Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/xL96GOutVenFKz62wVBo5284cdk.roa
File: xL96GOutVenFKz62wVBo5284cdk.roa (raw, json)
Hash identifier: 3KvcmsVPcOZn9VYAQUeANIYBeGtD4MS7ircvin1dvJk=
Subject key identifier: C4:BF:7A:18:EB:AD:55:E9:C5:2B:3E:B6:C1:50:68:E7:6F:38:71:D9
Certificate issuer: /CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Certificate serial: 156807DF
Authority key identifier: A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/xL96GOutVenFKz62wVBo5284cdk.roa
Signing time: Sat 01 Jan 2022 11:55:41 +0000
ROA not before: Sat 01 Jan 2022 11:55:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212822
IP address blocks: 185.216.210.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 359139295 (0x156807df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a254a9f3a266513ddc6935d8be022e7e5230ea10
Validity
Not Before: Jan 1 11:55:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4bf7a18ebad55e9c52b3eb6c15068e76f3871d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8f:cc:84:ae:b8:8d:79:51:3f:63:40:e6:1b:
fb:1f:f9:cb:e9:bc:5c:d5:2a:4f:ea:26:7d:6c:43:
ec:f2:6a:1d:75:ce:4d:f1:a5:03:6b:e3:2a:68:83:
22:3a:05:75:72:b7:c3:65:cc:c5:9b:d4:67:99:fd:
1f:9a:7a:ae:f3:93:f4:08:1a:b7:21:56:7c:e9:f2:
99:37:1c:ac:6b:89:e4:0d:8d:8f:5f:a3:80:11:61:
7f:5b:15:d0:fc:f1:5d:83:51:d9:08:a8:98:b7:1d:
30:29:44:8b:d8:41:a4:35:b9:47:bf:f4:b2:6e:46:
e5:fb:2e:fa:2c:57:2a:bb:f3:34:f7:84:68:65:7c:
d0:f4:24:51:8b:60:3f:3c:76:59:9d:47:66:23:86:
70:24:e2:5c:ef:d3:e5:e4:2d:25:49:cc:dc:d6:93:
de:43:d9:ec:01:3e:e4:16:85:52:b1:50:fd:20:e6:
25:4b:cd:6b:0b:90:6f:5a:83:c4:12:9d:2c:f7:d5:
3d:69:b0:98:12:8a:f3:e8:d1:45:06:c8:30:cf:10:
02:d6:92:78:c6:ce:1b:9c:14:a7:b3:8b:0f:c8:6d:
34:a0:db:26:1b:eb:1b:a0:9a:b7:3f:81:31:a9:52:
84:e2:78:73:43:f3:d8:4f:e6:4e:db:7a:dc:85:82:
00:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:BF:7A:18:EB:AD:55:E9:C5:2B:3E:B6:C1:50:68:E7:6F:38:71:D9
X509v3 Authority Key Identifier:
keyid:A2:54:A9:F3:A2:66:51:3D:DC:69:35:D8:BE:02:2E:7E:52:30:EA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/olSp86JmUT3caTXYvgIuflIw6hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/xL96GOutVenFKz62wVBo5284cdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b60373-818e-40a9-9319-addf0e1849eb/1/olSp86JmUT3caTXYvgIuflIw6hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.216.210.0/24
Signature Algorithm: sha256WithRSAEncryption
08:3f:43:db:15:4f:2d:db:c2:fb:b0:88:fc:5e:8d:3c:89:ba:
0f:c4:93:c0:21:6f:6c:5e:fc:ef:26:d0:fc:7b:65:4f:2b:f8:
ea:9c:8f:80:07:15:30:6e:ec:aa:ee:d0:45:21:11:66:31:00:
93:31:18:74:43:d1:ed:31:a1:cb:d5:d4:24:d6:b8:2e:2b:09:
08:06:97:25:76:9d:bd:77:71:bc:28:b6:64:cb:d7:8f:10:26:
a1:cf:6b:92:6e:0c:ea:e3:f1:be:7e:6d:92:eb:a9:a0:2d:ec:
df:58:c4:55:f1:0b:fd:43:aa:af:c4:9e:2c:66:9b:9b:ed:19:
8e:10:77:ce:c1:d1:29:b3:d2:4f:5b:88:bc:a3:40:75:ef:4b:
b5:5e:ac:f6:49:93:fc:17:2c:4a:37:af:bb:ba:01:d1:fa:27:
d4:f2:0c:bc:77:a4:48:c4:3b:2d:5d:dd:99:f0:2f:e4:8f:d9:
b2:58:f6:af:55:c5:4c:81:fd:ca:85:3d:a2:ee:43:64:ba:73:
60:5b:44:eb:36:57:1d:99:3e:4d:01:d7:9c:e4:d6:4b:b1:8d:
c5:33:62:2c:74:f4:1b:bf:1e:7e:c1:11:75:db:2d:3c:de:ad:
4f:0c:aa:cd:85:78:bf:be:d7:2d:8e:39:1a:7b:1a:9f:c7:90:
3c:e4:5d:91
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFWgH3zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhh
MjU0YTlmM2EyNjY1MTNkZGM2OTM1ZDhiZTAyMmU3ZTUyMzBlYTEwMB4XDTIyMDEw
MTExNTU0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRiZjdhMThlYmFk
NTVlOWM1MmIzZWI2YzE1MDY4ZTc2ZjM4NzFkOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMWPzISuuI15UT9jQOYb+x/5y+m8XNUqT+omfWxD7PJqHXXO
TfGlA2vjKmiDIjoFdXK3w2XMxZvUZ5n9H5p6rvOT9AgatyFWfOnymTccrGuJ5A2N
j1+jgBFhf1sV0PzxXYNR2QiomLcdMClEi9hBpDW5R7/0sm5G5fsu+ixXKrvzNPeE
aGV80PQkUYtgPzx2WZ1HZiOGcCTiXO/T5eQtJUnM3NaT3kPZ7AE+5BaFUrFQ/SDm
JUvNawuQb1qDxBKdLPfVPWmwmBKK8+jRRQbIMM8QAtaSeMbOG5wUp7OLD8htNKDb
JhvrG6Catz+BMalShOJ4c0Pz2E/mTtt63IWCALcCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTEv3oY661V6cUrPrbBUGjnbzhx2TAfBgNVHSMEGDAWgBSiVKnzomZRPdxp
Ndi+Ai5+UjDqEDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L29sU3A4NkptVVQzY2FUWFl2Z0l1ZmxJdzZoQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTAvYjYwMzczLTgxOGUtNDBhOS05MzE5LWFkZGYwZTE4NDllYi8x
L3hMOTZHT3V0VmVuRkt6NjJ3VkJvNTI4NGNkay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTAv
YjYwMzczLTgxOGUtNDBhOS05MzE5LWFkZGYwZTE4NDllYi8xL29sU3A4NkptVVQz
Y2FUWFl2Z0l1ZmxJdzZoQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnY0jANBgkqhkiG9w0BAQsFAAOC
AQEACD9D2xVPLdvC+7CI/F6NPIm6D8STwCFvbF787ybQ/HtlTyv46pyPgAcVMG7s
qu7QRSERZjEAkzEYdEPR7TGhy9XUJNa4LisJCAaXJXadvXdxvCi2ZMvXjxAmoc9r
km4M6uPxvn5tkuupoC3s31jEVfEL/UOqr8SeLGabm+0ZjhB3zsHRKbPST1uIvKNA
de9LtV6s9kmT/BcsSjevu7oB0fon1PIMvHekSMQ7LV3dmfAv5I/Zslj2r1XFTIH9
yoU9ou5DZLpzYFtE6zZXHZk+TQHXnOTWS7GNxTNiLHT0G78efsERddstPN6tTwyq
zYV4v77XLY45Gnsan8eQPORdkQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:47:50 2024 by rpki-client on console-fra.rpki-client.org