Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/XpkOFWWzEqhm5yx01_Y5h6rPuhs.roa
File: XpkOFWWzEqhm5yx01_Y5h6rPuhs.roa (raw, json)
Hash identifier: 1QjhGbPKOhLVvap51LdhaiNQEQLy6SZMdHktZvtt2UU=
Subject key identifier: 5E:99:0E:15:65:B3:12:A8:66:E7:2C:74:D7:F6:39:87:AA:CF:BA:1B
Certificate issuer: /CN=e6688ae96323c1fcfab54b294557397b49b03bc7
Certificate serial: 01857139F9F4F504D8DC89FEA30742971C21
Authority key identifier: E6:68:8A:E9:63:23:C1:FC:FA:B5:4B:29:45:57:39:7B:49:B0:3B:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5miK6WMjwfz6tUspRVc5e0mwO8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/XpkOFWWzEqhm5yx01_Y5h6rPuhs.roa
Signing time: Mon 02 Jan 2023 06:45:02 +0000
ROA not before: Mon 02 Jan 2023 06:45:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 39405
IP address blocks: 185.146.41.0/24 maxlen: 24
185.146.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:39:f9:f4:f5:04:d8:dc:89:fe:a3:07:42:97:1c:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6688ae96323c1fcfab54b294557397b49b03bc7
Validity
Not Before: Jan 2 06:45:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e990e1565b312a866e72c74d7f63987aacfba1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:21:88:29:bf:7d:4e:f4:0c:31:7f:14:d6:8e:
d7:51:34:0e:f9:be:36:d2:87:58:b4:d8:9c:d0:84:
d0:6b:6e:22:b6:41:74:0c:00:f1:fb:55:0d:39:bc:
75:41:a9:1f:22:5c:f9:ab:a8:5f:a3:6f:05:6d:ba:
d5:32:94:3b:07:e1:e4:a5:8c:36:7e:0f:9a:54:eb:
6d:e7:66:19:8f:45:35:4c:40:bb:ef:28:f6:da:63:
2c:b2:ae:d4:cc:c4:0e:5e:aa:4e:d4:35:cf:09:c5:
a2:e1:ec:05:cc:6c:03:7e:b9:3f:bd:3c:ae:88:96:
6c:4f:5c:93:ab:55:76:f3:66:cf:1e:8e:69:25:9b:
50:92:37:eb:52:33:6c:0e:8c:af:58:cb:d8:0e:51:
69:98:f2:33:db:be:28:dd:ac:cf:57:b2:78:52:1e:
85:56:60:22:13:0d:a4:23:16:fa:b4:94:1d:db:33:
dc:b3:5f:71:5b:c9:f3:51:04:d9:c1:50:31:aa:99:
ba:5f:57:41:34:21:b3:46:3f:cc:1a:93:c2:54:a9:
90:e0:a2:79:57:2e:45:3a:9f:ea:80:2e:11:05:76:
24:03:4e:02:69:32:77:00:66:9d:f9:1d:4c:7a:59:
fe:ef:45:78:31:c7:77:ea:2b:ff:e3:06:12:e9:e5:
13:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:99:0E:15:65:B3:12:A8:66:E7:2C:74:D7:F6:39:87:AA:CF:BA:1B
X509v3 Authority Key Identifier:
keyid:E6:68:8A:E9:63:23:C1:FC:FA:B5:4B:29:45:57:39:7B:49:B0:3B:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5miK6WMjwfz6tUspRVc5e0mwO8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/XpkOFWWzEqhm5yx01_Y5h6rPuhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/ce5ca6-f939-4fd7-b9f8-0a1ef0ec0578/1/5miK6WMjwfz6tUspRVc5e0mwO8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.146.41.0-185.146.42.255
