Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/b1e63b-01ab-4c05-84a7-45e1c77a18c0/1/XGhQhLa17pltR3kzOYx6XJO_UzU.roa
File: XGhQhLa17pltR3kzOYx6XJO_UzU.roa (raw, json)
Hash identifier: iZ85uRUFSof5LzM9s8noOSU+NUw1vbwGaVmMV9kWV+0=
Subject key identifier: 5C:68:50:84:B6:B5:EE:99:6D:47:79:33:39:8C:7A:5C:93:BF:53:35
Certificate issuer: /CN=71d39d6c50dd309ee9286c302dfb15245bdbaf23
Certificate serial: 018570DE50AAA022FA4147F9FC3CB3326543
Authority key identifier: 71:D3:9D:6C:50:DD:30:9E:E9:28:6C:30:2D:FB:15:24:5B:DB:AF:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cdOdbFDdMJ7pKGwwLfsVJFvbryM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/b1e63b-01ab-4c05-84a7-45e1c77a18c0/1/XGhQhLa17pltR3kzOYx6XJO_UzU.roa
Signing time: Mon 02 Jan 2023 05:04:55 +0000
ROA not before: Mon 02 Jan 2023 05:04:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58333
IP address blocks: 193.35.62.0/24 maxlen: 24
193.222.51.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:de:50:aa:a0:22:fa:41:47:f9:fc:3c:b3:32:65:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71d39d6c50dd309ee9286c302dfb15245bdbaf23
Validity
Not Before: Jan 2 05:04:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c685084b6b5ee996d477933398c7a5c93bf5335
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:4a:cc:b3:c0:6e:9c:a1:ad:05:9b:01:6c:91:
06:f3:fa:6a:ef:b9:94:7b:41:9d:3a:8f:79:7c:58:
08:16:da:44:c6:44:f0:9d:33:9c:15:82:6d:35:bd:
0e:a0:9d:05:18:79:86:0d:d0:c5:9e:2b:a0:17:7e:
0e:8e:c9:f0:b7:4e:46:15:e9:34:39:b6:61:8d:95:
be:45:81:df:3a:24:e4:dc:11:aa:43:49:e4:fa:e1:
57:64:6f:8e:f3:5d:9e:15:79:ee:32:a8:7b:67:f6:
1a:81:d7:86:c0:22:96:4e:b6:1a:39:d5:68:11:55:
5c:5a:05:49:e9:b8:83:7c:02:b6:f8:0d:61:aa:fd:
02:bd:fd:e0:f4:25:fb:50:bb:8f:fb:b7:37:70:a0:
9e:74:de:2f:b3:76:f4:73:47:43:9b:fb:c9:ac:af:
2d:7b:4d:ad:65:7a:ca:c2:d3:1b:25:9d:87:7e:e8:
6c:64:e0:68:6e:55:cc:e8:fb:8d:c7:a9:93:4c:f9:
66:5e:21:50:42:5d:71:18:77:00:9c:e4:07:d3:f7:
d0:ec:a9:ae:99:90:64:69:f3:0f:f2:34:c6:bb:94:
d2:28:f0:07:54:bb:d7:bd:b3:cf:97:ed:a0:21:75:
0a:7a:fc:2e:4f:6f:53:57:60:cd:0c:18:2d:b8:ac:
2e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:68:50:84:B6:B5:EE:99:6D:47:79:33:39:8C:7A:5C:93:BF:53:35
X509v3 Authority Key Identifier:
keyid:71:D3:9D:6C:50:DD:30:9E:E9:28:6C:30:2D:FB:15:24:5B:DB:AF:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cdOdbFDdMJ7pKGwwLfsVJFvbryM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b1e63b-01ab-4c05-84a7-45e1c77a18c0/1/XGhQhLa17pltR3kzOYx6XJO_UzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/b1e63b-01ab-4c05-84a7-45e1c77a18c0/1/cdOdbFDdMJ7pKGwwLfsVJFvbryM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.35.62.0/24
