Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/X1p-zan1sWc__iC7a40mmyP4smU.roa
File: X1p-zan1sWc__iC7a40mmyP4smU.roa (raw, json)
Hash identifier: gT4U0APDxIDsCOu8F9uAolYT0siKp/qabYMwXzU3i44=
Subject key identifier: 5F:5A:7E:CD:A9:F5:B1:67:3F:FE:20:BB:6B:8D:26:9B:23:F8:B2:65
Certificate issuer: /CN=f9629775283733a45c454b8d7be5a66df0db1a17
Certificate serial: A80BED
Authority key identifier: F9:62:97:75:28:37:33:A4:5C:45:4B:8D:7B:E5:A6:6D:F0:DB:1A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/X1p-zan1sWc__iC7a40mmyP4smU.roa
Signing time: Sat 01 Jan 2022 01:55:13 +0000
ROA not before: Sat 01 Jan 2022 01:55:13 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 41956
IP address blocks: 185.254.35.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 11013101 (0xa80bed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f9629775283733a45c454b8d7be5a66df0db1a17
Validity
Not Before: Jan 1 01:55:13 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f5a7ecda9f5b1673ffe20bb6b8d269b23f8b265
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:12:5f:6b:38:9d:a1:21:18:09:72:19:2c:d4:
ce:a0:89:c6:00:e3:aa:ca:12:74:44:29:08:f2:bb:
f4:f5:b7:70:08:2f:ef:83:0f:0c:8a:9a:12:e5:3a:
78:03:88:aa:91:6a:42:62:7e:91:9d:2c:62:f3:24:
c7:c5:5d:28:e2:eb:83:8a:b3:d6:6a:df:97:3a:c7:
0e:5b:18:05:d4:cc:06:a3:d8:d1:e5:a2:f5:ef:36:
33:7a:dd:46:fe:f5:f2:cf:94:55:b2:0e:1a:85:87:
d1:2e:8a:18:96:6a:a1:53:81:97:d5:b9:60:e3:48:
9d:52:c8:e6:5c:28:d5:64:d9:49:cf:7b:f5:d4:f8:
67:14:cf:32:04:41:e8:be:0a:94:cf:a5:62:61:68:
15:ab:be:29:c2:98:4e:58:ba:56:64:dc:f2:56:5b:
d6:d8:64:42:45:25:73:ee:48:1e:22:04:fa:40:b6:
fa:1b:e7:e0:d9:5c:93:de:f6:95:8c:43:28:48:9a:
4c:25:f0:b3:c1:06:1f:1a:46:25:96:57:72:cc:8d:
da:54:a1:a7:b8:65:ce:f6:be:89:3c:31:81:da:58:
17:01:47:cf:3f:7b:25:eb:ab:a4:bd:f8:26:b8:6e:
fb:60:9c:ac:a3:c4:aa:ae:90:2d:9b:15:eb:e7:da:
c7:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:5A:7E:CD:A9:F5:B1:67:3F:FE:20:BB:6B:8D:26:9B:23:F8:B2:65
X509v3 Authority Key Identifier:
keyid:F9:62:97:75:28:37:33:A4:5C:45:4B:8D:7B:E5:A6:6D:F0:DB:1A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/X1p-zan1sWc__iC7a40mmyP4smU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/ebfce6-2857-404b-9b74-b324e025b929/1/1-WKXdSg3M6RcRUuNe-WmbfDbGhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.35.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:0c:f1:64:67:cd:cc:e8:40:f6:e1:45:af:6c:1a:95:46:06:
be:bf:38:6b:3f:e0:bb:34:77:04:44:2b:8c:45:b7:7b:80:2f:
72:08:01:c4:cf:d1:fe:55:ab:5a:e4:03:2c:83:91:87:40:24:
