Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/XZBUWat7IM-5xKFFeL94ehGxpXo.roa
File: XZBUWat7IM-5xKFFeL94ehGxpXo.roa (raw, json)
Hash identifier: lLta7u/RkV/4y2xqA2Nh3hBvmWyYb7VdRSBcfMNgoD4=
Subject key identifier: 5D:90:54:59:AB:7B:20:CF:B9:C4:A1:45:78:BF:78:7A:11:B1:A5:7A
Certificate issuer: /CN=d557f65aa23dbacea5b1cf833a63482ef3e43057
Certificate serial: 026C992A
Authority key identifier: D5:57:F6:5A:A2:3D:BA:CE:A5:B1:CF:83:3A:63:48:2E:F3:E4:30:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Vf2WqI9us6lsc-DOmNILvPkMFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/XZBUWat7IM-5xKFFeL94ehGxpXo.roa
Signing time: Sat 01 Jan 2022 00:52:18 +0000
ROA not before: Sat 01 Jan 2022 00:52:18 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 20473
IP address blocks: 185.248.224.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 40671530 (0x26c992a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d557f65aa23dbacea5b1cf833a63482ef3e43057
Validity
Not Before: Jan 1 00:52:18 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d905459ab7b20cfb9c4a14578bf787a11b1a57a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:20:32:8f:0b:32:88:e5:f4:8d:9c:85:ca:92:
8d:71:93:b1:fc:c3:e1:d1:cc:79:0f:3a:52:b2:9e:
37:e2:89:47:2a:1c:06:91:b1:6b:e9:46:2d:34:ed:
a4:7d:fa:cc:a6:9c:0d:ce:59:8c:45:de:18:dc:33:
e1:a0:58:1d:8a:db:d2:99:b4:22:5e:3b:af:9f:63:
a1:61:8b:b2:dd:63:4a:ad:7d:44:87:b7:3b:1d:31:
24:59:8b:a9:4a:d2:c0:79:95:78:43:6f:f7:e9:0f:
85:28:7b:ea:07:1f:37:ff:b6:52:22:07:f2:09:ec:
16:ee:e2:f9:ef:8e:9e:3f:41:b2:f3:2f:b7:4c:35:
c3:26:09:3d:2f:35:df:2c:ab:4c:a2:36:40:cc:0a:
0c:55:c3:c0:a7:2b:b4:5e:bb:6c:fd:0f:e0:a7:c1:
83:99:10:27:e8:7c:15:ac:0e:94:16:2b:50:99:36:
e9:ad:e1:ae:66:71:4d:41:21:5d:f8:96:c9:25:92:
50:a9:88:25:4c:da:08:af:d4:9d:09:7b:64:93:4f:
d5:e1:b1:c7:c4:79:85:b7:76:e8:38:e9:0e:8e:fa:
3f:15:0a:fe:ae:a2:60:57:a5:d7:b3:d2:62:e7:fc:
c2:0a:58:21:b3:80:7d:9c:57:95:53:7c:f9:4a:e3:
0b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:90:54:59:AB:7B:20:CF:B9:C4:A1:45:78:BF:78:7A:11:B1:A5:7A
X509v3 Authority Key Identifier:
keyid:D5:57:F6:5A:A2:3D:BA:CE:A5:B1:CF:83:3A:63:48:2E:F3:E4:30:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Vf2WqI9us6lsc-DOmNILvPkMFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/XZBUWat7IM-5xKFFeL94ehGxpXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/7951b5-9cb6-4535-95c6-63c52e92c47e/1/1Vf2WqI9us6lsc-DOmNILvPkMFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.248.224.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:4e:8a:85:8f:4b:4c:f5:be:d5:b5:81:84:30:34:44:dc:09:
74:c8:88:72:c7:d8:ba:87:32:fb:29:8a:89:08:cd:a7:9c:0d:
ef:5c:f4:2e:2f:68:f5:df:23:26:5a:1b:03:0a:af:1d:7f:13:
56:ce:9a:01:54:23:24:a2:51:7e:5b:93:a8:ba:d3:62:89:41:
37:c4:53:a7:20:b5:a9:09:e6:4b:7b:0f:54:f9:48:4a:b9:da:
78:d8:4a:52:94:d3:0b:6d:c6:90:39:95:7d:e4:7c:d2:92:25:
d5:15:82:89:8b:e5:1a:b9:fe:49:2f:0b:d1:ee:f5:9d:0b:d8:
34:2c:9a:d4:a7:29:f5:49:f6:c1:16:e1:d9:61:b9:36:21:cf:
3d:0f:04:a9:2e:99:68:af:8d:65:30:c6:6d:a7:d8:7f:8f:9c:
b6:87:fe:33:8e:12:14:12:f8:9d:ac:32:05:cb:38:01:e5:17:
84:b2:00:94:eb:b9:4b:2f:aa:6a:95:58:38:0d:9a:80:55:32:
39:3e:e8:ab:06:bf:c8:5b:b2:8d:ba:ed:7e:b5:a8:f5:9f:bc:
9d:67:34:b6:79:43:ca:ed:9e:ef:08:9a:2b:54:b2:59:87:4e:
45:da:4a:f0:c6:f0:d8:b2:fe:e6:3b:75:24:a2:8a:11:ed:e4:
9d:5d:68:44
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEAmyZKjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
NTU3ZjY1YWEyM2RiYWNlYTViMWNmODMzYTYzNDgyZWYzZTQzMDU3MB4XDTIyMDEw
MTAwNTIxOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQ5MDU0NTlhYjdi
MjBjZmI5YzRhMTQ1NzhiZjc4N2ExMWIxYTU3YTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALUgMo8LMojl9I2chcqSjXGTsfzD4dHMeQ86UrKeN+KJRyoc
BpGxa+lGLTTtpH36zKacDc5ZjEXeGNwz4aBYHYrb0pm0Il47r59joWGLst1jSq19
RIe3Ox0xJFmLqUrSwHmVeENv9+kPhSh76gcfN/+2UiIH8gnsFu7i+e+Onj9BsvMv
t0w1wyYJPS813yyrTKI2QMwKDFXDwKcrtF67bP0P4KfBg5kQJ+h8FawOlBYrUJk2
6a3hrmZxTUEhXfiWySWSUKmIJUzaCK/UnQl7ZJNP1eGxx8R5hbd26DjpDo76PxUK
/q6iYFel17PSYuf8wgpYIbOAfZxXlVN8+UrjCz0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdkFRZq3sgz7nEoUV4v3h6EbGlejAfBgNVHSMEGDAWgBTVV/Zaoj26zqWx
z4M6Y0gu8+QwVzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzFWZjJXcUk5dXM2bHNjLURPbU5JTHZQa01GYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvNzk1MWI1LTljYjYtNDUzNS05NWM2LTYzYzUyZTkyYzQ3ZS8x
L1haQlVXYXQ3SU0tNXhLRkZlTDk0ZWhHeHBYby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
Nzk1MWI1LTljYjYtNDUzNS05NWM2LTYzYzUyZTkyYzQ3ZS8xLzFWZjJXcUk5dXM2
bHNjLURPbU5JTHZQa01GYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALn44DANBgkqhkiG9w0BAQsFAAOC
AQEAm06KhY9LTPW+1bWBhDA0RNwJdMiIcsfYuocy+ymKiQjNp5wN71z0Li9o9d8j
JlobAwqvHX8TVs6aAVQjJKJRfluTqLrTYolBN8RTpyC1qQnmS3sPVPlISrnaeNhK
UpTTC23GkDmVfeR80pIl1RWCiYvlGrn+SS8L0e71nQvYNCya1Kcp9Un2wRbh2WG5
NiHPPQ8EqS6ZaK+NZTDGbafYf4+ctof+M44SFBL4nawyBcs4AeUXhLIAlOu5Sy+q
apVYOA2agFUyOT7oqwa/yFuyjbrtfrWo9Z+8nWc0tnlDyu2e7wiaK1SyWYdORdpK
8Mbw2LL+5jt1JKKKEe3knV1oRA==
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:51:47 2023 by rpki-client on console-ams.rpki-client.org