Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xryca_52SD8RDpgFMnZqZALMwOc.roa
File: xryca_52SD8RDpgFMnZqZALMwOc.roa (raw, json)
Hash identifier: 3CtVjxvYKsx3iVBpqQjDrSi1adl24C35sHe8eu2/z3c=
Subject key identifier: C6:BC:9C:6B:FE:76:48:3F:11:0E:98:05:32:76:6A:64:02:CC:C0:E7
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018507E395CF9895997EA40631570CF6AF3F
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xryca_52SD8RDpgFMnZqZALMwOc.roa
Signing time: Mon 12 Dec 2022 19:50:33 +0000
ROA not before: Mon 12 Dec 2022 19:50:33 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209260
IP address blocks: 88.216.221.0/24 maxlen: 24
84.32.29.0/24 maxlen: 24
84.32.241.0/24 maxlen: 24
84.32.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:07:e3:95:cf:98:95:99:7e:a4:06:31:57:0c:f6:af:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Dec 12 19:50:33 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6bc9c6bfe76483f110e980532766a6402ccc0e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:64:85:1e:13:c2:ee:35:b4:95:dd:8b:bf:4a:
69:98:1b:b9:51:ff:e9:45:05:61:89:d4:ed:17:9d:
4f:86:fc:5b:1b:86:52:ea:78:82:c0:7c:e4:49:08:
e5:ff:1c:d1:59:84:5c:52:5a:b8:a3:fb:d0:d3:91:
f7:6b:07:6d:9c:93:7b:15:3e:38:89:90:55:b8:96:
71:b2:be:34:21:23:bb:a4:e1:66:09:fb:c8:74:3c:
b8:d3:68:b7:83:10:72:fe:fc:c1:0c:59:d7:1c:bb:
69:07:b5:90:9a:31:98:c8:b5:dd:2a:9c:d8:b0:db:
8a:9c:79:09:5d:99:cf:10:5c:6b:5b:83:b3:c4:ea:
19:7c:d1:f8:49:f8:86:6c:4c:01:dc:a9:02:e2:09:
32:9b:56:c1:79:31:d9:ec:74:68:56:8e:f1:b8:71:
63:29:66:ee:5e:6e:f9:26:88:dd:c3:8c:aa:da:77:
9b:39:76:fa:9c:de:87:9e:df:7a:16:d7:e9:14:dc:
09:d2:d1:ac:d0:78:de:f1:57:59:4f:92:1d:63:f1:
bb:11:a6:67:8b:fa:32:b2:12:07:48:04:f0:39:59:
87:07:04:86:cc:a1:6d:aa:7f:03:93:56:41:40:ed:
e2:12:ca:44:4a:d6:f2:cf:8d:87:2c:9f:30:0d:f9:
67:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:BC:9C:6B:FE:76:48:3F:11:0E:98:05:32:76:6A:64:02:CC:C0:E7
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/xryca_52SD8RDpgFMnZqZALMwOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.29.0/24
84.32.45.0/24
84.32.241.0/24
88.216.221.0/24
Signature Algorithm: sha256WithRSAEncryption
16:fb:f4:b2:10:26:ec:4b:a6:27:62:27:9c:22:66:44:d1:50:
23:fc:e0:e0:1b:76:44:cc:d3:50:40:b8:04:23:80:cb:48:43:
47:e0:05:50:58:86:69:99:68:a7:18:55:d8:78:d5:f7:5a:2f:
79:39:ec:1c:ef:c7:43:7c:25:5e:5d:54:be:f2:61:6f:01:c7:
16:64:f1:11:38:d2:d2:43:dc:aa:8a:47:81:73:4c:a7:75:e3:
59:3e:2e:5a:d3:03:2c:85:70:71:f5:93:8b:9a:d7:52:41:02:
95:ed:b4:e2:65:e1:3a:dc:8f:3c:d5:b8:64:e7:7c:8a:91:6a:
0b:3c:5b:07:a8:e6:16:ba:1a:84:13:0c:b5:f7:59:58:6c:88:
d8:f4:d2:a4:dd:f7:66:ba:94:62:95:24:c2:04:b8:22:35:25:
d3:f2:a0:c5:a8:57:bd:24:bf:4d:23:9f:f7:ad:ba:da:eb:41:
23:06:96:74:78:69:db:64:1b:81:17:cc:18:e9:fb:a5:b6:0d:
9d:5a:3b:b2:1f:e6:92:4d:c2:9e:2d:cb:02:82:11:7d:98:75:
0f:d2:0e:54:e3:bb:7c:0d:bd:6a:bb:9f:71:79:5a:d8:90:ef:
80:fc:6e:1d:0b:4e:fc:dd:df:dc:ed:15:9b:ba:2a:35:bf:d3:
47:37:5c:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYUH45XPmJWZfqQGMVcM9q8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjIxMjEyMTk1MDMzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmJjOWM2YmZlNzY0ODNmMTEwZTk4MDUzMjc2NmE2NDAyY2NjMGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GSFHhPC7jW0ld2Lv0ppmBu5Uf/p
RQVhidTtF51PhvxbG4ZS6niCwHzkSQjl/xzRWYRcUlq4o/vQ05H3awdtnJN7FT44
iZBVuJZxsr40ISO7pOFmCfvIdDy402i3gxBy/vzBDFnXHLtpB7WQmjGYyLXdKpzY
sNuKnHkJXZnPEFxrW4OzxOoZfNH4SfiGbEwB3KkC4gkym1bBeTHZ7HRoVo7xuHFj
KWbuXm75Jojdw4yq2nebOXb6nN6Hnt96FtfpFNwJ0tGs0Hje8VdZT5IdY/G7EaZn
i/oyshIHSATwOVmHBwSGzKFtqn8Dk1ZBQO3iEspEStbyz42HLJ8wDflnJQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMa8nGv+dkg/EQ6YBTJ2amQCzMDnMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEveHJ5Y2FfNTJTRDhSRHBnRk1uWnFaQUxNd09jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVCAdAwQA
VCAtAwQAVCDxAwQAWNjdMA0GCSqGSIb3DQEBCwUAA4IBAQAW+/SyECbsS6YnYiec
ImZE0VAj/ODgG3ZEzNNQQLgEI4DLSENH4AVQWIZpmWinGFXYeNX3Wi95Oewc78dD
fCVeXVS+8mFvAccWZPERONLSQ9yqikeBc0yndeNZPi5a0wMshXBx9ZOLmtdSQQKV
7bTiZeE63I881bhk53yKkWoLPFsHqOYWuhqEEwy191lYbIjY9NKk3fdmupRilSTC
BLgiNSXT8qDFqFe9JL9NI5/3rbra60EjBpZ0eGnbZBuBF8wY6fultg2dWjuyH+aS
TcKeLcsCghF9mHUP0g5U47t8Db1qu59xeVrYkO+A/G4dC0783d/c7RWbuio1v9NH
N1xK
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:07:33 2024 by rpki-client on console-ams.rpki-client.org