Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/XfcOAODBAxN0U1G1dm3x_md6Df4.roa
File: XfcOAODBAxN0U1G1dm3x_md6Df4.roa (raw, json)
Hash identifier: +YTomfTy2V2L/TuimjAi5Du1VsyOU6ZsJ94yBtXX/kc=
Subject key identifier: 5D:F7:0E:00:E0:C1:03:13:74:53:51:B5:76:6D:F1:FE:67:7A:0D:FE
Certificate issuer: /CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Certificate serial: 0186445023E0965BA97D7B6831512933FA43
Authority key identifier: C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/XfcOAODBAxN0U1G1dm3x_md6Df4.roa
Signing time: Sun 12 Feb 2023 06:29:08 +0000
ROA not before: Sun 12 Feb 2023 06:29:08 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 42440
IP address blocks: 185.211.57.0/24 maxlen: 24
185.211.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:44:50:23:e0:96:5b:a9:7d:7b:68:31:51:29:33:fa:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c23642d1ab39d309ec5f33e4e8814adc3584825f
Validity
Not Before: Feb 12 06:29:08 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5df70e00e0c10313745351b5766df1fe677a0dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:78:55:46:f0:2c:0a:13:1a:6f:10:72:ec:d0:
2d:6f:f2:9d:0e:12:2c:e0:1b:4c:0a:d3:a9:48:30:
d5:6c:47:28:96:4b:69:9d:6e:51:f1:3e:d2:2d:9b:
c8:3c:ee:82:fb:d1:3b:e2:3d:c5:0b:25:bf:9a:56:
f5:9a:fc:da:f3:f2:6b:e3:f8:b0:3a:b7:f4:b8:08:
ce:e4:0a:c3:5b:58:a3:13:d6:9d:51:86:7e:5d:fe:
7b:e9:3f:7c:69:ba:1f:a5:c3:8a:04:2c:e4:f6:1d:
b1:c4:de:b3:0f:95:80:7e:39:1c:fa:43:9d:df:9c:
b7:9c:0e:77:27:37:bf:86:0d:84:e7:f1:f9:d6:ae:
c3:91:7a:ea:02:c9:15:21:68:ac:69:d3:84:14:10:
76:60:2f:dd:5d:ec:fa:11:5a:c5:47:07:d4:73:34:
9a:b7:92:08:d3:d5:90:6a:57:ef:8a:65:6f:4b:81:
a6:85:7d:3a:3f:42:c6:13:9f:0e:53:a1:2f:96:e5:
9e:53:2b:3c:32:84:84:df:62:64:7c:fd:f6:7a:44:
ce:6d:c8:27:c9:99:84:d0:78:e2:c3:90:64:d4:51:
26:79:8a:7b:7e:ab:fc:46:fa:23:69:46:e2:3c:04:
12:88:a2:ea:cd:f3:39:04:3c:f1:a2:a5:5b:71:9b:
cb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:F7:0E:00:E0:C1:03:13:74:53:51:B5:76:6D:F1:FE:67:7A:0D:FE
X509v3 Authority Key Identifier:
keyid:C2:36:42:D1:AB:39:D3:09:EC:5F:33:E4:E8:81:4A:DC:35:84:82:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wjZC0as50wnsXzPk6IFK3DWEgl8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/XfcOAODBAxN0U1G1dm3x_md6Df4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/e41698-e7ac-418c-b91d-2267968b652f/1/wjZC0as50wnsXzPk6IFK3DWEgl8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.211.56.0/23
