Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/cbbedc-b7bc-4255-bc41-e36e8d293ae0/1/xzCX4e3OTetWyVeIffD6Qz83DDc.roa
File: xzCX4e3OTetWyVeIffD6Qz83DDc.roa (raw, json)
Hash identifier: VvdZT1h6wiNdg6AUmcUfmYPuSGhDCI/GfVWtt2A/yYM=
Subject key identifier: C7:30:97:E1:ED:CE:4D:EB:56:C9:57:88:7D:F0:FA:43:3F:37:0C:37
Certificate issuer: /CN=1404e18e8616705ec0f290e57ca829a82f5f96c2
Certificate serial: 15C6761D
Authority key identifier: 14:04:E1:8E:86:16:70:5E:C0:F2:90:E5:7C:A8:29:A8:2F:5F:96:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FAThjoYWcF7A8pDlfKgpqC9flsI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/cbbedc-b7bc-4255-bc41-e36e8d293ae0/1/xzCX4e3OTetWyVeIffD6Qz83DDc.roa
Signing time: Sat 01 Jan 2022 07:58:25 +0000
ROA not before: Sat 01 Jan 2022 07:58:25 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50522
IP address blocks: 185.88.188.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 365327901 (0x15c6761d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1404e18e8616705ec0f290e57ca829a82f5f96c2
Validity
Not Before: Jan 1 07:58:25 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c73097e1edce4deb56c957887df0fa433f370c37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:fa:b6:e9:fe:0c:b4:5d:61:14:89:e9:35:a8:
35:08:9a:55:81:c2:60:36:9c:df:ca:f1:d7:39:50:
70:0b:72:42:9f:19:a8:a7:fb:d5:f1:53:e2:ab:6a:
89:93:53:a1:80:3f:0f:42:41:85:2c:7b:d8:b2:81:
c1:ba:3b:0f:44:f3:31:d3:c8:0f:ce:cc:36:dc:23:
2d:e6:f2:a8:e9:a5:40:c1:8b:63:ae:9c:c2:14:3d:
1a:46:21:da:28:93:8f:0d:a6:24:f4:f8:2b:60:61:
e5:15:fa:25:61:4f:77:4b:35:e7:b2:3f:4a:33:39:
c9:3c:e0:5f:dd:7c:dc:be:7b:d3:55:90:d0:b2:c4:
b4:8b:d7:74:73:0a:aa:1b:85:38:53:a8:8b:e7:b7:
49:81:1e:fb:0d:a5:5b:7c:f1:3d:ac:9e:d0:de:0b:
1c:a5:a6:f0:1c:c5:56:d9:bc:0d:4d:9d:9c:9a:24:
73:d5:88:84:2d:e4:1e:3f:2e:14:7d:b9:85:ec:f7:
2a:10:33:3d:c2:dc:80:8a:ea:d9:08:e8:dd:00:f6:
80:2a:06:26:ab:c5:ff:c5:18:a5:ff:85:70:01:12:
0f:be:6f:b4:a1:61:6d:ba:17:e0:03:da:84:05:9d:
15:29:3a:83:ca:e2:4b:57:f6:0a:da:4f:63:89:ce:
25:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:30:97:E1:ED:CE:4D:EB:56:C9:57:88:7D:F0:FA:43:3F:37:0C:37
X509v3 Authority Key Identifier:
keyid:14:04:E1:8E:86:16:70:5E:C0:F2:90:E5:7C:A8:29:A8:2F:5F:96:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FAThjoYWcF7A8pDlfKgpqC9flsI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cbbedc-b7bc-4255-bc41-e36e8d293ae0/1/xzCX4e3OTetWyVeIffD6Qz83DDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/cbbedc-b7bc-4255-bc41-e36e8d293ae0/1/FAThjoYWcF7A8pDlfKgpqC9flsI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.188.0/22
