Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/b2b221-2ae9-45cc-ad1e-fcd3de868431/1/XzOlMWTe8ZjUB8xPp4QXDIAXcVI.roa
File: XzOlMWTe8ZjUB8xPp4QXDIAXcVI.roa (raw, json)
Hash identifier: pBS9XZl6kyeCbbBBCYuDj0XUB/2pzRVzggJWWIUISSQ=
Subject key identifier: 5F:33:A5:31:64:DE:F1:98:D4:07:CC:4F:A7:84:17:0C:80:17:71:52
Certificate issuer: /CN=fe3ecfb35993217c36743bcafaa7b0259d2e476a
Certificate serial: 01856C2ED7896F4D852407B382F2D0C1F55B
Authority key identifier: FE:3E:CF:B3:59:93:21:7C:36:74:3B:CA:FA:A7:B0:25:9D:2E:47:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_j7Ps1mTIXw2dDvK-qewJZ0uR2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/b2b221-2ae9-45cc-ad1e-fcd3de868431/1/XzOlMWTe8ZjUB8xPp4QXDIAXcVI.roa
Signing time: Sun 01 Jan 2023 07:14:46 +0000
ROA not before: Sun 01 Jan 2023 07:14:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203102
IP address blocks: 185.144.64.0/22 maxlen: 22
185.144.66.0/24 maxlen: 24
185.144.65.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:2e:d7:89:6f:4d:85:24:07:b3:82:f2:d0:c1:f5:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe3ecfb35993217c36743bcafaa7b0259d2e476a
Validity
Not Before: Jan 1 07:14:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f33a53164def198d407cc4fa784170c80177152
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4c:0c:13:07:ea:21:59:f4:22:e0:b2:20:3f:
38:2e:22:91:b0:84:d4:0d:23:9b:75:61:04:99:50:
21:7c:10:10:3c:ee:c6:48:38:fb:f5:32:50:b9:25:
7f:a7:2d:28:d3:ec:6f:49:29:d8:86:6d:9e:87:b3:
42:3f:78:06:d2:f3:ab:cc:0b:6f:33:c3:01:d0:7e:
88:dc:b3:75:9e:28:32:48:72:b2:a1:52:3e:17:4e:
10:2f:8d:bd:eb:6f:f7:a8:dd:0c:cc:40:cd:11:6e:
cc:56:4f:94:36:22:69:fe:06:6b:0d:05:44:67:89:
ff:5b:20:23:f2:f3:bd:ea:ca:7b:39:4e:c0:7d:da:
1f:47:6c:aa:0c:ff:26:68:00:2e:11:63:fa:9c:c7:
7e:30:6a:9c:c5:a1:22:0d:8c:86:d0:2e:9b:ed:b6:
cd:ed:35:1c:92:1d:7e:67:fa:fa:dd:d5:ee:34:d1:
8b:0d:f6:d5:3e:1a:1a:46:cf:b6:ea:78:67:ac:86:
e4:1d:42:7f:c4:c5:bb:fe:37:38:b8:b8:27:d8:9f:
49:d7:ab:88:d8:cb:87:f5:a3:91:60:c5:e6:a8:fd:
f0:15:c4:bb:d2:16:e9:ed:64:cb:70:95:01:ea:14:
6f:08:a4:13:74:49:83:a9:5c:50:fe:55:44:46:00:
72:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:33:A5:31:64:DE:F1:98:D4:07:CC:4F:A7:84:17:0C:80:17:71:52
X509v3 Authority Key Identifier:
keyid:FE:3E:CF:B3:59:93:21:7C:36:74:3B:CA:FA:A7:B0:25:9D:2E:47:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_j7Ps1mTIXw2dDvK-qewJZ0uR2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b2b221-2ae9-45cc-ad1e-fcd3de868431/1/XzOlMWTe8ZjUB8xPp4QXDIAXcVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/b2b221-2ae9-45cc-ad1e-fcd3de868431/1/_j7Ps1mTIXw2dDvK-qewJZ0uR2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.144.64.0/22
