Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/XAnXrR9xE7M5makQQLwWvZcBajY.roa
File: XAnXrR9xE7M5makQQLwWvZcBajY.roa (raw, json)
Hash identifier: p3KZxPc7TpM6XyUur3n5rUBlxZdTEdFAc+amC92OREY=
Subject key identifier: 5C:09:D7:AD:1F:71:13:B3:39:99:A9:10:40:BC:16:BD:97:01:6A:36
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0184322B00F6A8D59842F4B59245AB6D1848
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/XAnXrR9xE7M5makQQLwWvZcBajY.roa
Signing time: Tue 01 Nov 2022 07:49:49 +0000
ROA not before: Tue 01 Nov 2022 07:49:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 48430
IP address blocks: 185.139.212.0/22 maxlen: 22
2a07:1840::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:32:2b:00:f6:a8:d5:98:42:f4:b5:92:45:ab:6d:18:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Nov 1 07:49:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c09d7ad1f7113b33999a91040bc16bd97016a36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:cb:c4:10:26:80:75:11:e2:af:e3:c7:48:09:
97:50:45:07:43:88:43:16:e1:fd:56:73:59:83:d3:
c4:5d:11:31:88:e4:ae:ea:86:d5:a8:4d:1d:0b:ec:
43:9b:61:14:5f:b0:5b:61:e9:c3:93:05:46:1a:b3:
29:32:22:03:b8:50:35:b6:7b:79:a1:e4:f6:b2:d4:
47:56:6f:47:60:63:84:31:5c:20:bf:ac:64:84:23:
59:ef:36:22:93:62:5d:34:e1:44:f8:ad:a1:58:06:
3c:b6:25:7b:b7:66:b9:b1:11:b0:09:eb:f9:52:69:
b4:f1:32:86:e7:53:f8:d9:20:bd:4a:a3:45:d4:63:
f7:d8:1a:54:bb:ce:4f:6a:0b:20:2c:f9:1c:30:90:
00:84:93:53:e5:95:db:1d:4c:c8:74:8c:4b:69:22:
5e:06:b5:80:f2:f6:9b:bf:33:c3:d6:4d:e8:60:9e:
5a:46:94:33:8d:26:83:03:67:00:20:67:2d:ac:c8:
88:bc:ce:cd:4e:11:aa:80:c6:a6:09:59:12:63:6e:
d1:f4:0a:1d:94:8e:f2:ab:e6:61:e5:43:a2:a4:d1:
d5:79:ab:f4:e1:ae:7e:ec:6f:53:e0:39:b7:00:33:
3f:03:65:d4:05:92:ad:9a:52:e5:09:e2:03:79:ee:
0c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:09:D7:AD:1F:71:13:B3:39:99:A9:10:40:BC:16:BD:97:01:6A:36
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/XAnXrR9xE7M5makQQLwWvZcBajY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.212.0/22
IPv6:
2a07:1840::/32
Signature Algorithm: sha256WithRSAEncryption
1c:0c:cb:cc:5f:c2:de:77:33:51:cb:bc:fc:ed:d4:25:a0:e9:
6d:8b:75:38:28:85:21:7f:2f:72:4d:68:31:85:be:01:8e:dd:
b7:e6:56:b5:70:83:08:a7:d9:cf:b9:4f:61:e0:fe:b0:c2:b2:
2f:b8:73:ab:38:01:70:63:47:83:25:b2:d7:a0:66:5e:99:ab:
32:7c:86:18:54:72:d1:c4:2a:ca:aa:7d:17:95:52:74:4e:e7:
e1:f2:59:c0:ac:15:99:1b:34:80:d6:e2:3f:a5:86:20:81:56:
a4:2e:ef:73:74:00:a3:39:29:54:56:fe:b8:20:f3:ce:7b:d3:
94:86:7f:58:62:bb:83:6f:c9:e5:fd:15:da:42:9f:3d:56:47:
2d:32:4d:82:6e:cf:0f:9a:a0:77:6b:88:8b:40:1e:8f:8b:ce:
8b:f7:6a:bb:7d:cf:6d:a7:eb:42:52:64:2b:64:c0:3b:cf:a9:
39:74:f3:dd:98:6b:28:21:f7:e6:7e:05:28:c6:c1:13:75:70:
ad:57:83:6a:0c:cb:d9:e5:a0:df:53:d8:ac:9c:0b:d7:aa:3f:
b8:8c:bf:a0:e7:3f:da:93:6c:1c:9c:e9:61:30:6e:ed:b8:cb:
77:c8:dc:e9:d4:86:a8:1f:d8:66:80:3e:45:67:3a:39:40:3d:
73:97:22:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYQyKwD2qNWYQvS1kkWrbRhIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjIxMTAxMDc0OTQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA5ZDdhZDFmNzExM2IzMzk5OWE5MTA0MGJjMTZiZDk3MDE2YTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMvEECaAdRHir+PHSAmXUEUHQ4hD
FuH9VnNZg9PEXRExiOSu6obVqE0dC+xDm2EUX7BbYenDkwVGGrMpMiIDuFA1tnt5
oeT2stRHVm9HYGOEMVwgv6xkhCNZ7zYik2JdNOFE+K2hWAY8tiV7t2a5sRGwCev5
Umm08TKG51P42SC9SqNF1GP32BpUu85PagsgLPkcMJAAhJNT5ZXbHUzIdIxLaSJe
BrWA8vabvzPD1k3oYJ5aRpQzjSaDA2cAIGctrMiIvM7NThGqgMamCVkSY27R9Aod
lI7yq+Zh5UOipNHVeav04a5+7G9T4Dm3ADM/A2XUBZKtmlLlCeIDee4MWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFwJ160fcROzOZmpEEC8Fr2XAWo2MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvWEFuWHJSOXhFN001bWFrUVFMd1d2WmNCYWpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYvUMA0E
AgACMAcDBQAqBxhAMA0GCSqGSIb3DQEBCwUAA4IBAQAcDMvMX8LedzNRy7z87dQl
oOlti3U4KIUhfy9yTWgxhb4Bjt235la1cIMIp9nPuU9h4P6wwrIvuHOrOAFwY0eD
JbLXoGZemasyfIYYVHLRxCrKqn0XlVJ0Tufh8lnArBWZGzSA1uI/pYYggVakLu9z
dACjOSlUVv64IPPOe9OUhn9YYruDb8nl/RXaQp89VkctMk2Cbs8PmqB3a4iLQB6P
i86L92q7fc9tp+tCUmQrZMA7z6k5dPPdmGsoIffmfgUoxsETdXCtV4NqDMvZ5aDf
U9isnAvXqj+4jL+g5z/ak2wcnOlhMG7tuMt3yNzp1IaoH9hmgD5FZzo5QD1zlyLe
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:24 2023 by rpki-client on console-ams.rpki-client.org