Signature Algorithm: sha256WithRSAEncryption
72:5f:fa:6f:74:de:18:93:7b:5d:4b:e9:62:05:44:8a:23:c0:
6b:2a:5f:aa:86:0e:f3:3b:90:82:c9:95:b0:e2:55:93:ac:cf:
3b:20:9d:7d:a8:43:10:c3:e3:5c:ea:8f:3a:be:08:9f:f5:29:
1d:45:63:7e:fb:ef:63:d8:56:95:ec:6e:0c:5c:05:fd:98:08:
ae:f6:13:2b:a7:53:7e:ed:64:1c:bd:e3:2c:e1:cc:16:87:f8:
35:73:5b:1b:4b:a2:bb:ee:b2:e5:c2:08:1a:cb:4e:1f:51:ba:
7d:05:72:5b:35:1f:92:a9:77:85:cf:3f:77:34:60:91:3d:eb:
1f:a4:d1:d8:76:ab:a1:8a:1e:0f:54:4c:a7:4b:65:c3:3c:e0:
d2:53:92:0a:db:75:58:86:f0:74:86:e9:37:3e:27:60:85:4b:
7c:5c:9c:6b:f4:df:73:ac:38:6b:e2:39:25:c9:cd:eb:2f:a7:
7d:c7:36:71:97:4b:bc:f3:b9:3a:9d:5e:e7:65:91:52:d2:9e:
03:de:02:f3:ab:c4:f8:c2:a9:f8:65:7a:41:4f:11:b2:f7:1c:
b2:1c:c0:57:8d:67:58:9b:de:14:80:a1:6a:c2:b9:4f:3a:06:
07:4b:85:28:05:18:db:46:29:95:ce:23:9f:20:f3:ca:a8:51:
28:90:1d:94
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFcZ2HTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygx
NDA0ZTE4ZTg2MTY3MDVlYzBmMjkwZTU3Y2E4MjlhODJmNWY5NmMyMB4XDTIyMDEw
MTA3NTgyNVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzczMDk3ZTFlZGNl
NGRlYjU2Yzk1Nzg4N2RmMGZhNDMzZjM3MGMzNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANX6tun+DLRdYRSJ6TWoNQiaVYHCYDac38rx1zlQcAtyQp8Z
qKf71fFT4qtqiZNToYA/D0JBhSx72LKBwbo7D0TzMdPID87MNtwjLebyqOmlQMGL
Y66cwhQ9GkYh2iiTjw2mJPT4K2Bh5RX6JWFPd0s157I/SjM5yTzgX9183L5701WQ
0LLEtIvXdHMKqhuFOFOoi+e3SYEe+w2lW3zxPaye0N4LHKWm8BzFVtm8DU2dnJok
c9WIhC3kHj8uFH25hez3KhAzPcLcgIrq2Qjo3QD2gCoGJqvF/8UYpf+FcAESD75v
tKFhbboX4APahAWdFSk6g8riS1f2CtpPY4nOJWkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTHMJfh7c5N61bJV4h98PpDPzcMNzAfBgNVHSMEGDAWgBQUBOGOhhZwXsDy
kOV8qCmoL1+WwjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0ZBVGhqb1lXY0Y3QThwRGxmS2dwcUM5ZmxzSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvY2JiZWRjLWI3YmMtNDI1NS1iYzQxLWUzNmU4ZDI5M2FlMC8x
L3h6Q1g0ZTNPVGV0V3lWZUlmZkQ2UXo4M0REYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
Y2JiZWRjLWI3YmMtNDI1NS1iYzQxLWUzNmU4ZDI5M2FlMC8xL0ZBVGhqb1lXY0Y3
QThwRGxmS2dwcUM5ZmxzSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArlYvDANBgkqhkiG9w0BAQsFAAOC
AQEAcl/6b3TeGJN7XUvpYgVEiiPAaypfqoYO8zuQgsmVsOJVk6zPOyCdfahDEMPj
XOqPOr4In/UpHUVjfvvvY9hWlexuDFwF/ZgIrvYTK6dTfu1kHL3jLOHMFof4NXNb
G0uiu+6y5cIIGstOH1G6fQVyWzUfkql3hc8/dzRgkT3rH6TR2HaroYoeD1RMp0tl
wzzg0lOSCtt1WIbwdIbpNz4nYIVLfFyca/Tfc6w4a+I5JcnN6y+nfcc2cZdLvPO5
Op1e52WRUtKeA94C86vE+MKp+GV6QU8RsvccshzAV41nWJveFIChasK5TzoGB0uF
KAUY20Yplc4jnyDzyqhRKJAdlA==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:37:26 2025 by rpki-client