Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XPahPBpOUpKepTepWXgK0p0Y6-U.roa
File: XPahPBpOUpKepTepWXgK0p0Y6-U.roa (raw, json)
Hash identifier: NsZXTU2ASPYBQOvMYxrvXJbjKprmDViLBCwZS5TcTgs=
Subject key identifier: 5C:F6:A1:3C:1A:4E:52:92:9E:A5:37:A9:59:78:0A:D2:9D:18:EB:E5
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 08CB272C
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XPahPBpOUpKepTepWXgK0p0Y6-U.roa
Signing time: Sat 01 Jan 2022 07:04:36 +0000
ROA not before: Sat 01 Jan 2022 07:04:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 395092
IP address blocks: 193.38.249.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 147531564 (0x8cb272c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Jan 1 07:04:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5cf6a13c1a4e52929ea537a959780ad29d18ebe5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b6:f7:df:bf:ed:a6:5f:8a:7b:c6:f3:8b:dc:
f0:45:3b:06:94:2b:55:05:bb:37:fb:79:29:c8:9c:
bf:97:8b:51:da:96:f2:29:50:4d:12:dd:e1:7f:58:
0b:c9:a6:c6:1c:a8:87:c8:58:09:40:54:d0:8d:7a:
b9:be:6e:d7:5b:07:55:ee:a0:cd:ec:24:b4:c8:6a:
74:15:4c:4e:f2:66:42:af:a0:2c:36:b9:d5:95:e9:
78:b4:55:ae:83:d4:b8:75:2c:ec:68:11:a6:00:bc:
dd:cc:79:53:6c:f4:c8:22:e4:a7:9e:cc:a8:65:f3:
6d:a1:c3:33:99:39:ee:b6:fa:5e:aa:20:cf:d9:dc:
57:a6:fe:e0:f1:76:a9:4d:2d:4d:ff:88:9f:56:68:
00:35:0a:7a:d3:bc:18:ee:64:a6:d8:36:00:28:58:
6d:4d:03:e3:5f:22:08:48:cb:8e:1f:7a:fc:38:7e:
1d:e6:25:12:dd:73:6b:2d:80:ce:3e:66:c8:1e:60:
53:e7:ab:63:69:15:d2:fb:c7:ff:22:2f:23:3b:41:
16:0a:f5:83:dd:4b:d0:75:46:1d:d7:fc:6c:38:00:
2c:c7:19:41:a7:b4:c5:65:6f:ec:98:74:9b:c0:91:
b5:0f:c4:4a:52:52:ed:33:b4:58:d0:e9:37:0a:a6:
be:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:F6:A1:3C:1A:4E:52:92:9E:A5:37:A9:59:78:0A:D2:9D:18:EB:E5
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/XPahPBpOUpKepTepWXgK0p0Y6-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.249.0/24
Signature Algorithm: sha256WithRSAEncryption
73:2c:40:c5:66:18:d0:f7:74:76:d3:ea:f0:eb:3f:c1:71:7b:
4f:f5:66:b6:e6:1a:f2:a3:dc:c7:8e:f7:fd:0d:a4:5c:01:e0:
43:5e:b0:79:29:07:e1:30:25:4e:d0:fc:40:68:b8:20:fc:0e:
01:52:82:df:10:a3:43:6b:67:fc:4b:8d:a2:47:40:51:fa:0d:
0b:94:19:85:5b:97:9c:98:05:d4:46:98:ed:62:6c:a3:f3:52:
ff:7e:79:57:9f:ec:f4:e1:57:55:e8:b1:af:b5:a3:c2:35:6d:
8e:04:93:78:97:ea:b3:32:0b:eb:86:e0:d4:ea:eb:b4:77:60:
e2:b2:5a:31:c3:f9:52:6a:84:48:45:3d:9d:a9:c3:5b:43:ef:
01:b0:3c:cc:af:29:6a:f2:08:82:0c:26:9b:64:dc:bc:17:b6:
f4:04:2b:94:ff:21:12:2f:25:06:80:d7:fa:6e:38:3f:2a:75:
5e:ae:cd:e4:d5:df:26:6d:ff:93:09:f1:22:34:9b:c2:6e:d3:
f7:5f:29:b4:08:e2:d4:9a:fd:aa:8f:16:89:64:88:fd:d2:82:
f2:b6:1d:10:13:89:e3:4b:33:dc:44:1d:71:16:dd:5e:70:58:
a9:2f:83:33:35:0e:cf:54:32:4f:66:20:04:dd:19:03:d0:43:
10:85:34:00
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECMsnLDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
ZjhhZWEyZjAyNWY0OTViZWFjZWU3Y2U1YTg4MjA1MTlkZGExMzcwMB4XDTIyMDEw
MTA3MDQzNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWNmNmExM2MxYTRl
NTI5MjllYTUzN2E5NTk3ODBhZDI5ZDE4ZWJlNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALW299+/7aZfinvG84vc8EU7BpQrVQW7N/t5Kcicv5eLUdqW
8ilQTRLd4X9YC8mmxhyoh8hYCUBU0I16ub5u11sHVe6gzewktMhqdBVMTvJmQq+g
LDa51ZXpeLRVroPUuHUs7GgRpgC83cx5U2z0yCLkp57MqGXzbaHDM5k57rb6Xqog
z9ncV6b+4PF2qU0tTf+In1ZoADUKetO8GO5kptg2AChYbU0D418iCEjLjh96/Dh+
HeYlEt1zay2Azj5myB5gU+erY2kV0vvH/yIvIztBFgr1g91L0HVGHdf8bDgALMcZ
Qae0xWVv7Jh0m8CRtQ/ESlJS7TO0WNDpNwqmvkkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRc9qE8Gk5Skp6lN6lZeArSnRjr5TAfBgNVHSMEGDAWgBRPiuovAl9JW+rO
585aiCBRndoTcDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1Q0cnFMd0pmU1Z2cXp1Zk9Xb2dnVVozYUUzQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTUvZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8x
L1hQYWhQQnBPVXBLZXBUZXBXWGdLMHAwWTYtVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTUv
ZWI3MGEzLTE3ZTEtNGQ4Ni04YjllLTYwODA5NTJmMGUwNC8xL1Q0cnFMd0pmU1Z2
cXp1Zk9Xb2dnVVozYUUzQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMEm+TANBgkqhkiG9w0BAQsFAAOC
AQEAcyxAxWYY0Pd0dtPq8Os/wXF7T/VmtuYa8qPcx473/Q2kXAHgQ16weSkH4TAl
TtD8QGi4IPwOAVKC3xCjQ2tn/EuNokdAUfoNC5QZhVuXnJgF1EaY7WJso/NS/355
V5/s9OFXVeixr7WjwjVtjgSTeJfqszIL64bg1OrrtHdg4rJaMcP5UmqESEU9nanD
W0PvAbA8zK8pavIIggwmm2TcvBe29AQrlP8hEi8lBoDX+m44Pyp1Xq7N5NXfJm3/
kwnxIjSbwm7T918ptAji1Jr9qo8WiWSI/dKC8rYdEBOJ40sz3EQdcRbdXnBYqS+D
MzUOz1QyT2YgBN0ZA9BDEIU0AA==
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:09:27 2023 by rpki-client on console-ams.rpki-client.org