Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/a65a48-0935-4a79-ac0f-38091b19764b/1/xMfPSbf-CrWcZAAXdrQCSLhCxUg.roa
File: xMfPSbf-CrWcZAAXdrQCSLhCxUg.roa (raw, json)
Hash identifier: UlMhacc7qNNgoLG674R3rVE2UTlCEcyt6I4Q5ZFfk3g=
Subject key identifier: C4:C7:CF:49:B7:FE:0A:B5:9C:64:00:17:76:B4:02:48:B8:42:C5:48
Certificate issuer: /CN=c6dfebac8b75451122f914fca024ee1f5417cabb
Certificate serial: 018570DE5B078D4457C9AB64C98DC683025E
Authority key identifier: C6:DF:EB:AC:8B:75:45:11:22:F9:14:FC:A0:24:EE:1F:54:17:CA:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xt_rrIt1RREi-RT8oCTuH1QXyrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/a65a48-0935-4a79-ac0f-38091b19764b/1/xMfPSbf-CrWcZAAXdrQCSLhCxUg.roa
Signing time: Mon 02 Jan 2023 05:04:58 +0000
ROA not before: Mon 02 Jan 2023 05:04:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 29413
IP address blocks: 185.214.120.0/22 maxlen: 22
2a0b:9940::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:5b:07:8d:44:57:c9:ab:64:c9:8d:c6:83:02:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6dfebac8b75451122f914fca024ee1f5417cabb
Validity
Not Before: Jan 2 05:04:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4c7cf49b7fe0ab59c64001776b40248b842c548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:7e:3f:02:39:f4:0c:e8:78:c4:50:10:b5:
e2:9f:17:1a:25:33:1c:b9:d1:ac:17:70:87:03:2c:
7c:2f:a3:97:e8:92:23:3d:bb:e0:12:08:45:f5:03:
17:1a:6a:c8:da:59:c3:39:af:f8:d1:30:60:ed:42:
e8:2a:1d:62:62:a7:9a:92:87:5c:ee:47:3b:26:ec:
2d:ed:6e:d4:b3:51:f1:06:4a:fd:39:37:09:79:02:
6a:3c:ca:c7:18:25:f2:60:d3:7c:47:fa:25:a4:83:
c1:f4:d3:27:e7:6b:f6:d7:da:79:1f:fe:05:1d:35:
97:bc:b8:6e:6d:75:10:86:a5:9b:c2:f4:c5:05:b4:
5e:35:72:93:fd:84:d0:41:31:4d:34:6f:bd:21:19:
85:1d:40:c0:da:f0:28:9f:15:55:3f:32:94:b8:02:
06:90:ad:37:f5:06:c3:1e:8c:23:b0:78:80:b4:31:
b8:0d:f7:48:e7:9c:e7:8f:8f:2a:52:eb:1e:0f:d3:
31:a7:a9:94:86:bd:2a:8e:9f:06:90:89:46:ce:ac:
29:57:23:c2:a6:8d:37:04:ee:5c:5c:f0:d0:03:04:
d0:53:2a:b7:ee:10:47:d3:80:71:5e:3b:10:94:c4:
31:7d:d2:27:83:14:42:9f:cc:15:35:22:aa:69:3f:
30:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:C7:CF:49:B7:FE:0A:B5:9C:64:00:17:76:B4:02:48:B8:42:C5:48
X509v3 Authority Key Identifier:
keyid:C6:DF:EB:AC:8B:75:45:11:22:F9:14:FC:A0:24:EE:1F:54:17:CA:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xt_rrIt1RREi-RT8oCTuH1QXyrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a65a48-0935-4a79-ac0f-38091b19764b/1/xMfPSbf-CrWcZAAXdrQCSLhCxUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/a65a48-0935-4a79-ac0f-38091b19764b/1/xt_rrIt1RREi-RT8oCTuH1QXyrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.120.0/22
