Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f500e1-2412-42e5-a8a3-2142c0c4385f/1/XLTb4wrLkL0PSxeFH8QyJ7xfGQ4.roa
File: XLTb4wrLkL0PSxeFH8QyJ7xfGQ4.roa (raw, json)
Hash identifier: 3FIGirzcOUjkiT1fHesZ8bJMUN/F4cUtCY/2IctfCSs=
Subject key identifier: 5C:B4:DB:E3:0A:CB:90:BD:0F:4B:17:85:1F:C4:32:27:BC:5F:19:0E
Certificate issuer: /CN=eeadaa6339103bdb5566d83271d3c47c005c250d
Certificate serial: 0184C9211C8FED34E4D1AA9EE639E93F7F1E
Authority key identifier: EE:AD:AA:63:39:10:3B:DB:55:66:D8:32:71:D3:C4:7C:00:5C:25:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7q2qYzkQO9tVZtgycdPEfABcJQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f500e1-2412-42e5-a8a3-2142c0c4385f/1/XLTb4wrLkL0PSxeFH8QyJ7xfGQ4.roa
Signing time: Wed 30 Nov 2022 15:21:41 +0000
ROA not before: Wed 30 Nov 2022 15:21:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 61404
IP address blocks: 185.128.88.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:c9:21:1c:8f:ed:34:e4:d1:aa:9e:e6:39:e9:3f:7f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eeadaa6339103bdb5566d83271d3c47c005c250d
Validity
Not Before: Nov 30 15:21:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cb4dbe30acb90bd0f4b17851fc43227bc5f190e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0b:5d:06:49:26:1c:20:b7:7a:23:95:d9:7e:
d2:57:eb:91:24:aa:8e:c8:f3:cd:48:53:6c:89:8a:
a8:27:d6:c2:6a:be:83:9f:35:6e:7e:1d:a9:f2:9a:
fd:e9:d6:a2:a5:30:fb:bb:6d:89:31:b2:1b:1e:86:
f5:e5:82:8c:6f:47:2b:27:47:21:ce:54:61:18:88:
ee:cd:2b:e2:86:a3:25:9f:9a:28:6b:84:be:67:77:
6b:2d:82:02:cb:06:22:6a:b1:9a:bf:9e:b0:39:9f:
66:4d:1a:ac:aa:4e:0f:fd:bc:62:db:c5:0a:08:fd:
ea:1d:5e:a2:40:5a:68:6d:78:e7:6d:d9:4a:d4:69:
8d:73:32:3e:0c:9a:33:2c:da:55:eb:d9:d7:39:a7:
59:32:e3:ab:29:95:ea:9d:49:0c:c6:2a:ac:9b:f1:
4d:45:3d:85:81:39:7b:a3:cd:30:4e:38:1f:db:09:
df:6c:6e:5b:81:38:7f:45:45:f2:fb:ad:16:6c:66:
16:eb:ed:58:00:fa:4f:03:4e:2e:33:d2:63:0b:91:
4c:d2:da:df:9a:15:95:65:61:df:a7:20:29:b6:d3:
0e:45:6b:30:74:23:78:a4:66:92:41:e0:29:5f:aa:
32:96:3f:cf:ae:8b:4d:c3:df:e6:9d:92:fa:19:4f:
95:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B4:DB:E3:0A:CB:90:BD:0F:4B:17:85:1F:C4:32:27:BC:5F:19:0E
X509v3 Authority Key Identifier:
keyid:EE:AD:AA:63:39:10:3B:DB:55:66:D8:32:71:D3:C4:7C:00:5C:25:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7q2qYzkQO9tVZtgycdPEfABcJQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f500e1-2412-42e5-a8a3-2142c0c4385f/1/XLTb4wrLkL0PSxeFH8QyJ7xfGQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f500e1-2412-42e5-a8a3-2142c0c4385f/1/7q2qYzkQO9tVZtgycdPEfABcJQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.128.88.0/22