193.222.51.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:df:3c:58:b2:9c:25:21:35:c2:d4:1d:01:a9:a9:ed:6d:28:
9c:f2:ed:f2:20:bb:35:9e:13:15:5d:f0:f8:38:2f:bf:d2:df:
1a:22:4d:b5:3d:ae:14:87:dc:6a:ff:06:60:4b:f0:28:c3:1f:
26:b4:a5:16:7f:b4:d4:9e:4a:72:30:77:a5:7a:e7:04:0d:73:
dc:65:8c:ff:5f:fe:53:4d:6f:d4:56:1b:a3:d4:97:52:e4:cc:
12:b7:96:60:cf:55:17:c1:99:57:31:3d:f5:8b:d2:7e:0a:07:
9e:b3:2b:c1:7a:30:c5:ab:fb:fb:4d:3f:28:f8:4b:37:04:ed:
2e:4a:49:6d:26:bf:9e:ce:34:b8:d4:dd:f5:40:ca:0b:df:2a:
28:d8:33:64:79:ae:26:c0:37:c2:86:8d:bd:3f:f5:39:0d:ad:
7b:b4:b7:28:2e:e2:05:c4:00:c6:99:da:df:c4:ef:1d:9e:f6:
83:55:eb:b2:9f:a6:83:b9:cf:99:51:63:26:fb:77:ab:43:1f:
05:53:92:06:cf:52:7e:66:0c:07:f1:3d:4a:2e:55:55:d7:eb:
9d:1d:b4:a7:22:50:2d:e9:f4:38:e3:b3:a1:32:4c:60:a4:2c:
1e:88:14:f1:3b:32:3e:b2:25:12:5d:d6:9c:5a:f9:e5:07:f8:
9e:c0:b1:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVw3lCqoCL6QUf5/DyzMmVDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxZDM5ZDZjNTBkZDMwOWVlOTI4NmMzMDJkZmIxNTI0NWJk
YmFmMjMwHhcNMjMwMTAyMDUwNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzY4NTA4NGI2YjVlZTk5NmQ0Nzc5MzMzOThjN2E1YzkzYmY1MzM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhErMs8BunKGtBZsBbJEG8/pq77mU
e0GdOo95fFgIFtpExkTwnTOcFYJtNb0OoJ0FGHmGDdDFniugF34Ojsnwt05GFek0
ObZhjZW+RYHfOiTk3BGqQ0nk+uFXZG+O812eFXnuMqh7Z/YagdeGwCKWTrYaOdVo
EVVcWgVJ6biDfAK2+A1hqv0Cvf3g9CX7ULuP+7c3cKCedN4vs3b0c0dDm/vJrK8t
e02tZXrKwtMbJZ2HfuhsZOBoblXM6PuNx6mTTPlmXiFQQl1xGHcAnOQH0/fQ7Kmu
mZBkafMP8jTGu5TSKPAHVLvXvbPPl+2gIXUKevwuT29TV2DNDBgtuKwuvwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFxoUIS2te6ZbUd5MzmMelyTv1M1MB8GA1UdIwQY
MBaAFHHTnWxQ3TCe6ShsMC37FSRb268jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2RPZGJGRGRNSjdwS0d3d0xmc1ZKRnZicnlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9iMWU2M2ItMDFhYi00YzA1LTg0YTct
NDVlMWM3N2ExOGMwLzEvWEdoUWhMYTE3cGx0UjNrek9ZeDZYSk9fVXpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9iMWU2M2ItMDFhYi00YzA1LTg0YTctNDVlMWM3N2ExOGMw
LzEvY2RPZGJGRGRNSjdwS0d3d0xmc1ZKRnZicnlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwSM+AwQA
wd4zMA0GCSqGSIb3DQEBCwUAA4IBAQB73zxYspwlITXC1B0BqantbSic8u3yILs1
nhMVXfD4OC+/0t8aIk21Pa4Uh9xq/wZgS/Aowx8mtKUWf7TUnkpyMHeleucEDXPc
ZYz/X/5TTW/UVhuj1JdS5MwSt5Zgz1UXwZlXMT31i9J+CgeesyvBejDFq/v7TT8o
+Es3BO0uSkltJr+ezjS41N31QMoL3yoo2DNkea4mwDfCho29P/U5Da17tLcoLuIF
xADGmdrfxO8dnvaDVeuyn6aDuc+ZUWMm+3erQx8FU5IGz1J+ZgwH8T1KLlVV1+ud
HbSnIlAt6fQ447OhMkxgpCweiBTxOzI+siUSXdacWvnlB/iewLGX
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:50:25 2025 by rpki-client