Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/XRdOS2az7z_hkymfUvx1aYs8wQ0.roa
File: XRdOS2az7z_hkymfUvx1aYs8wQ0.roa (raw, json)
Hash identifier: vsaryR/xA4XxF7S94I+hbgW3Q2PidsLHlvXH5Lwr4NM=
Subject key identifier: 5D:17:4E:4B:66:B3:EF:3F:E1:93:29:9F:52:FC:75:69:8B:3C:C1:0D
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018B13ED7F32659111EE2C020288305EB2F9
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/XRdOS2az7z_hkymfUvx1aYs8wQ0.roa
Signing time: Mon 09 Oct 2023 10:13:33 +0000
ROA not before: Mon 09 Oct 2023 10:13:33 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212860
IP address blocks: 176.221.28.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:13:ed:7f:32:65:91:11:ee:2c:02:02:88:30:5e:b2:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Oct 9 10:13:33 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d174e4b66b3ef3fe193299f52fc75698b3cc10d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:26:af:9e:16:8e:33:52:03:f0:3f:de:77:bf:
ff:0e:6d:b4:07:58:7c:59:99:03:ab:91:f6:9a:10:
15:93:9a:b8:06:10:c5:44:bb:38:42:be:77:0f:29:
b8:e5:1a:77:5a:22:93:a8:2c:d0:f7:cd:64:39:82:
32:c2:97:06:d7:dc:98:2a:bc:98:76:04:fc:0e:c1:
44:00:99:d8:9a:5b:ed:70:e2:a3:c6:ee:89:7b:30:
5d:5e:fb:ed:52:cf:ae:84:f3:5b:23:65:a4:50:84:
37:a8:aa:b5:39:45:ee:3f:31:b2:27:74:b4:e8:63:
d5:6c:30:dd:c0:da:46:60:34:07:07:90:40:de:0b:
80:5f:79:d6:c1:f2:ce:6b:39:8f:5d:8c:99:bf:1f:
5e:3c:bd:7e:6e:67:f3:79:fe:d9:35:5b:42:c2:32:
ba:84:92:20:37:82:d4:e7:c8:55:88:66:a7:59:46:
34:47:bc:db:08:45:b2:29:3f:fd:0b:7f:ef:f3:96:
cf:3a:c9:3a:30:30:40:aa:20:cd:df:94:65:06:ca:
60:cd:fe:89:ee:63:78:0e:46:58:bb:6c:5b:12:03:
e2:01:8f:1c:e8:39:60:ff:2b:ca:0c:25:d5:eb:a8:
57:16:ce:d1:62:cf:b6:3c:64:c3:22:e5:61:bc:85:
6b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:17:4E:4B:66:B3:EF:3F:E1:93:29:9F:52:FC:75:69:8B:3C:C1:0D
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/XRdOS2az7z_hkymfUvx1aYs8wQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.221.28.0/23
Signature Algorithm: sha256WithRSAEncryption
03:56:a5:1b:5e:ed:85:69:ea:00:a9:c4:2b:bd:e8:26:f0:0e:
c1:c8:7a:2a:14:0b:b5:34:65:97:86:06:43:6f:89:c9:1a:60:
6b:74:90:9c:f7:f5:ba:cb:dc:9f:82:10:3c:c5:0d:29:5e:e0:
0f:46:3e:55:f0:89:6f:16:d3:d9:61:23:97:fd:e5:8a:e1:95:
44:c4:07:60:5d:89:1a:8b:d0:b4:87:88:0c:2a:89:06:e7:25:
32:ed:e7:75:bb:83:6f:ef:60:aa:b7:f4:c6:20:1b:4d:fa:8d:
70:03:f3:ae:1c:d0:cc:de:7d:59:cc:71:4c:05:c5:d7:a9:fd:
b6:bf:a8:8c:91:80:06:25:d4:84:ee:fd:7f:9f:bb:6c:54:ef:
12:3f:4d:98:8a:c6:24:af:98:31:cd:3a:8d:4b:e6:6e:5c:dd:
9a:d5:1e:e9:f5:34:51:17:f3:be:fa:4f:4c:cd:b7:63:b4:7d:
42:d1:2c:5a:65:b3:5f:54:6e:c4:c1:99:b1:9a:13:e9:80:4f:
4c:2f:89:2d:17:33:fd:65:75:cc:23:41:8d:69:96:cc:21:60:
95:44:1a:cb:cf:51:cd:44:60:3f:98:0d:c0:b3:6d:24:8c:0f:
46:a7:b0:f2:ed:c7:26:92:d9:65:df:48:cb:41:f4:7a:a2:e6:
7c:2f:55:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYsT7X8yZZER7iwCAogwXrL5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjMxMDA5MTAxMzMzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDE3NGU0YjY2YjNlZjNmZTE5MzI5OWY1MmZjNzU2OThiM2NjMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmiavnhaOM1ID8D/ed7//Dm20B1h8
WZkDq5H2mhAVk5q4BhDFRLs4Qr53Dym45Rp3WiKTqCzQ981kOYIywpcG19yYKryY
dgT8DsFEAJnYmlvtcOKjxu6JezBdXvvtUs+uhPNbI2WkUIQ3qKq1OUXuPzGyJ3S0
6GPVbDDdwNpGYDQHB5BA3guAX3nWwfLOazmPXYyZvx9ePL1+bmfzef7ZNVtCwjK6
hJIgN4LU58hViGanWUY0R7zbCEWyKT/9C3/v85bPOsk6MDBAqiDN35RlBspgzf6J
7mN4DkZYu2xbEgPiAY8c6Dlg/yvKDCXV66hXFs7RYs+2PGTDIuVhvIVrAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF0XTktms+8/4ZMpn1L8dWmLPMENMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvWFJkT1MyYXo3el9oa3ltZlV2eDFhWXM4d1EwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsN0cMA0G
CSqGSIb3DQEBCwUAA4IBAQADVqUbXu2FaeoAqcQrvegm8A7ByHoqFAu1NGWXhgZD
b4nJGmBrdJCc9/W6y9yfghA8xQ0pXuAPRj5V8IlvFtPZYSOX/eWK4ZVExAdgXYka
i9C0h4gMKokG5yUy7ed1u4Nv72Cqt/TGIBtN+o1wA/OuHNDM3n1ZzHFMBcXXqf22
v6iMkYAGJdSE7v1/n7tsVO8SP02YisYkr5gxzTqNS+ZuXN2a1R7p9TRRF/O++k9M
zbdjtH1C0SxaZbNfVG7EwZmxmhPpgE9ML4ktFzP9ZXXMI0GNaZbMIWCVRBrLz1HN
RGA/mA3As20kjA9Gp7Dy7ccmktll30jLQfR6ouZ8L1XX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:13:07 2025 by rpki-client