Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/XPkQchcRGVq8pR3icETx93rRXWY.roa
File: XPkQchcRGVq8pR3icETx93rRXWY.roa (raw, json)
Hash identifier: 9jIQrfjlH74XP2P0K9/i84yPG4+gDb7wO2hkk0wuwbw=
Subject key identifier: 5C:F9:10:72:17:11:19:5A:BC:A5:1D:E2:70:44:F1:F7:7A:D1:5D:66
Certificate issuer: /CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Certificate serial: 10A42773
Authority key identifier: 83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/XPkQchcRGVq8pR3icETx93rRXWY.roa
Signing time: Sat 01 Jan 2022 13:59:27 +0000
ROA not before: Sat 01 Jan 2022 13:59:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 203729
IP address blocks: 185.186.8.0/22 maxlen: 24
2a0b:6b80::/31 maxlen: 48
2a0b:6b85::/32 maxlen: 32
2a0b:6b81:2::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 279193459 (0x10a42773)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=835bc9bb547e27788d221bc8bbd5fb02e024480f
Validity
Not Before: Jan 1 13:59:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cf910721711195abca51de27044f1f77ad15d66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:7a:22:be:2d:a3:83:32:2d:f5:46:d9:ec:3e:
b0:22:75:54:ac:6c:c8:75:de:05:3e:f4:0c:82:6e:
73:d6:c2:6d:67:14:67:20:6e:78:5f:a6:f9:cc:69:
9c:20:0d:22:5b:d4:1e:7e:59:4b:c5:25:83:1f:82:
0f:2d:b0:dd:e1:2d:4a:6b:4e:9b:6e:f3:e4:ec:41:
7f:13:e1:a0:8b:f3:99:47:37:14:e1:a5:35:ce:c2:
a4:d7:7d:88:a0:36:cc:d1:22:82:87:a4:28:61:fa:
41:cd:7e:26:11:be:c9:22:08:81:51:4e:7b:48:d3:
82:ff:58:24:b0:c3:be:f0:5f:23:6c:0a:01:bf:70:
99:64:eb:4b:ca:b4:5e:e5:b7:8b:15:8f:21:5e:9b:
93:eb:d3:6c:63:65:ab:e1:40:86:69:f7:14:52:a4:
95:75:da:81:da:42:05:6b:60:d5:40:0d:e0:3c:5c:
d2:dc:bf:34:8b:47:72:04:31:cc:81:27:fd:ba:ef:
d9:7b:14:d5:80:28:0e:f1:01:33:f1:88:98:ed:e0:
6f:f1:09:7e:07:08:86:f0:46:39:40:d0:ec:9b:4c:
f5:91:2c:59:e2:83:cf:4e:5a:af:60:9b:7a:fe:d2:
03:31:81:12:90:6d:8c:f4:23:9e:4e:ed:e8:f9:eb:
ae:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F9:10:72:17:11:19:5A:BC:A5:1D:E2:70:44:F1:F7:7A:D1:5D:66
X509v3 Authority Key Identifier:
keyid:83:5B:C9:BB:54:7E:27:78:8D:22:1B:C8:BB:D5:FB:02:E0:24:48:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g1vJu1R-J3iNIhvIu9X7AuAkSA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/XPkQchcRGVq8pR3icETx93rRXWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/962fb1-3df0-4ec2-b50a-b36a24d39427/1/g1vJu1R-J3iNIhvIu9X7AuAkSA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.8.0/22
IPv6:
2a0b:6b80::/31
2a0b:6b85::/32
Signature Algorithm: sha256WithRSAEncryption
d3:15:bf:80:1a:d7:e4:fb:94:a5:75:81:4a:7e:69:5a:15:d6:
a5:36:72:a6:ba:94:62:ae:b2:84:e7:a9:86:46:e9:e9:8a:75:
12:35:63:f3:47:ff:15:d6:46:2d:9f:ca:8c:f7:f0:9a:dd:11:
71:e9:c6:82:b5:32:fb:21:3c:c6:53:bb:06:9e:e1:dc:28:4b:
d4:22:6a:64:0f:a1:77:5b:5f:68:44:44:8a:8d:db:8c:b4:de:
a9:cc:ba:97:1e:cb:16:74:cd:f9:d8:6c:c4:91:5f:45:3d:0f:
04:e4:f6:75:e1:e2:3d:01:a0:bc:6f:80:27:07:d8:af:a3:03:
44:b3:e4:11:30:c1:01:26:fa:c1:84:e7:80:07:a8:71:85:f8:
4f:32:34:38:98:86:43:c4:53:3d:b5:8a:88:18:86:8d:a8:3a:
84:64:e0:77:4d:8b:87:73:16:23:a3:61:af:ff:f7:a3:7e:c9:
9c:20:3e:17:a4:4a:40:94:8c:c1:ed:bd:0b:8c:81:bf:aa:5d:
29:47:f3:8e:05:16:02:22:9a:fa:a3:9c:f6:17:6f:91:1c:b6:
3e:8b:76:0e:c1:c2:42:04:6a:a6:4e:84:32:65:ad:2c:8d:d6:
52:ef:fe:18:7b:37:4c:cc:35:2b:2a:46:bc:44:94:54:c2:0f:
82:8d:1c:2d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgIEEKQnczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MzViYzliYjU0N2UyNzc4OGQyMjFiYzhiYmQ1ZmIwMmUwMjQ0ODBmMB4XDTIyMDEw
MTEzNTkyN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNmOTEwNzIxNzEx
MTk1YWJjYTUxZGUyNzA0NGYxZjc3YWQxNWQ2NjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALh6Ir4to4MyLfVG2ew+sCJ1VKxsyHXeBT70DIJuc9bCbWcU
ZyBueF+m+cxpnCANIlvUHn5ZS8Ulgx+CDy2w3eEtSmtOm27z5OxBfxPhoIvzmUc3
FOGlNc7CpNd9iKA2zNEigoekKGH6Qc1+JhG+ySIIgVFOe0jTgv9YJLDDvvBfI2wK
Ab9wmWTrS8q0XuW3ixWPIV6bk+vTbGNlq+FAhmn3FFKklXXagdpCBWtg1UAN4Dxc
0ty/NItHcgQxzIEn/brv2XsU1YAoDvEBM/GImO3gb/EJfgcIhvBGOUDQ7JtM9ZEs
WeKDz05ar2Cbev7SAzGBEpBtjPQjnk7t6PnrrokCAwEAAaOCAh8wggIbMB0GA1Ud
DgQWBBRc+RByFxEZWrylHeJwRPH3etFdZjAfBgNVHSMEGDAWgBSDW8m7VH4neI0i
G8i71fsC4CRIDzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2cxdkp1MVItSjNpTklodkl1OVg3QXVBa1NBOC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODQvOTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8x
L1hQa1FjaGNSR1ZxOHBSM2ljRVR4OTNyUlhXWS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODQv
OTYyZmIxLTNkZjAtNGVjMi1iNTBhLWIzNmEyNGQzOTQyNy8xL2cxdkp1MVItSjNp
Tklodkl1OVg3QXVBa1NBOC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA1
BggrBgEFBQcBBwEB/wQmMCQwDAQCAAEwBgMEArm6CDAUBAIAAjAOAwUBKgtrgAMF
ACoLa4UwDQYJKoZIhvcNAQELBQADggEBANMVv4Aa1+T7lKV1gUp+aVoV1qU2cqa6
lGKusoTnqYZG6emKdRI1Y/NH/xXWRi2fyoz38JrdEXHpxoK1MvshPMZTuwae4dwo
S9QiamQPoXdbX2hERIqN24y03qnMupceyxZ0zfnYbMSRX0U9DwTk9nXh4j0BoLxv
gCcH2K+jA0Sz5BEwwQEm+sGE54AHqHGF+E8yNDiYhkPEUz21iogYho2oOoRk4HdN
i4dzFiOjYa//96N+yZwgPhekSkCUjMHtvQuMgb+qXSlH844FFgIimvqjnPYXb5Ec
tj6Ldg7BwkIEaqZOhDJlrSyN1lLv/hh7N0zMNSsqRrxElFTCD4KNHC0=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:26 2023 by rpki-client on console-ams.rpki-client.org