Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/XnSh-zaIjyT1Q0vZhe2Q5T33TMM.roa
File: XnSh-zaIjyT1Q0vZhe2Q5T33TMM.roa (raw, json)
Hash identifier: dFrtKDakdFC/YRwqMayP+3+TF0LFJtFU10qbzkZ0Row=
Subject key identifier: 5E:74:A1:FB:36:88:8F:24:F5:43:4B:D9:85:ED:90:E5:3D:F7:4C:C3
Certificate issuer: /CN=30683cffa061f28a9e1135c9fc30376a6474cbf4
Certificate serial: 01856C1C8A47E7E8CB534665BAFBCE243925
Authority key identifier: 30:68:3C:FF:A0:61:F2:8A:9E:11:35:C9:FC:30:37:6A:64:74:CB:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/XnSh-zaIjyT1Q0vZhe2Q5T33TMM.roa
Signing time: Sun 01 Jan 2023 06:54:47 +0000
ROA not before: Sun 01 Jan 2023 06:54:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 19905
IP address blocks: 212.82.233.0/24 maxlen: 24
2a00:1798:6::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:1c:8a:47:e7:e8:cb:53:46:65:ba:fb:ce:24:39:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=30683cffa061f28a9e1135c9fc30376a6474cbf4
Validity
Not Before: Jan 1 06:54:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e74a1fb36888f24f5434bd985ed90e53df74cc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d4:ef:95:c9:6b:5d:9c:5a:21:4d:20:a0:b7:
51:90:9e:84:f4:21:4e:22:67:b2:fb:95:99:0d:b3:
94:52:8c:7d:fc:78:9c:cd:a8:29:3a:a9:f5:33:38:
2f:6d:a9:de:dc:da:06:35:50:a2:e1:f7:81:47:3a:
bf:cb:0a:47:63:83:3d:bc:5a:02:1c:ba:ad:e8:ed:
80:ea:40:9d:68:44:90:66:d2:01:fc:c6:42:92:8f:
44:a8:b8:8b:2f:11:8e:2f:4f:8a:0b:ad:43:77:05:
25:7b:5e:d9:7a:31:40:aa:d7:8b:53:81:f1:46:24:
c9:60:e4:34:e8:d5:0f:aa:22:56:5b:18:00:67:22:
86:19:20:29:16:87:f6:53:94:6e:78:fc:16:e1:91:
a9:09:6a:d3:63:d1:0e:bc:35:d0:7f:d7:86:0b:4f:
f1:7d:fe:2d:d0:35:ca:63:36:52:5c:3a:0b:d8:3f:
e8:e9:f6:28:06:98:f2:3f:d7:29:16:81:9c:42:2d:
a3:a5:ec:21:f8:58:8e:dc:1d:3b:4f:58:d9:59:92:
f0:2c:01:d8:d5:02:48:dc:5a:56:83:a9:4e:35:79:
eb:89:3a:6f:25:40:a1:f9:fd:a0:4e:82:6f:48:6b:
a4:c8:15:5d:41:07:69:ea:ea:ac:d0:e4:65:e9:a0:
de:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:74:A1:FB:36:88:8F:24:F5:43:4B:D9:85:ED:90:E5:3D:F7:4C:C3
X509v3 Authority Key Identifier:
keyid:30:68:3C:FF:A0:61:F2:8A:9E:11:35:C9:FC:30:37:6A:64:74:CB:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/XnSh-zaIjyT1Q0vZhe2Q5T33TMM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/01f6ed-7b86-4f76-828f-4e19239f0c35/1/MGg8_6Bh8oqeETXJ_DA3amR0y_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.82.233.0/24
IPv6:
2a00:1798:6::/48
Signature Algorithm: sha256WithRSAEncryption
