Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/xrEp6pWqFooGwOfmNtkMTaSgXBA.roa
File: xrEp6pWqFooGwOfmNtkMTaSgXBA.roa (raw, json)
Hash identifier: D5lWYjP6SDA8IUsbktuX8zAOOX6uZr2hBgtM2N/A90s=
Subject key identifier: C6:B1:29:EA:95:AA:16:8A:06:C0:E7:E6:36:D9:0C:4D:A4:A0:5C:10
Certificate issuer: /CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Certificate serial: 0183B76831DE83468F71B031EDE03E023BB0
Authority key identifier: 11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/xrEp6pWqFooGwOfmNtkMTaSgXBA.roa
Signing time: Sat 08 Oct 2022 11:43:22 +0000
ROA not before: Sat 08 Oct 2022 11:43:22 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 210876
IP address blocks: 185.236.24.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:b7:68:31:de:83:46:8f:71:b0:31:ed:e0:3e:02:3b:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11eecd71c193e4ac30ed03d0b9f05da101c603d2
Validity
Not Before: Oct 8 11:43:22 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c6b129ea95aa168a06c0e7e636d90c4da4a05c10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:17:b7:9d:f2:37:55:e0:9e:c9:c4:4f:d5:96:
2b:a6:31:e3:ae:bb:ef:5c:f0:e5:86:d8:cf:50:66:
46:a5:05:b3:3b:a1:5e:dc:0a:bd:7f:e7:78:e9:a2:
85:5b:dd:ef:c5:03:78:6b:7b:92:ff:d6:75:19:3f:
df:0c:fc:73:b1:47:0d:c7:42:e7:31:1b:9a:64:86:
b1:4a:69:47:f7:49:e1:aa:bb:ab:3d:1a:33:fd:2e:
6d:a4:ac:1b:57:e1:9d:01:73:82:21:a8:ce:09:f5:
6b:a3:51:b3:4e:f3:20:a5:3b:af:91:1e:14:c2:d8:
b4:4e:4d:37:c5:53:24:89:ba:38:ae:e8:d0:f1:25:
3e:ea:31:76:56:e7:97:96:d3:bb:1d:18:e3:ae:ca:
b8:85:a8:e2:57:39:d1:80:7b:26:f2:8f:6d:0f:49:
47:e1:d9:33:81:d9:19:ec:0d:c6:eb:6d:2a:0d:f3:
8c:64:cf:16:dd:ad:23:96:40:42:b1:51:85:99:7b:
d2:9d:81:aa:8f:dc:6c:4e:f4:e2:c2:e7:79:66:c3:
ad:4f:92:27:27:f8:28:73:0c:af:51:43:06:4e:76:
f9:ab:39:72:c1:e1:f6:3b:1d:fa:07:ee:94:a9:d4:
27:c3:dc:1f:cf:ba:d5:3f:ea:e2:21:c0:2b:51:ad:
21:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:B1:29:EA:95:AA:16:8A:06:C0:E7:E6:36:D9:0C:4D:A4:A0:5C:10
X509v3 Authority Key Identifier:
keyid:11:EE:CD:71:C1:93:E4:AC:30:ED:03:D0:B9:F0:5D:A1:01:C6:03:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ee7NccGT5Kww7QPQufBdoQHGA9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/xrEp6pWqFooGwOfmNtkMTaSgXBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/4fd95a-5157-4a1b-b868-138995c99b97/1/Ee7NccGT5Kww7QPQufBdoQHGA9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.236.24.0/22
