Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/17f769-5833-4f26-93f8-ea7f218fdb50/1/XqxcwNA1x0eBX6584COPz63fIC4.roa
File: XqxcwNA1x0eBX6584COPz63fIC4.roa (raw, json)
Hash identifier: Ju4hcucCPWB5NkxQhwaCywG4AD11H7G5fG6/2560bRs=
Subject key identifier: 5E:AC:5C:C0:D0:35:C7:47:81:5F:AE:7C:E0:23:8F:CF:AD:DF:20:2E
Certificate issuer: /CN=047ee74ac490e31f1d40764f092411ee25eb1665
Certificate serial: 01856C415604EB88B7712A7F021B3D4D5CAA
Authority key identifier: 04:7E:E7:4A:C4:90:E3:1F:1D:40:76:4F:09:24:11:EE:25:EB:16:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BH7nSsSQ4x8dQHZPCSQR7iXrFmU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/17f769-5833-4f26-93f8-ea7f218fdb50/1/XqxcwNA1x0eBX6584COPz63fIC4.roa
Signing time: Sun 01 Jan 2023 07:34:59 +0000
ROA not before: Sun 01 Jan 2023 07:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200770
IP address blocks: 185.96.212.0/22 maxlen: 24
2a06:200::/29 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:41:56:04:eb:88:b7:71:2a:7f:02:1b:3d:4d:5c:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=047ee74ac490e31f1d40764f092411ee25eb1665
Validity
Not Before: Jan 1 07:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5eac5cc0d035c747815fae7ce0238fcfaddf202e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a7:d9:30:9f:69:f0:fc:8c:2e:b9:07:3f:b6:
99:c7:4f:28:b4:be:9a:24:fc:b9:e4:7b:cb:2b:8c:
06:f0:ec:06:8c:8f:fd:c2:60:fe:34:fb:66:6f:27:
89:8c:e9:18:53:ef:71:a8:7a:43:68:0a:0f:f8:0c:
8c:f6:de:b1:9c:36:24:ec:a6:5b:e6:24:53:b9:12:
a6:04:be:d4:2f:a5:f3:41:07:45:a3:5c:b9:e4:35:
2f:92:34:7f:67:19:b7:ae:76:9a:c2:80:80:4c:64:
15:ed:d8:45:d8:48:49:8b:9c:66:cc:57:e9:ee:c9:
9f:51:b8:e2:1b:26:f1:80:dc:37:99:3a:2a:b7:e2:
3a:ce:92:f1:b1:d3:86:47:96:c6:bd:7a:02:49:6a:
67:3a:2f:36:21:c8:60:1a:ca:0d:41:4d:fa:70:1a:
8c:f7:9d:3a:91:54:e3:b7:36:23:60:b2:ec:c4:fc:
f7:71:da:34:dd:fc:37:b1:14:44:97:98:a4:5c:cc:
f5:ed:6e:67:95:1b:75:c3:a5:a8:46:42:22:39:7d:
5a:66:0c:6c:fa:35:36:86:5e:dd:a1:8a:c8:4f:06:
04:e0:41:44:82:56:7e:4e:f3:17:d3:e1:78:d8:96:
37:2e:26:f1:9c:df:f8:32:f3:f5:be:8a:ac:87:db:
ed:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:AC:5C:C0:D0:35:C7:47:81:5F:AE:7C:E0:23:8F:CF:AD:DF:20:2E
X509v3 Authority Key Identifier:
keyid:04:7E:E7:4A:C4:90:E3:1F:1D:40:76:4F:09:24:11:EE:25:EB:16:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BH7nSsSQ4x8dQHZPCSQR7iXrFmU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/17f769-5833-4f26-93f8-ea7f218fdb50/1/XqxcwNA1x0eBX6584COPz63fIC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/17f769-5833-4f26-93f8-ea7f218fdb50/1/BH7nSsSQ4x8dQHZPCSQR7iXrFmU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.212.0/22
