Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/XxT_sm14QiDYCNgo76-I6bmp3fg.roa
File: XxT_sm14QiDYCNgo76-I6bmp3fg.roa (raw, json)
Hash identifier: jr2FrpCjhaFfuVZZNAZe2Gli11AIJ/KSaII3UKiLfzY=
Subject key identifier: 5F:14:FF:B2:6D:78:42:20:D8:08:D8:28:EF:AF:88:E9:B9:A9:DD:F8
Certificate issuer: /CN=656b53255e6c8fb76fac1ccb848fee45600b55f7
Certificate serial: 02D4873E
Authority key identifier: 65:6B:53:25:5E:6C:8F:B7:6F:AC:1C:CB:84:8F:EE:45:60:0B:55:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZWtTJV5sj7dvrBzLhI_uRWALVfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/XxT_sm14QiDYCNgo76-I6bmp3fg.roa
Signing time: Sat 01 Jan 2022 15:00:53 +0000
ROA not before: Sat 01 Jan 2022 15:00:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 205718
IP address blocks: 185.229.196.0/22 maxlen: 22
2a09:c5c0::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47482686 (0x2d4873e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=656b53255e6c8fb76fac1ccb848fee45600b55f7
Validity
Not Before: Jan 1 15:00:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f14ffb26d784220d808d828efaf88e9b9a9ddf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4f:8a:a4:8b:5b:86:dc:b5:75:42:0e:21:85:
d8:b4:e7:08:35:2f:bb:02:90:bb:2a:95:0e:4a:34:
0d:b3:ab:08:11:73:24:1c:f7:e5:c4:90:d1:21:a9:
04:bd:d7:82:89:6c:76:25:5e:81:01:78:aa:20:91:
3e:6a:d7:39:f7:c0:36:2b:05:21:d6:ea:6d:7f:7a:
31:85:73:ee:8d:35:12:72:91:26:2c:ed:0f:d7:3d:
e8:ad:85:46:fd:5d:16:9e:20:76:f8:af:b0:c4:dc:
01:a7:db:3f:34:0f:32:fe:1f:70:3b:33:a3:c8:15:
23:88:cb:4a:b0:22:96:3b:c9:a5:48:27:09:0b:74:
0c:a3:25:6b:42:59:b9:1a:2b:2b:22:7c:f3:2f:91:
ff:f3:0c:45:69:ba:ad:72:bb:eb:b7:87:95:f1:a2:
2b:08:c3:1e:69:55:ee:da:83:f8:c3:f8:0b:13:63:
26:40:55:18:fd:ef:2f:63:35:9a:22:f7:b2:db:05:
44:42:c9:25:6f:ed:71:9f:04:de:16:97:0a:c7:44:
9c:84:b2:14:37:34:cc:34:cf:88:34:e3:75:31:f0:
1e:63:6c:08:8c:90:13:27:19:38:ae:c6:9b:6f:37:
e9:e7:18:2b:10:a0:d5:32:57:9c:b2:21:84:af:84:
fb:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:14:FF:B2:6D:78:42:20:D8:08:D8:28:EF:AF:88:E9:B9:A9:DD:F8
X509v3 Authority Key Identifier:
keyid:65:6B:53:25:5E:6C:8F:B7:6F:AC:1C:CB:84:8F:EE:45:60:0B:55:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZWtTJV5sj7dvrBzLhI_uRWALVfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/XxT_sm14QiDYCNgo76-I6bmp3fg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4c8eac-bdcb-4f0d-b2d8-ea41832ad172/1/ZWtTJV5sj7dvrBzLhI_uRWALVfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.196.0/22
IPv6:
2a09:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:98:46:f2:19:82:74:b0:0b:21:7a:1a:c5:d9:93:c8:f5:5f:
2c:a7:cd:cb:e0:51:15:2b:33:eb:53:e9:4d:de:7b:07:3a:4c:
4d:71:8b:79:7c:26:85:74:bc:67:89:1e:ff:f5:9f:17:f8:49:
9a:12:76:f7:50:85:7e:f2:52:26:95:45:d2:30:db:60:e5:b3:
5a:de:c2:94:67:dd:eb:88:85:08:8a:4b:16:e8:ea:ba:2a:0a:
23:58:1b:b1:b5:3a:f0:49:3d:5c:26:a6:43:5a:2d:4d:e1:65:
4a:75:41:66:db:2f:6a:d3:21:7c:4a:75:c4:c5:31:4a:55:62:
82:b1:b0:68:0e:a6:a2:ec:8a:4e:e3:0e:60:bd:94:64:0e:c4:
85:64:df:d6:62:19:9b:40:3a:4f:1a:08:3f:4e:e5:3d:a8:f2:
87:54:c8:ea:06:d7:bf:3a:64:61:aa:e1:16:ca:27:7d:50:42:
2b:7f:33:1a:f2:4e:49:d5:c9:6b:11:a9:24:f7:16:93:52:9e:
de:d3:e2:3a:4c:ad:45:d0:60:7c:16:f2:d2:ec:6f:fc:0a:9b:
09:5b:f5:70:82:95:d5:a4:f9:ac:b5:b7:88:8e:24:28:b9:be:
cf:8c:1f:79:c0:ea:11:10:a2:40:c6:ab:64:b4:59:74:41:42:
59:29:44:a2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEAtSHPjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
NTZiNTMyNTVlNmM4ZmI3NmZhYzFjY2I4NDhmZWU0NTYwMGI1NWY3MB4XDTIyMDEw
MTE1MDA1M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWYxNGZmYjI2ZDc4
NDIyMGQ4MDhkODI4ZWZhZjg4ZTliOWE5ZGRmODCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAIdPiqSLW4bctXVCDiGF2LTnCDUvuwKQuyqVDko0DbOrCBFz
JBz35cSQ0SGpBL3XgolsdiVegQF4qiCRPmrXOffANisFIdbqbX96MYVz7o01EnKR
JiztD9c96K2FRv1dFp4gdvivsMTcAafbPzQPMv4fcDszo8gVI4jLSrAiljvJpUgn
CQt0DKMla0JZuRorKyJ88y+R//MMRWm6rXK767eHlfGiKwjDHmlV7tqD+MP4CxNj
JkBVGP3vL2M1miL3stsFRELJJW/tcZ8E3haXCsdEnISyFDc0zDTPiDTjdTHwHmNs
CIyQEycZOK7Gm2836ecYKxCg1TJXnLIhhK+E+30CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRfFP+ybXhCINgI2Cjvr4jpuand+DAfBgNVHSMEGDAWgBRla1MlXmyPt2+s
HMuEj+5FYAtV9zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1pXdFRKVjVzajdkdnJCekxoSV91UldBTFZmYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYjAvNGM4ZWFjLWJkY2ItNGYwZC1iMmQ4LWVhNDE4MzJhZDE3Mi8x
L1h4VF9zbTE0UWlEWUNOZ283Ni1JNmJtcDNmZy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYjAv
NGM4ZWFjLWJkY2ItNGYwZC1iMmQ4LWVhNDE4MzJhZDE3Mi8xL1pXdFRKVjVzajdk
dnJCekxoSV91UldBTFZmYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArnlxDANBAIAAjAHAwUAKgnFwDAN
BgkqhkiG9w0BAQsFAAOCAQEAi5hG8hmCdLALIXoaxdmTyPVfLKfNy+BRFSsz61Pp
Td57BzpMTXGLeXwmhXS8Z4ke//WfF/hJmhJ291CFfvJSJpVF0jDbYOWzWt7ClGfd
64iFCIpLFujquioKI1gbsbU68Ek9XCamQ1otTeFlSnVBZtsvatMhfEp1xMUxSlVi
grGwaA6mouyKTuMOYL2UZA7EhWTf1mIZm0A6TxoIP07lPajyh1TI6gbXvzpkYarh
FsonfVBCK38zGvJOSdXJaxGpJPcWk1Ke3tPiOkytRdBgfBby0uxv/AqbCVv1cIKV
1aT5rLW3iI4kKLm+z4wfecDqERCiQMarZLRZdEFCWSlEog==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:02:20 2023 by rpki-client on console-fra.rpki-client.org