Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/846bd3-0373-4190-adff-3e36ca9a2d69/1/XBKuaoLc6RFuW2-A_t2BwsimX5U.roa
File: XBKuaoLc6RFuW2-A_t2BwsimX5U.roa (raw, json)
Hash identifier: O9vo7DQlVtB2ZaKG2j2cGkBPLcCoeoLnJedvGjWVJpw=
Subject key identifier: 5C:12:AE:6A:82:DC:E9:11:6E:5B:6F:80:FE:DD:81:C2:C8:A6:5F:95
Certificate issuer: /CN=dca0adb1a8b797020f0ec7a29a9b5abad40b653e
Certificate serial: 03DCC63A
Authority key identifier: DC:A0:AD:B1:A8:B7:97:02:0F:0E:C7:A2:9A:9B:5A:BA:D4:0B:65:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3KCtsai3lwIPDseimptautQLZT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/846bd3-0373-4190-adff-3e36ca9a2d69/1/XBKuaoLc6RFuW2-A_t2BwsimX5U.roa
Signing time: Sat 01 Jan 2022 02:55:04 +0000
ROA not before: Sat 01 Jan 2022 02:55:04 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 185.186.25.0/24 maxlen: 24
2a0b:6c81::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 64800314 (0x3dcc63a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dca0adb1a8b797020f0ec7a29a9b5abad40b653e
Validity
Not Before: Jan 1 02:55:04 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c12ae6a82dce9116e5b6f80fedd81c2c8a65f95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:86:98:aa:f5:79:91:25:aa:ce:f2:2f:29:f4:
2c:2d:77:53:7b:05:82:9c:7a:88:bb:88:74:ba:ef:
0e:0c:fa:8e:c2:e8:c1:92:e6:70:b9:a9:e3:67:da:
85:9e:0a:8c:0c:23:04:80:08:b3:06:ed:1b:13:ba:
9c:1c:17:e8:f2:f4:e7:d2:b0:57:1c:92:88:e1:3a:
55:55:2f:80:f0:84:51:e4:6d:77:a5:6a:e8:a7:de:
88:6d:8f:7d:ad:9c:66:3b:b9:05:b2:bf:27:a6:45:
1d:70:d0:8d:14:a5:e7:92:a2:84:1c:4d:c7:ca:92:
df:90:7e:d6:98:7d:03:e8:3d:2b:c8:32:e4:24:fc:
10:ff:83:13:60:81:9d:ad:53:40:62:71:73:b2:f2:
6b:7a:5c:4b:39:ec:e4:c9:7b:fa:0e:f9:7c:1d:79:
4a:f8:90:79:50:3b:aa:67:70:16:bb:58:1c:3c:f9:
b6:e9:0d:77:99:00:34:1b:6d:7f:cb:7f:ac:15:82:
88:a6:28:0e:70:00:08:b4:d2:de:0b:f7:17:3d:04:
29:59:1a:2f:fd:51:91:9c:7d:71:ba:30:5d:ff:78:
cf:3d:13:62:10:ab:4c:0e:11:b9:bf:0c:12:d8:e3:
b7:3b:71:f6:b0:6a:02:fd:be:83:c9:f2:7f:2b:5c:
cb:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:12:AE:6A:82:DC:E9:11:6E:5B:6F:80:FE:DD:81:C2:C8:A6:5F:95
X509v3 Authority Key Identifier:
keyid:DC:A0:AD:B1:A8:B7:97:02:0F:0E:C7:A2:9A:9B:5A:BA:D4:0B:65:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3KCtsai3lwIPDseimptautQLZT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/846bd3-0373-4190-adff-3e36ca9a2d69/1/XBKuaoLc6RFuW2-A_t2BwsimX5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/846bd3-0373-4190-adff-3e36ca9a2d69/1/3KCtsai3lwIPDseimptautQLZT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.25.0/24
IPv6:
2a0b:6c81::/32
Signature Algorithm: sha256WithRSAEncryption
43:12:74:5e:86:c0:e9:55:03:1d:1b:d2:35:25:47:fa:64:bc:
81:10:ef:fd:59:81:f7:cb:88:ef:fb:b7:38:ad:86:5d:b8:9a:
76:c4:9c:a6:c9:6e:36:86:e7:5a:c4:82:83:4e:f6:3b:5d:8f:
85:c6:26:0f:af:94:30:05:be:71:66:a0:be:ae:d3:8f:91:d8:
05:31:17:bf:05:49:e7:8e:7a:9e:e6:cf:d2:2c:39:76:be:03:
3d:e9:bc:24:6e:88:db:17:30:24:bd:45:8d:a3:48:72:8c:9a:
22:05:66:0f:51:96:85:16:59:32:5d:83:40:7b:df:b2:45:23:
80:b9:7a:6a:bd:bd:e1:f6:18:85:8b:d1:00:d4:b4:70:79:0d:
cd:8a:f7:4e:c8:2f:b2:5f:8b:f3:4d:12:d5:da:4a:ca:4a:89:
24:6f:af:f4:9e:84:36:96:19:e8:5b:7c:d5:bd:10:a7:f3:e1:
14:d0:de:8f:52:b4:85:ca:f7:3d:de:1e:e3:d8:80:7b:61:6e:
cf:a9:27:9d:1f:6a:51:d1:55:1c:07:19:83:11:28:a1:ff:c8:
08:fd:66:88:f4:b9:2d:d4:8d:08:a5:11:ee:56:e5:cd:c1:43:
93:fa:c6:67:d2:b2:7b:8a:78:ba:b6:80:97:f9:77:7e:14:96:
d0:4e:55:05
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIEA9zGOjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
Y2EwYWRiMWE4Yjc5NzAyMGYwZWM3YTI5YTliNWFiYWQ0MGI2NTNlMB4XDTIyMDEw
MTAyNTUwNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMxMmFlNmE4MmRj
ZTkxMTZlNWI2ZjgwZmVkZDgxYzJjOGE2NWY5NTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL+GmKr1eZElqs7yLyn0LC13U3sFgpx6iLuIdLrvDgz6jsLo
wZLmcLmp42fahZ4KjAwjBIAIswbtGxO6nBwX6PL059KwVxySiOE6VVUvgPCEUeRt
d6Vq6KfeiG2Pfa2cZju5BbK/J6ZFHXDQjRSl55KihBxNx8qS35B+1ph9A+g9K8gy
5CT8EP+DE2CBna1TQGJxc7Lya3pcSzns5Ml7+g75fB15SviQeVA7qmdwFrtYHDz5
tukNd5kANBttf8t/rBWCiKYoDnAACLTS3gv3Fz0EKVkaL/1RkZx9cbowXf94zz0T
YhCrTA4Rub8MEtjjtztx9rBqAv2+g8nyfytcy9UCAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBRcEq5qgtzpEW5bb4D+3YHCyKZflTAfBgNVHSMEGDAWgBTcoK2xqLeXAg8O
x6Kam1q61AtlPjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzNLQ3RzYWkzbHdJUERzZWltcHRhdXRRTFpUNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDQvODQ2YmQzLTAzNzMtNDE5MC1hZGZmLTNlMzZjYTlhMmQ2OS8x
L1hCS3Vhb0xjNlJGdVcyLUFfdDJCd3NpbVg1VS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDQv
ODQ2YmQzLTAzNzMtNDE5MC1hZGZmLTNlMzZjYTlhMmQ2OS8xLzNLQ3RzYWkzbHdJ
UERzZWltcHRhdXRRTFpUNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEALm6GTANBAIAAjAHAwUAKgtsgTAN
BgkqhkiG9w0BAQsFAAOCAQEAQxJ0XobA6VUDHRvSNSVH+mS8gRDv/VmB98uI7/u3
OK2GXbiadsScpsluNobnWsSCg072O12PhcYmD6+UMAW+cWagvq7Tj5HYBTEXvwVJ
5456nubP0iw5dr4DPem8JG6I2xcwJL1FjaNIcoyaIgVmD1GWhRZZMl2DQHvfskUj
gLl6ar294fYYhYvRANS0cHkNzYr3Tsgvsl+L800S1dpKykqJJG+v9J6ENpYZ6Ft8
1b0Qp/PhFNDej1K0hcr3Pd4e49iAe2Fuz6knnR9qUdFVHAcZgxEoof/ICP1miPS5
LdSNCKUR7lblzcFDk/rGZ9Kye4p4uraAl/l3fhSW0E5VBQ==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:04:31 2023 by rpki-client on console-fra.rpki-client.org