Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/XEfizRzGEBa328EaYkJ-ENCc_2A.roa
File: XEfizRzGEBa328EaYkJ-ENCc_2A.roa (raw, json)
Hash identifier: hYsS5u5Au2ep7GmbaAfSrP5ObB/JTueIz2VEns7PEMo=
Subject key identifier: 5C:47:E2:CD:1C:C6:10:16:B7:DB:C1:1A:62:42:7E:10:D0:9C:FF:60
Certificate issuer: /CN=809ed7098111c678898ac0f0aec97fdd3b3b6d02
Certificate serial: 06FDDF19
Authority key identifier: 80:9E:D7:09:81:11:C6:78:89:8A:C0:F0:AE:C9:7F:DD:3B:3B:6D:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gJ7XCYERxniJisDwrsl_3Ts7bQI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/XEfizRzGEBa328EaYkJ-ENCc_2A.roa
Signing time: Sat 01 Jan 2022 06:54:42 +0000
ROA not before: Sat 01 Jan 2022 06:54:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50178
IP address blocks: 185.161.192.0/22 maxlen: 22
185.161.192.0/24 maxlen: 24
185.161.194.0/24 maxlen: 24
185.161.195.0/24 maxlen: 24
185.161.193.0/24 maxlen: 24
2a07:c700::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 117301017 (0x6fddf19)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=809ed7098111c678898ac0f0aec97fdd3b3b6d02
Validity
Not Before: Jan 1 06:54:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c47e2cd1cc61016b7dbc11a62427e10d09cff60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fa:9f:a9:44:ad:2f:3a:5a:12:87:12:67:11:
9f:ae:9d:b0:d1:d6:6e:60:30:15:b8:2b:54:c4:5f:
21:2e:10:ed:13:33:15:72:f1:db:05:d2:24:6a:7e:
42:40:ea:20:d9:4b:dc:90:65:7f:8a:c3:d5:ce:c0:
b6:8e:7c:ec:19:96:f2:17:73:45:49:56:e9:dc:02:
17:67:6d:5a:20:95:b3:41:1b:ef:b8:e9:16:40:e7:
1c:60:e4:70:97:77:c8:bf:50:57:67:4b:81:7b:58:
c6:3e:fd:3d:cd:8a:3e:74:5e:7e:3a:d9:fe:e4:3e:
1b:a6:67:3e:4f:81:cf:9d:94:97:7c:2f:6d:07:fc:
3a:eb:e5:9c:82:b7:3d:a3:1c:69:9e:c6:97:2c:cc:
dd:a0:57:25:46:cd:3c:67:ac:f8:5b:28:cb:06:3f:
8c:95:02:cd:f4:5f:c7:87:0e:b4:f8:3c:55:4c:87:
bc:08:3c:7e:d3:77:91:b1:6b:84:3f:41:9a:80:82:
e2:0b:86:86:d7:83:71:ba:8c:cc:54:a6:a3:dc:b3:
5e:95:2d:9f:5a:47:c5:34:a4:3e:ad:02:04:aa:ae:
f9:d9:90:e3:db:e1:8b:7a:09:ee:f9:50:70:e5:1b:
6c:3a:3f:d6:2a:04:47:56:c9:b6:fd:99:34:74:c6:
59:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:47:E2:CD:1C:C6:10:16:B7:DB:C1:1A:62:42:7E:10:D0:9C:FF:60
X509v3 Authority Key Identifier:
keyid:80:9E:D7:09:81:11:C6:78:89:8A:C0:F0:AE:C9:7F:DD:3B:3B:6D:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gJ7XCYERxniJisDwrsl_3Ts7bQI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/XEfizRzGEBa328EaYkJ-ENCc_2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/b4a477-08a2-4e8c-8c4d-010cd9079abf/1/gJ7XCYERxniJisDwrsl_3Ts7bQI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.192.0/22
