Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/xFyHrLz-Va5Ufc4rcXh1dQoewXs.roa
File: xFyHrLz-Va5Ufc4rcXh1dQoewXs.roa (raw, json)
Hash identifier: wXWXhkmbI5bNiUaMNJc7LxARQB2tRomuHO0u0Q3QBnE=
Subject key identifier: C4:5C:87:AC:BC:FE:55:AE:54:7D:CE:2B:71:78:75:75:0A:1E:C1:7B
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 018A0F644A6DA6286ED43FF3FB706482C880
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/xFyHrLz-Va5Ufc4rcXh1dQoewXs.roa
Signing time: Sat 19 Aug 2023 20:02:25 +0000
ROA not before: Sat 19 Aug 2023 20:02:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 61317
IP address blocks: 185.189.244.0/23 maxlen: 23
185.189.246.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:0f:64:4a:6d:a6:28:6e:d4:3f:f3:fb:70:64:82:c8:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Aug 19 20:02:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c45c87acbcfe55ae547dce2b717875750a1ec17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:96:c3:65:f1:4b:11:f3:e4:8b:f8:6b:04:6f:
93:62:bb:21:6d:ea:75:e6:b7:06:4e:20:f0:7c:51:
00:29:92:19:f9:da:39:92:9a:42:b9:82:fa:8a:0f:
d4:10:94:3d:0b:c9:51:20:b0:15:74:8c:13:cf:17:
f7:0f:95:f3:c3:9a:36:1a:ac:72:cb:b8:e8:7c:ad:
16:b9:73:ec:ed:2f:32:ed:24:d5:58:5a:25:59:72:
66:3a:67:04:c3:b3:72:bb:dd:29:70:73:20:b2:8e:
0f:40:2d:0b:1c:d2:a9:fc:d6:a2:41:e5:19:c2:97:
0e:57:ca:dd:43:67:95:00:9f:46:c5:f9:d8:fa:db:
8f:42:80:46:24:fe:cc:06:aa:27:f4:b4:19:b1:a2:
27:c7:a2:40:e8:d0:57:1b:3d:2b:6c:01:ab:8b:a2:
ba:dc:3c:b1:d3:3a:4c:5f:15:90:db:fe:8f:45:5e:
3b:1e:cf:6f:01:47:6a:4b:8f:ab:f3:29:61:19:b2:
34:92:f4:8e:7e:18:a5:8d:14:e2:17:bc:b1:70:11:
49:89:d3:e6:fa:3c:3d:be:d3:3e:84:6d:6c:ff:dc:
38:c1:9e:2c:b1:e1:fc:c8:1a:1a:f3:56:c0:87:1b:
54:13:50:ef:6d:4c:9a:de:0e:df:74:d9:a5:8c:e9:
cb:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:5C:87:AC:BC:FE:55:AE:54:7D:CE:2B:71:78:75:75:0A:1E:C1:7B
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/xFyHrLz-Va5Ufc4rcXh1dQoewXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.189.244.0/22
Signature Algorithm: sha256WithRSAEncryption
63:37:c9:f5:f2:76:bd:5c:32:fe:12:4b:1e:01:78:57:b7:b1:
b9:c8:bc:c0:db:bc:d8:95:2b:95:b7:55:a4:24:98:7c:6e:91:
1b:fb:ed:17:3b:d1:8c:14:77:8a:dc:4b:34:11:b2:d8:67:d7:
3a:64:e9:27:e0:72:7f:2f:2d:a1:4e:ac:bc:18:55:8a:0b:81:
39:fb:25:fb:15:0e:e9:1e:a9:d1:72:69:21:33:85:08:63:98:
9e:72:01:14:06:5b:f0:93:d7:92:66:10:81:da:bd:70:4e:42:
f0:ab:8a:f7:36:86:a5:ed:30:45:e1:10:da:cf:42:cc:a1:e5:
7d:50:10:8b:94:b4:6e:c5:89:69:4f:29:27:6e:89:fc:f3:04:
c8:98:db:14:03:69:ac:60:1e:a8:04:17:92:f2:25:11:ab:2b:
6d:f8:bc:a2:46:a7:fd:d2:0a:64:8c:a6:fc:ef:fc:e6:c8:0d:
59:74:77:b2:cb:c8:7b:df:bc:84:2c:c9:c8:7a:20:13:d6:ae:
44:6e:28:f5:82:93:9b:5f:ee:ff:c0:ec:58:5f:20:38:2b:85:
f8:62:d0:6a:36:86:0a:a4:e9:cf:77:74:c7:0f:6c:da:f6:c3:
6b:59:d0:c4:8a:5a:2e:cc:ac:46:90:4f:e7:3e:be:b4:fe:2e:
39:57:25:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoPZEptpihu1D/z+3BkgsiAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjMwODE5MjAwMjI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDVjODdhY2JjZmU1NWFlNTQ3ZGNlMmI3MTc4NzU3NTBhMWVjMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JbDZfFLEfPki/hrBG+TYrshbep1
5rcGTiDwfFEAKZIZ+do5kppCuYL6ig/UEJQ9C8lRILAVdIwTzxf3D5Xzw5o2Gqxy
y7jofK0WuXPs7S8y7STVWFolWXJmOmcEw7Nyu90pcHMgso4PQC0LHNKp/NaiQeUZ
wpcOV8rdQ2eVAJ9GxfnY+tuPQoBGJP7MBqon9LQZsaInx6JA6NBXGz0rbAGri6K6
3Dyx0zpMXxWQ2/6PRV47Hs9vAUdqS4+r8ylhGbI0kvSOfhiljRTiF7yxcBFJidPm
+jw9vtM+hG1s/9w4wZ4sseH8yBoa81bAhxtUE1DvbUya3g7fdNmljOnLaQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMRch6y8/lWuVH3OK3F4dXUKHsF7MB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEveEZ5SHJMei1WYTVVZmM0cmNYaDFkUW9ld1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub30MA0G
CSqGSIb3DQEBCwUAA4IBAQBjN8n18na9XDL+EkseAXhXt7G5yLzA27zYlSuVt1Wk
JJh8bpEb++0XO9GMFHeK3Es0EbLYZ9c6ZOkn4HJ/Ly2hTqy8GFWKC4E5+yX7FQ7p
HqnRcmkhM4UIY5iecgEUBlvwk9eSZhCB2r1wTkLwq4r3Noal7TBF4RDaz0LMoeV9
UBCLlLRuxYlpTyknbon88wTImNsUA2msYB6oBBeS8iURqytt+LyiRqf90gpkjKb8
7/zmyA1ZdHeyy8h737yELMnIeiAT1q5Ebij1gpObX+7/wOxYXyA4K4X4YtBqNoYK
pOnPd3THD2za9sNrWdDEilouzKxGkE/nPr60/i45VyWG
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:37 2025 by rpki-client