Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/xi0bcSCBMh-bT0_U7RCHZ_5M14Q.roa
File: xi0bcSCBMh-bT0_U7RCHZ_5M14Q.roa (raw, json)
Hash identifier: dlItCxwFkVLtHvIKQhCIdOngONefgociP8Hifd+TJec=
Subject key identifier: C6:2D:1B:71:20:81:32:1F:9B:4F:4F:D4:ED:10:87:67:FE:4C:D7:84
Certificate issuer: /CN=eb091499adc769b0fba9fed3284543a7425c2351
Certificate serial: 01856D53FE527D3B7FEB6B26EE1E980BCBDB
Authority key identifier: EB:09:14:99:AD:C7:69:B0:FB:A9:FE:D3:28:45:43:A7:42:5C:23:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6wkUma3HabD7qf7TKEVDp0JcI1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/xi0bcSCBMh-bT0_U7RCHZ_5M14Q.roa
Signing time: Sun 01 Jan 2023 12:34:59 +0000
ROA not before: Sun 01 Jan 2023 12:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207727
IP address blocks: 194.165.35.0/24 maxlen: 24
194.165.38.0/24 maxlen: 24
194.165.58.0/24 maxlen: 24
194.165.56.0/24 maxlen: 24
2a10:2a80::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:53:fe:52:7d:3b:7f:eb:6b:26:ee:1e:98:0b:cb:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb091499adc769b0fba9fed3284543a7425c2351
Validity
Not Before: Jan 1 12:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c62d1b712081321f9b4f4fd4ed108767fe4cd784
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:d4:fe:6f:6e:c0:4b:82:65:7e:4e:f4:97:b8:
91:c9:34:04:e2:f0:7e:a2:39:17:c8:c7:2f:2b:f3:
dc:23:1f:67:7c:79:55:b3:66:71:a2:58:dd:17:0e:
71:c8:fb:d5:38:f5:3b:35:1f:69:59:59:d8:64:e7:
24:b2:d7:ce:81:aa:49:dd:d0:74:29:9b:79:13:98:
2d:99:02:42:45:98:29:e6:4e:b8:1e:0c:68:2c:75:
fd:a8:45:a6:02:9c:c9:bf:f5:d0:a8:39:8b:9e:27:
be:38:c0:d2:23:b3:5f:5c:fc:7a:d5:e9:75:cc:e0:
73:66:90:6f:0c:38:1a:55:3b:b5:9d:02:28:68:38:
7e:92:a3:61:3f:11:9b:3f:1c:5a:d0:70:72:8b:68:
82:4c:1b:61:5b:d7:eb:c3:fc:2a:2e:43:a5:35:4c:
93:a7:b9:3a:35:7e:8b:ae:19:0e:11:fc:13:b4:2f:
bb:e5:d6:f3:aa:2b:c4:cf:be:e4:02:ef:22:5b:7c:
c7:42:3c:ef:a4:ec:db:49:2a:7e:d2:4b:20:1e:46:
31:cb:6f:cf:03:d6:5d:4c:e4:d3:16:e0:40:29:2c:
0e:36:73:12:24:d0:37:ed:07:a4:6d:88:db:da:c2:
61:d3:83:4b:6d:5e:4a:6a:28:57:eb:c7:ea:a2:4e:
97:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:2D:1B:71:20:81:32:1F:9B:4F:4F:D4:ED:10:87:67:FE:4C:D7:84
X509v3 Authority Key Identifier:
keyid:EB:09:14:99:AD:C7:69:B0:FB:A9:FE:D3:28:45:43:A7:42:5C:23:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6wkUma3HabD7qf7TKEVDp0JcI1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/xi0bcSCBMh-bT0_U7RCHZ_5M14Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/6wkUma3HabD7qf7TKEVDp0JcI1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.35.0/24
194.165.38.0/24
194.165.56.0/24
