Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/XluQltUIy1neye8PWOR81cwhOuE.roa
File: XluQltUIy1neye8PWOR81cwhOuE.roa (raw, json)
Hash identifier: +mlcax3vsoFKcEz+O1AfQb6PPmhovdIGo4X0Ke9lfJk=
Subject key identifier: 5E:5B:90:96:D5:08:CB:59:DE:C9:EF:0F:58:E4:7C:D5:CC:21:3A:E1
Certificate issuer: /CN=208de3ad18dd0ae14362d0e84dec043d379cc242
Certificate serial: 018737FB632D35A15B7E83F1F3D0AAA165EF
Authority key identifier: 20:8D:E3:AD:18:DD:0A:E1:43:62:D0:E8:4D:EC:04:3D:37:9C:C2:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/II3jrRjdCuFDYtDoTewEPTecwkI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/XluQltUIy1neye8PWOR81cwhOuE.roa
Signing time: Fri 31 Mar 2023 14:03:54 +0000
ROA not before: Fri 31 Mar 2023 14:03:54 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9121
IP address blocks: 212.127.96.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:37:fb:63:2d:35:a1:5b:7e:83:f1:f3:d0:aa:a1:65:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=208de3ad18dd0ae14362d0e84dec043d379cc242
Validity
Not Before: Mar 31 14:03:54 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e5b9096d508cb59dec9ef0f58e47cd5cc213ae1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6a:09:9c:d9:19:9f:ed:f8:5b:96:e4:34:71:
3d:c2:85:b5:c7:23:5c:ef:15:d5:10:86:0c:2d:9a:
f2:6a:4d:91:93:b3:7e:94:88:de:3f:a1:38:01:22:
56:56:7f:10:85:78:0e:1a:ad:07:02:8c:a4:96:54:
85:b1:19:7f:3e:57:47:01:8f:f0:d3:0f:52:35:7b:
34:e3:0f:bb:c4:68:a9:e6:a5:2d:11:f6:8d:99:4b:
6c:50:0b:22:b6:f8:8a:fe:66:48:42:91:80:a8:4f:
b9:8a:bd:dc:99:23:17:89:6c:cb:c0:60:91:70:71:
8e:26:25:66:0c:da:72:6a:c7:9a:5b:a4:f7:59:79:
01:c5:c3:47:f2:29:85:09:3f:30:f5:6a:a5:d0:76:
cf:0a:7f:c1:75:c6:d3:b3:07:73:92:ab:87:0f:f9:
33:56:cc:c7:df:2c:d2:95:a8:47:cf:f5:13:8c:9b:
38:35:c2:d3:cb:ea:26:3c:76:55:d4:16:62:84:a0:
11:95:2d:02:fe:c2:b8:37:4a:cd:88:3c:50:60:6b:
48:af:05:01:e7:07:91:73:bb:77:96:13:b5:cb:64:
bf:7a:5c:be:cb:39:d2:d7:90:27:57:de:fc:e2:da:
bd:3d:c7:a7:3f:97:ba:6b:12:e6:b0:1b:f2:c0:7b:
a2:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:5B:90:96:D5:08:CB:59:DE:C9:EF:0F:58:E4:7C:D5:CC:21:3A:E1
X509v3 Authority Key Identifier:
keyid:20:8D:E3:AD:18:DD:0A:E1:43:62:D0:E8:4D:EC:04:3D:37:9C:C2:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/II3jrRjdCuFDYtDoTewEPTecwkI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/XluQltUIy1neye8PWOR81cwhOuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/61094a-9469-4299-89f2-bdf6e4294c2e/1/II3jrRjdCuFDYtDoTewEPTecwkI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.127.96.0/19
