Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/XhaY30jvBzt3xgA25B1XAL62XFY.roa
File: XhaY30jvBzt3xgA25B1XAL62XFY.roa (raw, json)
Hash identifier: iZRihvOCZkIJG9fuTQYepCGZ/kwHxGSZQOxboukOxFo=
Subject key identifier: 5E:16:98:DF:48:EF:07:3B:77:C6:00:36:E4:1D:57:00:BE:B6:5C:56
Certificate issuer: /CN=27516d20ebefd12f072d413c4d2606bdb258691a
Certificate serial: 018972CD0A29C648B5F04740F9BD366A4DF0
Authority key identifier: 27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/XhaY30jvBzt3xgA25B1XAL62XFY.roa
Signing time: Thu 20 Jul 2023 10:16:27 +0000
ROA not before: Thu 20 Jul 2023 10:16:27 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5089
IP address blocks: 185.190.45.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:72:cd:0a:29:c6:48:b5:f0:47:40:f9:bd:36:6a:4d:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27516d20ebefd12f072d413c4d2606bdb258691a
Validity
Not Before: Jul 20 10:16:27 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e1698df48ef073b77c60036e41d5700beb65c56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:71:05:57:d4:b3:1a:c2:d6:25:c2:e6:4d:b2:
7a:3c:7b:4f:c3:be:fb:00:63:90:f6:dc:a3:d8:e5:
3b:23:1b:81:a7:4d:69:3c:dd:f2:fb:b6:d7:50:cb:
71:fd:e1:92:be:5a:53:34:39:a2:ff:4b:3d:a2:d6:
d8:6f:7e:8a:34:dd:d4:77:40:c6:1c:48:9e:4e:a6:
1e:a1:f5:c7:56:a0:45:60:9b:b7:17:cc:67:a4:f6:
b8:41:a6:dc:85:80:76:7c:18:ed:87:c8:d2:6e:10:
6b:21:1d:45:27:55:90:92:4f:78:f0:07:17:3c:82:
32:94:b9:29:cf:7e:03:7c:0a:4e:43:eb:63:40:df:
18:a2:9e:32:26:3f:9c:18:5b:7b:ec:13:1d:e6:5e:
9d:88:07:e9:ce:7f:e2:b9:57:3f:7b:50:66:44:67:
a0:58:50:39:f2:65:45:0f:2b:82:b0:c4:59:9e:ab:
d4:c1:6d:0f:ea:f8:7e:e3:de:e3:0c:18:71:06:5c:
8c:48:61:51:17:a9:ea:5f:b3:fa:64:18:dc:5c:be:
4e:c1:dd:f2:9d:5c:74:66:99:8d:de:0b:fc:cf:7d:
31:6b:25:c4:30:11:43:36:93:ec:98:1e:43:2b:9a:
cc:38:d6:ba:5d:2b:a3:e1:9b:e7:f3:53:ab:60:13:
8e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:16:98:DF:48:EF:07:3B:77:C6:00:36:E4:1D:57:00:BE:B6:5C:56
X509v3 Authority Key Identifier:
keyid:27:51:6D:20:EB:EF:D1:2F:07:2D:41:3C:4D:26:06:BD:B2:58:69:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J1FtIOvv0S8HLUE8TSYGvbJYaRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/XhaY30jvBzt3xgA25B1XAL62XFY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/59d808-154f-42ae-af8f-790244508df4/1/J1FtIOvv0S8HLUE8TSYGvbJYaRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.45.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:b7:f2:7f:21:ac:cc:26:34:d4:00:80:29:ce:10:b0:8c:0f:
5a:14:b3:94:5f:6b:61:6e:45:41:da:62:75:58:4b:f6:13:e9:
e7:66:46:c1:7b:bb:97:dd:9b:50:09:39:9b:19:38:13:fa:69:
ff:ee:0c:89:cc:d9:2e:c4:20:92:af:4a:93:5c:bd:d2:99:88:
44:45:4b:1f:b8:ca:ff:6f:c1:9e:ac:c0:03:27:d8:7c:c6:7d:
d2:a9:3a:94:ad:90:12:25:e3:e8:a0:84:41:c2:d5:36:77:84:
92:c1:62:a9:68:3d:5d:6f:a2:5b:42:0c:6b:32:dc:9f:d8:92:
53:52:83:05:42:1d:cc:9e:f6:44:6d:b6:75:6b:a1:7b:57:18:
10:bb:42:71:30:5b:ea:7c:31:8d:2e:13:46:43:e3:5c:a9:51:
b5:ad:db:fb:f3:0a:c5:48:43:5c:03:cf:a7:e4:91:e6:ea:3c:
59:01:e7:c2:a9:5a:ae:07:f5:5e:1b:18:6b:cb:8b:e9:d6:e6:
8f:ad:f8:a7:3a:a3:a0:c3:4a:d3:31:f3:37:37:99:e3:32:31:
71:df:a3:36:32:03:0a:e0:c9:7f:56:0a:4e:fd:07:ec:2e:2c:
61:17:77:9e:56:af:30:d3:02:02:6e:0f:53:29:94:71:c9:57:
27:a6:da:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlyzQopxki18EdA+b02ak3wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NTE2ZDIwZWJlZmQxMmYwNzJkNDEzYzRkMjYwNmJkYjI1
ODY5MWEwHhcNMjMwNzIwMTAxNjI3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE2OThkZjQ4ZWYwNzNiNzdjNjAwMzZlNDFkNTcwMGJlYjY1YzU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinEFV9SzGsLWJcLmTbJ6PHtPw777
AGOQ9tyj2OU7IxuBp01pPN3y+7bXUMtx/eGSvlpTNDmi/0s9otbYb36KNN3Ud0DG
HEieTqYeofXHVqBFYJu3F8xnpPa4QabchYB2fBjth8jSbhBrIR1FJ1WQkk948AcX
PIIylLkpz34DfApOQ+tjQN8Yop4yJj+cGFt77BMd5l6diAfpzn/iuVc/e1BmRGeg
WFA58mVFDyuCsMRZnqvUwW0P6vh+497jDBhxBlyMSGFRF6nqX7P6ZBjcXL5Owd3y
nVx0ZpmN3gv8z30xayXEMBFDNpPsmB5DK5rMONa6XSuj4Zvn81OrYBOO9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4WmN9I7wc7d8YANuQdVwC+tlxWMB8GA1UdIwQY
MBaAFCdRbSDr79EvBy1BPE0mBr2yWGkaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYt
NzkwMjQ0NTA4ZGY0LzEvWGhhWTMwanZCenQzeGdBMjVCMVhBTDYyWEZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy81OWQ4MDgtMTU0Zi00MmFlLWFmOGYtNzkwMjQ0NTA4ZGY0
LzEvSjFGdElPdnYwUzhITFVFOFRTWUd2YkpZYVJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub4tMA0G
CSqGSIb3DQEBCwUAA4IBAQA/t/J/IazMJjTUAIApzhCwjA9aFLOUX2thbkVB2mJ1
WEv2E+nnZkbBe7uX3ZtQCTmbGTgT+mn/7gyJzNkuxCCSr0qTXL3SmYhERUsfuMr/
b8GerMADJ9h8xn3SqTqUrZASJePooIRBwtU2d4SSwWKpaD1db6JbQgxrMtyf2JJT
UoMFQh3MnvZEbbZ1a6F7VxgQu0JxMFvqfDGNLhNGQ+NcqVG1rdv78wrFSENcA8+n
5JHm6jxZAefCqVquB/VeGxhry4vp1uaPrfinOqOgw0rTMfM3N5njMjFx36M2MgMK
4Ml/VgpO/QfsLixhF3eeVq8w0wICbg9TKZRxyVcnptpD
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:51:22 2025 by rpki-client