Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/64db24-bc36-4ca1-ab02-b139b2a3fe49/1/xanJihPmvz1RG4WHTFec794Qe2Q.roa
File: xanJihPmvz1RG4WHTFec794Qe2Q.roa (raw, json)
Hash identifier: 1D/SX0tzkxoE2AUqup8NtjNlgJHBpHbZi2bvPenvLSc=
Subject key identifier: C5:A9:C9:8A:13:E6:BF:3D:51:1B:85:87:4C:57:9C:EF:DE:10:7B:64
Certificate issuer: /CN=90c3cae86555687324319d1226938c703ee4edc1
Certificate serial: 018C121F2AEE0A78BBD5F27A654C26F82B3F
Authority key identifier: 90:C3:CA:E8:65:55:68:73:24:31:9D:12:26:93:8C:70:3E:E4:ED:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kMPK6GVVaHMkMZ0SJpOMcD7k7cE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/64db24-bc36-4ca1-ab02-b139b2a3fe49/1/xanJihPmvz1RG4WHTFec794Qe2Q.roa
Signing time: Mon 27 Nov 2023 18:51:21 +0000
ROA not before: Mon 27 Nov 2023 18:51:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202392
IP address blocks: 194.62.149.0/24 maxlen: 24
194.62.148.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:12:1f:2a:ee:0a:78:bb:d5:f2:7a:65:4c:26:f8:2b:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90c3cae86555687324319d1226938c703ee4edc1
Validity
Not Before: Nov 27 18:51:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5a9c98a13e6bf3d511b85874c579cefde107b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:3e:76:57:30:21:9a:d7:6c:7a:2e:c5:df:ff:
65:d9:e8:86:92:f7:f7:5c:26:0b:f1:15:22:05:bb:
fc:40:fd:88:75:a7:ab:f1:7a:f8:66:8c:d5:20:02:
33:dc:ac:42:60:9b:cf:4c:2d:55:38:55:e0:19:75:
1c:27:74:0c:6a:cb:a7:24:ab:8b:3e:22:2b:5e:9b:
4f:aa:88:be:6f:2b:02:8a:f5:08:81:f8:04:04:95:
fd:9c:16:74:c4:3f:5a:90:68:78:23:26:7a:04:0e:
d3:7e:56:d9:88:1e:e4:f3:37:f0:b6:d4:d8:36:cc:
98:0c:36:f2:75:57:c3:7f:64:45:44:a8:fc:c1:a8:
d9:92:89:1c:1b:33:c6:a9:bf:27:2d:e9:9d:09:c3:
51:5b:69:2a:29:ee:eb:4c:34:b2:1c:a1:48:6d:ee:
ea:5b:5f:51:a5:78:db:e4:95:71:7e:24:8b:3d:f9:
9b:3f:8f:7f:df:74:9c:6f:47:66:04:2d:2c:16:cc:
f3:cb:eb:cd:fe:06:b2:38:28:98:8e:72:ce:50:26:
53:97:32:01:01:8e:3e:5d:c7:8a:0c:e4:f5:39:b7:
e0:e1:40:7a:87:71:cf:6b:2f:17:4e:fa:b7:42:c5:
d5:2a:8c:56:82:38:3f:97:25:e9:45:31:80:b4:34:
31:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A9:C9:8A:13:E6:BF:3D:51:1B:85:87:4C:57:9C:EF:DE:10:7B:64
X509v3 Authority Key Identifier:
keyid:90:C3:CA:E8:65:55:68:73:24:31:9D:12:26:93:8C:70:3E:E4:ED:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kMPK6GVVaHMkMZ0SJpOMcD7k7cE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/64db24-bc36-4ca1-ab02-b139b2a3fe49/1/xanJihPmvz1RG4WHTFec794Qe2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/64db24-bc36-4ca1-ab02-b139b2a3fe49/1/kMPK6GVVaHMkMZ0SJpOMcD7k7cE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.148.0/23