IPv6:
2a06:200::/29
Signature Algorithm: sha256WithRSAEncryption
4a:e1:21:f6:7f:14:50:12:1e:d5:d4:e2:17:fe:3e:59:45:79:
01:4e:0a:1d:ab:f7:1f:82:7f:ad:89:12:b1:d3:08:e7:e7:4f:
aa:69:9c:73:b5:e0:20:37:e2:58:37:1f:90:83:b8:f6:64:2e:
03:a8:b2:e5:11:4b:d8:80:37:a9:2f:1c:f1:c8:c5:32:04:50:
7c:2b:34:d8:6e:47:bd:c4:9a:7b:a3:b5:1a:7b:b8:20:1b:ac:
43:04:cb:9a:ce:ef:19:4b:79:ba:9b:6f:a8:a2:18:f3:12:49:
56:1a:c5:9b:de:52:bc:c4:69:9f:f6:08:d5:c8:28:69:05:df:
8d:7b:18:d0:89:40:df:46:c6:70:96:5c:e5:c5:d3:c5:3f:82:
02:1c:ab:6e:b3:e2:90:a7:19:88:eb:8f:ec:71:6b:57:26:41:
16:a7:da:0d:58:ef:64:37:7e:38:bc:dd:df:17:b4:68:22:22:
c2:dd:44:ee:69:f8:45:84:03:91:d5:cc:7c:0b:12:e9:cf:13:
f7:22:ed:27:e4:3b:65:94:0a:96:43:4b:b6:d0:ff:6f:15:54:
ea:c2:47:56:56:e5:a0:be:58:46:7a:72:26:67:06:00:0b:d2:
1b:1f:06:59:d0:a0:81:e2:51:5f:b0:30:2e:12:47:78:76:29:
48:33:68:75
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVsQVYE64i3cSp/Ahs9TVyqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0N2VlNzRhYzQ5MGUzMWYxZDQwNzY0ZjA5MjQxMWVlMjVl
YjE2NjUwHhcNMjMwMTAxMDczNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWFjNWNjMGQwMzVjNzQ3ODE1ZmFlN2NlMDIzOGZjZmFkZGYyMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqfZMJ9p8PyMLrkHP7aZx08otL6a
JPy55HvLK4wG8OwGjI/9wmD+NPtmbyeJjOkYU+9xqHpDaAoP+AyM9t6xnDYk7KZb
5iRTuRKmBL7UL6XzQQdFo1y55DUvkjR/Zxm3rnaawoCATGQV7dhF2EhJi5xmzFfp
7smfUbjiGybxgNw3mToqt+I6zpLxsdOGR5bGvXoCSWpnOi82IchgGsoNQU36cBqM
9506kVTjtzYjYLLsxPz3cdo03fw3sRREl5ikXMz17W5nlRt1w6WoRkIiOX1aZgxs
+jU2hl7doYrITwYE4EFEglZ+TvMX0+F42JY3LibxnN/4MvP1voqsh9vtbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF6sXMDQNcdHgV+ufOAjj8+t3yAuMB8GA1UdIwQY
MBaAFAR+50rEkOMfHUB2TwkkEe4l6xZlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkg3blNzU1E0eDhkUUhaUENTUVI3aVhyRm1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xN2Y3NjktNTgzMy00ZjI2LTkzZjgt
ZWE3ZjIxOGZkYjUwLzEvWHF4Y3dOQTF4MGVCWDY1ODRDT1B6NjNmSUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xN2Y3NjktNTgzMy00ZjI2LTkzZjgtZWE3ZjIxOGZkYjUw
LzEvQkg3blNzU1E0eDhkUUhaUENTUVI3aVhyRm1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWDUMA0E
AgACMAcDBQMqBgIAMA0GCSqGSIb3DQEBCwUAA4IBAQBK4SH2fxRQEh7V1OIX/j5Z
RXkBTgodq/cfgn+tiRKx0wjn50+qaZxzteAgN+JYNx+Qg7j2ZC4DqLLlEUvYgDep
LxzxyMUyBFB8KzTYbke9xJp7o7Uae7ggG6xDBMuazu8ZS3m6m2+oohjzEklWGsWb
3lK8xGmf9gjVyChpBd+NexjQiUDfRsZwllzlxdPFP4ICHKtus+KQpxmI64/scWtX
JkEWp9oNWO9kN344vN3fF7RoIiLC3UTuafhFhAOR1cx8CxLpzxP3Iu0n5DtllAqW
Q0u20P9vFVTqwkdWVuWgvlhGenImZwYAC9IbHwZZ0KCB4lFfsDAuEkd4dilIM2h1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:12 2025 by rpki-client