Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/xBFGNftbKZYvOCzJQGtGO8CmXYY.roa
File: xBFGNftbKZYvOCzJQGtGO8CmXYY.roa (raw, json)
Hash identifier: dK5e+IQ7bNga9WmWkD5yQLwyb7+MWWaX22wsZTeuuvs=
Subject key identifier: C4:11:46:35:FB:5B:29:96:2F:38:2C:C9:40:6B:46:3B:C0:A6:5D:86
Certificate issuer: /CN=435e41960d590e99804e90b9af0365584c712c72
Certificate serial: 03DD1DEF
Authority key identifier: 43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/xBFGNftbKZYvOCzJQGtGO8CmXYY.roa
Signing time: Sat 01 Jan 2022 05:58:13 +0000
ROA not before: Sat 01 Jan 2022 05:58:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209462
IP address blocks: 185.196.151.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64822767 (0x3dd1def)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=435e41960d590e99804e90b9af0365584c712c72
Validity
Not Before: Jan 1 05:58:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4114635fb5b29962f382cc9406b463bc0a65d86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:3c:4b:3f:81:1d:20:8a:4b:05:11:3e:b5:e7:
92:ea:1f:f3:56:a1:5d:9c:5f:9c:31:dc:39:35:4d:
32:10:c8:bd:52:bd:38:78:1d:9d:cc:22:d0:a6:07:
51:52:0b:65:ee:96:96:32:64:62:50:c3:c7:e7:2b:
7b:b6:4c:c9:c2:48:54:b2:55:d7:b8:a5:9b:8f:62:
10:9b:37:1f:dd:62:5a:00:2e:55:cb:a6:b7:0d:eb:
64:39:da:10:a0:16:3a:42:68:82:13:f3:33:e5:7d:
2b:48:9e:d2:30:09:31:97:98:f9:27:aa:24:0c:66:
ac:ce:66:e9:8e:e4:75:4e:34:bd:25:7c:47:33:46:
75:10:17:f5:43:13:b3:6a:8b:e2:46:a0:b8:31:50:
f6:bd:6e:ed:44:24:cb:6a:0e:84:b9:0a:35:26:b5:
a9:07:03:09:c3:e9:a5:c5:08:8b:b4:39:c0:cb:a8:
36:0f:a4:65:6e:77:44:3e:79:fb:3c:c7:91:54:2c:
d1:47:4e:fb:e6:e0:52:87:8b:23:74:20:85:9c:e1:
af:1e:c1:bb:60:4c:60:30:2f:b3:44:b1:bb:6d:1d:
8e:57:37:42:9a:b1:ed:2f:ab:d7:3b:99:18:ea:7b:
31:7f:9d:a4:28:b6:73:e5:75:3e:aa:bf:ef:cf:63:
94:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:11:46:35:FB:5B:29:96:2F:38:2C:C9:40:6B:46:3B:C0:A6:5D:86
X509v3 Authority Key Identifier:
keyid:43:5E:41:96:0D:59:0E:99:80:4E:90:B9:AF:03:65:58:4C:71:2C:72
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q15Blg1ZDpmATpC5rwNlWExxLHI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/xBFGNftbKZYvOCzJQGtGO8CmXYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/7e2f28-5cae-4e6f-a5f0-01bb5fd534f5/1/Q15Blg1ZDpmATpC5rwNlWExxLHI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.151.0/24
Signature Algorithm: sha256WithRSAEncryption
71:fa:97:1c:44:de:7b:d9:f9:a9:42:6a:2f:94:e8:ed:a1:8d:
