Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/XerYLRoBz5f_pxTfAKhvgu9yN-o.roa
File: XerYLRoBz5f_pxTfAKhvgu9yN-o.roa (raw, json)
Hash identifier: 7jcUTCG9SmK7jMsR9Ltym0lK11GKB64pFt6wiMoI4NA=
Subject key identifier: 5D:EA:D8:2D:1A:01:CF:97:FF:A7:14:DF:00:A8:6F:82:EF:72:37:EA
Certificate issuer: /CN=282c93d266852788e49982d9f7a620db6d9f588d
Certificate serial: 018571955B5C10F1A4A3B7553119AD4C144C
Authority key identifier: 28:2C:93:D2:66:85:27:88:E4:99:82:D9:F7:A6:20:DB:6D:9F:58:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KCyT0maFJ4jkmYLZ96Yg222fWI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/XerYLRoBz5f_pxTfAKhvgu9yN-o.roa
Signing time: Mon 02 Jan 2023 08:24:51 +0000
ROA not before: Mon 02 Jan 2023 08:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 14618
IP address blocks: 185.232.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:95:5b:5c:10:f1:a4:a3:b7:55:31:19:ad:4c:14:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=282c93d266852788e49982d9f7a620db6d9f588d
Validity
Not Before: Jan 2 08:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dead82d1a01cf97ffa714df00a86f82ef7237ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:20:af:87:5e:67:b9:94:42:d1:7f:7b:c7:56:
b2:fd:83:d6:f9:ee:03:55:8d:7e:0e:1a:3e:17:40:
51:04:3d:f6:83:d0:3f:6d:9f:46:ea:73:19:35:c7:
35:bc:ec:92:41:11:7c:db:d8:9d:9e:7d:6f:8d:cd:
b1:0d:7d:df:1b:4b:b6:ef:67:13:71:db:bc:ba:84:
28:56:b6:91:25:93:ad:c2:58:37:5e:62:99:d8:41:
f2:c7:5b:4e:64:bb:3f:1d:44:b0:13:3a:8b:00:56:
fc:bc:00:18:80:56:08:d3:28:4f:dc:e8:2b:b2:5c:
10:6c:77:2d:27:4b:8b:11:5a:bd:50:78:e2:c5:e1:
09:5a:9d:90:f9:f0:ec:2e:c8:7d:36:20:54:2b:c3:
5d:ef:be:50:fc:ba:ea:f4:5d:4c:30:d5:d1:e6:e9:
b2:22:c1:01:a3:aa:36:9a:ab:ce:d4:40:1b:02:1c:
00:61:df:07:61:b6:04:fa:11:77:da:23:95:1d:0e:
87:ba:e2:18:3e:06:b2:fb:28:d9:85:0a:c5:43:93:
93:66:d8:3c:88:21:8b:f8:a5:c7:0e:a4:1e:00:74:
24:e3:83:8c:26:d6:c8:f6:12:a4:19:1a:4d:7b:92:
2f:9a:4f:dd:5e:f2:cd:0e:11:8a:a8:3e:20:25:1f:
af:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EA:D8:2D:1A:01:CF:97:FF:A7:14:DF:00:A8:6F:82:EF:72:37:EA
X509v3 Authority Key Identifier:
keyid:28:2C:93:D2:66:85:27:88:E4:99:82:D9:F7:A6:20:DB:6D:9F:58:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCyT0maFJ4jkmYLZ96Yg222fWI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/XerYLRoBz5f_pxTfAKhvgu9yN-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/382ff4-4fc2-4302-af90-96adffe2e86a/1/KCyT0maFJ4jkmYLZ96Yg222fWI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.99.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:88:db:ef:1d:10:83:85:5e:5f:c6:55:d4:68:5e:e9:e1:1f:
34:d9:1b:67:38:8d:f8:3f:e8:8c:93:78:38:d1:b1:f9:da:3f:
5e:63:58:d6:4f:cb:57:41:88:41:64:8c:69:54:fc:ab:96:c0:
27:d0:fd:d1:05:58:b3:81:2c:76:89:77:ae:3d:45:8e:70:77:
9f:0a:ca:ac:4d:c9:d3:55:d4:46:bc:f2:52:8d:ae:61:89:bf:
c2:f5:81:b6:4d:df:c0:1c:0e:82:83:87:64:17:bb:36:3b:24:
1f:3f:1b:ca:91:4a:e7:79:3d:5a:ba:a7:f0:66:fa:c6:f9:1a:
b0:2e:0f:68:0d:b9:b4:1d:32:9e:84:50:df:cf:0c:bd:00:06:
5a:3d:c8:72:25:17:38:98:5e:db:4e:7a:c4:d9:f0:13:cb:b9:
88:95:96:d9:37:e2:73:15:42:01:ff:b5:09:5d:db:69:7b:5c:
0f:41:02:f8:9a:2c:ed:c9:8b:72:10:8d:3a:99:e8:4c:f9:ef:
be:a0:cf:16:4f:0c:47:62:e1:8d:35:7c:05:e0:1c:25:62:07:
6c:c3:a7:1d:95:3a:f3:3a:63:14:59:7f:90:e2:5c:71:67:c5:
b0:57:7a:13:1d:b6:3e:cc:f2:88:48:5f:93:d6:56:a7:e9:0f:
c1:44:f2:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxlVtcEPGko7dVMRmtTBRMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MmM5M2QyNjY4NTI3ODhlNDk5ODJkOWY3YTYyMGRiNmQ5
ZjU4OGQwHhcNMjMwMTAyMDgyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGVhZDgyZDFhMDFjZjk3ZmZhNzE0ZGYwMGE4NmY4MmVmNzIzN2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnSCvh15nuZRC0X97x1ay/YPW+e4D
VY1+Dho+F0BRBD32g9A/bZ9G6nMZNcc1vOySQRF829idnn1vjc2xDX3fG0u272cT
cdu8uoQoVraRJZOtwlg3XmKZ2EHyx1tOZLs/HUSwEzqLAFb8vAAYgFYI0yhP3Ogr
slwQbHctJ0uLEVq9UHjixeEJWp2Q+fDsLsh9NiBUK8Nd775Q/Lrq9F1MMNXR5umy
IsEBo6o2mqvO1EAbAhwAYd8HYbYE+hF32iOVHQ6HuuIYPgay+yjZhQrFQ5OTZtg8
iCGL+KXHDqQeAHQk44OMJtbI9hKkGRpNe5Ivmk/dXvLNDhGKqD4gJR+v7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3q2C0aAc+X/6cU3wCob4LvcjfqMB8GA1UdIwQY
MBaAFCgsk9JmhSeI5JmC2femINttn1iNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0N5VDBtYUZKNGprbVlMWjk2WWcyMjJmV0kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8zODJmZjQtNGZjMi00MzAyLWFmOTAt
OTZhZGZmZTJlODZhLzEvWGVyWUxSb0J6NWZfcHhUZkFLaHZndTl5Ti1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8zODJmZjQtNGZjMi00MzAyLWFmOTAtOTZhZGZmZTJlODZh
LzEvS0N5VDBtYUZKNGprbVlMWjk2WWcyMjJmV0kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuehjMA0G
CSqGSIb3DQEBCwUAA4IBAQB+iNvvHRCDhV5fxlXUaF7p4R802RtnOI34P+iMk3g4
0bH52j9eY1jWT8tXQYhBZIxpVPyrlsAn0P3RBVizgSx2iXeuPUWOcHefCsqsTcnT
VdRGvPJSja5hib/C9YG2Td/AHA6Cg4dkF7s2OyQfPxvKkUrneT1auqfwZvrG+Rqw
Lg9oDbm0HTKehFDfzwy9AAZaPchyJRc4mF7bTnrE2fATy7mIlZbZN+JzFUIB/7UJ
Xdtpe1wPQQL4miztyYtyEI06mehM+e++oM8WTwxHYuGNNXwF4BwlYgdsw6cdlTrz
OmMUWX+Q4lxxZ8WwV3oTHbY+zPKISF+T1lan6Q/BRPIt
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:57 2025 by rpki-client