Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/xfVM1kRz4Y8DltNch-07zkPyhcA.roa
File: xfVM1kRz4Y8DltNch-07zkPyhcA.roa (raw, json)
Hash identifier: yVEl3DBLJAHrQRtPnfGtEe8HdKEmoxglKJVJWcHJB80=
Subject key identifier: C5:F5:4C:D6:44:73:E1:8F:03:96:D3:5C:87:ED:3B:CE:43:F2:85:C0
Certificate issuer: /CN=2f54875dbe30be4f7fc44a0468b51b178edf64e6
Certificate serial: 02E63FB2
Authority key identifier: 2F:54:87:5D:BE:30:BE:4F:7F:C4:4A:04:68:B5:1B:17:8E:DF:64:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1SHXb4wvk9_xEoEaLUbF47fZOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/xfVM1kRz4Y8DltNch-07zkPyhcA.roa
Signing time: Sat 01 Jan 2022 08:57:22 +0000
ROA not before: Sat 01 Jan 2022 08:57:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210104
IP address blocks: 85.115.212.0/22 maxlen: 22
93.177.88.0/22 maxlen: 22
185.215.75.0/24 maxlen: 24
185.215.74.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 48644018 (0x2e63fb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f54875dbe30be4f7fc44a0468b51b178edf64e6
Validity
Not Before: Jan 1 08:57:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5f54cd64473e18f0396d35c87ed3bce43f285c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:41:0c:22:41:08:3c:71:78:97:36:c9:78:31:
14:a3:fc:ba:41:ed:30:ba:7b:b6:dd:3d:17:0d:f0:
a4:01:ea:9d:b2:dc:82:06:9d:b9:fd:51:8c:91:99:
d4:2c:6e:f4:13:56:a3:28:f9:49:a1:f1:d0:a5:ef:
ba:d5:2f:b9:4e:c2:66:36:68:85:a1:f5:6e:86:5e:
88:f5:91:2f:5f:66:34:86:65:c5:de:63:00:9d:4c:
79:99:72:33:49:d1:43:6f:8d:4c:77:fd:96:c7:1f:
75:82:88:e6:1b:11:5c:23:70:9d:4e:f9:89:74:70:
0e:7a:d7:c0:7b:f2:65:ed:3e:9f:55:5c:ba:a5:43:
1d:ea:87:b9:64:54:39:50:5c:60:2e:c8:7a:52:ca:
18:60:34:71:fe:f5:b8:14:99:9f:5e:ec:27:48:e3:
d4:5b:1d:0b:16:5c:eb:ec:c9:78:91:1b:ac:dd:26:
c9:42:af:e0:d6:09:c2:30:a7:8f:78:55:fe:75:61:
cc:76:0f:06:ab:6f:7b:ec:c8:17:13:d0:62:f9:bf:
90:a0:2b:c5:ac:c4:b9:d6:4b:c0:83:aa:9a:31:a6:
00:96:4f:f7:dd:9b:a2:f3:03:73:91:ef:6f:2f:c1:
3d:38:5d:a5:87:ef:bc:40:c6:59:fb:3d:48:1d:d1:
10:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:F5:4C:D6:44:73:E1:8F:03:96:D3:5C:87:ED:3B:CE:43:F2:85:C0
X509v3 Authority Key Identifier:
keyid:2F:54:87:5D:BE:30:BE:4F:7F:C4:4A:04:68:B5:1B:17:8E:DF:64:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1SHXb4wvk9_xEoEaLUbF47fZOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/xfVM1kRz4Y8DltNch-07zkPyhcA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/da53b9-dca5-495d-8763-bfea61b770b6/1/L1SHXb4wvk9_xEoEaLUbF47fZOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.212.0/22
93.177.88.0/22