IPv6:
2a07:c700::/29
Signature Algorithm: sha256WithRSAEncryption
13:a8:32:aa:7c:df:f5:ac:d1:d6:08:0c:4c:e7:c0:ab:b5:30:
bb:c6:87:d1:55:5c:26:9c:d4:e3:0d:3d:70:fc:5e:01:cc:3e:
8a:3e:66:90:3b:9b:69:b3:fb:40:43:af:85:91:c9:9e:61:24:
62:13:9e:25:d4:81:7c:71:66:d1:5d:7d:d2:11:18:22:5f:5e:
c6:61:82:6d:c1:4e:bd:15:12:c5:7d:8b:1f:e0:d0:98:bf:fd:
15:c1:40:fe:12:c1:09:a3:db:ab:6a:48:99:7b:ed:a6:a8:ed:
24:91:17:39:62:63:2d:4f:c8:bc:85:d0:6d:8d:c3:4a:46:12:
06:2a:71:46:53:5d:4e:0e:10:34:09:ec:be:47:6c:70:9b:98:
d9:1b:0f:27:51:2d:0c:0d:0d:5b:f5:fa:ee:d7:8a:32:ba:21:
a7:45:f0:0a:8b:d2:36:55:f4:67:31:58:34:06:c3:a5:b3:ab:
38:f2:b6:b0:59:12:b5:58:3c:a2:6a:0b:e6:b9:f3:37:89:49:
17:08:1c:ce:1c:a0:c7:69:b0:a3:08:b2:8d:e1:ef:9b:b5:ca:
5c:e4:e4:15:5e:0e:0e:6e:63:14:6f:95:85:ce:8f:07:a8:24:
b7:b7:6e:1a:09:b3:ca:af:cf:9d:e9:8b:22:b9:e9:5a:21:e6:
d2:7b:dd:bf
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEBv3fGTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
MDllZDcwOTgxMTFjNjc4ODk4YWMwZjBhZWM5N2ZkZDNiM2I2ZDAyMB4XDTIyMDEw
MTA2NTQ0MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWM0N2UyY2QxY2M2
MTAxNmI3ZGJjMTFhNjI0MjdlMTBkMDljZmY2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKj6n6lErS86WhKHEmcRn66dsNHWbmAwFbgrVMRfIS4Q7RMz
FXLx2wXSJGp+QkDqINlL3JBlf4rD1c7Ato587BmW8hdzRUlW6dwCF2dtWiCVs0Eb
77jpFkDnHGDkcJd3yL9QV2dLgXtYxj79Pc2KPnRefjrZ/uQ+G6ZnPk+Bz52Ul3wv
bQf8OuvlnIK3PaMcaZ7GlyzM3aBXJUbNPGes+FsoywY/jJUCzfRfx4cOtPg8VUyH
vAg8ftN3kbFrhD9BmoCC4guGhteDcbqMzFSmo9yzXpUtn1pHxTSkPq0CBKqu+dmQ
49vhi3oJ7vlQcOUbbDo/1ioER1bJtv2ZNHTGWaUCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRcR+LNHMYQFrfbwRpiQn4Q0Jz/YDAfBgNVHSMEGDAWgBSAntcJgRHGeImK
wPCuyX/dOzttAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2dKN1hDWUVSeG5pSmlzRHdyc2xfM1RzN2JRSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODUvYjRhNDc3LTA4YTItNGU4Yy04YzRkLTAxMGNkOTA3OWFiZi8x
L1hFZml6UnpHRUJhMzI4RWFZa0otRU5DY18yQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODUv
YjRhNDc3LTA4YTItNGU4Yy04YzRkLTAxMGNkOTA3OWFiZi8xL2dKN1hDWUVSeG5p
SmlzRHdyc2xfM1RzN2JRSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmhwDANBAIAAjAHAwUDKgfHADAN
BgkqhkiG9w0BAQsFAAOCAQEAE6gyqnzf9azR1ggMTOfAq7Uwu8aH0VVcJpzU4w09
cPxeAcw+ij5mkDubabP7QEOvhZHJnmEkYhOeJdSBfHFm0V190hEYIl9exmGCbcFO
vRUSxX2LH+DQmL/9FcFA/hLBCaPbq2pImXvtpqjtJJEXOWJjLU/IvIXQbY3DSkYS
BipxRlNdTg4QNAnsvkdscJuY2RsPJ1EtDA0NW/X67teKMrohp0XwCovSNlX0ZzFY
NAbDpbOrOPK2sFkStVg8omoL5rnzN4lJFwgczhygx2mwowiyjeHvm7XKXOTkFV4O
Dm5jFG+Vhc6PB6gkt7duGgmzyq/PnemLIrnpWiHm0nvdvw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:58:35 2025 by rpki-client