Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/Xe76KmLULqD9Q7KHvSvwLZnflKo.roa
File: Xe76KmLULqD9Q7KHvSvwLZnflKo.roa (raw, json)
Hash identifier: GdTpHEX91aHkxGxXmDNtQlXvfdQy7tDPtuSn5XMxxBg=
Subject key identifier: 5D:EE:FA:2A:62:D4:2E:A0:FD:43:B2:87:BD:2B:F0:2D:99:DF:94:AA
Certificate issuer: /CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Certificate serial: 0185703070A475F7988F8E4A4B47E6226994
Authority key identifier: 5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/Xe76KmLULqD9Q7KHvSvwLZnflKo.roa
Signing time: Mon 02 Jan 2023 01:55:00 +0000
ROA not before: Mon 02 Jan 2023 01:55:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210331
IP address blocks: 185.126.93.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:30:70:a4:75:f7:98:8f:8e:4a:4b:47:e6:22:69:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5da432a4ec3b0ac4ca4e4ecec0e9f4d46b497af0
Validity
Not Before: Jan 2 01:55:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5deefa2a62d42ea0fd43b287bd2bf02d99df94aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:cd:eb:5e:75:b8:7f:43:08:12:bd:bd:ff:f0:
25:37:09:29:bc:77:f6:e4:45:c0:11:d7:e9:29:f1:
c8:f7:b8:f3:13:ca:ef:f8:5d:6f:3a:f1:bf:d8:56:
6e:4f:17:10:f8:ef:97:72:29:ac:47:f3:6f:42:c4:
f7:3a:69:60:f2:ee:63:3c:48:59:a8:22:51:14:5b:
3c:49:ec:c0:20:10:56:5e:16:e1:9b:94:33:da:d8:
f4:33:ec:be:b8:3d:fd:f5:bc:68:d3:10:11:92:ab:
e2:e2:88:4e:2f:90:c9:7d:ad:9c:bd:e6:aa:f7:e3:
c2:fd:a5:76:ca:50:41:14:71:ef:7e:47:03:8c:fb:
d2:18:d9:14:65:33:b9:ef:62:fa:bf:97:80:e4:26:
b9:b9:1e:d6:50:7c:fb:9f:af:41:73:b6:02:84:f4:
6a:c5:28:8b:ab:59:99:cd:4f:86:1f:37:28:33:49:
a2:ec:3b:ff:52:3a:b0:d6:b4:a4:f0:31:07:38:e5:
12:7d:a7:a5:6e:6f:44:53:64:25:6b:cf:20:9f:1b:
ba:c7:eb:42:44:65:39:81:d5:ac:ee:d0:08:56:f6:
c6:36:96:37:d5:78:48:8f:ca:ca:65:65:ef:a8:27:
1c:c1:87:6b:07:c2:21:42:48:24:2e:67:ec:4b:b7:
b2:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:EE:FA:2A:62:D4:2E:A0:FD:43:B2:87:BD:2B:F0:2D:99:DF:94:AA
X509v3 Authority Key Identifier:
keyid:5D:A4:32:A4:EC:3B:0A:C4:CA:4E:4E:CE:C0:E9:F4:D4:6B:49:7A:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XaQypOw7CsTKTk7OwOn01GtJevA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/Xe76KmLULqD9Q7KHvSvwLZnflKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/9e847f-4146-4566-8c3e-1ba543eeaed7/1/XaQypOw7CsTKTk7OwOn01GtJevA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.126.93.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:57:fc:f6:69:18:35:b8:77:6a:e2:e2:d5:21:b0:e6:ae:d7:
