Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/Xaitb9qzPNU4dDInULnBCzBoRuE.roa
File: Xaitb9qzPNU4dDInULnBCzBoRuE.roa (raw, json)
Hash identifier: 5EhyyN0a2tqQ8zFYG1bCqAhzw8URFjCdhqYplGTsAJE=
Subject key identifier: 5D:A8:AD:6F:DA:B3:3C:D5:38:74:32:27:50:B9:C1:0B:30:68:46:E1
Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial: 0633730D
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/Xaitb9qzPNU4dDInULnBCzBoRuE.roa
Signing time: Sat 01 Jan 2022 14:05:40 +0000
ROA not before: Sat 01 Jan 2022 14:05:40 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206382
IP address blocks: 185.186.130.0/23 maxlen: 23
185.186.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 104035085 (0x633730d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Validity
Not Before: Jan 1 14:05:40 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5da8ad6fdab33cd53874322750b9c10b306846e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:97:ee:6b:2d:07:58:39:37:53:c8:0c:72:80:
bf:64:f8:99:0c:2c:20:64:de:f0:19:44:9a:f7:f0:
8b:1d:ef:0f:8b:d8:b6:2b:7a:ff:49:93:5f:35:2a:
1a:32:c5:d0:60:47:15:c9:be:82:44:c5:53:0e:ea:
be:fd:69:ed:5e:f7:2c:ea:0c:c9:7e:99:3d:0a:9b:
00:e6:36:6e:fc:e2:4b:0b:64:bc:4a:ea:e2:ba:45:
4c:0b:5c:84:43:b1:79:f6:6a:af:b4:fa:80:c1:17:
7d:45:1d:64:4b:37:ae:af:b7:59:ad:b7:48:b8:40:
a5:00:c6:69:a3:dd:c1:b4:3f:6b:25:2f:d2:42:a8:
45:ce:72:43:d2:f6:69:26:2d:84:e2:1b:5f:97:29:
d8:86:3d:67:b5:c7:52:37:f0:61:74:2b:5a:1b:88:
26:52:9f:3c:43:8b:0d:f7:80:1c:e8:71:de:cf:d6:
d6:61:ce:fb:25:74:3b:a6:be:68:8a:a7:f0:f4:66:
c4:08:74:df:4f:d2:fa:d9:8f:b0:e6:4f:fe:67:c2:
f1:99:65:5c:e3:0e:c9:2b:73:73:af:1b:68:1b:c4:
3e:9e:54:6d:fe:d6:80:87:1d:34:54:09:df:31:cd:
40:f5:ca:41:10:e6:2f:82:07:f6:84:d3:59:96:aa:
fd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A8:AD:6F:DA:B3:3C:D5:38:74:32:27:50:B9:C1:0B:30:68:46:E1
X509v3 Authority Key Identifier:
keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/Xaitb9qzPNU4dDInULnBCzBoRuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.129.0-185.186.131.255
Signature Algorithm: sha256WithRSAEncryption
65:13:31:08:98:1c:5a:1c:d2:30:be:79:8e:5d:cd:2f:b5:dd:
e6:70:99:99:8e:cc:a8:58:5a:d8:c8:91:59:50:8c:6f:1f:3e:
64:dd:b4:9d:f2:77:e4:8e:30:1c:42:45:20:c6:06:ed:67:aa:
92:6d:3c:70:df:2a:50:5f:78:08:d5:ef:ec:a2:c0:23:73:11:
38:8d:33:d9:bd:55:c8:ab:da:f2:98:60:2e:5d:7a:b3:17:96:
a4:26:ec:6a:99:2e:ba:c8:8f:bf:16:df:6c:d4:8b:31:d9:c6:
5b:34:81:8d:8c:9d:9b:ac:29:c2:51:45:d3:cd:76:a4:ff:fe:
b8:16:6a:ae:44:87:4f:e8:0f:b7:d1:aa:85:a4:94:14:36:b7:
9f:5a:eb:b9:1c:de:ac:84:fb:3d:d1:fd:55:ad:33:ef:52:3f:
30:96:fa:e0:15:1c:df:1d:a9:c1:4d:e5:a1:bf:aa:fc:85:3c:
65:60:d1:71:13:d2:7e:ef:1a:95:55:71:97:ce:9d:5a:a4:54:
83:be:61:7d:35:26:5f:60:3e:fb:56:82:f3:a1:94:fe:78:a2:
06:f4:b0:c6:f6:3f:83:7d:cc:2a:1e:64:ca:4b:d6:30:e2:99:
69:ea:e7:63:c5:df:eb:28:37:16:a8:8d:d8:33:70:3e:a0:8a:
a6:e4:c5:e6
-----BEGIN CERTIFICATE-----
MIIE9zCCA9+gAwIBAgIEBjNzDTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
OGE4NTUwNjU5YmI2OGU3NzBkOGIwMTI2YjcyNjFmYjg3ZDgyNDBiMB4XDTIyMDEw
MTE0MDU0MFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWRhOGFkNmZkYWIz
M2NkNTM4NzQzMjI3NTBiOWMxMGIzMDY4NDZlMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK2X7mstB1g5N1PIDHKAv2T4mQwsIGTe8BlEmvfwix3vD4vY
tit6/0mTXzUqGjLF0GBHFcm+gkTFUw7qvv1p7V73LOoMyX6ZPQqbAOY2bvziSwtk
vErq4rpFTAtchEOxefZqr7T6gMEXfUUdZEs3rq+3Wa23SLhApQDGaaPdwbQ/ayUv
0kKoRc5yQ9L2aSYthOIbX5cp2IY9Z7XHUjfwYXQrWhuIJlKfPEOLDfeAHOhx3s/W
1mHO+yV0O6a+aIqn8PRmxAh030/S+tmPsOZP/mfC8ZllXOMOyStzc68baBvEPp5U
bf7WgIcdNFQJ3zHNQPXKQRDmL4IH9oTTWZaq/XUCAwEAAaOCAhEwggINMB0GA1Ud
DgQWBBRdqK1v2rM81Th0MidQucELMGhG4TAfBgNVHSMEGDAWgBQ4qFUGWbto53DY
sBJrcmH7h9gkCzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L09LaFZCbG03YU9kdzJMQVNhM0poLTRmWUpBcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDIvN2RjZTczLWM0ZGYtNDMzMy04ZTgxLTFkNzAzYjQ5NjYzNC8x
L1hhaXRiOXF6UE5VNGRESW5VTG5CQ3pCb1J1RS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDIv
N2RjZTczLWM0ZGYtNDMzMy04ZTgxLTFkNzAzYjQ5NjYzNC8xL09LaFZCbG03YU9k
dzJMQVNhM0poLTRmWUpBcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAn
BggrBgEFBQcBBwEB/wQYMBYwFAQCAAEwDjAMAwQAubqBAwQCubqAMA0GCSqGSIb3
DQEBCwUAA4IBAQBlEzEImBxaHNIwvnmOXc0vtd3mcJmZjsyoWFrYyJFZUIxvHz5k
3bSd8nfkjjAcQkUgxgbtZ6qSbTxw3ypQX3gI1e/sosAjcxE4jTPZvVXIq9rymGAu
XXqzF5akJuxqmS66yI+/Ft9s1Isx2cZbNIGNjJ2brCnCUUXTzXak//64FmquRIdP
6A+30aqFpJQUNrefWuu5HN6shPs90f1VrTPvUj8wlvrgFRzfHanBTeWhv6r8hTxl
YNFxE9J+7xqVVXGXzp1apFSDvmF9NSZfYD77VoLzoZT+eKIG9LDG9j+DfcwqHmTK
S9Yw4plp6udjxd/rKDcWqI3YM3A+oIqm5MXm
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:52:21 2025 by rpki-client