Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/b5b4e7-8a68-466d-9fc5-075dc4604aef/1/XhcDnnemVUq-xyZq_vJRXnceDkA.roa
File: XhcDnnemVUq-xyZq_vJRXnceDkA.roa (raw, json)
Hash identifier: 9WviRPvG9BeCrUR1IXRmOvMjGH3L2Skm4VNp5AA/fTQ=
Subject key identifier: 5E:17:03:9E:77:A6:55:4A:BE:C7:26:6A:FE:F2:51:5E:77:1E:0E:40
Certificate issuer: /CN=da834df1dafa7fe6ead360b3ee75a2931af1ffe9
Certificate serial: 06DD6B79
Authority key identifier: DA:83:4D:F1:DA:FA:7F:E6:EA:D3:60:B3:EE:75:A2:93:1A:F1:FF:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2oNN8dr6f-bq02Cz7nWikxrx_-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/b5b4e7-8a68-466d-9fc5-075dc4604aef/1/XhcDnnemVUq-xyZq_vJRXnceDkA.roa
Signing time: Sat 01 Jan 2022 07:52:41 +0000
ROA not before: Sat 01 Jan 2022 07:52:41 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 50941
IP address blocks: 185.195.231.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 115174265 (0x6dd6b79)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=da834df1dafa7fe6ead360b3ee75a2931af1ffe9
Validity
Not Before: Jan 1 07:52:41 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e17039e77a6554abec7266afef2515e771e0e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:82:9d:c0:26:42:f1:ee:70:6d:c2:12:67:b2:
4a:02:58:76:81:c4:dc:72:a3:31:6d:b2:29:53:8d:
b2:7d:f5:4c:95:7b:6a:a5:67:4d:d2:b3:79:d2:5f:
21:e0:d0:2a:2f:61:91:ea:3e:ca:9d:7f:05:0c:04:
51:fd:a3:76:bb:58:67:17:63:bf:ba:7f:1a:81:32:
dd:13:56:a4:fb:2f:7a:12:ae:cd:ab:fa:c1:3c:9b:
fd:4d:b2:c1:ab:0d:b7:a7:7f:18:f9:0b:9a:e4:36:
1c:7a:c3:fc:12:a6:62:ee:6e:e3:0d:7d:46:a3:b7:
4d:61:41:41:fc:02:21:42:db:4c:a2:65:21:b8:fe:
ec:50:05:95:95:3b:d3:f7:88:3e:c6:b2:10:b3:f3:
f5:5f:3a:86:8f:82:69:81:c9:99:d0:c3:85:ac:ba:
29:5a:41:64:1f:d9:96:dd:c0:e4:b2:bc:fa:08:30:
bd:8b:be:72:50:ae:1b:3b:ae:db:e5:28:e9:b5:e5:
db:19:5f:75:59:aa:ec:b2:17:d9:85:f0:be:b3:6d:
9a:e5:f1:f9:19:ad:01:fc:72:02:d1:c0:48:df:97:
82:25:5c:e6:e4:1e:ba:65:02:7e:ab:e8:ef:f1:e3:
bf:0d:ce:6b:1e:85:4f:74:33:8c:59:12:13:38:62:
dc:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:17:03:9E:77:A6:55:4A:BE:C7:26:6A:FE:F2:51:5E:77:1E:0E:40
X509v3 Authority Key Identifier:
keyid:DA:83:4D:F1:DA:FA:7F:E6:EA:D3:60:B3:EE:75:A2:93:1A:F1:FF:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2oNN8dr6f-bq02Cz7nWikxrx_-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b5b4e7-8a68-466d-9fc5-075dc4604aef/1/XhcDnnemVUq-xyZq_vJRXnceDkA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/b5b4e7-8a68-466d-9fc5-075dc4604aef/1/2oNN8dr6f-bq02Cz7nWikxrx_-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.195.231.0/24