Signature Algorithm: sha256WithRSAEncryption
af:3e:ce:51:b1:79:fd:f5:2d:cf:14:94:e9:f5:84:f2:ad:88:
0e:df:2c:d4:3b:14:1f:de:e8:13:b7:9e:41:b5:28:f4:2d:f8:
e5:40:a7:ec:ca:8b:b9:b6:00:36:e6:93:a8:bb:ad:25:4f:9b:
dd:1e:ad:fb:fe:5a:be:1e:43:84:e6:51:de:2b:b1:d0:2f:f9:
41:ab:c6:4e:50:eb:e1:68:f0:70:b5:c6:21:13:16:71:15:fc:
a2:c1:9e:77:72:27:18:52:f7:34:e5:fb:6b:3a:f6:03:6d:0d:
ed:86:a3:77:4a:7b:84:dd:e2:61:6b:c9:9b:10:f2:a5:ef:f1:
75:a7:eb:9d:4b:a8:6d:0f:cc:ee:58:66:49:0e:ff:5e:10:c2:
6e:b0:54:6f:84:17:d6:86:13:d9:60:e3:95:a1:b1:22:ee:5a:
a9:47:e9:da:06:ab:3a:3c:3e:04:0a:33:04:b9:81:1c:6d:e4:
8d:1f:46:b8:29:ec:b5:a8:a4:3b:36:fe:37:80:6d:4b:d2:b8:
e0:74:d3:26:c8:09:60:93:d1:a5:c5:32:b6:8a:b3:89:59:a7:
39:d1:e4:30:4e:a7:d8:20:a8:fb:e2:3a:58:51:d6:ce:7c:dc:
ba:29:13:7a:78:22:0e:aa:af:16:26:a6:d3:e6:55:35:eb:6c:
8e:bd:01:0b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsLteJb02FJAezgvLQwfVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlM2VjZmIzNTk5MzIxN2MzNjc0M2JjYWZhYTdiMDI1OWQy
ZTQ3NmEwHhcNMjMwMTAxMDcxNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMzYTUzMTY0ZGVmMTk4ZDQwN2NjNGZhNzg0MTcwYzgwMTc3MTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0wMEwfqIVn0IuCyID84LiKRsITU
DSObdWEEmVAhfBAQPO7GSDj79TJQuSV/py0o0+xvSSnYhm2eh7NCP3gG0vOrzAtv
M8MB0H6I3LN1nigySHKyoVI+F04QL42962/3qN0MzEDNEW7MVk+UNiJp/gZrDQVE
Z4n/WyAj8vO96sp7OU7AfdofR2yqDP8maAAuEWP6nMd+MGqcxaEiDYyG0C6b7bbN
7TUckh1+Z/r63dXuNNGLDfbVPhoaRs+26nhnrIbkHUJ/xMW7/jc4uLgn2J9J16uI
2MuH9aORYMXmqP3wFcS70hbp7WTLcJUB6hRvCKQTdEmDqVxQ/lVERgByFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8zpTFk3vGY1AfMT6eEFwyAF3FSMB8GA1UdIwQY
MBaAFP4+z7NZkyF8NnQ7yvqnsCWdLkdqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2o3UHMxbVRJWHcyZER2Sy1xZXdKWjB1UjJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9iMmIyMjEtMmFlOS00NWNjLWFkMWUt
ZmNkM2RlODY4NDMxLzEvWHpPbE1XVGU4WmpVQjh4UHA0UVhESUFYY1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9iMmIyMjEtMmFlOS00NWNjLWFkMWUtZmNkM2RlODY4NDMx
LzEvX2o3UHMxbVRJWHcyZER2Sy1xZXdKWjB1UjJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZBAMA0G
CSqGSIb3DQEBCwUAA4IBAQCvPs5RsXn99S3PFJTp9YTyrYgO3yzUOxQf3ugTt55B
tSj0LfjlQKfsyou5tgA25pOou60lT5vdHq37/lq+HkOE5lHeK7HQL/lBq8ZOUOvh
aPBwtcYhExZxFfyiwZ53cicYUvc05ftrOvYDbQ3thqN3SnuE3eJha8mbEPKl7/F1
p+udS6htD8zuWGZJDv9eEMJusFRvhBfWhhPZYOOVobEi7lqpR+naBqs6PD4ECjME
uYEcbeSNH0a4Key1qKQ7Nv43gG1L0rjgdNMmyAlgk9GlxTK2irOJWac50eQwTqfY
IKj74jpYUdbOfNy6KRN6eCIOqq8WJqbT5lU162yOvQEL
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:03:20 2025 by rpki-client