Signature Algorithm: sha256WithRSAEncryption
00:e8:fd:db:d6:39:f1:a0:21:1c:ed:71:b6:4a:49:a7:11:3e:
bf:08:ca:eb:bb:72:c7:6b:39:f9:4d:f6:28:d4:b4:14:6a:81:
cf:3e:0a:ac:ec:c6:1d:63:93:28:6c:f1:b8:58:7e:75:c6:f1:
21:ea:b6:59:47:49:53:d4:44:ee:e7:92:f3:21:54:cf:fa:40:
6a:b3:f1:56:21:76:82:c2:9b:a6:83:10:5b:d1:85:2c:d7:95:
0a:61:79:1d:12:cd:57:62:4e:6c:06:26:8b:08:a7:8b:77:32:
0d:92:80:fb:26:73:ae:3d:87:96:4e:f9:c5:fc:97:8b:2b:fc:
4f:e2:0b:3c:ad:27:d2:75:69:e7:7d:47:b5:e0:65:a1:0b:c5:
b4:71:a8:da:fa:72:f5:a4:03:2f:f5:2f:21:32:41:4c:8c:af:
16:6e:19:8f:38:be:5e:dc:97:06:19:30:29:a1:3f:d6:b5:f6:
9c:01:6e:28:d3:db:ef:c7:15:00:08:fb:b6:d2:b4:73:81:46:
e5:70:8a:3e:d0:0d:86:20:cf:52:d5:ec:f9:85:a3:a6:9e:a8:
9b:86:b4:2b:42:df:52:61:a3:e0:9e:d1:86:37:e4:69:47:3c:
81:73:18:31:b3:6c:ac:a1:08:81:bc:76:d2:f5:49:62:f8:e6:
d4:6d:80:a6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYc3+2MtNaFbfoPx89CqoWXvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwOGRlM2FkMThkZDBhZTE0MzYyZDBlODRkZWMwNDNkMzc5
Y2MyNDIwHhcNMjMwMzMxMTQwMzU0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTViOTA5NmQ1MDhjYjU5ZGVjOWVmMGY1OGU0N2NkNWNjMjEzYWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGoJnNkZn+34W5bkNHE9woW1xyNc
7xXVEIYMLZryak2Rk7N+lIjeP6E4ASJWVn8QhXgOGq0HAoykllSFsRl/PldHAY/w
0w9SNXs04w+7xGip5qUtEfaNmUtsUAsitviK/mZIQpGAqE+5ir3cmSMXiWzLwGCR
cHGOJiVmDNpyaseaW6T3WXkBxcNH8imFCT8w9Wql0HbPCn/BdcbTswdzkquHD/kz
VszH3yzSlahHz/UTjJs4NcLTy+omPHZV1BZihKARlS0C/sK4N0rNiDxQYGtIrwUB
5weRc7t3lhO1y2S/ely+yznS15AnV9784tq9PcenP5e6axLmsBvywHuiEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5bkJbVCMtZ3snvD1jkfNXMITrhMB8GA1UdIwQY
MBaAFCCN460Y3QrhQ2LQ6E3sBD03nMJCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUkzanJSamRDdUZEWXREb1Rld0VQVGVjd2tJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS82MTA5NGEtOTQ2OS00Mjk5LTg5ZjIt
YmRmNmU0Mjk0YzJlLzEvWGx1UWx0VUl5MW5leWU4UFdPUjgxY3doT3VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS82MTA5NGEtOTQ2OS00Mjk5LTg5ZjItYmRmNmU0Mjk0YzJl
LzEvSUkzanJSamRDdUZEWXREb1Rld0VQVGVjd2tJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQF1H9gMA0G
CSqGSIb3DQEBCwUAA4IBAQAA6P3b1jnxoCEc7XG2SkmnET6/CMrru3LHazn5TfYo
1LQUaoHPPgqs7MYdY5MobPG4WH51xvEh6rZZR0lT1ETu55LzIVTP+kBqs/FWIXaC
wpumgxBb0YUs15UKYXkdEs1XYk5sBiaLCKeLdzINkoD7JnOuPYeWTvnF/JeLK/xP
4gs8rSfSdWnnfUe14GWhC8W0caja+nL1pAMv9S8hMkFMjK8WbhmPOL5e3JcGGTAp
oT/WtfacAW4o09vvxxUACPu20rRzgUblcIo+0A2GIM9S1ez5haOmnqibhrQrQt9S
YaPgntGGN+RpRzyBcxgxs2ysoQiBvHbS9Uli+ObUbYCm
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:03:36 2025 by rpki-client