185.215.74.0/23
Signature Algorithm: sha256WithRSAEncryption
90:88:b5:56:a1:a0:c3:05:c5:2c:c4:64:47:f0:50:32:77:8e:
10:5d:8b:ed:6f:64:44:c1:93:3a:78:90:68:42:e8:bf:22:0c:
35:1c:60:f2:28:76:b5:dc:1d:c4:ce:f2:f4:1a:6d:ac:48:fb:
49:2c:77:58:44:72:d0:5c:d5:91:cc:82:a8:38:9d:d2:c2:fc:
d1:b2:3e:c3:3c:55:82:92:e1:0a:17:15:f3:65:dd:3f:79:63:
aa:a4:52:13:3f:c1:33:26:18:93:8c:fd:ff:c6:e2:8f:56:11:
d0:bc:c4:3f:c3:33:2c:f4:6e:6f:80:af:d5:7a:6a:54:95:75:
c6:34:56:4c:23:4b:dc:e8:b5:48:6b:04:1b:f9:9e:d2:1f:99:
d1:06:30:18:7c:8d:be:2b:4f:d0:e6:28:10:ac:1b:89:dc:8b:
17:b8:2c:fa:4b:a1:77:53:c8:2c:81:eb:a9:a7:e0:55:67:ca:
aa:c0:20:53:ea:4d:0c:86:2b:04:4a:17:ae:52:ff:80:2e:42:
08:7a:8c:51:0a:fd:e8:93:40:c4:94:0e:22:30:fc:c9:14:71:
97:38:9f:75:25:ae:4d:fe:b7:58:e2:4c:0e:09:a5:9a:74:71:
c4:b7:fa:a9:2f:df:dd:32:03:26:34:19:49:c8:83:ea:8f:8a:
a9:7e:ff:1b
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIEAuY/sjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
ZjU0ODc1ZGJlMzBiZTRmN2ZjNDRhMDQ2OGI1MWIxNzhlZGY2NGU2MB4XDTIyMDEw
MTA4NTcyMloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVmNTRjZDY0NDcz
ZTE4ZjAzOTZkMzVjODdlZDNiY2U0M2YyODVjMDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL5BDCJBCDxxeJc2yXgxFKP8ukHtMLp7tt09Fw3wpAHqnbLc
ggaduf1RjJGZ1Cxu9BNWoyj5SaHx0KXvutUvuU7CZjZohaH1boZeiPWRL19mNIZl
xd5jAJ1MeZlyM0nRQ2+NTHf9lscfdYKI5hsRXCNwnU75iXRwDnrXwHvyZe0+n1Vc
uqVDHeqHuWRUOVBcYC7IelLKGGA0cf71uBSZn17sJ0jj1FsdCxZc6+zJeJEbrN0m
yUKv4NYJwjCnj3hV/nVhzHYPBqtve+zIFxPQYvm/kKArxazEudZLwIOqmjGmAJZP
992bovMDc5Hvby/BPThdpYfvvEDGWfs9SB3REBECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBTF9UzWRHPhjwOW01yH7TvOQ/KFwDAfBgNVHSMEGDAWgBQvVIddvjC+T3/E
SgRotRsXjt9k5jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0wxU0hYYjR3dms5X3hFb0VhTFViRjQ3ZlpPWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjUvZGE1M2I5LWRjYTUtNDk1ZC04NzYzLWJmZWE2MWI3NzBiNi8x
L3hmVk0xa1J6NFk4RGx0TmNoLTA3emtQeWhjQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjUv
ZGE1M2I5LWRjYTUtNDk1ZC04NzYzLWJmZWE2MWI3NzBiNi8xL0wxU0hYYjR3dms5
X3hFb0VhTFViRjQ3ZlpPWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAlVz1AMEAl2xWAMEAbnXSjANBgkq
hkiG9w0BAQsFAAOCAQEAkIi1VqGgwwXFLMRkR/BQMneOEF2L7W9kRMGTOniQaELo
vyIMNRxg8ih2tdwdxM7y9BptrEj7SSx3WERy0FzVkcyCqDid0sL80bI+wzxVgpLh
ChcV82XdP3ljqqRSEz/BMyYYk4z9/8bij1YR0LzEP8MzLPRub4Cv1XpqVJV1xjRW
TCNL3Oi1SGsEG/me0h+Z0QYwGHyNvitP0OYoEKwbidyLF7gs+kuhd1PILIHrqafg
VWfKqsAgU+pNDIYrBEoXrlL/gC5CCHqMUQr96JNAxJQOIjD8yRRxlzifdSWuTf63
WOJMDgmlmnRxxLf6qS/f3TIDJjQZSciD6o+KqX7/Gw==
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:03:56 2025 by rpki-client