Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/xxBTNO0cXp7f-TsnVYEftgE4oEg.roa
File: xxBTNO0cXp7f-TsnVYEftgE4oEg.roa (raw, json)
Hash identifier: aLeJhmH3pyXhi905wFSgiLQNM+4n/gwjPAmMIH8KNmE=
Subject key identifier: C7:10:53:34:ED:1C:5E:9E:DF:F9:3B:27:55:81:1F:B6:01:38:A0:48
Certificate issuer: /CN=0a84e473aa564eb51a7e7eb8b18f14ac0cbc2c9c
Certificate serial: 0185708CBF0E02521C3FC1FC953B269A72C2
Authority key identifier: 0A:84:E4:73:AA:56:4E:B5:1A:7E:7E:B8:B1:8F:14:AC:0C:BC:2C:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoTkc6pWTrUafn64sY8UrAy8LJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/xxBTNO0cXp7f-TsnVYEftgE4oEg.roa
Signing time: Mon 02 Jan 2023 03:35:50 +0000
ROA not before: Mon 02 Jan 2023 03:35:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200000
IP address blocks: 91.222.136.0/22 maxlen: 22
194.247.12.0/23 maxlen: 23
91.206.200.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:bf:0e:02:52:1c:3f:c1:fc:95:3b:26:9a:72:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a84e473aa564eb51a7e7eb8b18f14ac0cbc2c9c
Validity
Not Before: Jan 2 03:35:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c7105334ed1c5e9edff93b2755811fb60138a048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:24:f2:cb:07:a9:d2:7b:e6:22:57:c6:b4:ec:
f6:f4:94:63:9e:b2:74:4c:6f:86:69:e1:96:72:b5:
50:55:d7:1c:35:97:13:7c:ce:dc:23:72:dc:3c:18:
4f:8c:25:8f:6b:1a:b1:5b:82:7a:6c:fb:f4:dc:ae:
4d:ce:7a:77:49:3f:46:54:93:54:94:9b:7a:1a:a2:
58:a1:84:7b:6a:61:b1:68:c9:44:13:ac:9c:88:22:
f8:3f:c6:c7:29:5b:f4:b6:24:ab:e2:5f:92:8c:44:
15:87:32:b1:77:47:29:96:da:4b:0a:44:ae:5e:08:
ca:78:18:97:05:85:b9:96:e0:86:cb:1c:e6:dc:7b:
c4:18:2f:9a:67:5c:4d:6d:1c:12:8c:47:e1:e9:df:
be:e0:52:8d:d1:90:4c:bf:30:fb:1f:bb:ac:f8:65:
9b:9a:d2:27:f7:78:13:e7:1e:eb:ba:d4:95:5f:5f:
53:19:86:82:81:f2:91:cf:b0:60:35:03:2c:98:23:
00:bb:92:c6:ea:6d:d6:cf:d7:28:20:2e:15:1f:40:
35:b6:3e:9c:ea:d7:2a:25:51:ad:79:b9:2b:7e:71:
63:5a:67:8f:cf:ae:ac:ff:9e:2b:cd:0e:08:57:ce:
60:91:56:48:4f:f9:90:82:ea:e8:c2:20:2c:be:34:
8a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:10:53:34:ED:1C:5E:9E:DF:F9:3B:27:55:81:1F:B6:01:38:A0:48
X509v3 Authority Key Identifier:
keyid:0A:84:E4:73:AA:56:4E:B5:1A:7E:7E:B8:B1:8F:14:AC:0C:BC:2C:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoTkc6pWTrUafn64sY8UrAy8LJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/xxBTNO0cXp7f-TsnVYEftgE4oEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/CoTkc6pWTrUafn64sY8UrAy8LJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.200.0/23
91.222.136.0/22