e4:99:dd:34:af:96:0a:3f:13:6b:3c:45:e2:c4:74:75:01:ab:
a7:fa:8a:85:5d:da:60:c4:26:fa:cb:dd:3a:60:fe:a7:7e:22:
c7:84:92:6a:d2:60:64:52:6a:4b:ec:ed:d7:74:f7:89:30:d7:
40:ef:7d:85:47:c1:a9:e3:76:bd:03:c9:79:74:65:ec:7c:6a:
56:3f:1c:f8:93:0e:64:9a:e4:3e:82:3b:3d:0d:2c:eb:80:4c:
be:2b:69:d7:b8:4c:c0:cb:fd:9d:fe:28:3a:82:5c:f4:95:bc:
e2:d6:05:3c:77:ec:10:a2:49:24:44:6e:2d:51:3b:f4:38:52:
f5:ea:63:e0:b1:14:8c:d4:8b:21:6b:1e:4b:22:1b:86:ce:d4:
f2:3e:ff:c2:25:d3:87:e9:62:ae:72:1b:fe:26:82:26:87:32:
19:86:e8:dd:19:71:37:5d:96:34:cb:c9:08:a4:88:4e:a5:24:
6c:de:2b:bf:5f:73:05:a0:b5:6f:82:8b:4a:cc:3b:06:05:8d:
a9:2c:7e:0d:9a:ce:e9:9b:76:98:8a:02:e0:7e:b4:70:b0:4c:
60:07:d7:ed:5b:51:54:d8:06:fa:07:67:26:0e:85:a9:f5:57:
51:99:ff:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwMHCkdfeYj45KS0fmImmUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYTQzMmE0ZWMzYjBhYzRjYTRlNGVjZWMwZTlmNGQ0NmI0
OTdhZjAwHhcNMjMwMTAyMDE1NTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGVlZmEyYTYyZDQyZWEwZmQ0M2IyODdiZDJiZjAyZDk5ZGY5NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqM3rXnW4f0MIEr29//AlNwkpvHf2
5EXAEdfpKfHI97jzE8rv+F1vOvG/2FZuTxcQ+O+XcimsR/NvQsT3Omlg8u5jPEhZ
qCJRFFs8SezAIBBWXhbhm5Qz2tj0M+y+uD399bxo0xARkqvi4ohOL5DJfa2cveaq
9+PC/aV2ylBBFHHvfkcDjPvSGNkUZTO572L6v5eA5Ca5uR7WUHz7n69Bc7YChPRq
xSiLq1mZzU+GHzcoM0mi7Dv/Ujqw1rSk8DEHOOUSfaelbm9EU2Qla88gnxu6x+tC
RGU5gdWs7tAIVvbGNpY31XhIj8rKZWXvqCccwYdrB8IhQkgkLmfsS7ey0wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF3u+ipi1C6g/UOyh70r8C2Z35SqMB8GA1UdIwQY
MBaAFF2kMqTsOwrEyk5OzsDp9NRrSXrwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2Ut
MWJhNTQzZWVhZWQ3LzEvWGU3NkttTFVMcUQ5UTdLSHZTdndMWm5mbEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85ZTg0N2YtNDE0Ni00NTY2LThjM2UtMWJhNTQzZWVhZWQ3
LzEvWGFReXBPdzdDc1RLVGs3T3dPbjAxR3RKZXZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuX5dMA0G
CSqGSIb3DQEBCwUAA4IBAQBPV/z2aRg1uHdq4uLVIbDmrtfkmd00r5YKPxNrPEXi
xHR1Aaun+oqFXdpgxCb6y906YP6nfiLHhJJq0mBkUmpL7O3XdPeJMNdA732FR8Gp
43a9A8l5dGXsfGpWPxz4kw5kmuQ+gjs9DSzrgEy+K2nXuEzAy/2d/ig6glz0lbzi
1gU8d+wQokkkRG4tUTv0OFL16mPgsRSM1Ishax5LIhuGztTyPv/CJdOH6WKuchv+
JoImhzIZhujdGXE3XZY0y8kIpIhOpSRs3iu/X3MFoLVvgotKzDsGBY2pLH4Nms7p
m3aYigLgfrRwsExgB9ftW1FU2Ab6B2cmDoWp9VdRmf+E
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:26 2025 by rpki-client