Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/b872b6-c30a-4616-b5a7-28d94fcb1088/1/xnW4Ko8CUox4Ul7m-rCTaThBnww.roa
File: xnW4Ko8CUox4Ul7m-rCTaThBnww.roa (raw, json)
Hash identifier: XsGnwb2zYwLVSCv3wkT88zWHe7BdV+gsD90ooExOXis=
Subject key identifier: C6:75:B8:2A:8F:02:52:8C:78:52:5E:E6:FA:B0:93:69:38:41:9F:0C
Certificate issuer: /CN=c6b6f07b173360f215f1518c8712a4b054d85c07
Certificate serial: 0A66393D
Authority key identifier: C6:B6:F0:7B:17:33:60:F2:15:F1:51:8C:87:12:A4:B0:54:D8:5C:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xrbwexczYPIV8VGMhxKksFTYXAc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/b872b6-c30a-4616-b5a7-28d94fcb1088/1/xnW4Ko8CUox4Ul7m-rCTaThBnww.roa
Signing time: Sat 01 Jan 2022 07:03:37 +0000
ROA not before: Sat 01 Jan 2022 07:03:37 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 21473
IP address blocks: 185.28.4.0/22 maxlen: 24
93.190.248.0/21 maxlen: 21
109.233.144.0/21 maxlen: 24
212.65.0.0/19 maxlen: 19
2a00:1e80::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 174471485 (0xa66393d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6b6f07b173360f215f1518c8712a4b054d85c07
Validity
Not Before: Jan 1 07:03:37 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c675b82a8f02528c78525ee6fab0936938419f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7a:f1:13:ed:cc:4d:6e:0b:35:7c:3f:2f:6e:
1c:f3:05:96:23:fa:a9:66:69:2f:59:44:2b:2f:a2:
3a:bc:ce:c7:2b:6a:4c:a3:8f:6c:79:ce:01:2e:a5:
4d:22:42:04:7a:f8:57:50:aa:27:db:79:4f:e1:57:
f1:db:ee:6f:a3:00:f0:c2:9b:0f:9b:b6:d5:5a:68:
a3:41:d4:a1:8e:09:12:55:33:6e:37:fc:a5:47:66:
4b:a0:49:38:87:2d:3e:8d:1f:b6:6b:22:11:45:38:
60:42:c4:93:bc:e6:69:1b:8c:af:cc:45:f9:49:68:
79:3e:75:5d:e7:dc:82:fe:cb:da:12:e4:71:b6:03:
e9:43:6a:2d:0d:33:9f:80:b3:72:62:18:2a:14:73:
d5:13:9d:86:5b:10:96:1b:7c:a7:89:b5:4d:47:b3:
1a:4c:37:ef:99:2d:ea:40:10:e9:c8:54:7e:ff:7d:
f2:b5:8e:12:e5:a0:df:22:78:d7:c6:34:dc:82:78:
16:c4:fd:d9:0e:14:69:00:61:fb:0f:f5:82:58:86:
a9:7c:33:a8:5a:db:9e:56:1c:9a:a1:62:2a:a5:52:
f9:7b:4e:b6:06:5f:e3:f3:99:f2:af:d0:e1:77:f2:
ca:e2:8d:84:d6:89:96:5e:48:86:7e:e1:28:6f:b3:
d1:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:75:B8:2A:8F:02:52:8C:78:52:5E:E6:FA:B0:93:69:38:41:9F:0C
X509v3 Authority Key Identifier:
keyid:C6:B6:F0:7B:17:33:60:F2:15:F1:51:8C:87:12:A4:B0:54:D8:5C:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xrbwexczYPIV8VGMhxKksFTYXAc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b872b6-c30a-4616-b5a7-28d94fcb1088/1/xnW4Ko8CUox4Ul7m-rCTaThBnww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/b872b6-c30a-4616-b5a7-28d94fcb1088/1/xrbwexczYPIV8VGMhxKksFTYXAc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.190.248.0/21