0c:33:6d:2e:48:d6:c7:7e:62:1c:d3:55:2f:5a:d3:85:80:b9:
fa:49:fa:d4:4d:f6:12:78:c4:bc:ec:92:81:e4:4d:50:fa:d4:
3e:8e:60:3f:04:f6:bc:40:fd:c3:c6:28:86:b6:22:a9:a8:db:
b2:0b:20:0a:52:6d:02:52:e0:18:08:97:e5:b6:7b:ef:8a:b0:
e0:b1:7f:50:e1:11:4e:fa:d8:4e:ff:e8:9d:6b:a0:b3:9e:d2:
63:42:30:2c:0f:2d:6f:13:cd:a7:89:02:c2:ab:de:5a:a8:b5:
ac:3e:9c:82:e1:65:58:27:92:3c:50:52:56:86:ba:19:0a:88:
02:7d:a7:4b:ef:33:87:28:08:37:11:c2:f7:94:7a:6b:1a:2f:
18:62:c0:cb:3f:c6:cb:38:27:61:bf:3a:66:60:96:0b:26:0d:
22:f8:5c:35:3e:8e:a2:12:16:81:93:67:49:8a:1c:19:da:d1:
f6:82:53:6c:bf:3d:42:5a:d6:e4:58:16:2d:3f:a2:df:5d:b7:
f4:31:0c:ac
-----BEGIN CERTIFICATE-----
MIIE8TCCA9mgAwIBAgIEAKgL7TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhm
OTYyOTc3NTI4MzczM2E0NWM0NTRiOGQ3YmU1YTY2ZGYwZGIxYTE3MB4XDTIyMDEw
MTAxNTUxM1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY1YTdlY2RhOWY1
YjE2NzNmZmUyMGJiNmI4ZDI2OWIyM2Y4YjI2NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL0SX2s4naEhGAlyGSzUzqCJxgDjqsoSdEQpCPK79PW3cAgv
74MPDIqaEuU6eAOIqpFqQmJ+kZ0sYvMkx8VdKOLrg4qz1mrflzrHDlsYBdTMBqPY
0eWi9e82M3rdRv718s+UVbIOGoWH0S6KGJZqoVOBl9W5YONInVLI5lwo1WTZSc97
9dT4ZxTPMgRB6L4KlM+lYmFoFau+KcKYTli6VmTc8lZb1thkQkUlc+5IHiIE+kC2
+hvn4Nlck972lYxDKEiaTCXws8EGHxpGJZZXcsyN2lShp7hlzva+iTwxgdpYFwFH
zz97JeurpL34Jrhu+2CcrKPEqq6QLZsV6+fax2kCAwEAAaOCAgswggIHMB0GA1Ud
DgQWBBRfWn7NqfWxZz/+ILtrjSabI/iyZTAfBgNVHSMEGDAWgBT5Ypd1KDczpFxF
S4175aZt8NsaFzAOBgNVHQ8BAf8EBAMCB4AwZQYIKwYBBQUHAQEEWTBXMFUGCCsG
AQUFBzAChklyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzEtV0tYZFNnM002UmNSVXVOZS1XbWJmRGJHaGMuY2VyMIGNBggrBgEFBQcBCwSB
gDB+MHwGCCsGAQUFBzALhnByc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9y
eS9ERUZBVUxULzdkL2ViZmNlNi0yODU3LTQwNGItOWI3NC1iMzI0ZTAyNWI5Mjkv
MS9YMXAtemFuMXNXY19faUM3YTQwbW15UDRzbVUucm9hMIGCBgNVHR8EezB5MHeg
daBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxULzdk
L2ViZmNlNi0yODU3LTQwNGItOWI3NC1iMzI0ZTAyNWI5MjkvMS8xLVdLWGRTZzNN
NlJjUlV1TmUtV21iZkRiR2hjLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4C
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuf4jMA0GCSqGSIb3DQEBCwUA
A4IBAQA6DPFkZ83M6ED24UWvbBqVRga+vzhrP+C7NHcERCuMRbd7gC9yCAHEz9H+
Vata5AMsg5GHQCQMM20uSNbHfmIc01UvWtOFgLn6SfrUTfYSeMS87JKB5E1Q+tQ+
jmA/BPa8QP3DxiiGtiKpqNuyCyAKUm0CUuAYCJfltnvvirDgsX9Q4RFO+thO/+id
a6CzntJjQjAsDy1vE82niQLCq95aqLWsPpyC4WVYJ5I8UFJWhroZCogCfadL7zOH
KAg3EcL3lHprGi8YYsDLP8bLOCdhvzpmYJYLJg0i+Fw1Po6iEhaBk2dJihwZ2tH2
glNsvz1CWtbkWBYtP6LfXbf0MQys
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:43:21 2025 by rpki-client