Signature Algorithm: sha256WithRSAEncryption
28:47:6d:73:be:da:37:73:ed:51:3e:3d:de:06:37:3c:b4:ce:
55:be:cb:fe:e8:6a:57:ae:bf:82:aa:91:b1:da:d9:b7:c2:99:
44:d1:aa:c1:c3:e9:e3:87:aa:55:ff:b4:04:09:11:08:bf:ce:
c5:4f:eb:59:cf:a0:7c:52:cb:ba:30:0e:4e:8e:28:d2:0e:b7:
4b:d8:38:1c:70:4b:e7:65:7e:3e:46:e2:59:e7:66:f1:17:72:
20:89:e4:a0:37:80:7f:4b:1d:f0:52:8b:2c:59:a0:03:3b:b4:
d3:8b:ba:7d:4b:89:f5:c1:79:bb:cc:e3:9f:50:a8:c0:d5:dd:
6e:07:de:47:af:0b:1e:ec:66:fb:d1:33:ec:43:70:3e:24:06:
dc:77:31:cc:8d:a3:8d:fd:41:12:16:a0:76:4a:0a:ee:5a:df:
45:db:8a:f4:37:65:49:8d:75:04:6a:d7:dd:da:ed:79:c6:7c:
d0:3e:67:e7:d4:ab:e1:31:75:dd:93:50:ae:7e:5f:10:02:08:
7f:f0:d9:3b:09:81:e4:7d:e0:93:a5:04:9b:76:d4:2e:64:9c:
26:86:79:28:72:86:77:51:af:9a:fc:20:09:85:74:be:e7:5a:
5b:da:e4:a8:cd:79:f2:84:24:4f:09:9d:00:b8:bd:e6:4b:44:
9b:07:1f:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYO3aDHeg0aPcbAx7eA+AjuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZWVjZDcxYzE5M2U0YWMzMGVkMDNkMGI5ZjA1ZGExMDFj
NjAzZDIwHhcNMjIxMDA4MTE0MzIyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmIxMjllYTk1YWExNjhhMDZjMGU3ZTYzNmQ5MGM0ZGE0YTA1YzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBe3nfI3VeCeycRP1ZYrpjHjrrvv
XPDlhtjPUGZGpQWzO6Fe3Aq9f+d46aKFW93vxQN4a3uS/9Z1GT/fDPxzsUcNx0Ln
MRuaZIaxSmlH90nhqrurPRoz/S5tpKwbV+GdAXOCIajOCfVro1GzTvMgpTuvkR4U
wti0Tk03xVMkibo4rujQ8SU+6jF2VueXltO7HRjjrsq4hajiVznRgHsm8o9tD0lH
4dkzgdkZ7A3G620qDfOMZM8W3a0jlkBCsVGFmXvSnYGqj9xsTvTiwud5ZsOtT5In
J/gocwyvUUMGTnb5qzlyweH2Ox36B+6UqdQnw9wfz7rVP+riIcArUa0hVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMaxKeqVqhaKBsDn5jbZDE2koFwQMB8GA1UdIwQY
MBaAFBHuzXHBk+SsMO0D0LnwXaEBxgPSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4Njgt
MTM4OTk1Yzk5Yjk3LzEveHJFcDZwV3FGb29Hd09mbU50a01UYVNnWEJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi80ZmQ5NWEtNTE1Ny00YTFiLWI4NjgtMTM4OTk1Yzk5Yjk3
LzEvRWU3TmNjR1Q1S3d3N1FQUXVmQmRvUUhHQTlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuewYMA0G
CSqGSIb3DQEBCwUAA4IBAQAoR21zvto3c+1RPj3eBjc8tM5Vvsv+6GpXrr+CqpGx
2tm3wplE0arBw+njh6pV/7QECREIv87FT+tZz6B8Usu6MA5OjijSDrdL2DgccEvn
ZX4+RuJZ52bxF3IgieSgN4B/Sx3wUossWaADO7TTi7p9S4n1wXm7zOOfUKjA1d1u
B95Hrwse7Gb70TPsQ3A+JAbcdzHMjaON/UESFqB2SgruWt9F24r0N2VJjXUEatfd
2u15xnzQPmfn1KvhMXXdk1Cufl8QAgh/8Nk7CYHkfeCTpQSbdtQuZJwmhnkocoZ3
Ua+a/CAJhXS+51pb2uSozXnyhCRPCZ0AuL3mS0SbBx/T
-----END CERTIFICATE-----
Generated at Thu Jun 6 19:52:57 2024 by rpki-client on console-ams.rpki-client.org