e:f4:ba:e5:c5:d9:ec:ab:f8:7f:a6:
c4:19:7d:d1:69:e9:9a:e3:73:c5:3e:22:22:84:6d:32:f7:76:
68:ea:42:aa:62:1d:64:d6:f4:ee:91:4c:b6:79:95:be:f7:fe:
51:15:74:92:6a:5a:f0:6d:e7:d4:b2:7a:5b:20:d8:f8:01:59:
7a:00:07:9c:37:8f:79:ae:8f:b1:76:e5:49:c5:cd:ac:95:68:
ed:d2:b8:a0:d8:32:b0:f8:ef:1a:a9:d7:5b:57:21:81:26:44:
6f:2b:43:c8:5f:5c:20:1a:39:45:27:ec:ca:08:4d:7d:99:7a:
f5:07:37:79:ee:ff:20:85:b7:40:40:a4:4a:41:d6:e2:a7:90:
e6:19:3f:68:d7:fd:75:24:75:b6:2a:08:53:bc:9e:f3:42:0c:
64:78:aa:8d
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEAo+7/TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
MTdiZjRmYmVhODk0ZjQzZWViM2RiMWIyMTZlNTc3NjZlMDFhYjgxMB4XDTIyMDYw
MTIxNDMyMFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMxZThhNjZmMjFm
YmE2MmExMDI0YmNkMGNmNWNiZjAxOTg4YTc2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIrRtpyQFSUnmcXH746HXOJ4ShJU+RL4pmmWKfsKCbX5XATJ
dtR/qk8VaeR6kz9psWxRubPuqEiR9qBz4attHuCsoLXOg5pHrLFokrZgw85lO5hv
oo6wbggnzwqiWue+tGeLHRN5adugXF8xLRJ7saufARA8rKF5ApgtaXBcjU/vm/Ky
HWcNdd74cFJhCkwgiw7wxZc5HU7zBEdwXVEezJHOeABv7zVmofLz2QzglSehxODC
OCxbVpdmVeKO4MLn/wPJuY+LgdTzJ5muWiqxxmyvRIHkEq6OUyjabnvjICqXJdvT
xcYFiXdCtn+SpfmnnexgBlFZmaj7vHNqsbBMq9UCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRcHopm8h+6YqECS80M9cvwGYinZTAfBgNVHSMEGDAWgBTRe/T76olPQ+6z
2xshbld2bgGrgTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzBYdjAtLXFKVDBQdXM5c2JJVzVYZG00QnE0RS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMWMvNDIxNTI5LTczZTItNDkxNi04YmQyLTJjMjAxZDMwYWUwNS8x
L1hCNktadklmdW1LaEFrdk5EUFhMOEJtSXAyVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMWMv
NDIxNTI5LTczZTItNDkxNi04YmQyLTJjMjAxZDMwYWUwNS8xLzBYdjAtLXFKVDBQ
dXM5c2JJVzVYZG00QnE0RS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEArB3hAMEALnWqzANBgkqhkiG9w0B
AQsFAAOCAQEALFi6XUlnDOTCl/CBI9mwUQi/zATcQ9Bb9/oqOQVJrIwVZ5lbwKdb
Povnr5C5BHPjDlE/UTHvEEZzn4YOlYirTvhznrAZpiTD/pd3Y5TEzaBGSldh+XnJ
9jIAXGwgInMoSE70uuXF2eyr+H+mxBl90WnpmuNzxT4iIoRtMvd2aOpCqmIdZNb0
7pFMtnmVvvf+URV0kmpa8G3n1LJ6WyDY+AFZegAHnDePea6PsXblScXNrJVo7dK4
oNgysPjvGqnXW1chgSZEbytDyF9cIBo5RSfsyghNfZl69Qc3ee7/IIW3QECkSkHW
4qeQ5hk/aNf9dSR1tioIU7ye80IMZHiqjQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:55:07 2025 by rpki-client