Signature Algorithm: sha256WithRSAEncryption
87:4d:e4:b9:33:b5:df:94:7d:27:65:67:ee:77:51:ed:d1:f9:
b0:df:34:35:c1:9a:e9:a1:d9:7d:3f:57:a2:1d:4a:99:54:f5:
aa:d4:a5:14:36:d6:e1:83:d0:c8:69:27:9e:16:51:e8:15:fc:
53:10:55:0b:5d:be:14:4f:89:23:4c:e7:ec:81:c2:c5:c6:1b:
8f:ed:05:cb:ad:ca:d5:07:8d:6a:3c:0f:05:cd:8e:5f:36:91:
96:3d:e5:0a:2d:b1:6e:19:c1:f9:64:a4:1c:ca:0a:8d:f6:09:
af:7c:51:95:18:ad:59:ac:3c:cc:bc:20:33:29:3d:71:f7:11:
af:c5:dd:9b:69:ee:67:87:ac:13:de:52:f3:48:58:bf:5a:c5:
8f:45:7b:c7:b0:2d:07:ff:a1:fa:8e:a7:da:b6:d1:03:4f:b2:
63:24:3e:c3:cc:58:f4:3c:e0:3b:40:79:98:1b:4b:09:e3:89:
ac:f2:c9:11:74:61:cd:8b:68:b4:85:3b:cd:f4:e5:ae:78:f7:
90:23:c0:99:aa:ab:33:85:4d:1b:00:05:fa:2d:5e:a2:a0:c9:
cb:9d:52:cc:01:95:d4:18:0c:04:cf:89:51:b8:da:09:44:25:
01:e5:f3:ac:af:06:78:52:e2:c7:ec:5a:f7:0f:37:b0:ad:59:
f8:e9:b7:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTJIRyP7TTk0aqe5jnpP38eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYWRhYTYzMzkxMDNiZGI1NTY2ZDgzMjcxZDNjNDdjMDA1
YzI1MGQwHhcNMjIxMTMwMTUyMTQxWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2I0ZGJlMzBhY2I5MGJkMGY0YjE3ODUxZmM0MzIyN2JjNWYxOTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4AtdBkkmHCC3eiOV2X7SV+uRJKqO
yPPNSFNsiYqoJ9bCar6DnzVufh2p8pr96daipTD7u22JMbIbHob15YKMb0crJ0ch
zlRhGIjuzSvihqMln5ooa4S+Z3drLYICywYiarGav56wOZ9mTRqsqk4P/bxi28UK
CP3qHV6iQFpobXjnbdlK1GmNczI+DJozLNpV69nXOadZMuOrKZXqnUkMxiqsm/FN
RT2FgTl7o80wTjgf2wnfbG5bgTh/RUXy+60WbGYW6+1YAPpPA04uM9JjC5FM0trf
mhWVZWHfpyApttMORWswdCN4pGaSQeApX6oylj/ProtNw9/mnZL6GU+VMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFy02+MKy5C9D0sXhR/EMie8XxkOMB8GA1UdIwQY
MBaAFO6tqmM5EDvbVWbYMnHTxHwAXCUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3EycVl6a1FPOXRWWnRneWNkUEVmQUJjSlEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mNTAwZTEtMjQxMi00MmU1LWE4YTMt
MjE0MmMwYzQzODVmLzEvWExUYjR3ckxrTDBQU3hlRkg4UXlKN3hmR1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mNTAwZTEtMjQxMi00MmU1LWE4YTMtMjE0MmMwYzQzODVm
LzEvN3EycVl6a1FPOXRWWnRneWNkUEVmQUJjSlEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYBYMA0G
CSqGSIb3DQEBCwUAA4IBAQCHTeS5M7XflH0nZWfud1Ht0fmw3zQ1wZrpodl9P1ei
HUqZVPWq1KUUNtbhg9DIaSeeFlHoFfxTEFULXb4UT4kjTOfsgcLFxhuP7QXLrcrV
B41qPA8FzY5fNpGWPeUKLbFuGcH5ZKQcygqN9gmvfFGVGK1ZrDzMvCAzKT1x9xGv
xd2bae5nh6wT3lLzSFi/WsWPRXvHsC0H/6H6jqfattEDT7JjJD7DzFj0POA7QHmY
G0sJ44ms8skRdGHNi2i0hTvN9OWuePeQI8CZqqszhU0bAAX6LV6ioMnLnVLMAZXU
GAwEz4lRuNoJRCUB5fOsrwZ4UuLH7Fr3DzewrVn46bdQ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:06 2025 by rpki-client