Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d21a60-950b-4f29-a588-412ae25384df/1/xbDXNUdzlbKN-oEo7ikNLpY6Wfc.roa
File: xbDXNUdzlbKN-oEo7ikNLpY6Wfc.roa (raw, json)
Hash identifier: YCTjrSlzLLbfAqEe1GNR1kvNM/iBllcsXq4Wk90Go4g=
Subject key identifier: C5:B0:D7:35:47:73:95:B2:8D:FA:81:28:EE:29:0D:2E:96:3A:59:F7
Certificate issuer: /CN=b634918f4135a42084f1a4661e8ead9a28df8e73
Certificate serial: 018326EB6097C19AF0FE7E6BB4A765F4D93E
Authority key identifier: B6:34:91:8F:41:35:A4:20:84:F1:A4:66:1E:8E:AD:9A:28:DF:8E:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjSRj0E1pCCE8aRmHo6tmijfjnM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d21a60-950b-4f29-a588-412ae25384df/1/xbDXNUdzlbKN-oEo7ikNLpY6Wfc.roa
Signing time: Sat 10 Sep 2022 10:21:43 +0000
ROA not before: Sat 10 Sep 2022 10:21:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39855
IP address blocks: 130.255.168.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:26:eb:60:97:c1:9a:f0:fe:7e:6b:b4:a7:65:f4:d9:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b634918f4135a42084f1a4661e8ead9a28df8e73
Validity
Not Before: Sep 10 10:21:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5b0d735477395b28dfa8128ee290d2e963a59f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a4:56:c5:fe:fb:39:44:b2:df:69:9c:27:e9:
e1:02:99:1f:7c:5f:73:ab:78:e4:6e:c2:7d:e2:68:
27:67:40:53:c9:db:56:9f:bc:db:b5:4d:ac:09:c4:
2a:60:81:95:26:64:dc:33:17:34:a7:67:24:7c:be:
d8:af:e1:08:5e:f8:ac:ef:1d:1b:e4:66:65:16:e8:
8b:59:36:3e:40:d9:2a:5d:48:84:5a:78:9e:31:03:
f9:b7:fc:72:24:fa:42:72:b4:a6:e4:f5:5e:9e:d2:
f6:aa:9e:a2:a0:8a:d2:e2:0d:a9:ca:ec:91:ea:52:
1b:ce:66:07:63:29:9c:cf:ba:b1:b0:5f:23:3e:7d:
95:9c:18:e0:0e:26:08:f7:11:c9:5c:c3:33:c6:4e:
a5:6e:be:8d:7c:7c:6b:dd:c4:98:d3:a9:e0:48:97:
ec:40:e2:6b:1c:45:af:dd:45:0a:a5:a1:26:ab:58:
3f:b4:0f:e1:cf:ec:db:48:79:13:74:5b:eb:52:15:
1a:d5:6e:45:2f:6f:9e:8f:b0:c9:00:cb:ea:50:49:
f2:56:2d:5e:73:32:06:e9:64:32:24:7a:a2:93:62:
c5:3b:af:9b:87:29:86:39:00:a4:a2:e9:ac:4d:cb:
4f:60:11:dc:ed:1c:d9:30:7e:24:a9:46:ac:3a:7a:
d5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B0:D7:35:47:73:95:B2:8D:FA:81:28:EE:29:0D:2E:96:3A:59:F7
X509v3 Authority Key Identifier:
keyid:B6:34:91:8F:41:35:A4:20:84:F1:A4:66:1E:8E:AD:9A:28:DF:8E:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjSRj0E1pCCE8aRmHo6tmijfjnM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d21a60-950b-4f29-a588-412ae25384df/1/xbDXNUdzlbKN-oEo7ikNLpY6Wfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d21a60-950b-4f29-a588-412ae25384df/1/tjSRj0E1pCCE8aRmHo6tmijfjnM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.255.168.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:4a:f3:c1:11:53:3b:7e:85:3f:b4:0c:20:64:1c:fd:ae:b9:
