Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/XbhVTVGIROheilScwko_TZzsKkc.roa
File: XbhVTVGIROheilScwko_TZzsKkc.roa (raw, json)
Hash identifier: er7KtF57wHGjzn2/V3guejLwbYyIuDcsVx1+ALW5qiI=
Subject key identifier: 5D:B8:55:4D:51:88:44:E8:5E:8A:54:9C:C2:4A:3F:4D:9C:EC:2A:47
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 01856E41E820575568D1844A45EF98C71BA9
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/XbhVTVGIROheilScwko_TZzsKkc.roa
Signing time: Sun 01 Jan 2023 16:54:51 +0000
ROA not before: Sun 01 Jan 2023 16:54:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 213240
IP address blocks: 188.215.246.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:41:e8:20:57:55:68:d1:84:4a:45:ef:98:c7:1b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 1 16:54:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5db8554d518844e85e8a549cc24a3f4d9cec2a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c4:50:da:49:11:5f:43:92:24:3e:60:60:b2:
d4:7d:6f:f7:21:f2:36:49:59:98:d0:a1:b0:33:77:
44:ef:e1:d1:48:de:e4:58:0d:03:e5:98:2b:da:fc:
b5:3a:e2:bc:fe:e8:d7:10:41:db:dd:e9:c4:02:2b:
89:e7:70:70:6d:26:5b:82:38:77:e5:f6:f3:56:9a:
14:39:9a:c8:fa:20:8f:28:71:4c:ca:b7:9e:38:21:
93:db:9f:e6:32:85:36:7c:83:28:a2:33:5e:51:5e:
d2:af:91:11:25:b3:9d:4e:c7:65:0f:18:4c:26:7e:
78:f7:bb:ef:21:b2:9b:12:42:bd:2a:47:be:0e:22:
e1:f5:8f:41:08:49:60:0e:87:cb:03:8b:2e:6f:f3:
48:a5:a5:a3:d3:c4:a6:53:11:49:2f:5e:7b:6e:f7:
8c:6c:76:85:ad:cb:da:92:6e:7d:4b:50:88:c4:fd:
7e:33:8e:75:cc:f8:e2:c6:f1:db:dc:19:11:23:84:
f8:61:ba:0d:34:ce:e8:ec:89:f6:39:07:1e:76:48:
18:1b:4e:48:e3:50:cf:46:a5:00:19:6b:bc:5d:53:
1f:a1:df:7e:1f:89:46:a0:79:07:dc:43:d5:1c:dd:
2f:fe:f4:4f:60:79:b3:22:c1:84:ed:9e:7d:eb:51:
3f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:B8:55:4D:51:88:44:E8:5E:8A:54:9C:C2:4A:3F:4D:9C:EC:2A:47
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/XbhVTVGIROheilScwko_TZzsKkc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.215.246.0/24
Signature Algorithm: sha256WithRSAEncryption
54:69:3a:fb:e8:df:1b:c9:33:a9:72:a9:5c:f4:50:04:ee:f9:
93:6f:24:22:88:82:5c:e8:7d:7d:b4:77:e5:d5:b6:20:0f:92:
0a:4f:35:d8:a3:68:d4:1b:3b:af:e7:e5:de:46:63:c9:e4:43:
e2:f8:1f:5f:97:64:dc:f1:f1:b0:30:a6:7c:dc:85:71:1b:56:
af:c9:c5:4e:d8:64:68:f7:3a:33:ed:b0:34:0b:8b:a5:7c:5d:
44:45:b6:2c:30:bb:f7:c7:af:59:e0:c0:07:b9:ed:05:f9:37:
85:17:c7:13:62:9f:45:6c:67:fe:26:dd:2e:32:7b:d7:12:6e:
be:e1:9b:1a:2b:f5:ef:14:77:b9:0e:d0:76:5f:21:5a:56:a3:
36:bb:8e:b3:58:d9:18:53:ed:85:7c:8a:3d:cd:41:f7:d4:56:
52:25:6c:bd:9e:31:70:22:b4:ed:3c:a5:92:98:de:ad:8b:88:
ba:9b:36:73:67:ea:2f:78:90:5d:6f:83:cd:ff:77:7e:d5:41:
e5:ce:81:16:de:cc:ff:72:c2:af:23:ae:f1:f0:71:9c:08:fc:
8a:83:0c:2e:cf:3b:12:62:76:9a:6e:f9:8a:86:60:3f:9e:73:
96:cc:31:ea:cc:a9:68:df:79:3e:8d:b4:45:33:ee:d8:d6:ca:
df:8f:68:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuQeggV1Vo0YRKRe+YxxupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjMwMTAxMTY1NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGI4NTU0ZDUxODg0NGU4NWU4YTU0OWNjMjRhM2Y0ZDljZWMyYTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMRQ2kkRX0OSJD5gYLLUfW/3IfI2
SVmY0KGwM3dE7+HRSN7kWA0D5Zgr2vy1OuK8/ujXEEHb3enEAiuJ53BwbSZbgjh3
5fbzVpoUOZrI+iCPKHFMyreeOCGT25/mMoU2fIMoojNeUV7Sr5ERJbOdTsdlDxhM
Jn5497vvIbKbEkK9Kke+DiLh9Y9BCElgDofLA4sub/NIpaWj08SmUxFJL157bveM
bHaFrcvakm59S1CIxP1+M451zPjixvHb3BkRI4T4YboNNM7o7In2OQcedkgYG05I
41DPRqUAGWu8XVMfod9+H4lGoHkH3EPVHN0v/vRPYHmzIsGE7Z5961E/GQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF24VU1RiEToXopUnMJKP02c7CpHMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvWGJoVlRWR0lST2hlaWxTY3drb19UWnpzS2tjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvNf2MA0G
CSqGSIb3DQEBCwUAA4IBAQBUaTr76N8byTOpcqlc9FAE7vmTbyQiiIJc6H19tHfl
1bYgD5IKTzXYo2jUGzuv5+XeRmPJ5EPi+B9fl2Tc8fGwMKZ83IVxG1avycVO2GRo
9zoz7bA0C4ulfF1ERbYsMLv3x69Z4MAHue0F+TeFF8cTYp9FbGf+Jt0uMnvXEm6+
4ZsaK/XvFHe5DtB2XyFaVqM2u46zWNkYU+2FfIo9zUH31FZSJWy9njFwIrTtPKWS
mN6ti4i6mzZzZ+oveJBdb4PN/3d+1UHlzoEW3sz/csKvI67x8HGcCPyKgwwuzzsS
YnaabvmKhmA/nnOWzDHqzKlo33k+jbRFM+7Y1srfj2iX
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:53:26 2025 by rpki-client