Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/17bf85-e2c0-46f9-b0fb-07ae682c1262/1/XcuJjEZs20JsHgoicFZpYXYkaX0.roa
File: XcuJjEZs20JsHgoicFZpYXYkaX0.roa (raw, json)
Hash identifier: LGvLW5f4o/gCv/Ct3nZa9JEZRHTLwcLt7cLnTbiCJDc=
Subject key identifier: 5D:CB:89:8C:46:6C:DB:42:6C:1E:0A:22:70:56:69:61:76:24:69:7D
Certificate issuer: /CN=e3b35956a4038a0938ccda85592ad531e4a883ad
Certificate serial: 0184E9628C7A1A54EDC423CC04D9382E2898
Authority key identifier: E3:B3:59:56:A4:03:8A:09:38:CC:DA:85:59:2A:D5:31:E4:A8:83:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/47NZVqQDigk4zNqFWSrVMeSog60.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/17bf85-e2c0-46f9-b0fb-07ae682c1262/1/XcuJjEZs20JsHgoicFZpYXYkaX0.roa
Signing time: Tue 06 Dec 2022 21:41:00 +0000
ROA not before: Tue 06 Dec 2022 21:41:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204741
IP address blocks: 185.242.24.0/22 maxlen: 22
185.242.24.0/23 maxlen: 23
185.242.24.0/24 maxlen: 24
185.242.26.0/23 maxlen: 23
185.242.27.0/24 maxlen: 24
185.242.26.0/24 maxlen: 24
185.242.25.0/24 maxlen: 24
2a0c:ba80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:e9:62:8c:7a:1a:54:ed:c4:23:cc:04:d9:38:2e:28:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3b35956a4038a0938ccda85592ad531e4a883ad
Validity
Not Before: Dec 6 21:41:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dcb898c466cdb426c1e0a22705669617624697d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f7:cb:70:46:c1:ee:88:83:62:7a:fd:7b:ea:
8b:4d:ec:23:38:0c:2b:c5:a3:e7:5f:8d:ac:7a:aa:
9f:b0:3a:49:9c:c5:3e:47:b0:92:eb:7e:d8:53:9f:
ac:8b:79:be:ef:c3:84:e3:2b:56:43:f4:81:2c:61:
b7:db:6b:ab:36:74:23:fa:b9:0d:f0:f5:56:88:19:
2d:c1:3d:d0:ad:be:90:2d:c7:1e:cd:11:72:e9:1a:
70:2a:91:ca:ec:ef:3e:09:60:57:79:44:ce:19:95:
1b:2d:d6:2e:1c:ce:e8:27:15:8f:90:5f:a3:ec:e7:
8c:1a:77:35:01:4b:46:1c:1a:0a:fd:17:ac:fc:37:
94:45:b7:d6:a0:80:58:10:f0:0d:d6:f9:6f:b2:37:
7a:c5:74:ab:ec:e0:4a:e5:ac:fd:8a:d4:04:8c:38:
ff:4a:7d:c0:59:5d:9c:47:04:b1:f5:9d:af:d9:ec:
9d:a5:6a:c3:5c:50:c3:bf:88:eb:82:e7:29:f6:67:
f0:47:3d:55:27:fa:fa:d7:51:74:30:a2:92:1a:05:
23:10:9d:6d:cb:e3:6e:d4:56:32:ba:5b:93:d7:81:
91:39:97:53:f6:cf:23:9d:46:8b:35:2a:16:b8:5c:
54:6b:08:3a:44:62:61:ae:b3:c3:fa:5c:8e:8c:2d:
a4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:CB:89:8C:46:6C:DB:42:6C:1E:0A:22:70:56:69:61:76:24:69:7D
X509v3 Authority Key Identifier:
keyid:E3:B3:59:56:A4:03:8A:09:38:CC:DA:85:59:2A:D5:31:E4:A8:83:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/47NZVqQDigk4zNqFWSrVMeSog60.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17bf85-e2c0-46f9-b0fb-07ae682c1262/1/XcuJjEZs20JsHgoicFZpYXYkaX0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/17bf85-e2c0-46f9-b0fb-07ae682c1262/1/47NZVqQDigk4zNqFWSrVMeSog60.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.24.0/22