1d:89:a8:a2:d2:fa:45:5b:f4:12:e5:2c:28:76:25:6a:32:d5:
5d:17:c1:39:ae:74:04:84:49:23:ce:60:c0:0b:44:56:c3:80:
a9:3c:cd:ad:63:e5:57:43:de:37:a8:17:4c:f4:b6:a6:81:88:
bd:7a:7a:ce:2b:2c:e0:2d:78:aa:89:0d:57:f6:37:78:59:0c:
70:c8:87:ce:ea:c5:7b:ef:fa:17:f0:e1:3c:1e:27:d2:a5:b4:
60:46:af:8b:09:ef:ad:38:09:59:f4:f3:2b:8f:3b:aa:51:a0:
85:b5:b5:70:91:e1:78:13:17:de:1c:68:18:e6:7e:44:29:11:
81:13:22:15:0b:33:c2:7e:24:ae:10:b5:5e:c9:0b:08:a1:6c:
bc:f8:c5:8a:5b:29:ed:a2:93:38:68:28:2d:65:fd:4d:cb:ab:
93:be:bc:96:0e:0a:9a:c1:56:57:bc:3b:ad:3e:60:2b:e0:95:
41:c7:35:26:54:10:8c:16:63:79:1d:30:b5:fb:15:a9:e7:1b:
bf:10:a8:db:c2:ed:9c:e7:6d:a6:a0:e1:5b:b2:d6:40:bc:84:
08:13:61:63:8d:5c:d1:14:fb:e1:c2:25:23:4c:4b:97:f9:56:
31:b7:a1:95
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA90d7zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
MzVlNDE5NjBkNTkwZTk5ODA0ZTkwYjlhZjAzNjU1ODRjNzEyYzcyMB4XDTIyMDEw
MTA1NTgxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzQxMTQ2MzVmYjVi
Mjk5NjJmMzgyY2M5NDA2YjQ2M2JjMGE2NWQ4NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMc8Sz+BHSCKSwURPrXnkuof81ahXZxfnDHcOTVNMhDIvVK9
OHgdncwi0KYHUVILZe6WljJkYlDDx+cre7ZMycJIVLJV17ilm49iEJs3H91iWgAu
Vcumtw3rZDnaEKAWOkJoghPzM+V9K0ie0jAJMZeY+SeqJAxmrM5m6Y7kdU40vSV8
RzNGdRAX9UMTs2qL4kaguDFQ9r1u7UQky2oOhLkKNSa1qQcDCcPppcUIi7Q5wMuo
Ng+kZW53RD55+zzHkVQs0UdO++bgUoeLI3QghZzhrx7Bu2BMYDAvs0Sxu20djlc3
Qpqx7S+r1zuZGOp7MX+dpCi2c+V1Pqq/789jlAkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTEEUY1+1spli84LMlAa0Y7wKZdhjAfBgNVHSMEGDAWgBRDXkGWDVkOmYBO
kLmvA2VYTHEscjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ExNUJsZzFaRHBtQVRwQzVyd05sV0V4eExISS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNDgvN2UyZjI4LTVjYWUtNGU2Zi1hNWYwLTAxYmI1ZmQ1MzRmNS8x
L3hCRkdOZnRiS1pZdk9DekpRR3RHTzhDbVhZWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDgv
N2UyZjI4LTVjYWUtNGU2Zi1hNWYwLTAxYmI1ZmQ1MzRmNS8xL1ExNUJsZzFaRHBt
QVRwQzVyd05sV0V4eExISS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnElzANBgkqhkiG9w0BAQsFAAOC
AQEAcfqXHETee9n5qUJqL5To7aGNHYmootL6RVv0EuUsKHYlajLVXRfBOa50BIRJ
I85gwAtEVsOAqTzNrWPlV0PeN6gXTPS2poGIvXp6ziss4C14qokNV/Y3eFkMcMiH
zurFe+/6F/DhPB4n0qW0YEaviwnvrTgJWfTzK487qlGghbW1cJHheBMX3hxoGOZ+
RCkRgRMiFQszwn4krhC1XskLCKFsvPjFilsp7aKTOGgoLWX9Tcurk768lg4KmsFW
V7w7rT5gK+CVQcc1JlQQjBZjeR0wtfsVqecbvxCo28LtnOdtpqDhW7LWQLyECBNh
Y41c0RT74cIlI0xLl/lWMbehlQ==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:11 2023 by rpki-client on console-ams.rpki-client.org