194.165.58.0/24
IPv6:
2a10:2a80::/29
Signature Algorithm: sha256WithRSAEncryption
64:91:7d:30:73:22:c9:aa:16:aa:b7:65:f0:cc:f8:8a:17:91:
3a:3d:12:bf:ff:37:50:09:6a:89:53:6c:cf:7f:32:a7:3c:d5:
4e:d1:eb:72:84:bc:53:2c:65:2c:a7:ef:57:90:c4:dd:b7:7e:
83:63:b1:74:bf:db:af:59:25:05:33:07:d0:fa:c8:92:6d:3c:
68:21:54:0b:fb:37:ff:e5:6a:9b:37:c4:02:9f:01:b1:77:b9:
72:4f:b7:b3:ed:4c:f1:c5:fc:ac:45:ca:c4:84:9e:88:1a:7e:
8b:71:f4:0e:b6:00:42:25:4c:aa:3b:c8:3f:b5:66:82:2c:d6:
dc:12:60:34:8d:ad:db:18:bc:bf:d7:1b:cc:c4:65:53:25:ca:
0f:74:62:05:fe:cb:4a:97:34:4a:c0:5f:56:c3:ce:d1:16:b0:
f9:6f:a7:18:1a:ad:a6:51:82:99:8d:62:13:83:e7:62:65:fe:
20:5a:a3:8e:72:e6:57:26:43:67:c5:54:bf:b5:bb:fd:c2:61:
85:b2:c8:7b:88:3f:e9:4a:a3:a3:26:04:d7:af:2c:55:92:a3:
b5:e0:80:dd:78:5e:e9:c2:bc:39:b1:43:37:36:89:db:f9:f5:
cf:45:10:68:2b:ac:77:c9:64:6b:5c:4a:02:4e:70:54:23:dd:
ff:92:ca:e6
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYVtU/5SfTt/62sm7h6YC8vbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMDkxNDk5YWRjNzY5YjBmYmE5ZmVkMzI4NDU0M2E3NDI1
YzIzNTEwHhcNMjMwMTAxMTIzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjJkMWI3MTIwODEzMjFmOWI0ZjRmZDRlZDEwODc2N2ZlNGNkNzg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6tT+b27AS4Jlfk70l7iRyTQE4vB+
ojkXyMcvK/PcIx9nfHlVs2ZxoljdFw5xyPvVOPU7NR9pWVnYZOckstfOgapJ3dB0
KZt5E5gtmQJCRZgp5k64HgxoLHX9qEWmApzJv/XQqDmLnie+OMDSI7NfXPx61el1
zOBzZpBvDDgaVTu1nQIoaDh+kqNhPxGbPxxa0HByi2iCTBthW9frw/wqLkOlNUyT
p7k6NX6LrhkOEfwTtC+75dbzqivEz77kAu8iW3zHQjzvpOzbSSp+0ksgHkYxy2/P
A9ZdTOTTFuBAKSwONnMSJNA37QekbYjb2sJh04NLbV5KaihX68fqok6XzQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFMYtG3EggTIfm09P1O0Qh2f+TNeEMB8GA1UdIwQY
MBaAFOsJFJmtx2mw+6n+0yhFQ6dCXCNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNndrVW1hM0hhYkQ3cWY3VEtFVkRwMEpjSTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hZDQ2YTUtZjkwMC00YWQxLWIyMjkt
ZTE4NDM1ZTQzMmRjLzEveGkwYmNTQ0JNaC1iVDBfVTdSQ0haXzVNMTRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9hZDQ2YTUtZjkwMC00YWQxLWIyMjktZTE4NDM1ZTQzMmRj
LzEvNndrVW1hM0hhYkQ3cWY3VEtFVkRwMEpjSTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwqUjAwQA
wqUmAwQAwqU4AwQAwqU6MA0EAgACMAcDBQMqECqAMA0GCSqGSIb3DQEBCwUAA4IB
AQBkkX0wcyLJqhaqt2XwzPiKF5E6PRK//zdQCWqJU2zPfzKnPNVO0etyhLxTLGUs
p+9XkMTdt36DY7F0v9uvWSUFMwfQ+siSbTxoIVQL+zf/5WqbN8QCnwGxd7lyT7ez
7UzxxfysRcrEhJ6IGn6LcfQOtgBCJUyqO8g/tWaCLNbcEmA0ja3bGLy/1xvMxGVT
JcoPdGIF/stKlzRKwF9Ww87RFrD5b6cYGq2mUYKZjWITg+diZf4gWqOOcuZXJkNn
xVS/tbv9wmGFssh7iD/pSqOjJgTXryxVkqO14IDdeF7pwrw5sUM3Nonb+fXPRRBo
K6x3yWRrXEoCTnBUI93/ksrm
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:58 2025 by rpki-client