IPv6:
2a0c:ba80::/29
Signature Algorithm: sha256WithRSAEncryption
88:d7:7c:f7:29:c0:3f:75:cb:5f:20:a6:ee:86:80:6b:76:f0:
c7:f9:45:b0:e2:8e:59:be:92:a4:80:3a:90:f1:2e:67:33:35:
b9:f2:75:d1:cd:a1:3c:6e:fe:51:60:bc:a9:2b:e0:a5:d3:32:
04:1e:f1:13:36:a1:f6:f3:79:34:f6:0d:f4:77:aa:fe:11:b4:
30:3b:a9:e3:a8:97:f4:1f:26:7b:e3:7c:42:37:c3:0f:72:e4:
e8:55:ca:bc:14:63:f1:61:7f:be:17:98:45:a8:1a:c4:4b:75:
6c:2b:c3:52:73:27:9f:c6:28:13:29:3d:73:34:7f:86:c1:52:
30:b2:c3:6b:47:26:74:1e:44:4d:9d:01:27:d1:71:10:c2:5f:
a9:f4:33:dd:0f:5e:28:a5:85:13:89:8e:48:bd:58:75:b5:3b:
d9:c1:cc:47:1c:ea:18:35:85:6b:41:c7:d1:cc:e3:4c:f8:27:
60:6e:ef:30:5d:2a:33:dc:ba:9c:c4:49:08:ad:a0:b6:c1:23:
f1:28:22:c7:5e:e0:84:ef:01:31:a8:e0:9f:42:8d:ae:60:bd:
88:fb:92:97:cb:bf:d0:1e:a5:c5:5a:e9:2f:55:96:aa:af:73:
89:b2:1a:0b:00:0b:57:ad:57:aa:ec:53:ec:84:e8:63:f6:b5:
25:ef:b7:90
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYTpYox6GlTtxCPMBNk4LiiYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYjM1OTU2YTQwMzhhMDkzOGNjZGE4NTU5MmFkNTMxZTRh
ODgzYWQwHhcNMjIxMjA2MjE0MTAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGNiODk4YzQ2NmNkYjQyNmMxZTBhMjI3MDU2Njk2MTc2MjQ2OTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvffLcEbB7oiDYnr9e+qLTewjOAwr
xaPnX42seqqfsDpJnMU+R7CS637YU5+si3m+78OE4ytWQ/SBLGG322urNnQj+rkN
8PVWiBktwT3Qrb6QLccezRFy6RpwKpHK7O8+CWBXeUTOGZUbLdYuHM7oJxWPkF+j
7OeMGnc1AUtGHBoK/Res/DeURbfWoIBYEPAN1vlvsjd6xXSr7OBK5az9itQEjDj/
Sn3AWV2cRwSx9Z2v2eydpWrDXFDDv4jrgucp9mfwRz1VJ/r611F0MKKSGgUjEJ1t
y+Nu1FYyuluT14GROZdT9s8jnUaLNSoWuFxUawg6RGJhrrPD+lyOjC2kyQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF3LiYxGbNtCbB4KInBWaWF2JGl9MB8GA1UdIwQY
MBaAFOOzWVakA4oJOMzahVkq1THkqIOtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDdOWlZxUURpZ2s0ek5xRldTclZNZVNvZzYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy8xN2JmODUtZTJjMC00NmY5LWIwZmIt
MDdhZTY4MmMxMjYyLzEvWGN1SmpFWnMyMEpzSGdvaWNGWnBZWFlrYVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy8xN2JmODUtZTJjMC00NmY5LWIwZmItMDdhZTY4MmMxMjYy
LzEvNDdOWlZxUURpZ2s0ek5xRldTclZNZVNvZzYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufIYMA0E
AgACMAcDBQMqDLqAMA0GCSqGSIb3DQEBCwUAA4IBAQCI13z3KcA/dctfIKbuhoBr
dvDH+UWw4o5ZvpKkgDqQ8S5nMzW58nXRzaE8bv5RYLypK+Cl0zIEHvETNqH283k0
9g30d6r+EbQwO6njqJf0HyZ743xCN8MPcuToVcq8FGPxYX++F5hFqBrES3VsK8NS
cyefxigTKT1zNH+GwVIwssNrRyZ0HkRNnQEn0XEQwl+p9DPdD14opYUTiY5IvVh1
tTvZwcxHHOoYNYVrQcfRzONM+Cdgbu8wXSoz3LqcxEkIraC2wSPxKCLHXuCE7wEx
qOCfQo2uYL2I+5KXy7/QHqXFWukvVZaqr3OJshoLAAtXrVeq7FPshOhj9rUl77eQ
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:59 2023 by rpki-client on console-fra.rpki-client.org