IPv6:
2a0b:9940::/32
Signature Algorithm: sha256WithRSAEncryption
1e:19:07:96:77:cc:d2:28:ff:e0:09:77:03:9f:00:42:5c:c7:
5c:3b:65:45:4b:6a:90:d3:f4:05:46:fb:10:8d:c4:45:44:e9:
d2:1a:06:58:b8:6b:c8:88:52:d7:5a:c8:60:e5:fc:bd:c8:03:
92:4e:b7:98:ff:74:07:ba:06:2b:d9:e6:bc:38:0f:29:f2:5a:
e3:1c:82:0c:f2:68:b8:82:15:75:20:ee:f8:82:9f:d1:9d:89:
6e:81:2f:c6:1f:c4:5b:31:68:41:9e:b9:64:37:7e:92:30:19:
20:24:ae:9f:96:0d:be:11:6a:e2:03:c2:fa:8e:02:23:58:64:
61:20:c4:60:ad:1b:b6:09:77:22:9f:8f:2a:56:11:b0:89:1d:
62:b3:29:14:2c:4b:29:9f:d2:98:a2:f4:d7:a0:13:00:d3:9c:
bf:1c:38:21:e3:21:2c:db:4e:7f:c9:fb:92:a3:b0:4d:59:18:
ed:94:7f:86:b3:bd:a1:a0:78:11:16:c1:44:05:7b:50:f3:ab:
27:cb:df:64:5c:b3:4b:e8:4d:c1:5b:1e:24:9f:90:73:60:cc:
97:1b:09:71:50:9b:8f:72:a0:b5:a6:db:55:46:26:65:15:07:
10:9e:ca:2c:d8:69:11:7d:60:18:76:6f:a6:8e:87:8b:6e:b3:
9f:ab:0f:12
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVw3lsHjURXyatkyY3GgwJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZGZlYmFjOGI3NTQ1MTEyMmY5MTRmY2EwMjRlZTFmNTQx
N2NhYmIwHhcNMjMwMTAyMDUwNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGM3Y2Y0OWI3ZmUwYWI1OWM2NDAwMTc3NmI0MDI0OGI4NDJjNTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuR+PwI59AzoeMRQELXinxcaJTMc
udGsF3CHAyx8L6OX6JIjPbvgEghF9QMXGmrI2lnDOa/40TBg7ULoKh1iYqeakodc
7kc7Juwt7W7Us1HxBkr9OTcJeQJqPMrHGCXyYNN8R/olpIPB9NMn52v219p5H/4F
HTWXvLhubXUQhqWbwvTFBbReNXKT/YTQQTFNNG+9IRmFHUDA2vAonxVVPzKUuAIG
kK039QbDHowjsHiAtDG4DfdI55znj48qUuseD9Mxp6mUhr0qjp8GkIlGzqwpVyPC
po03BO5cXPDQAwTQUyq37hBH04BxXjsQlMQxfdIngxRCn8wVNSKqaT8wBQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMTHz0m3/gq1nGQAF3a0Aki4QsVIMB8GA1UdIwQY
MBaAFMbf66yLdUURIvkU/KAk7h9UF8q7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHRfcnJJdDFSUkVpLVJUOG9DVHVIMVFYeXJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9hNjVhNDgtMDkzNS00YTc5LWFjMGYt
MzgwOTFiMTk3NjRiLzEveE1mUFNiZi1DcldjWkFBWGRyUUNTTGhDeFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9hNjVhNDgtMDkzNS00YTc5LWFjMGYtMzgwOTFiMTk3NjRi
LzEveHRfcnJJdDFSUkVpLVJUOG9DVHVIMVFYeXJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCudZ4MA0E
AgACMAcDBQAqC5lAMA0GCSqGSIb3DQEBCwUAA4IBAQAeGQeWd8zSKP/gCXcDnwBC
XMdcO2VFS2qQ0/QFRvsQjcRFROnSGgZYuGvIiFLXWshg5fy9yAOSTreY/3QHugYr
2ea8OA8p8lrjHIIM8mi4ghV1IO74gp/RnYlugS/GH8RbMWhBnrlkN36SMBkgJK6f
lg2+EWriA8L6jgIjWGRhIMRgrRu2CXcin48qVhGwiR1isykULEspn9KYovTXoBMA
05y/HDgh4yEs205/yfuSo7BNWRjtlH+Gs72hoHgRFsFEBXtQ86sny99kXLNL6E3B
Wx4kn5BzYMyXGwlxUJuPcqC1pttVRiZlFQcQnsos2GkRfWAYdm+mjoeLbrOfqw8S
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:25:03 2025 by rpki-client