Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/id-XVPWdZEZ0J7kDa_v64qaHKLc.roa
File: id-XVPWdZEZ0J7kDa_v64qaHKLc.roa (raw, json)
Hash identifier: ly8jsFllBFzZH0Uqz+44nP+JMnhbi5A2ja7IHEmrFxU=
Subject key identifier: 89:DF:97:54:F5:9D:64:46:74:27:B9:03:6B:FB:FA:E2:A6:87:28:B7
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 01851FEF9CF16040C6343795DEEDCF4050AA
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/id-XVPWdZEZ0J7kDa_v64qaHKLc.roa
Signing time: Sat 17 Dec 2022 11:54:35 +0000
ROA not before: Sat 17 Dec 2022 11:54:35 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 63023
IP address blocks: 85.209.163.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:1f:ef:9c:f1:60:40:c6:34:37:95:de:ed:cf:40:50:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Dec 17 11:54:35 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=89df9754f59d64467427b9036bfbfae2a68728b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:50:af:f2:a5:a5:57:dd:b7:41:3c:95:15:5e:
4f:a6:1d:29:2c:5e:70:fc:e9:7b:ed:d4:46:0f:3b:
91:9f:69:c0:75:7d:62:13:f7:a0:0b:7d:f5:2d:ff:
2d:06:26:bd:89:f7:6a:3f:18:31:50:ba:4a:bf:7c:
87:55:b3:de:ba:da:fe:d5:b5:de:ab:f7:04:41:38:
38:6a:9d:c3:23:0b:4d:74:85:cb:fb:0e:9d:1e:f8:
44:55:1f:31:b2:11:02:09:b1:82:c1:60:a1:97:20:
fd:6e:9f:79:38:6c:cf:25:6c:30:66:4d:2f:db:7c:
a9:2d:5d:6f:50:88:85:8b:b4:99:10:a7:8b:8e:85:
55:46:39:cc:d9:50:58:16:56:4e:4f:05:4b:04:5c:
a4:bb:ce:3f:87:95:b3:0b:c4:4e:2a:9e:b9:3f:7a:
24:44:5f:b1:bb:22:e6:92:19:aa:d1:a8:b5:7e:db:
c4:e7:2d:c6:78:ca:90:ba:0b:6f:7b:b6:57:ea:be:
08:3e:e2:c9:8f:4c:e6:da:32:af:29:09:d4:55:3f:
92:73:6f:e9:80:ce:43:df:fc:20:68:7d:c3:24:84:
ca:0d:15:1f:22:29:83:73:08:b3:30:28:d1:c0:f7:
ff:d4:4c:0f:cd:2b:ac:b6:a8:03:8c:97:d5:e7:12:
c1:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:DF:97:54:F5:9D:64:46:74:27:B9:03:6B:FB:FA:E2:A6:87:28:B7
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/id-XVPWdZEZ0J7kDa_v64qaHKLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.163.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ed:24:53:76:81:5d:c2:20:9b:03:96:31:9c:a5:ba:a3:5e:
15:1b:bc:b4:a3:c9:24:01:5d:1f:be:2f:14:9c:3b:7c:fd:63:
81:06:39:be:da:20:52:91:fe:61:c9:ab:13:8a:dc:54:1c:a3:
c3:c9:ae:73:f2:16:53:ba:f5:a2:a1:8e:74:0c:e4:f5:55:0e:
3e:4e:72:1b:c8:06:a3:bf:79:b7:fe:0b:bc:07:09:7e:df:eb:
bb:ea:cd:3e:9f:da:20:a3:c0:c8:9f:7c:85:a6:cd:ad:48:18:
02:1f:c1:9d:92:42:51:e1:9b:9a:fb:e4:98:24:19:9b:37:37:
af:92:9b:18:f6:92:c3:5f:33:e2:3d:5c:a1:67:a5:f0:c5:35:
cf:bc:2d:40:2d:af:c4:b4:e7:f5:58:d7:f1:f7:cf:3a:30:e7:
87:cf:e9:13:a5:42:08:0d:23:f8:a1:2b:b7:df:c8:85:a7:6c:
a0:61:ae:3d:95:ae:2b:77:b9:9e:90:62:c0:cc:08:7a:6b:d1:
44:8d:80:01:b5:39:46:b3:14:72:cb:b3:73:03:21:66:75:bb:
15:c8:9a:54:74:de:e9:bd:4d:c8:67:1b:eb:5e:86:a9:fc:cc:
38:98:26:43:cc:3a:9d:61:6e:2a:fe:a6:41:81:66:71:20:a3:
5f:b5:92:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUf75zxYEDGNDeV3u3PQFCqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjIxMjE3MTE1NDM1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWRmOTc1NGY1OWQ2NDQ2NzQyN2I5MDM2YmZiZmFlMmE2ODcyOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAllCv8qWlV923QTyVFV5Pph0pLF5w
/Ol77dRGDzuRn2nAdX1iE/egC331Lf8tBia9ifdqPxgxULpKv3yHVbPeutr+1bXe
q/cEQTg4ap3DIwtNdIXL+w6dHvhEVR8xshECCbGCwWChlyD9bp95OGzPJWwwZk0v
23ypLV1vUIiFi7SZEKeLjoVVRjnM2VBYFlZOTwVLBFyku84/h5WzC8ROKp65P3ok
RF+xuyLmkhmq0ai1ftvE5y3GeMqQugtve7ZX6r4IPuLJj0zm2jKvKQnUVT+Sc2/p
gM5D3/wgaH3DJITKDRUfIimDcwizMCjRwPf/1EwPzSustqgDjJfV5xLB0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFInfl1T1nWRGdCe5A2v7+uKmhyi3MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaWQtWFZQV2RaRVowSjdrRGFfdjY0cWFIS0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVdGjMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ7SRTdoFdwiCbA5YxnKW6o14VG7y0o8kkAV0fvi8U
nDt8/WOBBjm+2iBSkf5hyasTitxUHKPDya5z8hZTuvWioY50DOT1VQ4+TnIbyAaj
v3m3/gu8Bwl+3+u76s0+n9ogo8DIn3yFps2tSBgCH8GdkkJR4Zua++SYJBmbNzev
kpsY9pLDXzPiPVyhZ6XwxTXPvC1ALa/EtOf1WNfx9886MOeHz+kTpUIIDSP4oSu3
38iFp2ygYa49la4rd7mekGLAzAh6a9FEjYABtTlGsxRyy7NzAyFmdbsVyJpUdN7p
vU3IZxvrXoap/Mw4mCZDzDqdYW4q/qZBgWZxIKNftZKP
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:06:23 2023 by rpki-client on console-ams.rpki-client.org