Signature Algorithm: sha256WithRSAEncryption
97:a1:f5:a5:47:22:55:25:7d:5f:32:c4:66:48:f9:dd:8c:c0:
7d:c9:42:c0:8d:57:0c:8e:8b:8c:a7:54:e7:66:e7:be:33:fb:
d5:7a:89:05:04:f4:62:0c:85:84:67:b8:dc:62:9a:42:f6:9e:
14:f7:49:0c:e7:ba:e0:f7:e3:fe:77:dc:1a:12:cc:17:da:07:
f5:85:1f:d3:7a:28:41:e9:bc:42:c2:9e:05:6f:64:b6:a9:72:
39:df:df:07:52:d1:bf:f7:33:6a:02:15:ac:a1:fa:e4:29:f4:
56:e7:91:c3:2c:4c:ff:d9:a7:13:ec:03:ad:b9:bb:78:c0:53:
6f:9d:be:87:24:89:88:a3:6b:1c:cd:4e:dc:a4:72:48:4f:7a:
db:92:99:79:11:a9:fe:63:2e:a4:90:98:3b:45:88:58:93:21:
4f:e0:45:8f:ca:5d:bc:13:cb:4f:33:9e:8a:51:d0:22:2c:4e:
53:1b:05:7b:aa:b6:9e:6a:4f:fa:d4:ba:6a:03:db:ca:dc:8d:
2e:e4:63:5a:cb:58:58:c5:6e:e2:1f:b0:12:76:bd:12:45:ba:
bd:44:c6:96:bd:da:54:ee:a4:4d:50:c3:03:70:23:ba:a4:73:
bf:86:4f:bb:2a:63:a0:32:78:25:bd:c5:24:f8:28:6e:0f:86:
3c:3b:96:11
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBt1reTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhk
YTgzNGRmMWRhZmE3ZmU2ZWFkMzYwYjNlZTc1YTI5MzFhZjFmZmU5MB4XDTIyMDEw
MTA3NTI0MVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUxNzAzOWU3N2E2
NTU0YWJlYzcyNjZhZmVmMjUxNWU3NzFlMGU0MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+CncAmQvHucG3CEmeySgJYdoHE3HKjMW2yKVONsn31TJV7
aqVnTdKzedJfIeDQKi9hkeo+yp1/BQwEUf2jdrtYZxdjv7p/GoEy3RNWpPsvehKu
zav6wTyb/U2ywasNt6d/GPkLmuQ2HHrD/BKmYu5u4w19RqO3TWFBQfwCIULbTKJl
Ibj+7FAFlZU70/eIPsayELPz9V86ho+CaYHJmdDDhay6KVpBZB/Zlt3A5LK8+ggw
vYu+clCuGzuu2+Uo6bXl2xlfdVmq7LIX2YXwvrNtmuXx+RmtAfxyAtHASN+XgiVc
5uQeumUCfqvo7/Hjvw3Oax6FT3QzjFkSEzhi3LsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBReFwOed6ZVSr7HJmr+8lFedx4OQDAfBgNVHSMEGDAWgBTag03x2vp/5urT
YLPudaKTGvH/6TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
LzJvTk44ZHI2Zi1icTAyQ3o3bldpa3hyeF8tay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmMvYjViNGU3LThhNjgtNDY2ZC05ZmM1LTA3NWRjNDYwNGFlZi8x
L1hoY0RubmVtVlVxLXh5WnFfdkpSWG5jZURrQS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmMv
YjViNGU3LThhNjgtNDY2ZC05ZmM1LTA3NWRjNDYwNGFlZi8xLzJvTk44ZHI2Zi1i
cTAyQ3o3bldpa3hyeF8tay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALnD5zANBgkqhkiG9w0BAQsFAAOC
AQEAl6H1pUciVSV9XzLEZkj53YzAfclCwI1XDI6LjKdU52bnvjP71XqJBQT0YgyF
hGe43GKaQvaeFPdJDOe64Pfj/nfcGhLMF9oH9YUf03ooQem8QsKeBW9ktqlyOd/f
B1LRv/czagIVrKH65Cn0VueRwyxM/9mnE+wDrbm7eMBTb52+hySJiKNrHM1O3KRy
SE9625KZeRGp/mMupJCYO0WIWJMhT+BFj8pdvBPLTzOeilHQIixOUxsFe6q2nmpP
+tS6agPbytyNLuRjWstYWMVu4h+wEna9EkW6vUTGlr3aVO6kTVDDA3AjuqRzv4ZP
uypjoDJ4Jb3FJPgobg+GPDuWEQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:00 2025 by rpki-client