Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/XTz1LjlKlS32XkHmQEmErdt25GU.roa
File: XTz1LjlKlS32XkHmQEmErdt25GU.roa (raw, json)
Hash identifier: jbA2uO1Ue4J0aleBFBDGm2Ed1X4G51W82uWn9DhttIo=
Subject key identifier: 5D:3C:F5:2E:39:4A:95:2D:F6:5E:41:E6:40:49:84:AD:DB:76:E4:65
Certificate issuer: /CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Certificate serial: 01856E5D72CB1AEC763818A652490C4C187F
Authority key identifier: 16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/XTz1LjlKlS32XkHmQEmErdt25GU.roa
Signing time: Sun 01 Jan 2023 17:24:55 +0000
ROA not before: Sun 01 Jan 2023 17:24:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209193
IP address blocks: 93.191.114.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:5d:72:cb:1a:ec:76:38:18:a6:52:49:0c:4c:18:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1697c46eafa10ec5d907bb05e37123b692ab494c
Validity
Not Before: Jan 1 17:24:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d3cf52e394a952df65e41e6404984addb76e465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:02:ff:8f:6a:ef:e7:ff:f0:4a:54:f5:2a:9c:
82:9e:6c:4f:a9:fd:fe:19:fe:f5:d5:32:10:6a:95:
44:d4:72:5a:be:71:34:3b:79:dc:e3:82:bd:ea:03:
99:63:33:1e:60:df:b0:9f:f7:6f:f1:1c:44:c1:6d:
4e:7f:79:db:f3:c7:e8:74:13:c8:c3:ea:78:68:2f:
15:9e:ef:a7:bf:fd:9d:f6:d0:bd:88:7f:21:a4:b1:
5a:41:22:bf:f5:ff:f2:63:98:c7:b4:64:eb:b0:08:
69:c8:14:12:4d:3b:49:f5:e8:13:87:c3:f9:57:3f:
d4:3a:9d:f5:04:7a:37:e7:05:74:fc:91:19:09:6d:
df:78:4b:17:21:2d:7a:47:c0:b1:4d:05:70:c8:0e:
0c:15:ec:b1:39:80:8a:d7:ad:01:d7:f7:6b:a1:9b:
df:1f:9c:74:76:ca:93:ef:97:55:17:d5:db:d8:fe:
fc:b2:d0:b9:07:b3:e3:3e:18:7e:00:40:dc:d0:ce:
de:16:94:e7:07:30:98:1a:5e:ad:00:0b:d6:85:9c:
d1:ef:a5:80:56:0a:83:cf:ed:49:2b:6c:49:02:7d:
d3:ae:09:36:ec:6d:14:c2:ca:a1:e5:6f:bc:fa:7d:
09:eb:77:10:33:d7:55:eb:8d:46:43:d7:1f:6f:fc:
0a:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:3C:F5:2E:39:4A:95:2D:F6:5E:41:E6:40:49:84:AD:DB:76:E4:65
X509v3 Authority Key Identifier:
keyid:16:97:C4:6E:AF:A1:0E:C5:D9:07:BB:05:E3:71:23:B6:92:AB:49:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FpfEbq-hDsXZB7sF43EjtpKrSUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/XTz1LjlKlS32XkHmQEmErdt25GU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d0992d-93fa-4846-a495-76522c207c55/1/FpfEbq-hDsXZB7sF43EjtpKrSUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.191.114.0/24