Signature Algorithm: sha256WithRSAEncryption
41:10:0e:ea:fa:41:05:c5:a8:6a:22:2e:55:cb:ae:49:c7:f1:
5d:d2:8d:f6:26:b6:a2:06:69:09:d2:da:52:e4:35:01:ab:13:
de:c7:2a:bb:81:5a:e5:f3:15:3a:b8:9b:11:90:ea:94:5e:4a:
17:48:b1:48:24:37:c6:46:37:5b:ee:7f:a9:f2:4c:52:6c:e6:
30:cd:3d:1b:17:f5:bd:20:2b:d2:84:8f:1e:e8:0f:1d:d6:f9:
32:65:08:02:52:4f:e9:31:4d:e9:61:68:d6:4a:2d:0b:1c:f3:
41:10:8a:f2:24:13:9e:37:85:d4:10:c8:ca:09:12:0d:76:34:
15:3f:01:3b:3c:38:f4:ff:69:b9:8b:00:88:da:47:5d:66:52:
e6:24:6e:22:a1:d9:7b:aa:c8:22:2b:fd:e2:31:a4:11:03:3b:
88:e6:c2:01:9f:70:0a:97:97:82:3b:be:d1:c6:6e:6e:cf:2c:
b0:0b:f2:f5:ae:e4:94:1f:08:08:9b:f7:f3:b1:32:5d:14:7f:
76:23:77:26:16:ee:31:d5:d1:56:83:1b:78:49:43:b8:bf:89:
24:ad:87:5b:39:79:29:64:71:ed:17:9d:bf:70:c0:a8:2f:6b:
61:ac:4d:d9:9c:f5:72:41:81:d4:aa:ae:a6:7a:f6:5a:22:d2:
aa:a3:66:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYwSHyruCni71fJ6ZUwm+Cs/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwYzNjYWU4NjU1NTY4NzMyNDMxOWQxMjI2OTM4YzcwM2Vl
NGVkYzEwHhcNMjMxMTI3MTg1MTIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWE5Yzk4YTEzZTZiZjNkNTExYjg1ODc0YzU3OWNlZmRlMTA3YjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlj52VzAhmtdsei7F3/9l2eiGkvf3
XCYL8RUiBbv8QP2Idaer8Xr4ZozVIAIz3KxCYJvPTC1VOFXgGXUcJ3QMasunJKuL
PiIrXptPqoi+bysCivUIgfgEBJX9nBZ0xD9akGh4IyZ6BA7TflbZiB7k8zfwttTY
NsyYDDbydVfDf2RFRKj8wajZkokcGzPGqb8nLemdCcNRW2kqKe7rTDSyHKFIbe7q
W19RpXjb5JVxfiSLPfmbP49/33Scb0dmBC0sFszzy+vN/gayOCiYjnLOUCZTlzIB
AY4+XceKDOT1Obfg4UB6h3HPay8XTvq3QsXVKoxWgjg/lyXpRTGAtDQxjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWpyYoT5r89URuFh0xXnO/eEHtkMB8GA1UdIwQY
MBaAFJDDyuhlVWhzJDGdEiaTjHA+5O3BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva01QSzZHVlZhSE1rTVowU0pwT01jRDdrN2NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC82NGRiMjQtYmMzNi00Y2ExLWFiMDIt
YjEzOWIyYTNmZTQ5LzEveGFuSmloUG12ejFSRzRXSFRGZWM3OTRRZTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC82NGRiMjQtYmMzNi00Y2ExLWFiMDItYjEzOWIyYTNmZTQ5
LzEva01QSzZHVlZhSE1rTVowU0pwT01jRDdrN2NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwj6UMA0G
CSqGSIb3DQEBCwUAA4IBAQBBEA7q+kEFxahqIi5Vy65Jx/Fd0o32JraiBmkJ0tpS
5DUBqxPexyq7gVrl8xU6uJsRkOqUXkoXSLFIJDfGRjdb7n+p8kxSbOYwzT0bF/W9
ICvShI8e6A8d1vkyZQgCUk/pMU3pYWjWSi0LHPNBEIryJBOeN4XUEMjKCRINdjQV
PwE7PDj0/2m5iwCI2kddZlLmJG4iodl7qsgiK/3iMaQRAzuI5sIBn3AKl5eCO77R
xm5uzyywC/L1ruSUHwgIm/fzsTJdFH92I3cmFu4x1dFWgxt4SUO4v4kkrYdbOXkp
ZHHtF52/cMCoL2thrE3ZnPVyQYHUqq6mevZaItKqo2Yh
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:19 2025 by rpki-client