Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/99b6b6-c2a6-4a7b-8045-9229cf492fb4/1/XcBhFOP-aZikFcYNzervrYabVgw.roa
File: XcBhFOP-aZikFcYNzervrYabVgw.roa (raw, json)
Hash identifier: dgRhhLYpJpRAe35LXvdR1pF2N0Ebwey8y9ui2f5eHRw=
Subject key identifier: 5D:C0:61:14:E3:FE:69:98:A4:15:C6:0D:CD:EA:EF:AD:86:9B:56:0C
Certificate issuer: /CN=b30fd255c96b42e72b5688c670f6e26119ad3935
Certificate serial: 0185E91B7C583D7B5B15FC0F6C63382CE22D
Authority key identifier: B3:0F:D2:55:C9:6B:42:E7:2B:56:88:C6:70:F6:E2:61:19:AD:39:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sw_SVclrQucrVojGcPbiYRmtOTU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/99b6b6-c2a6-4a7b-8045-9229cf492fb4/1/XcBhFOP-aZikFcYNzervrYabVgw.roa
Signing time: Wed 25 Jan 2023 13:26:10 +0000
ROA not before: Wed 25 Jan 2023 13:26:10 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51814
IP address blocks: 185.99.22.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:e9:1b:7c:58:3d:7b:5b:15:fc:0f:6c:63:38:2c:e2:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b30fd255c96b42e72b5688c670f6e26119ad3935
Validity
Not Before: Jan 25 13:26:10 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dc06114e3fe6998a415c60dcdeaefad869b560c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:db:f4:42:c5:f3:05:9e:38:78:7b:9e:6b:73:
cb:b7:7d:33:43:57:6b:29:11:be:8e:38:c8:6e:fc:
b2:99:2b:4c:b0:38:e3:38:eb:1c:bb:5e:84:7b:8f:
bf:78:fa:f8:e6:15:ef:2a:1b:53:fe:a7:71:dc:3f:
cb:7b:bb:3b:c1:b5:6b:1e:0c:c2:29:05:1c:85:18:
c0:8b:7c:59:d7:d4:45:fa:c3:6b:20:42:0c:be:c2:
bd:71:10:bb:e2:ea:52:7d:92:0b:38:01:b7:d9:e8:
29:c7:e3:7b:35:2a:86:bb:34:b9:6c:fc:ff:5d:2f:
40:2e:b4:70:d7:5b:4a:1b:dc:86:88:be:fb:11:d6:
d7:61:dc:f4:33:3d:a7:6d:57:95:50:1d:6a:ac:78:
a2:a5:01:e3:5d:fc:2a:b9:32:25:8e:3e:3b:ba:fe:
18:1d:29:58:da:d9:5b:2f:d2:f1:b0:83:ad:d3:92:
f4:62:37:02:e9:ce:30:91:e2:3f:ba:54:f6:ef:70:
24:99:3b:50:59:b5:6e:ea:9b:c9:a7:68:3e:72:0a:
92:6e:1d:32:a9:a8:cf:9a:d5:fa:7a:99:39:6f:a8:
6f:06:f7:19:d1:06:53:46:2f:5f:e9:5a:c0:dd:16:
c0:87:e4:cd:3b:e4:78:e2:99:30:3a:0e:13:6f:6c:
c0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C0:61:14:E3:FE:69:98:A4:15:C6:0D:CD:EA:EF:AD:86:9B:56:0C
X509v3 Authority Key Identifier:
keyid:B3:0F:D2:55:C9:6B:42:E7:2B:56:88:C6:70:F6:E2:61:19:AD:39:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sw_SVclrQucrVojGcPbiYRmtOTU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/99b6b6-c2a6-4a7b-8045-9229cf492fb4/1/XcBhFOP-aZikFcYNzervrYabVgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/99b6b6-c2a6-4a7b-8045-9229cf492fb4/1/sw_SVclrQucrVojGcPbiYRmtOTU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.99.22.0/24