63:0f:9f:07:f1:c7:4a:1a:6d:bb:75:97:f9:be:4f:86:84:dc:
ff:6e:03:f7:13:9a:e8:23:48:b8:3d:7d:6f:a2:fc:8a:9b:50:
e8:09:6d:c1:ed:e5:08:4b:5d:d1:2e:56:0c:cb:bb:cd:aa:7d:
66:5b:8e:f1:15:4a:05:a5:8f:e3:4f:df:de:82:a3:fd:aa:83:
1c:f3:16:15:ae:94:ab:c6:ae:68:dd:ce:b5:15:6b:c1:b0:1d:
bd:26:a5:2b:f0:8a:08:3d:d1:e4:65:e3:0e:59:9f:29:44:56:
f7:03:c5:67:fb:47:33:77:50:08:77:e6:09:b8:a3:f7:59:dd:
ed:91:b0:c5:b7:e2:2a:93:31:b5:0e:bb:2a:6f:56:1a:8d:5a:
d0:2d:f5:e9:62:ac:aa:2e:70:7d:de:3b:cd:99:92:5b:72:cd:
b3:5a:82:18:8d:c3:70:b8:86:db:2f:0d:6c:f0:24:5a:98:25:
43:9f:47:34:4d:98:8c:9c:85:e5:72:c2:91:a7:54:70:6d:e0:
58:f5:38:8d:53:30:36:02:75:4c:85:de:ee:79:54:5c:67:49:
57:a3:a7:9a:09:df:8a:9e:ef:80:43:bd:53:a6:da:bc:3a:a2:
50:79:f6:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYMm62CXwZrw/n5rtKdl9Nk+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzQ5MThmNDEzNWE0MjA4NGYxYTQ2NjFlOGVhZDlhMjhk
ZjhlNzMwHhcNMjIwOTEwMTAyMTQzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWIwZDczNTQ3NzM5NWIyOGRmYTgxMjhlZTI5MGQyZTk2M2E1OWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKRWxf77OUSy32mcJ+nhApkffF9z
q3jkbsJ94mgnZ0BTydtWn7zbtU2sCcQqYIGVJmTcMxc0p2ckfL7Yr+EIXvis7x0b
5GZlFuiLWTY+QNkqXUiEWnieMQP5t/xyJPpCcrSm5PVentL2qp6ioIrS4g2pyuyR
6lIbzmYHYymcz7qxsF8jPn2VnBjgDiYI9xHJXMMzxk6lbr6NfHxr3cSY06ngSJfs
QOJrHEWv3UUKpaEmq1g/tA/hz+zbSHkTdFvrUhUa1W5FL2+ej7DJAMvqUEnyVi1e
czIG6WQyJHqik2LFO6+bhymGOQCkoumsTctPYBHc7RzZMH4kqUasOnrV5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWw1zVHc5WyjfqBKO4pDS6WOln3MB8GA1UdIwQY
MBaAFLY0kY9BNaQghPGkZh6OrZoo345zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpTUmowRTFwQ0NFOGFSbUhvNnRtaWpmam5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kMjFhNjAtOTUwYi00ZjI5LWE1ODgt
NDEyYWUyNTM4NGRmLzEveGJEWE5VZHpsYktOLW9Fbzdpa05McFk2V2ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kMjFhNjAtOTUwYi00ZjI5LWE1ODgtNDEyYWUyNTM4NGRm
LzEvdGpTUmowRTFwQ0NFOGFSbUhvNnRtaWpmam5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgv+oMA0G
CSqGSIb3DQEBCwUAA4IBAQCsSvPBEVM7foU/tAwgZBz9rrljD58H8cdKGm27dZf5
vk+GhNz/bgP3E5roI0i4PX1vovyKm1DoCW3B7eUIS13RLlYMy7vNqn1mW47xFUoF
pY/jT9/egqP9qoMc8xYVrpSrxq5o3c61FWvBsB29JqUr8IoIPdHkZeMOWZ8pRFb3
A8Vn+0czd1AId+YJuKP3Wd3tkbDFt+IqkzG1Drsqb1YajVrQLfXpYqyqLnB93jvN
mZJbcs2zWoIYjcNwuIbbLw1s8CRamCVDn0c0TZiMnIXlcsKRp1RwbeBY9TiNUzA2
AnVMhd7ueVRcZ0lXo6eaCd+Knu+AQ71Tptq8OqJQefal
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:50:53 2023 by rpki-client on console-ams.rpki-client.org