Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0ff633-eb4a-4e18-ad56-0d018dbcc7cb/1/xR4N43AX8dl76GBpFlHBYMgu_m0.roa
File: xR4N43AX8dl76GBpFlHBYMgu_m0.roa (raw, json)
Hash identifier: Rz+uY2ANgbBrW2TJaOLR9Y77EM9ELBU5HHVS/nip508=
Subject key identifier: C5:1E:0D:E3:70:17:F1:D9:7B:E8:60:69:16:51:C1:60:C8:2E:FE:6D
Certificate issuer: /CN=153c9e8487c98b453f974f20317ece3d70f4d5dd
Certificate serial: 018354ED62E81C3F863A6B97DE6795250F52
Authority key identifier: 15:3C:9E:84:87:C9:8B:45:3F:97:4F:20:31:7E:CE:3D:70:F4:D5:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTyehIfJi0U_l08gMX7OPXD01d0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0ff633-eb4a-4e18-ad56-0d018dbcc7cb/1/xR4N43AX8dl76GBpFlHBYMgu_m0.roa
Signing time: Mon 19 Sep 2022 08:46:26 +0000
ROA not before: Mon 19 Sep 2022 08:46:26 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199405
IP address blocks: 185.5.224.0/22 maxlen: 22
2a03:840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:54:ed:62:e8:1c:3f:86:3a:6b:97:de:67:95:25:0f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=153c9e8487c98b453f974f20317ece3d70f4d5dd
Validity
Not Before: Sep 19 08:46:26 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c51e0de37017f1d97be860691651c160c82efe6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8d:67:5d:92:f7:e1:b9:a8:2a:65:bf:9d:35:
43:63:09:ef:00:0d:06:2c:01:6d:c5:a6:a7:ce:b3:
69:fc:e5:a3:c4:7f:be:f8:c9:9c:01:87:b8:36:82:
e7:4f:ac:f1:22:b8:e6:36:1f:e8:56:22:2d:63:e0:
e4:15:38:90:f7:20:12:a7:fd:bc:ed:f9:1c:d7:cd:
1b:e4:5f:66:6d:fd:84:0a:cc:e1:02:a6:43:56:e1:
ac:f0:ef:57:0e:e7:8d:35:5a:12:81:31:81:60:c4:
72:6d:e3:7c:53:99:d7:3d:1e:42:53:26:a6:7d:73:
ee:21:5e:bc:9c:d7:8e:1b:86:97:e1:19:10:9b:79:
d0:7c:58:04:fe:b9:67:28:ad:36:9c:eb:45:8b:c7:
15:ce:16:39:bf:37:07:28:4b:34:42:7d:ed:2b:44:
3a:ab:f6:82:b0:ae:91:6f:dc:40:fd:a0:c0:5a:e4:
db:01:10:f5:93:a2:13:58:9f:5c:ad:92:b9:f2:92:
4b:ae:9c:8e:cf:09:9d:a3:82:cd:0c:3b:9e:8e:49:
ab:69:dc:fd:14:83:40:9c:c7:e4:a7:8b:cc:bb:48:
d5:1e:4b:d4:bb:d1:c6:f9:a6:72:fd:c8:27:d6:79:
24:cf:52:de:72:aa:ca:aa:31:a4:02:da:5c:ac:d1:
ca:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:1E:0D:E3:70:17:F1:D9:7B:E8:60:69:16:51:C1:60:C8:2E:FE:6D
X509v3 Authority Key Identifier:
keyid:15:3C:9E:84:87:C9:8B:45:3F:97:4F:20:31:7E:CE:3D:70:F4:D5:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTyehIfJi0U_l08gMX7OPXD01d0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ff633-eb4a-4e18-ad56-0d018dbcc7cb/1/xR4N43AX8dl76GBpFlHBYMgu_m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0ff633-eb4a-4e18-ad56-0d018dbcc7cb/1/FTyehIfJi0U_l08gMX7OPXD01d0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.5.224.0/22