Signature Algorithm: sha256WithRSAEncryption
37:e1:7e:02:08:84:c6:6b:26:61:b8:8f:43:b9:7d:a3:5a:cc:
4f:b2:b0:dd:c7:13:27:d3:d5:60:a3:10:bf:85:3e:65:00:14:
45:79:a4:de:fa:09:39:34:1b:4b:11:a6:10:eb:0e:39:e0:c0:
31:4b:8b:d7:2f:c5:8e:0e:05:d6:46:b7:6e:ca:7c:9f:75:32:
7f:cc:df:62:0c:c1:cb:99:df:d8:00:45:d0:f8:f6:b9:b0:23:
19:b8:cc:03:44:2f:f6:3c:d1:e9:2d:66:f1:ed:81:38:e3:cb:
0c:dd:67:94:65:55:17:f1:5b:a2:d4:4c:2d:6f:c2:d6:18:31:
a3:33:33:82:5e:70:94:c0:31:66:d1:a8:e1:da:ee:ed:51:67:
53:5a:2d:18:e3:1d:32:bf:11:f8:ee:c2:0b:1f:3e:0b:1d:83:
9e:d0:31:c4:07:9b:e1:19:29:45:96:db:d6:ec:39:4b:f7:e7:
4d:6b:dd:d6:ef:93:bc:92:bf:99:35:d8:8f:9b:31:6d:92:43:
db:45:98:d5:d4:75:f0:93:8a:d2:e1:7f:6e:d9:4c:f2:7c:99:
6c:89:41:53:dd:ea:4f:e5:e7:ee:4a:69:e4:a7:6e:c8:f1:68:
52:58:03:4d:8f:02:7d:2c:a1:c4:80:02:7f:4e:b0:3d:31:26:
dd:49:fe:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYXpG3xYPXtbFfwPbGM4LOItMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMGZkMjU1Yzk2YjQyZTcyYjU2ODhjNjcwZjZlMjYxMTlh
ZDM5MzUwHhcNMjMwMTI1MTMyNjEwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGMwNjExNGUzZmU2OTk4YTQxNWM2MGRjZGVhZWZhZDg2OWI1NjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNv0QsXzBZ44eHuea3PLt30zQ1dr
KRG+jjjIbvyymStMsDjjOOscu16Ee4+/ePr45hXvKhtT/qdx3D/Le7s7wbVrHgzC
KQUchRjAi3xZ19RF+sNrIEIMvsK9cRC74upSfZILOAG32egpx+N7NSqGuzS5bPz/
XS9ALrRw11tKG9yGiL77EdbXYdz0Mz2nbVeVUB1qrHiipQHjXfwquTIljj47uv4Y
HSlY2tlbL9LxsIOt05L0YjcC6c4wkeI/ulT273AkmTtQWbVu6pvJp2g+cgqSbh0y
qajPmtX6epk5b6hvBvcZ0QZTRi9f6VrA3RbAh+TNO+R44pkwOg4Tb2zAYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3AYRTj/mmYpBXGDc3q762Gm1YMMB8GA1UdIwQY
MBaAFLMP0lXJa0LnK1aIxnD24mEZrTk1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3dfU1ZjbHJRdWNyVm9qR2NQYmlZUm10T1RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC85OWI2YjYtYzJhNi00YTdiLTgwNDUt
OTIyOWNmNDkyZmI0LzEvWGNCaEZPUC1hWmlrRmNZTnplcnZyWWFiVmd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC85OWI2YjYtYzJhNi00YTdiLTgwNDUtOTIyOWNmNDkyZmI0
LzEvc3dfU1ZjbHJRdWNyVm9qR2NQYmlZUm10T1RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWMWMA0G
CSqGSIb3DQEBCwUAA4IBAQA34X4CCITGayZhuI9DuX2jWsxPsrDdxxMn09VgoxC/
hT5lABRFeaTe+gk5NBtLEaYQ6w454MAxS4vXL8WODgXWRrduynyfdTJ/zN9iDMHL
md/YAEXQ+Pa5sCMZuMwDRC/2PNHpLWbx7YE448sM3WeUZVUX8Vui1Ewtb8LWGDGj
MzOCXnCUwDFm0ajh2u7tUWdTWi0Y4x0yvxH47sILHz4LHYOe0DHEB5vhGSlFltvW
7DlL9+dNa93W75O8kr+ZNdiPmzFtkkPbRZjV1HXwk4rS4X9u2UzyfJlsiUFT3epP
5efuSmnkp27I8WhSWANNjwJ9LKHEgAJ/TrA9MSbdSf5n
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:01:02 2025 by rpki-client