Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/XSfuxDVzzf_TEkdmgWd7ptQDK_M.roa
File: XSfuxDVzzf_TEkdmgWd7ptQDK_M.roa (raw, json)
Hash identifier: /1iCDn9NQmaKAgtByEOC6dyhtkY2/p4vVEqS+2GkB3I=
Subject key identifier: 5D:27:EE:C4:35:73:CD:FF:D3:12:47:66:81:67:7B:A6:D4:03:2B:F3
Certificate issuer: /CN=335ca521362226d03c1829003d81d498aa838f33
Certificate serial: 01860DF47E682C9AA11EBF400BE0DF3E7C02
Authority key identifier: 33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/XSfuxDVzzf_TEkdmgWd7ptQDK_M.roa
Signing time: Wed 01 Feb 2023 17:09:32 +0000
ROA not before: Wed 01 Feb 2023 17:09:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209257
IP address blocks: 185.186.221.0/24 maxlen: 24
2a11:1e40:1::/48 maxlen: 48
2a11:1e40:ba5e::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:0d:f4:7e:68:2c:9a:a1:1e:bf:40:0b:e0:df:3e:7c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=335ca521362226d03c1829003d81d498aa838f33
Validity
Not Before: Feb 1 17:09:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d27eec43573cdffd312476681677ba6d4032bf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:26:a4:62:09:bd:df:2c:5f:05:32:f9:97:dc:
18:0e:5c:9a:c5:eb:f8:a3:9f:41:f6:1a:12:db:67:
d0:09:e6:a5:97:e1:d5:84:7c:48:28:a7:b4:30:7d:
87:56:48:f0:d6:3b:b7:fa:58:0f:cc:9d:d2:a3:f5:
91:93:4a:5d:e3:48:b7:e5:9a:3e:31:73:51:2a:d1:
9d:8a:5e:62:da:19:90:05:2e:df:d0:d5:6d:fd:61:
3d:7e:31:a7:b8:bf:58:05:b6:b9:cd:42:a3:37:51:
dc:0b:b6:ae:d3:11:e0:e3:83:d7:f7:7c:0c:b7:44:
69:c7:2f:fb:c3:fd:de:2d:b8:50:c4:ef:d9:c3:28:
10:ef:83:c5:f7:5d:6a:63:9d:06:d9:c9:f8:ef:ce:
e5:dd:d9:ae:19:b5:45:6c:9e:01:bf:c4:cd:21:9f:
32:ea:51:22:1f:49:4e:f9:4b:bb:85:fa:11:f5:72:
17:52:c6:de:f9:84:b3:b2:22:9d:2a:52:ee:10:1d:
e3:44:36:9b:9b:14:41:b8:a5:48:67:54:0c:1d:25:
8b:3c:31:f1:3b:6f:ea:66:8e:c6:fd:d3:ef:2c:ab:
71:3a:25:2f:2a:1c:c3:5f:67:ff:19:45:bf:c4:94:
39:be:c4:f8:47:dc:79:aa:d1:15:ef:45:d1:e0:db:
77:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:27:EE:C4:35:73:CD:FF:D3:12:47:66:81:67:7B:A6:D4:03:2B:F3
X509v3 Authority Key Identifier:
keyid:33:5C:A5:21:36:22:26:D0:3C:18:29:00:3D:81:D4:98:AA:83:8F:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M1ylITYiJtA8GCkAPYHUmKqDjzM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/XSfuxDVzzf_TEkdmgWd7ptQDK_M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/dc608a-175e-42d3-93d8-974c44ab9cfb/1/M1ylITYiJtA8GCkAPYHUmKqDjzM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.221.0/24
IPv6:
2a11:1e40:1::/48