IPv6:
2a03:840::/32
Signature Algorithm: sha256WithRSAEncryption
7f:8b:b0:3e:56:df:e9:95:3b:cc:e1:4c:92:13:7c:bd:db:dc:
e6:bd:50:d5:a7:22:93:27:ca:d1:2c:30:e3:5f:fe:6b:6d:86:
08:ce:c1:db:97:34:00:79:85:21:9e:50:50:79:4a:94:dd:61:
15:12:36:13:31:65:eb:3b:d7:e8:10:d1:22:51:52:5d:c0:18:
26:6f:e3:69:1d:32:2a:bc:2e:b6:3e:ce:3b:9a:8d:de:cc:42:
3b:01:78:ad:34:4a:b7:a1:ab:60:68:50:5d:2b:d6:25:c6:27:
43:1e:dc:62:9a:49:4f:43:dc:97:6e:75:67:cf:8b:ff:e9:0f:
f3:89:39:66:a9:7f:bb:16:7e:61:84:5e:ba:f7:5c:9e:ef:02:
8b:f9:04:68:bd:7e:14:b9:43:ad:16:41:51:4c:ab:09:e4:c5:
30:75:93:4a:97:bf:e5:e8:7a:d5:5a:7e:3d:ea:12:62:4f:62:
28:f4:bb:69:77:94:56:bc:b3:dc:65:9f:35:5f:d8:f9:93:73:
ec:ea:98:3b:b8:3a:fb:d6:26:8f:d7:ad:50:b4:a8:c8:13:bb:
9c:bb:77:c3:5b:42:89:82:15:0e:e7:96:79:81:06:1b:bf:36:
94:24:d2:89:d8:bb:83:72:35:53:05:b3:f4:e2:b0:77:c4:f6:
a3:65:05:1d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYNU7WLoHD+GOmuX3meVJQ9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1M2M5ZTg0ODdjOThiNDUzZjk3NGYyMDMxN2VjZTNkNzBm
NGQ1ZGQwHhcNMjIwOTE5MDg0NjI2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTFlMGRlMzcwMTdmMWQ5N2JlODYwNjkxNjUxYzE2MGM4MmVmZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo1nXZL34bmoKmW/nTVDYwnvAA0G
LAFtxaanzrNp/OWjxH+++MmcAYe4NoLnT6zxIrjmNh/oViItY+DkFTiQ9yASp/28
7fkc180b5F9mbf2ECszhAqZDVuGs8O9XDueNNVoSgTGBYMRybeN8U5nXPR5CUyam
fXPuIV68nNeOG4aX4RkQm3nQfFgE/rlnKK02nOtFi8cVzhY5vzcHKEs0Qn3tK0Q6
q/aCsK6Rb9xA/aDAWuTbARD1k6ITWJ9crZK58pJLrpyOzwmdo4LNDDuejkmradz9
FINAnMfkp4vMu0jVHkvUu9HG+aZy/cgn1nkkz1LecqrKqjGkAtpcrNHKoQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMUeDeNwF/HZe+hgaRZRwWDILv5tMB8GA1UdIwQY
MBaAFBU8noSHyYtFP5dPIDF+zj1w9NXdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlR5ZWhJZkppMFVfbDA4Z01YN09QWEQwMWQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZmY2MzMtZWI0YS00ZTE4LWFkNTYt
MGQwMThkYmNjN2NiLzEveFI0TjQzQVg4ZGw3NkdCcEZsSEJZTWd1X20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZmY2MzMtZWI0YS00ZTE4LWFkNTYtMGQwMThkYmNjN2Ni
LzEvRlR5ZWhJZkppMFVfbDA4Z01YN09QWEQwMWQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQXgMA0E
AgACMAcDBQAqAwhAMA0GCSqGSIb3DQEBCwUAA4IBAQB/i7A+Vt/plTvM4UySE3y9
29zmvVDVpyKTJ8rRLDDjX/5rbYYIzsHblzQAeYUhnlBQeUqU3WEVEjYTMWXrO9fo
ENEiUVJdwBgmb+NpHTIqvC62Ps47mo3ezEI7AXitNEq3oatgaFBdK9YlxidDHtxi
mklPQ9yXbnVnz4v/6Q/ziTlmqX+7Fn5hhF6691ye7wKL+QRovX4UuUOtFkFRTKsJ
5MUwdZNKl7/l6HrVWn496hJiT2Io9Ltpd5RWvLPcZZ81X9j5k3Ps6pg7uDr71iaP
161QtKjIE7ucu3fDW0KJghUO55Z5gQYbvzaUJNKJ2LuDcjVTBbP04rB3xPajZQUd
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:30:02 2025 by rpki-client