Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XeX_YknIJ5hLGjNZuaEGGihy98w.roa
File: XeX_YknIJ5hLGjNZuaEGGihy98w.roa (raw, json)
Hash identifier: UlzrnoX5VMBPPxYQ8kWC6Om6+m4vPJohEfV4CouYzoc=
Subject key identifier: 5D:E5:FF:62:49:C8:27:98:4B:1A:33:59:B9:A1:06:1A:28:72:F7:CC
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0184EBA9BE36ED60301C94063951A573720F
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XeX_YknIJ5hLGjNZuaEGGihy98w.roa
Signing time: Wed 07 Dec 2022 08:18:00 +0000
ROA not before: Wed 07 Dec 2022 08:18:00 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 3170
IP address blocks: 152.89.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:eb:a9:be:36:ed:60:30:1c:94:06:39:51:a5:73:72:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Dec 7 08:18:00 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5de5ff6249c827984b1a3359b9a1061a2872f7cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:33:cf:57:86:22:e8:5a:78:67:2c:0a:e3:3d:
a5:1a:6d:ff:f8:dd:b8:01:2e:77:b3:1a:9d:0e:6a:
f7:78:a9:fa:84:dc:f6:a5:d0:25:0b:48:52:63:85:
30:97:99:68:1a:b0:dd:21:b0:f7:22:44:d1:6d:b3:
67:48:d4:2e:09:8c:99:92:23:f8:d8:83:44:7e:d4:
52:77:30:b4:1e:9b:72:2e:4b:32:61:ee:0c:9d:2c:
be:58:6c:2c:af:3d:d1:7a:a4:9b:87:3f:a4:09:10:
ad:8d:b6:fc:f1:0f:c0:a5:67:9d:ef:0d:73:df:e3:
e5:49:c1:f6:29:35:73:d7:2c:96:0f:0a:c8:91:47:
be:bb:df:08:6c:5e:41:de:3d:d5:25:6f:69:1e:9e:
f2:ee:0c:26:cf:a1:0c:a7:d7:3e:58:8d:70:57:7d:
6a:0c:b8:74:40:e9:ba:ce:f4:2e:c1:84:04:91:6f:
14:48:75:2c:df:aa:e9:b5:4e:bb:7b:3a:53:09:4f:
c7:73:69:4e:f6:fd:c8:02:f4:bb:98:fb:57:15:1e:
1b:39:53:70:94:d1:86:28:c6:37:0d:f3:5d:bf:c7:
06:6e:a6:e7:ad:51:aa:73:56:19:69:86:ab:c6:04:
95:26:92:b4:7f:32:d0:67:44:3e:21:83:ec:dc:cc:
07:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:E5:FF:62:49:C8:27:98:4B:1A:33:59:B9:A1:06:1A:28:72:F7:CC
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/XeX_YknIJ5hLGjNZuaEGGihy98w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.253.0/24
Signature Algorithm: sha256WithRSAEncryption
53:26:46:f0:1c:2d:b5:6e:2b:60:99:9a:ff:b4:4e:94:0e:6f:
b5:b1:d8:50:83:9d:21:e0:ea:0f:2d:00:78:53:a0:c8:d3:70:
82:46:2b:d2:38:8c:fc:7c:cf:90:1b:c9:c9:10:d6:ca:8a:e0:
ab:8d:08:e4:f6:a7:6a:57:a0:58:40:77:9e:fe:f3:4c:38:8b:
98:9d:87:96:8e:ee:b5:37:26:ec:a1:31:ea:d4:ae:91:e5:9a:
a1:cc:71:1f:41:c6:3d:0c:3e:bc:69:4b:0a:94:52:24:6f:5a:
d7:23:9d:ae:e0:3d:34:66:c3:a8:0f:56:3c:52:b4:ed:4d:a3:
e9:57:55:83:54:78:54:c4:d2:1a:84:35:64:f3:73:e9:a9:b0:
c9:64:06:05:6f:77:78:96:c5:cb:3c:37:40:31:60:40:48:74:
83:70:9d:62:30:66:c4:f2:2d:ec:09:66:4c:e1:36:3e:50:c2:
02:92:aa:af:c0:a9:80:06:0b:20:bf:b8:d7:12:a3:70:85:5d:
d5:94:be:fc:43:bf:fb:6c:eb:de:c0:f3:6b:92:a2:00:33:70:
87:f2:6d:8e:5a:75:6e:d2:a7:70:ee:e4:9f:37:ad:51:79:d7:
52:67:88:52:a7:ce:0d:de:75:4d:74:a6:45:91:5e:cc:9a:84:
7e:5e:8e:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYTrqb427WAwHJQGOVGlc3IPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjIxMjA3MDgxODAwWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGU1ZmY2MjQ5YzgyNzk4NGIxYTMzNTliOWExMDYxYTI4NzJmN2NjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozPPV4Yi6Fp4ZywK4z2lGm3/+N24
AS53sxqdDmr3eKn6hNz2pdAlC0hSY4Uwl5loGrDdIbD3IkTRbbNnSNQuCYyZkiP4
2INEftRSdzC0HptyLksyYe4MnSy+WGwsrz3ReqSbhz+kCRCtjbb88Q/ApWed7w1z
3+PlScH2KTVz1yyWDwrIkUe+u98IbF5B3j3VJW9pHp7y7gwmz6EMp9c+WI1wV31q
DLh0QOm6zvQuwYQEkW8USHUs36rptU67ezpTCU/Hc2lO9v3IAvS7mPtXFR4bOVNw
lNGGKMY3DfNdv8cGbqbnrVGqc1YZaYarxgSVJpK0fzLQZ0Q+IYPs3MwHlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3l/2JJyCeYSxozWbmhBhoocvfMMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvWGVYX1lrbklKNWhMR2pOWnVhRUdHaWh5OTh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFn9MA0G
CSqGSIb3DQEBCwUAA4IBAQBTJkbwHC21bitgmZr/tE6UDm+1sdhQg50h4OoPLQB4
U6DI03CCRivSOIz8fM+QG8nJENbKiuCrjQjk9qdqV6BYQHee/vNMOIuYnYeWju61
NybsoTHq1K6R5ZqhzHEfQcY9DD68aUsKlFIkb1rXI52u4D00ZsOoD1Y8UrTtTaPp
V1WDVHhUxNIahDVk83PpqbDJZAYFb3d4lsXLPDdAMWBASHSDcJ1iMGbE8i3sCWZM
4TY+UMICkqqvwKmABgsgv7jXEqNwhV3VlL78Q7/7bOvewPNrkqIAM3CH8m2OWnVu
0qdw7uSfN61ReddSZ4hSp84N3nVNdKZFkV7MmoR+Xo5W
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:44:30 2023 by rpki-client on console-fra.rpki-client.org