Signature Algorithm: sha256WithRSAEncryption
59:4c:23:e9:9a:dc:d8:e3:40:c7:cb:f6:98:1b:21:79:99:78:
f2:f0:f8:2e:5a:6c:7f:0d:66:1a:b1:c1:e4:f6:1b:82:f1:f8:
17:b4:ed:f8:a4:b1:72:a7:03:a7:df:ad:d2:b6:ee:51:46:f0:
2b:5e:36:b1:ee:82:36:5a:11:46:0f:93:f2:e1:8a:93:25:ed:
36:02:ea:d2:8a:07:a3:67:b7:8f:98:a2:e5:3d:a8:ed:ad:a7:
53:1d:3b:4d:b7:43:55:bf:12:10:04:73:23:86:27:c4:7b:04:
ed:82:e6:28:16:23:5f:57:09:d1:dc:13:3b:1c:79:ab:3f:6d:
9f:51:ac:a9:a5:a7:99:50:a3:08:51:7a:97:45:a1:3b:03:b3:
03:5d:b0:1f:b2:06:9f:ab:6e:36:8f:c2:f5:6a:aa:17:81:d4:
21:ba:13:0c:ec:32:b8:bc:b0:96:cc:af:49:a1:6f:19:99:4b:
9c:f6:35:6d:54:7a:94:c6:41:8c:1e:2e:85:3a:a5:45:c4:6c:
e8:db:7b:e1:87:26:ef:c7:c8:8a:74:c1:41:3f:a6:36:60:68:
7d:4c:08:bc:24:c8:25:85:68:b4:17:22:c6:d1:ff:d0:5f:25:
0c:87:fb:1a:48:7f:d7:65:39:8d:29:f1:4e:d9:ea:3f:91:1e:
51:10:07:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYZEUCPgllupfXtoMVEpM/pDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMzY0MmQxYWIzOWQzMDllYzVmMzNlNGU4ODE0YWRjMzU4
NDgyNWYwHhcNMjMwMjEyMDYyOTA4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGY3MGUwMGUwYzEwMzEzNzQ1MzUxYjU3NjZkZjFmZTY3N2EwZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonhVRvAsChMabxBy7NAtb/KdDhIs
4BtMCtOpSDDVbEcolktpnW5R8T7SLZvIPO6C+9E74j3FCyW/mlb1mvza8/Jr4/iw
Orf0uAjO5ArDW1ijE9adUYZ+Xf576T98abofpcOKBCzk9h2xxN6zD5WAfjkc+kOd
35y3nA53Jze/hg2E5/H51q7DkXrqAskVIWisadOEFBB2YC/dXez6EVrFRwfUczSa
t5II09WQalfvimVvS4GmhX06P0LGE58OU6EvluWeUys8MoSE32JkfP32ekTObcgn
yZmE0Hjiw5Bk1FEmeYp7fqv8RvojaUbiPAQSiKLqzfM5BDzxoqVbcZvL1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF33DgDgwQMTdFNRtXZt8f5neg3+MB8GA1UdIwQY
MBaAFMI2QtGrOdMJ7F8z5OiBStw1hIJfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQt
MjI2Nzk2OGI2NTJmLzEvWGZjT0FPREJBeE4wVTFHMWRtM3hfbWQ2RGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9lNDE2OTgtZTdhYy00MThjLWI5MWQtMjI2Nzk2OGI2NTJm
LzEvd2paQzBhczUwd25zWHpQazZJRkszRFdFZ2w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudM4MA0G
CSqGSIb3DQEBCwUAA4IBAQBZTCPpmtzY40DHy/aYGyF5mXjy8PguWmx/DWYascHk
9huC8fgXtO34pLFypwOn363Stu5RRvArXjax7oI2WhFGD5Py4YqTJe02AurSigej
Z7ePmKLlPajtradTHTtNt0NVvxIQBHMjhifEewTtguYoFiNfVwnR3BM7HHmrP22f
UayppaeZUKMIUXqXRaE7A7MDXbAfsgafq242j8L1aqoXgdQhuhMM7DK4vLCWzK9J
oW8ZmUuc9jVtVHqUxkGMHi6FOqVFxGzo23vhhybvx8iKdMFBP6Y2YGh9TAi8JMgl
hWi0FyLG0f/QXyUMh/saSH/XZTmNKfFO2eo/kR5REAdS
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:03:13 2025 by rpki-client