194.247.12.0/23
Signature Algorithm: sha256WithRSAEncryption
74:94:40:62:b5:8f:19:27:53:80:48:9a:d4:53:24:2c:1f:e8:
fa:c8:74:7d:ab:02:f0:83:69:42:5e:f2:97:ce:3f:72:ec:3a:
a3:85:af:26:24:85:7e:9b:38:3a:2b:24:45:17:60:f0:5b:68:
df:40:05:28:6d:98:f2:db:73:04:fd:36:f3:69:b2:db:ff:ed:
f3:de:8f:2a:81:08:e0:88:5e:3d:c5:b5:33:69:5b:0e:06:2a:
af:11:96:25:e7:c2:03:db:86:2c:ee:1f:49:06:54:83:11:f6:
52:40:30:db:51:31:03:e2:51:da:3a:e8:fd:dd:a5:bb:e2:ea:
a9:67:d9:07:dd:5d:53:68:29:bb:a4:70:9d:3f:c4:c4:6e:56:
bb:4d:19:cb:13:3e:9a:9e:a7:e8:a4:5a:f1:24:d4:09:e8:52:
78:8d:82:2c:19:30:45:c4:12:8a:b4:4e:8c:7a:fe:52:b9:23:
5f:9c:31:5b:9f:92:db:10:71:38:b6:df:9e:71:67:1c:d7:dc:
41:0a:a3:e2:a5:26:38:a5:6c:3a:4a:58:aa:fe:eb:e7:ae:48:
ba:21:d7:85:8d:88:de:37:2e:07:08:8c:c0:54:13:73:54:7b:
53:fa:8f:e7:14:11:29:dd:da:a0:4b:b6:76:42:84:33:16:11:
44:7d:64:e2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYVwjL8OAlIcP8H8lTsmmnLCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODRlNDczYWE1NjRlYjUxYTdlN2ViOGIxOGYxNGFjMGNi
YzJjOWMwHhcNMjMwMTAyMDMzNTUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzEwNTMzNGVkMWM1ZTllZGZmOTNiMjc1NTgxMWZiNjAxMzhhMDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqiTyywep0nvmIlfGtOz29JRjnrJ0
TG+GaeGWcrVQVdccNZcTfM7cI3LcPBhPjCWPaxqxW4J6bPv03K5Nznp3ST9GVJNU
lJt6GqJYoYR7amGxaMlEE6yciCL4P8bHKVv0tiSr4l+SjEQVhzKxd0cpltpLCkSu
XgjKeBiXBYW5luCGyxzm3HvEGC+aZ1xNbRwSjEfh6d++4FKN0ZBMvzD7H7us+GWb
mtIn93gT5x7rutSVX19TGYaCgfKRz7BgNQMsmCMAu5LG6m3Wz9coIC4VH0A1tj6c
6tcqJVGtebkrfnFjWmePz66s/54rzQ4IV85gkVZIT/mQgurowiAsvjSKjwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMcQUzTtHF6e3/k7J1WBH7YBOKBIMB8GA1UdIwQY
MBaAFAqE5HOqVk61Gn5+uLGPFKwMvCycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29Ua2M2cFdUclVhZm42NHNZOFVyQXk4TEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZDAyNDUtNzg1NS00MDMxLTk2NDgt
NTQ2MjhkZmNiYTRjLzEveHhCVE5PMGNYcDdmLVRzblZZRWZ0Z0U0b0VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZDAyNDUtNzg1NS00MDMxLTk2NDgtNTQ2MjhkZmNiYTRj
LzEvQ29Ua2M2cFdUclVhZm42NHNZOFVyQXk4TEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW87IAwQC
W96IAwQBwvcMMA0GCSqGSIb3DQEBCwUAA4IBAQB0lEBitY8ZJ1OASJrUUyQsH+j6
yHR9qwLwg2lCXvKXzj9y7Dqjha8mJIV+mzg6KyRFF2DwW2jfQAUobZjy23ME/Tbz
abLb/+3z3o8qgQjgiF49xbUzaVsOBiqvEZYl58ID24Ys7h9JBlSDEfZSQDDbUTED
4lHaOuj93aW74uqpZ9kH3V1TaCm7pHCdP8TEbla7TRnLEz6anqfopFrxJNQJ6FJ4
jYIsGTBFxBKKtE6Mev5SuSNfnDFbn5LbEHE4tt+ecWcc19xBCqPipSY4pWw6Sliq
/uvnrki6IdeFjYjeNy4HCIzAVBNzVHtT+o/nFBEp3dqgS7Z2QoQzFhFEfWTi
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:08:57 2025 by rpki-client