Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/xcnfrew6huzmWNnUWXMgaJhYmns.roa
File: xcnfrew6huzmWNnUWXMgaJhYmns.roa (raw, json)
Hash identifier: SDr+IaZVKrjcFpxC+evMfcdqzQXu+XvVHz05DKDoQTE=
Subject key identifier: C5:C9:DF:AD:EC:3A:86:EC:E6:58:D9:D4:59:73:20:68:98:58:9A:7B
Certificate issuer: /CN=6b378df27bd9260c7eb15273e993e36b0985da10
Certificate serial: 01856C6F085563B1B3C896B1190E756B3B27
Authority key identifier: 6B:37:8D:F2:7B:D9:26:0C:7E:B1:52:73:E9:93:E3:6B:09:85:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/azeN8nvZJgx-sVJz6ZPjawmF2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/xcnfrew6huzmWNnUWXMgaJhYmns.roa
Signing time: Sun 01 Jan 2023 08:24:54 +0000
ROA not before: Sun 01 Jan 2023 08:24:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56786
IP address blocks: 84.21.178.0/24 maxlen: 24
84.21.179.0/24 maxlen: 24
84.21.176.0/22 maxlen: 24
84.21.176.0/24 maxlen: 24
84.21.177.0/24 maxlen: 24
2a0d:f540::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:6f:08:55:63:b1:b3:c8:96:b1:19:0e:75:6b:3b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b378df27bd9260c7eb15273e993e36b0985da10
Validity
Not Before: Jan 1 08:24:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5c9dfadec3a86ece658d9d45973206898589a7b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:40:6f:ef:5c:bc:92:42:a5:fe:ed:59:e7:3d:
13:cf:4c:1a:bd:03:1a:0c:bf:dd:84:26:c9:f1:4e:
cc:44:2a:68:4c:1d:60:0d:1a:3d:2d:63:54:e4:e3:
d5:87:ab:9c:fc:ff:10:ab:aa:97:5e:e0:8b:ef:ab:
71:93:3a:ee:cc:1b:2e:2d:71:b7:a2:d7:9a:5b:f4:
8c:4b:69:0f:f5:7e:c6:b3:fc:05:bd:43:21:da:92:
3c:c6:70:53:d0:3b:04:7e:3b:d5:f2:82:ef:85:91:
0a:73:4f:a6:17:57:c1:9f:87:55:11:cc:ca:46:ac:
0f:b6:12:47:71:fc:92:54:3a:d5:46:a0:18:9a:5f:
59:a1:1e:fb:f0:59:ee:67:99:bc:64:bc:bc:2f:b2:
25:95:0a:f0:77:62:d9:32:52:c8:38:36:3f:5a:9d:
29:c7:90:b3:6d:cd:4c:dd:63:a1:3a:b8:83:3e:8b:
c1:a3:9b:a2:f0:7c:ed:a0:28:74:e6:8f:db:b9:45:
03:e7:6f:98:79:ef:d7:ef:36:85:19:7e:2b:a6:d6:
d6:a4:b8:cb:e7:22:54:c1:cc:95:02:f4:56:cc:24:
fe:7e:cc:29:0f:0e:7d:6d:75:1b:7b:5c:de:74:dd:
25:4f:a4:5d:e0:a3:d0:bb:03:bc:25:d6:81:4a:8a:
de:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:C9:DF:AD:EC:3A:86:EC:E6:58:D9:D4:59:73:20:68:98:58:9A:7B
X509v3 Authority Key Identifier:
keyid:6B:37:8D:F2:7B:D9:26:0C:7E:B1:52:73:E9:93:E3:6B:09:85:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/azeN8nvZJgx-sVJz6ZPjawmF2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/xcnfrew6huzmWNnUWXMgaJhYmns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/485ebc-7ee4-4270-bdc8-97fa80c0df41/1/azeN8nvZJgx-sVJz6ZPjawmF2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.21.176.0/22