109.233.144.0/21
185.28.4.0/22
212.65.0.0/19
IPv6:
2a00:1e80::/32
Signature Algorithm: sha256WithRSAEncryption
3d:e4:0d:c1:ad:55:44:1e:cc:ac:04:09:ff:86:cd:45:a9:f7:
89:be:0b:cb:7b:36:0b:07:26:fd:9b:d0:0f:7b:e1:1a:2b:03:
5e:c5:ff:6e:77:03:d9:34:6d:2e:22:2c:56:ab:a3:ef:9f:53:
18:22:13:1b:9b:2f:57:1b:d4:30:45:28:bf:0e:89:12:1d:2e:
0f:5e:66:59:65:a0:55:be:b6:97:22:a4:04:48:8f:63:4d:7e:
25:3b:29:b3:4b:ee:a5:4d:3d:46:b2:ad:9b:dc:5e:0c:22:c9:
21:7c:68:15:33:21:6f:af:5f:05:ba:b8:95:97:8d:6f:26:3d:
13:9a:e0:a2:ef:6c:56:e7:16:48:36:4f:8c:8d:a0:13:64:5a:
d9:6e:1b:19:63:12:90:36:84:1e:ea:fb:9e:68:08:82:76:88:
9a:cd:e5:2d:46:f5:a2:8b:c6:50:b9:ab:95:96:cf:c3:01:f5:
0a:2f:e5:97:84:5d:4d:84:4b:46:8a:69:64:f5:81:95:85:19:
74:74:d6:fd:a5:36:d4:64:66:27:9e:b0:a2:dd:de:16:21:8f:
c2:32:3f:0f:01:3c:89:af:d6:0e:20:50:4b:55:3f:9a:26:43:
24:29:5b:54:91:b2:c9:c0:42:49:1a:bf:91:d9:5b:d6:72:c3:
2a:39:25:51
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgIECmY5PTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NmI2ZjA3YjE3MzM2MGYyMTVmMTUxOGM4NzEyYTRiMDU0ZDg1YzA3MB4XDTIyMDEw
MTA3MDMzN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY3NWI4MmE4ZjAy
NTI4Yzc4NTI1ZWU2ZmFiMDkzNjkzODQxOWYwYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANR68RPtzE1uCzV8Py9uHPMFliP6qWZpL1lEKy+iOrzOxytq
TKOPbHnOAS6lTSJCBHr4V1CqJ9t5T+FX8dvub6MA8MKbD5u21Vpoo0HUoY4JElUz
bjf8pUdmS6BJOIctPo0ftmsiEUU4YELEk7zmaRuMr8xF+UloeT51Xefcgv7L2hLk
cbYD6UNqLQ0zn4CzcmIYKhRz1ROdhlsQlht8p4m1TUezGkw375kt6kAQ6chUfv99
8rWOEuWg3yJ418Y03IJ4FsT92Q4UaQBh+w/1gliGqXwzqFrbnlYcmqFiKqVS+XtO
tgZf4/OZ8q/Q4XfyyuKNhNaJll5Ihn7hKG+z0YcCAwEAAaOCAiowggImMB0GA1Ud
DgQWBBTGdbgqjwJSjHhSXub6sJNpOEGfDDAfBgNVHSMEGDAWgBTGtvB7FzNg8hXx
UYyHEqSwVNhcBzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hyYndleGN6WVBJVjhWR01oeEtrc0ZUWVhBYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGUvYjg3MmI2LWMzMGEtNDYxNi1iNWE3LTI4ZDk0ZmNiMTA4OC8x
L3huVzRLbzhDVW94NFVsN20tckNUYVRoQm53dy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGUv
Yjg3MmI2LWMzMGEtNDYxNi1iNWE3LTI4ZDk0ZmNiMTA4OC8xL3hyYndleGN6WVBJ
VjhWR01oeEtrc0ZUWVhBYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBA
BggrBgEFBQcBBwEB/wQxMC8wHgQCAAEwGAMEA12++AMEA23pkAMEArkcBAMEBdRB
ADANBAIAAjAHAwUAKgAegDANBgkqhkiG9w0BAQsFAAOCAQEAPeQNwa1VRB7MrAQJ
/4bNRan3ib4Ly3s2Cwcm/ZvQD3vhGisDXsX/bncD2TRtLiIsVquj759TGCITG5sv
VxvUMEUovw6JEh0uD15mWWWgVb62lyKkBEiPY01+JTsps0vupU09RrKtm9xeDCLJ
IXxoFTMhb69fBbq4lZeNbyY9E5rgou9sVucWSDZPjI2gE2Ra2W4bGWMSkDaEHur7
nmgIgnaIms3lLUb1oovGULmrlZbPwwH1Ci/ll4RdTYRLRoppZPWBlYUZdHTW/aU2
1GRmJ56wot3eFiGPwjI/DwE8ia/WDiBQS1U/miZDJClbVJGyycBCSRq/kdlb1nLD
KjklUQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:17 2025 by rpki-client