Signature Algorithm: sha256WithRSAEncryption
26:2a:ab:ad:1e:65:7e:06:bb:84:5b:42:b6:9c:ae:a0:2b:bd:
ef:ce:f4:8e:26:45:b2:37:94:97:24:75:3f:f5:2b:d2:f8:2b:
d8:f7:30:bc:d9:c2:1c:b8:a5:70:49:f5:fb:8e:b5:15:6c:68:
3a:78:f2:99:63:4b:e0:7a:a5:75:43:6b:76:eb:be:8b:67:c1:
f5:80:7d:21:db:3d:92:ba:09:e8:e7:2f:47:af:e0:c3:5b:0f:
c5:7e:e6:19:d5:2c:5b:95:ce:97:7a:47:09:cd:ab:1e:1e:81:
56:e1:99:2e:93:f3:37:7b:b1:a3:f2:ee:d3:b5:f1:ae:88:b8:
d9:5d:21:81:bd:24:3e:e5:19:3c:48:5c:54:80:8b:5f:93:95:
5e:e3:6f:6e:d7:20:9c:a4:7b:3f:31:8c:ad:37:0e:49:ab:1b:
88:f3:2f:a7:f6:5c:c4:57:70:ec:1c:4e:88:a0:9a:6f:93:26:
e9:02:8b:73:e1:e3:95:5d:65:cd:a4:5f:da:80:b2:d4:49:72:
7e:fb:ef:5f:cf:34:ff:91:4b:3e:9a:00:67:eb:cd:d2:00:f2:
c9:bd:51:65:ea:4d:25:ab:a6:44:9f:35:ae:3c:73:8f:16:32:
7c:9b:fa:63:67:07:01:17:cc:82:21:66:17:8f:59:17:2c:40:
11:b7:81:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuXXLLGux2OBimUkkMTBh/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2OTdjNDZlYWZhMTBlYzVkOTA3YmIwNWUzNzEyM2I2OTJh
YjQ5NGMwHhcNMjMwMTAxMTcyNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDNjZjUyZTM5NGE5NTJkZjY1ZTQxZTY0MDQ5ODRhZGRiNzZlNDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgAL/j2rv5//wSlT1KpyCnmxPqf3+
Gf711TIQapVE1HJavnE0O3nc44K96gOZYzMeYN+wn/dv8RxEwW1Of3nb88fodBPI
w+p4aC8Vnu+nv/2d9tC9iH8hpLFaQSK/9f/yY5jHtGTrsAhpyBQSTTtJ9egTh8P5
Vz/UOp31BHo35wV0/JEZCW3feEsXIS16R8CxTQVwyA4MFeyxOYCK160B1/droZvf
H5x0dsqT75dVF9Xb2P78stC5B7PjPhh+AEDc0M7eFpTnBzCYGl6tAAvWhZzR76WA
VgqDz+1JK2xJAn3Trgk27G0Uwsqh5W+8+n0J63cQM9dV641GQ9cfb/wKvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF089S45SpUt9l5B5kBJhK3bduRlMB8GA1UdIwQY
MBaAFBaXxG6voQ7F2Qe7BeNxI7aSq0lMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUt
NzY1MjJjMjA3YzU1LzEvWFR6MUxqbEtsUzMyWGtIbVFFbUVyZHQyNUdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kMDk5MmQtOTNmYS00ODQ2LWE0OTUtNzY1MjJjMjA3YzU1
LzEvRnBmRWJxLWhEc1haQjdzRjQzRWp0cEtyU1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXb9yMA0G
CSqGSIb3DQEBCwUAA4IBAQAmKqutHmV+BruEW0K2nK6gK73vzvSOJkWyN5SXJHU/
9SvS+CvY9zC82cIcuKVwSfX7jrUVbGg6ePKZY0vgeqV1Q2t2676LZ8H1gH0h2z2S
ugno5y9Hr+DDWw/FfuYZ1Sxblc6XekcJzaseHoFW4Zkuk/M3e7Gj8u7TtfGuiLjZ
XSGBvSQ+5Rk8SFxUgItfk5Ve429u1yCcpHs/MYytNw5JqxuI8y+n9lzEV3DsHE6I
oJpvkybpAotz4eOVXWXNpF/agLLUSXJ+++9fzzT/kUs+mgBn683SAPLJvVFl6k0l
q6ZEnzWuPHOPFjJ8m/pjZwcBF8yCIWYXj1kXLEARt4FV
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:05 2025 by rpki-client