IPv6:
2a0d:f540::/29
Signature Algorithm: sha256WithRSAEncryption
2d:43:e2:08:81:84:55:99:df:53:52:8f:86:63:0b:f2:e4:b9:
f0:dd:c4:f3:9d:60:d7:42:a6:69:92:95:ad:8e:b7:88:cf:07:
3c:12:33:d7:9b:bd:31:d9:2d:c8:28:95:f3:50:93:f9:58:a1:
c5:8f:c4:df:3e:f0:cd:d1:80:ab:9f:17:07:1f:f4:17:5e:f5:
90:be:1a:e7:ee:8c:c0:55:3d:d4:3e:6c:14:1c:e0:c8:90:af:
6c:aa:0d:34:5f:ae:74:79:18:27:78:87:45:76:ed:e2:07:40:
31:65:a4:c2:d2:ca:17:89:25:1a:f9:ec:65:3a:0a:3b:2c:9c:
f1:df:b3:a0:a3:e8:24:36:44:1c:4c:48:76:e6:a7:ba:d4:31:
57:90:de:f6:f9:00:5e:ca:e6:f0:1b:25:fb:f0:6b:71:7d:91:
0c:4b:4a:10:16:93:02:9c:52:cc:d0:38:4b:89:2f:31:68:dc:
f8:7c:50:04:b6:c2:be:ce:1f:09:6d:95:c7:cc:cf:fe:7b:80:
bd:ba:66:a5:86:a7:c0:e9:4f:53:db:e5:ce:8b:8e:1e:89:e6:
fb:14:16:35:73:9c:fc:39:cc:4d:6b:1b:3b:c9:91:32:f7:3d:
e3:ff:dc:f8:bc:c6:72:31:f1:2f:42:e9:85:78:e6:16:d4:58:
24:7b:b6:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsbwhVY7GzyJaxGQ51azsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMzc4ZGYyN2JkOTI2MGM3ZWIxNTI3M2U5OTNlMzZiMDk4
NWRhMTAwHhcNMjMwMTAxMDgyNDU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWM5ZGZhZGVjM2E4NmVjZTY1OGQ5ZDQ1OTczMjA2ODk4NTg5YTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnEBv71y8kkKl/u1Z5z0Tz0wavQMa
DL/dhCbJ8U7MRCpoTB1gDRo9LWNU5OPVh6uc/P8Qq6qXXuCL76txkzruzBsuLXG3
oteaW/SMS2kP9X7Gs/wFvUMh2pI8xnBT0DsEfjvV8oLvhZEKc0+mF1fBn4dVEczK
RqwPthJHcfySVDrVRqAYml9ZoR778FnuZ5m8ZLy8L7IllQrwd2LZMlLIODY/Wp0p
x5Czbc1M3WOhOriDPovBo5ui8HztoCh05o/buUUD52+Yee/X7zaFGX4rptbWpLjL
5yJUwcyVAvRWzCT+fswpDw59bXUbe1zedN0lT6Rd4KPQuwO8JdaBSorenwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMXJ363sOobs5ljZ1FlzIGiYWJp7MB8GA1UdIwQY
MBaAFGs3jfJ72SYMfrFSc+mT42sJhdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXplTjhudlpKZ3gtc1ZKejZaUGphd21GMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80ODVlYmMtN2VlNC00MjcwLWJkYzgt
OTdmYTgwYzBkZjQxLzEveGNuZnJldzZodXptV05uVVdYTWdhSmhZbW5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80ODVlYmMtN2VlNC00MjcwLWJkYzgtOTdmYTgwYzBkZjQx
LzEvYXplTjhudlpKZ3gtc1ZKejZaUGphd21GMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCVBWwMA0E
AgACMAcDBQMqDfVAMA0GCSqGSIb3DQEBCwUAA4IBAQAtQ+IIgYRVmd9TUo+GYwvy
5Lnw3cTznWDXQqZpkpWtjreIzwc8EjPXm70x2S3IKJXzUJP5WKHFj8TfPvDN0YCr
nxcHH/QXXvWQvhrn7ozAVT3UPmwUHODIkK9sqg00X650eRgneIdFdu3iB0AxZaTC
0soXiSUa+exlOgo7LJzx37Ogo+gkNkQcTEh25qe61DFXkN72+QBeyubwGyX78Gtx
fZEMS0oQFpMCnFLM0DhLiS8xaNz4fFAEtsK+zh8JbZXHzM/+e4C9umalhqfA6U9T
2+XOi44eieb7FBY1c5z8OcxNaxs7yZEy9z3j/9z4vMZyMfEvQumFeOYW1Fgke7bN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:04 2025 by rpki-client