2a11:1e40:ba5e::/48
Signature Algorithm: sha256WithRSAEncryption
9a:29:8b:58:d2:8f:6c:99:a1:d2:1f:10:ee:f2:be:b4:a7:bc:
cc:fa:88:37:65:d9:05:b7:f9:92:ba:15:d1:ef:14:75:e2:95:
54:26:ae:5d:90:a9:c6:17:9d:6d:9d:3e:c7:3b:67:16:64:3b:
df:27:27:f3:5e:34:1f:86:08:38:15:6d:b0:ef:cf:d3:65:35:
e8:92:62:24:d7:b3:cf:cb:82:cf:d7:7b:ea:88:80:19:e7:52:
8d:22:b8:95:c1:6d:55:91:70:57:cb:8c:c9:95:bc:2f:1c:ea:
cb:e9:c7:65:1b:ce:0a:cb:c5:07:a1:6b:3a:4f:95:65:f4:f2:
eb:bc:83:4b:bc:b9:45:b0:2b:76:f3:86:99:fb:6b:92:b8:75:
0e:79:50:d8:fc:76:c0:23:e3:5d:15:70:a1:0c:44:86:9e:3e:
f6:ad:91:a8:63:18:21:fe:b7:c8:e0:5e:3f:6b:23:83:83:bb:
d5:0a:3c:3e:b2:b1:9f:fa:66:1b:d5:c5:cc:bc:04:88:39:26:
a6:fb:32:99:72:12:b3:84:d2:9f:b5:04:69:68:be:64:2c:fa:
4b:10:ff:72:8d:02:d2:f8:97:82:e9:ee:75:b1:8b:12:bc:0f:
2a:91:96:6b:15:c2:a2:5f:16:8f:8c:1f:f9:55:83:68:21:b3:
85:1a:b5:11
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYYN9H5oLJqhHr9AC+DfPnwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzNWNhNTIxMzYyMjI2ZDAzYzE4MjkwMDNkODFkNDk4YWE4
MzhmMzMwHhcNMjMwMjAxMTcwOTMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDI3ZWVjNDM1NzNjZGZmZDMxMjQ3NjY4MTY3N2JhNmQ0MDMyYmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkCakYgm93yxfBTL5l9wYDlyaxev4
o59B9hoS22fQCeall+HVhHxIKKe0MH2HVkjw1ju3+lgPzJ3So/WRk0pd40i35Zo+
MXNRKtGdil5i2hmQBS7f0NVt/WE9fjGnuL9YBba5zUKjN1HcC7au0xHg44PX93wM
t0Rpxy/7w/3eLbhQxO/ZwygQ74PF911qY50G2cn4787l3dmuGbVFbJ4Bv8TNIZ8y
6lEiH0lO+Uu7hfoR9XIXUsbe+YSzsiKdKlLuEB3jRDabmxRBuKVIZ1QMHSWLPDHx
O2/qZo7G/dPvLKtxOiUvKhzDX2f/GUW/xJQ5vsT4R9x5qtEV70XR4Nt3MQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFF0n7sQ1c83/0xJHZoFne6bUAyvzMB8GA1UdIwQY
MBaAFDNcpSE2IibQPBgpAD2B1Jiqg48zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgt
OTc0YzQ0YWI5Y2ZiLzEvWFNmdXhEVnp6Zl9URWtkbWdXZDdwdFFES19NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9kYzYwOGEtMTc1ZS00MmQzLTkzZDgtOTc0YzQ0YWI5Y2Zi
LzEvTTF5bElUWWlKdEE4R0NrQVBZSFVtS3FEanpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAubrdMBgE
AgACMBIDBwAqER5AAAEDBwAqER5Aul4wDQYJKoZIhvcNAQELBQADggEBAJopi1jS
j2yZodIfEO7yvrSnvMz6iDdl2QW3+ZK6FdHvFHXilVQmrl2QqcYXnW2dPsc7ZxZk
O98nJ/NeNB+GCDgVbbDvz9NlNeiSYiTXs8/Lgs/Xe+qIgBnnUo0iuJXBbVWRcFfL
jMmVvC8c6svpx2UbzgrLxQehazpPlWX08uu8g0u8uUWwK3bzhpn7a5K4dQ55UNj8
dsAj410VcKEMRIaePvatkahjGCH+t8jgXj9rI4ODu9UKPD6ysZ/6ZhvVxcy8BIg5
Jqb7MplyErOE0p+1BGlovmQs+ksQ/3KNAtL4l4Lp7nWxixK8DyqRlmsVwqJfFo+M
H/lVg2ghs4UatRE=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:00 2025 by rpki-client