Signature Algorithm: sha256WithRSAEncryption
4a:b0:c0:b2:5e:03:c3:5f:5a:e1:a6:cf:97:af:99:fb:98:4f:
e6:13:5b:8a:c6:63:75:82:00:eb:23:02:22:13:20:4a:e1:02:
02:ad:32:50:55:39:57:87:7a:25:6e:e5:36:ed:c1:27:de:5b:
f3:98:dd:b6:a0:21:d5:4f:54:8f:a8:8d:b3:6b:96:c8:08:f7:
5b:6e:e4:d9:58:10:4b:fb:05:b0:4e:c4:a0:31:36:20:86:b5:
a6:7b:e1:27:d0:ac:d6:21:3a:3a:2d:3f:cf:e7:a8:71:4c:01:
e0:91:ff:33:f1:45:7b:40:a7:38:f7:c1:f5:53:f1:ad:f7:73:
c9:2a:a8:1a:49:32:8e:c5:41:30:15:60:23:61:79:60:02:ac:
2d:86:27:ed:8d:76:82:9f:7e:02:17:75:e6:1c:17:71:39:07:
6e:9b:60:11:8d:24:2d:dd:1d:f8:64:c4:90:52:bd:22:6e:e9:
47:16:3b:66:7e:79:a8:ce:a4:7f:ca:ac:9c:6a:8a:2c:39:97:
c0:61:cf:5c:dd:91:ff:dd:74:5a:13:6c:31:4e:bd:3e:4e:8c:
7e:ba:2b:41:03:6e:73:9e:52:ef:b5:d4:f8:d7:b5:69:57:d3:
5a:97:01:e3:0b:ac:63:7a:77:22:6e:c8:cc:e0:2f:d1:b5:68:
f1:bb:cc:76
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYVxOfn09QTY3In+owdClxwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2Njg4YWU5NjMyM2MxZmNmYWI1NGIyOTQ1NTczOTdiNDli
MDNiYzcwHhcNMjMwMTAyMDY0NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTk5MGUxNTY1YjMxMmE4NjZlNzJjNzRkN2Y2Mzk4N2FhY2ZiYTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgSGIKb99TvQMMX8U1o7XUTQO+b42
0odYtNic0ITQa24itkF0DADx+1UNObx1QakfIlz5q6hfo28FbbrVMpQ7B+HkpYw2
fg+aVOtt52YZj0U1TEC77yj22mMssq7UzMQOXqpO1DXPCcWi4ewFzGwDfrk/vTyu
iJZsT1yTq1V282bPHo5pJZtQkjfrUjNsDoyvWMvYDlFpmPIz274o3azPV7J4Uh6F
VmAiEw2kIxb6tJQd2zPcs19xW8nzUQTZwVAxqpm6X1dBNCGzRj/MGpPCVKmQ4KJ5
Vy5FOp/qgC4RBXYkA04CaTJ3AGad+R1Meln+70V4Mcd36iv/4wYS6eUT1wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFF6ZDhVlsxKoZucsdNf2OYeqz7obMB8GA1UdIwQY
MBaAFOZoiuljI8H8+rVLKUVXOXtJsDvHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNW1pSzZXTWp3Zno2dFVzcFJWYzVlMG13TzhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9jZTVjYTYtZjkzOS00ZmQ3LWI5Zjgt
MGExZWYwZWMwNTc4LzEvWHBrT0ZXV3pFcWhtNXl4MDFfWTVoNnJQdWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9jZTVjYTYtZjkzOS00ZmQ3LWI5ZjgtMGExZWYwZWMwNTc4
LzEvNW1pSzZXTWp3Zno2dFVzcFJWYzVlMG13TzhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5kikD
BAC5kiowDQYJKoZIhvcNAQELBQADggEBAEqwwLJeA8NfWuGmz5evmfuYT+YTW4rG
Y3WCAOsjAiITIErhAgKtMlBVOVeHeiVu5TbtwSfeW/OY3bagIdVPVI+ojbNrlsgI
91tu5NlYEEv7BbBOxKAxNiCGtaZ74SfQrNYhOjotP8/nqHFMAeCR/zPxRXtApzj3
wfVT8a33c8kqqBpJMo7FQTAVYCNheWACrC2GJ+2NdoKffgIXdeYcF3E5B26bYBGN
JC3dHfhkxJBSvSJu6UcWO2Z+eajOpH/KrJxqiiw5l8Bhz1zdkf/ddFoTbDFOvT5O
jH66K0EDbnOeUu+11PjXtWlX01qXAeMLrGN6dyJuyMzgL9G1aPG7zHY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:34 2025 by rpki-client