Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/xk4BMPJhCeLkPIsK7RHwFFnZlr4.roa
File: xk4BMPJhCeLkPIsK7RHwFFnZlr4.roa (raw, json)
Hash identifier: rKuGjbiPOWO3rhgX4YY7RS3RyHbHv1da3cKtVjeoIMM=
Subject key identifier: C6:4E:01:30:F2:61:09:E2:E4:3C:8B:0A:ED:11:F0:14:59:D9:96:BE
Certificate issuer: /CN=5c02f981bee79521a304b68f667feaed81ea3ff6
Certificate serial: 01939DDB
Authority key identifier: 5C:02:F9:81:BE:E7:95:21:A3:04:B6:8F:66:7F:EA:ED:81:EA:3F:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/xk4BMPJhCeLkPIsK7RHwFFnZlr4.roa
Signing time: Sat 01 Jan 2022 12:56:38 +0000
ROA not before: Sat 01 Jan 2022 12:56:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 211084
IP address blocks: 185.201.255.0/24 maxlen: 24
2a11:7c0::/29 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 26451419 (0x1939ddb)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c02f981bee79521a304b68f667feaed81ea3ff6
Validity
Not Before: Jan 1 12:56:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c64e0130f26109e2e43c8b0aed11f01459d996be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2f:8a:54:26:3e:3b:91:06:fa:27:a5:10:46:
e7:f4:d2:a8:ad:cb:40:d1:82:c7:40:81:a5:0a:8e:
ce:43:bf:c8:81:0e:6a:1b:3e:7d:79:2e:d8:37:fd:
5b:9e:e8:1f:b5:1a:54:39:87:22:56:86:ab:f3:df:
b7:e4:49:f8:02:c8:8e:3a:12:a6:9d:0d:5c:ee:02:
52:91:83:ae:b0:8a:93:f1:3b:a4:ad:56:0c:a6:b8:
51:1d:1c:10:43:d7:89:15:9d:d7:12:c0:65:61:d9:
40:75:41:27:ce:45:c2:08:07:45:d0:b3:6b:17:d6:
7a:82:70:6d:ef:13:63:bf:11:4b:80:bc:b9:f7:e5:
7d:3c:ef:e2:6b:fe:46:6a:d4:5e:c0:bf:1c:de:37:
2b:9c:95:a8:6a:bd:c4:00:04:2f:95:bb:49:34:ef:
f2:63:d9:66:db:21:b5:9f:40:db:89:72:e8:5a:8f:
10:81:da:07:97:9f:8b:ec:ed:e2:79:07:d2:fb:68:
e0:bf:82:8b:7c:42:af:a6:48:55:18:81:27:0e:08:
39:08:4b:88:9e:46:54:a5:6e:c9:36:e0:7e:76:c7:
d5:92:31:cd:36:f2:d4:0e:43:de:ce:bc:92:69:ec:
f6:fe:ef:97:9e:45:a7:0d:ad:c3:85:a1:b1:1e:3c:
8f:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:4E:01:30:F2:61:09:E2:E4:3C:8B:0A:ED:11:F0:14:59:D9:96:BE
X509v3 Authority Key Identifier:
keyid:5C:02:F9:81:BE:E7:95:21:A3:04:B6:8F:66:7F:EA:ED:81:EA:3F:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/xk4BMPJhCeLkPIsK7RHwFFnZlr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/7c3c40-87a1-482b-97f3-37d2b032ba57/1/XAL5gb7nlSGjBLaPZn_q7YHqP_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.201.255.0/24
IPv6:
2a11:7c0::/29
Signature Algorithm: sha256WithRSAEncryption
93:14:47:d0:d1:29:65:cc:66:41:58:b3:fa:37:14:56:e2:72:
97:3b:13:f2:de:bb:93:11:25:55:ae:ea:f8:a1:e8:af:b7:e4:
69:1a:4c:52:f5:dd:3a:61:f1:bd:49:a8:b7:a5:01:a5:44:c1:
43:3b:ab:fe:c9:c2:b2:72:67:96:c4:74:63:05:24:80:b4:5f:
f4:b5:b5:56:dc:d2:18:92:00:91:39:d1:09:77:63:1e:30:a7:
72:6f:ca:f7:c7:f9:8e:17:dd:f1:9c:22:6b:9b:64:b9:d3:c4:
3e:d2:16:48:8e:c3:8e:39:3d:e6:e3:3b:5b:c1:b9:53:80:e2:
81:8a:64:a4:1b:0f:4d:ab:0a:9b:f4:b8:e3:32:20:67:3b:8d:
84:77:9a:e0:77:43:18:3c:5a:c0:79:9d:c3:55:5f:8e:d5:dd:
8a:4b:dd:6c:62:2c:ff:85:57:99:a1:6b:9a:59:b9:ec:43:18:
00:d8:99:22:b9:ab:b1:ff:27:5b:bb:b9:77:4a:af:07:b7:5c:
81:50:e8:a4:e2:b3:9a:a1:9f:47:23:fc:bc:75:28:fe:a1:9b:
0b:e8:71:0e:4d:10:4f:0c:3e:88:0c:11:47:e1:9b:98:d7:f9:
41:c9:d6:15:4c:75:74:cf:88:29:4d:d2:98:39:23:eb:3b:cc:
dd:8b:49:13
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAZOd2zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
YzAyZjk4MWJlZTc5NTIxYTMwNGI2OGY2NjdmZWFlZDgxZWEzZmY2MB4XDTIyMDEw
MTEyNTYzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzY0ZTAxMzBmMjYx
MDllMmU0M2M4YjBhZWQxMWYwMTQ1OWQ5OTZiZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK8vilQmPjuRBvonpRBG5/TSqK3LQNGCx0CBpQqOzkO/yIEO
ahs+fXku2Df9W57oH7UaVDmHIlaGq/Pft+RJ+ALIjjoSpp0NXO4CUpGDrrCKk/E7
pK1WDKa4UR0cEEPXiRWd1xLAZWHZQHVBJ85FwggHRdCzaxfWeoJwbe8TY78RS4C8
ufflfTzv4mv+RmrUXsC/HN43K5yVqGq9xAAEL5W7STTv8mPZZtshtZ9A24ly6FqP
EIHaB5efi+zt4nkH0vto4L+Ci3xCr6ZIVRiBJw4IOQhLiJ5GVKVuyTbgfnbH1ZIx
zTby1A5D3s68kmns9v7vl55Fpw2tw4WhsR48j18CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBTGTgEw8mEJ4uQ8iwrtEfAUWdmWvjAfBgNVHSMEGDAWgBRcAvmBvueVIaME
to9mf+rtgeo/9jAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hBTDVnYjdubFNHakJMYVBabl9xN1lIcVBfWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYTYvN2MzYzQwLTg3YTEtNDgyYi05N2YzLTM3ZDJiMDMyYmE1Ny8x
L3hrNEJNUEpoQ2VMa1BJc0s3Ukh3RkZuWmxyNC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYTYv
N2MzYzQwLTg3YTEtNDgyYi05N2YzLTM3ZDJiMDMyYmE1Ny8xL1hBTDVnYjdubFNH
akJMYVBabl9xN1lIcVBfWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALnJ/zANBAIAAjAHAwUDKhEHwDAN
BgkqhkiG9w0BAQsFAAOCAQEAkxRH0NEpZcxmQViz+jcUVuJylzsT8t67kxElVa7q
+KHor7fkaRpMUvXdOmHxvUmot6UBpUTBQzur/snCsnJnlsR0YwUkgLRf9LW1VtzS
GJIAkTnRCXdjHjCncm/K98f5jhfd8Zwia5tkudPEPtIWSI7Djjk95uM7W8G5U4Di
gYpkpBsPTasKm/S44zIgZzuNhHea4HdDGDxawHmdw1VfjtXdikvdbGIs/4VXmaFr
mlm57EMYANiZIrmrsf8nW7u5d0qvB7dcgVDopOKzmqGfRyP8vHUo/qGbC+hxDk0Q
Tww+iAwRR+GbmNf5QcnWFUx1dM+IKU3SmDkj6zvM3YtJEw==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:48:37 2024 by rpki-client on console-fra.rpki-client.org