Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/_Pxk9PxvQGoqcAdypPOwKFvxuLI.roa
File: _Pxk9PxvQGoqcAdypPOwKFvxuLI.roa (raw, json)
Hash identifier: 0g8ZA7RIy4YetF8J5yIvOaRKQ0rzbwh66wdAyo2AKYA=
Subject key identifier: FC:FC:64:F4:FC:6F:40:6A:2A:70:07:72:A4:F3:B0:28:5B:F1:B8:B2
Certificate issuer: /CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Certificate serial: 09F5DEA2
Authority key identifier: 5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/_Pxk9PxvQGoqcAdypPOwKFvxuLI.roa
Signing time: Sat 01 Jan 2022 14:08:07 +0000
ROA not before: Sat 01 Jan 2022 14:08:07 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51452
IP address blocks: 185.133.68.0/22 maxlen: 22
185.133.68.0/24 maxlen: 24
185.133.69.0/24 maxlen: 24
2a05:2440::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 167108258 (0x9f5dea2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe3881f3c44774f51cc75ee7e6f91c5565a606
Validity
Not Before: Jan 1 14:08:07 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=fcfc64f4fc6f406a2a700772a4f3b0285bf1b8b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fe:0d:8d:13:8b:2b:57:5d:ca:53:f8:e4:eb:95:
d9:01:34:c0:38:2f:95:b7:50:ce:94:7d:6f:df:7c:
b1:70:61:f2:23:01:36:74:f0:56:07:34:c9:74:ee:
b4:b0:80:bb:b4:82:cd:ea:92:a4:9d:9e:3d:f3:52:
61:2a:f1:ae:60:79:26:42:a8:7f:d5:96:70:db:29:
bd:13:c2:67:c9:ee:14:d9:8c:01:9f:a8:ec:8a:25:
ab:ac:1a:b5:59:e4:09:08:e5:59:b6:62:2a:e9:dd:
4e:b6:c4:0d:75:c8:7f:c4:15:b0:b6:a1:7e:53:eb:
c0:9b:4f:f2:40:5f:9f:f6:09:e3:d0:4c:37:6c:d8:
d0:25:04:f3:2e:4c:22:98:87:c3:86:a3:5a:79:42:
36:fb:da:08:05:68:22:8b:b9:7f:1b:f8:b5:cf:8d:
fa:fb:af:d9:0a:b2:61:27:b6:a5:94:9c:9e:7e:09:
6c:c2:a7:2a:a6:d0:3f:ea:c0:f9:b1:ce:c8:71:5d:
79:91:69:8e:28:ff:ed:33:69:a7:06:a6:bd:1e:1d:
89:30:07:65:a6:49:3f:05:3e:ae:5b:db:cd:1f:02:
da:8c:bc:65:1b:5a:ef:cd:15:72:97:77:64:71:48:
1b:88:11:de:49:04:87:3e:c0:e8:d1:e5:8b:d5:ef:
3c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:FC:64:F4:FC:6F:40:6A:2A:70:07:72:A4:F3:B0:28:5B:F1:B8:B2
X509v3 Authority Key Identifier:
keyid:5C:FE:38:81:F3:C4:47:74:F5:1C:C7:5E:E7:E6:F9:1C:55:65:A6:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP44gfPER3T1HMde5-b5HFVlpgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/_Pxk9PxvQGoqcAdypPOwKFvxuLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5260d0-1855-4f30-b8ef-7c998079a6a9/1/XP44gfPER3T1HMde5-b5HFVlpgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.68.0/22
IPv6:
2a05:2440::/29
Signature Algorithm: sha256WithRSAEncryption
06:11:de:5c:00:b9:68:95:4e:c8:b9:ff:e1:9f:cc:81:83:0d:
88:7e:e5:bb:c1:a5:0a:fd:9b:b2:ef:bd:3f:3b:6e:5a:5d:76:
2c:57:d3:8e:01:2c:17:43:80:25:0d:e4:cd:dd:61:73:4e:5c:
1d:56:c0:e0:1e:62:4b:f5:75:cd:9c:10:b1:64:2b:4d:45:ab:
53:15:99:05:74:6f:b6:dd:a9:ea:cb:6e:7b:23:e3:cf:81:67:
45:a4:1f:17:09:91:88:cc:23:bd:c6:86:ee:4a:a9:2a:0d:07:
db:b1:3d:b4:47:68:2e:89:67:20:e4:e3:3f:f7:e8:6d:cb:68:
43:18:12:78:76:de:4c:4e:59:4a:55:32:ee:22:04:68:0c:2f:
88:bf:d0:c5:6a:81:b3:24:44:19:58:10:f3:aa:8d:7e:5f:d9:
5f:37:23:06:0a:45:d2:38:6d:8a:6d:28:fc:4d:57:1d:b1:ff:
63:e2:fe:03:19:5a:97:8d:8c:53:73:4e:f1:d0:16:3f:c5:38:
14:ae:f9:fa:00:cc:cc:a9:87:a9:03:97:7b:96:b4:f8:85:8c:
ec:02:06:e2:c6:a1:1d:63:e3:aa:01:f5:93:50:a4:5d:3e:4e:
a6:58:17:88:2c:57:8e:0f:86:25:0d:d4:39:b0:02:de:48:0a:
5b:dc:74:d2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgIECfXeojANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
Y2ZlMzg4MWYzYzQ0Nzc0ZjUxY2M3NWVlN2U2ZjkxYzU1NjVhNjA2MB4XDTIyMDEw
MTE0MDgwN1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoZmNmYzY0ZjRmYzZm
NDA2YTJhNzAwNzcyYTRmM2IwMjg1YmYxYjhiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAP4NjROLK1ddylP45OuV2QE0wDgvlbdQzpR9b998sXBh8iMB
NnTwVgc0yXTutLCAu7SCzeqSpJ2ePfNSYSrxrmB5JkKof9WWcNspvRPCZ8nuFNmM
AZ+o7Iolq6watVnkCQjlWbZiKundTrbEDXXIf8QVsLahflPrwJtP8kBfn/YJ49BM
N2zY0CUE8y5MIpiHw4ajWnlCNvvaCAVoIou5fxv4tc+N+vuv2QqyYSe2pZScnn4J
bMKnKqbQP+rA+bHOyHFdeZFpjij/7TNppwamvR4diTAHZaZJPwU+rlvbzR8C2oy8
ZRta780Vcpd3ZHFIG4gR3kkEhz7A6NHli9XvPN8CAwEAAaOCAhgwggIUMB0GA1Ud
DgQWBBT8/GT0/G9AaipwB3Kk87AoW/G4sjAfBgNVHSMEGDAWgBRc/jiB88RHdPUc
x17n5vkcVWWmBjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hQNDRnZlBFUjNUMUhNZGU1LWI1SEZWbHBnWS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZDUvNTI2MGQwLTE4NTUtNGYzMC1iOGVmLTdjOTk4MDc5YTZhOS8x
L19QeGs5UHh2UUdvcWNBZHlwUE93S0Z2eHVMSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUv
NTI2MGQwLTE4NTUtNGYzMC1iOGVmLTdjOTk4MDc5YTZhOS8xL1hQNDRnZlBFUjNU
MUhNZGU1LWI1SEZWbHBnWS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAu
BggrBgEFBQcBBwEB/wQfMB0wDAQCAAEwBgMEArmFRDANBAIAAjAHAwUDKgUkQDAN
BgkqhkiG9w0BAQsFAAOCAQEABhHeXAC5aJVOyLn/4Z/MgYMNiH7lu8GlCv2bsu+9
PztuWl12LFfTjgEsF0OAJQ3kzd1hc05cHVbA4B5iS/V1zZwQsWQrTUWrUxWZBXRv
tt2p6stueyPjz4FnRaQfFwmRiMwjvcaG7kqpKg0H27E9tEdoLolnIOTjP/fobcto
QxgSeHbeTE5ZSlUy7iIEaAwviL/QxWqBsyREGVgQ86qNfl/ZXzcjBgpF0jhtim0o
/E1XHbH/Y+L+Axlal42MU3NO8dAWP8U4FK75+gDMzKmHqQOXe5a0+IWM7AIG4sah
HWPjqgH1k1CkXT5OplgXiCxXjg+GJQ3UObAC3kgKW9x00g==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:55:25 2024 by rpki-client on console-fra.rpki-client.org