03:b1:b5:06:1a:97:da:64:7e:e0:03:f8:c9:e8:83:ce:a8:17:
e7:7d:7c:1a:c3:f3:3c:00:05:7c:0b:65:d7:61:ee:08:92:d5:
05:cc:29:6f:b9:81:1c:6c:39:32:20:fc:62:e5:66:ff:59:0e:
1f:5f:5e:e5:65:23:0a:b1:4d:ff:53:07:d5:61:92:02:13:0a:
cb:c4:4b:0a:25:64:f9:82:78:b1:61:0a:82:17:15:57:28:79:
ec:c1:a3:a4:e9:c5:a1:34:f0:ec:3f:e2:65:a7:4a:5a:9e:9d:
ec:83:e1:dd:93:b4:e9:e9:fb:1b:90:bb:90:6d:ca:8e:2e:66:
64:a5:ca:5f:da:33:41:3c:36:46:c6:98:2e:f1:39:9d:0f:d0:
97:f6:dc:0f:46:2f:0f:cc:fa:a2:0e:b0:0f:3a:24:98:98:11:
2c:d6:bc:96:fe:81:86:f4:a2:8d:ec:f3:8f:cc:8a:b3:cc:f3:
40:73:8e:a7:af:98:27:57:69:07:a6:1b:cc:3c:65:7a:11:2e:
00:9a:5c:4a:1e:9a:04:c1:94:f0:29:f2:95:1e:c3:90:67:eb:
ee:0a:9f:44:6d:77:66:a6:fa:25:6b:1e:6e:a4:c2:f9:17:c6:
c2:e7:e5:e8:b2:57:89:3b:9a:29:05:70:a4:ea:a2:8a:e0:60:
aa:0c:9b:24
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYVsHIpH5+jLU0ZluvvOJDklMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNjgzY2ZmYTA2MWYyOGE5ZTExMzVjOWZjMzAzNzZhNjQ3
NGNiZjQwHhcNMjMwMTAxMDY1NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc0YTFmYjM2ODg4ZjI0ZjU0MzRiZDk4NWVkOTBlNTNkZjc0Y2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNTvlclrXZxaIU0goLdRkJ6E9CFO
Imey+5WZDbOUUox9/HiczagpOqn1Mzgvbane3NoGNVCi4feBRzq/ywpHY4M9vFoC
HLqt6O2A6kCdaESQZtIB/MZCko9EqLiLLxGOL0+KC61DdwUle17ZejFAqteLU4Hx
RiTJYOQ06NUPqiJWWxgAZyKGGSApFof2U5RuePwW4ZGpCWrTY9EOvDXQf9eGC0/x
ff4t0DXKYzZSXDoL2D/o6fYoBpjyP9cpFoGcQi2jpewh+FiO3B07T1jZWZLwLAHY
1QJI3FpWg6lONXnriTpvJUCh+f2gToJvSGukyBVdQQdp6uqs0ORl6aDeIQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFF50ofs2iI8k9UNL2YXtkOU990zDMB8GA1UdIwQY
MBaAFDBoPP+gYfKKnhE1yfwwN2pkdMv0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUdnOF82Qmg4b3FlRVRYSl9EQTNhbVIweV9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS8wMWY2ZWQtN2I4Ni00Zjc2LTgyOGYt
NGUxOTIzOWYwYzM1LzEvWG5TaC16YUlqeVQxUTB2WmhlMlE1VDMzVE1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS8wMWY2ZWQtN2I4Ni00Zjc2LTgyOGYtNGUxOTIzOWYwYzM1
LzEvTUdnOF82Qmg4b3FlRVRYSl9EQTNhbVIweV9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQA1FLpMA8E
AgACMAkDBwAqABeYAAYwDQYJKoZIhvcNAQELBQADggEBAAOxtQYal9pkfuAD+Mno
g86oF+d9fBrD8zwABXwLZddh7giS1QXMKW+5gRxsOTIg/GLlZv9ZDh9fXuVlIwqx
Tf9TB9VhkgITCsvESwolZPmCeLFhCoIXFVcoeezBo6TpxaE08Ow/4mWnSlqeneyD
4d2TtOnp+xuQu5Btyo4uZmSlyl/aM0E8NkbGmC7xOZ0P0Jf23A9GLw/M+qIOsA86
JJiYESzWvJb+gYb0oo3s84/MirPM80BzjqevmCdXaQemG8w8ZXoRLgCaXEoemgTB
lPAp8pUew5Bn6+4Kn0Rtd2am+iVrHm6kwvkXxsLn5eiyV4k7mikFcKTqoorgYKoM
myQ=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:26 2025 by rpki-client