Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/f10bc7-7c9e-4d98-8d7b-7af0a15f40b5/1/xspUlo8VIrIGMDz0ZQF-i8_LBxU.roa
File: xspUlo8VIrIGMDz0ZQF-i8_LBxU.roa (raw, json)
Hash identifier: 7RZDglkjwOM0dn3G8rONFDuU4doatOWrwJ/X9yPABzw=
Subject key identifier: C6:CA:54:96:8F:15:22:B2:06:30:3C:F4:65:01:7E:8B:CF:CB:07:15
Certificate issuer: /CN=407bc1dc2e11d491b9b85e08d01c222f9776c3cc
Certificate serial: 01856DD40295C8E17C17FC0B7F769140207C
Authority key identifier: 40:7B:C1:DC:2E:11:D4:91:B9:B8:5E:08:D0:1C:22:2F:97:76:C3:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHvB3C4R1JG5uF4I0BwiL5d2w8w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/f10bc7-7c9e-4d98-8d7b-7af0a15f40b5/1/xspUlo8VIrIGMDz0ZQF-i8_LBxU.roa
Signing time: Sun 01 Jan 2023 14:54:48 +0000
ROA not before: Sun 01 Jan 2023 14:54:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 3320
IP address blocks: 91.198.197.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:d4:02:95:c8:e1:7c:17:fc:0b:7f:76:91:40:20:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407bc1dc2e11d491b9b85e08d01c222f9776c3cc
Validity
Not Before: Jan 1 14:54:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c6ca54968f1522b206303cf465017e8bcfcb0715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:45:7a:18:26:68:bf:32:fe:c5:9b:a8:26:45:
c7:4e:5d:e7:16:3f:39:9c:f6:d1:13:79:db:67:08:
f5:27:45:a2:cf:ec:fe:2c:49:b3:8e:bb:a2:2f:c2:
a1:47:fb:c9:80:ea:07:a0:22:a5:6c:58:cd:f4:b7:
61:e3:e3:f2:d1:e2:8a:09:1b:b0:e5:82:ae:50:e0:
b0:05:0e:07:fa:ef:47:11:30:25:99:bd:fd:fe:fb:
05:fd:b3:2a:ca:7d:b9:68:a3:53:4c:24:59:b9:95:
f1:19:80:0a:20:eb:ef:24:d7:74:94:41:dd:ef:4a:
a0:12:de:b3:12:8e:70:a0:67:33:83:46:4e:14:d5:
ff:80:0c:09:c6:48:7b:aa:69:3b:4a:52:86:7d:39:
a4:ef:a4:1e:df:b0:19:8e:90:00:cb:20:dd:71:34:
d8:da:48:cf:96:a7:af:8c:fe:0f:49:2f:4c:c5:9f:
f4:a1:b6:3e:db:2e:30:b4:b7:0e:6e:da:9a:56:62:
4f:9e:e7:63:53:f2:2d:c3:e1:54:72:66:76:fe:db:
98:ad:c9:48:a6:f1:7d:24:e1:7b:08:e6:d5:96:2a:
ac:9e:1b:d5:c0:97:30:00:ca:67:2a:5f:98:5e:cd:
f0:d5:e3:9a:be:5d:29:4d:71:ed:79:f8:4f:56:8f:
07:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:CA:54:96:8F:15:22:B2:06:30:3C:F4:65:01:7E:8B:CF:CB:07:15
X509v3 Authority Key Identifier:
keyid:40:7B:C1:DC:2E:11:D4:91:B9:B8:5E:08:D0:1C:22:2F:97:76:C3:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHvB3C4R1JG5uF4I0BwiL5d2w8w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f10bc7-7c9e-4d98-8d7b-7af0a15f40b5/1/xspUlo8VIrIGMDz0ZQF-i8_LBxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/f10bc7-7c9e-4d98-8d7b-7af0a15f40b5/1/QHvB3C4R1JG5uF4I0BwiL5d2w8w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.197.0/24
Signature Algorithm: sha256WithRSAEncryption
65:ab:d8:d7:bd:7b:90:a4:b5:18:a6:6e:f3:46:11:49:88:c0:
66:41:b7:9e:0e:e0:05:fb:47:57:e7:77:1c:b5:74:95:8d:6d:
2e:7d:90:32:f2:1f:89:d2:8a:bf:4f:a3:0a:75:bd:f3:7c:c1:
75:ce:07:fc:b4:39:d3:90:26:d5:ca:94:73:3a:3f:44:2a:3d:
b3:1b:5c:c1:58:33:5c:e4:ff:9c:ef:b6:a7:42:76:8e:8e:29:
4f:19:86:fa:13:b2:b0:e3:22:31:db:ba:fd:9a:ae:82:0f:55:
4a:f8:b0:82:8c:cb:ae:03:7c:51:76:14:3d:92:fd:3b:9b:58:
00:32:09:d9:2f:26:71:6b:de:46:63:ab:fd:f7:7c:43:63:4e:
61:e6:f5:64:aa:08:36:79:ea:14:e6:ad:08:21:8c:2c:4d:9e:
c8:e1:2f:9f:6e:c4:ae:14:75:53:be:29:db:98:f0:30:b4:20:
b6:a3:2d:11:b3:59:a4:1e:88:80:98:ed:fe:7f:29:a4:9d:b0:
d9:ff:6b:60:16:a6:98:eb:67:86:10:b2:a3:c8:a0:e1:d8:4b:
0a:cc:d4:bc:16:6c:e2:2d:52:ea:ab:d6:d0:9a:06:4c:cb:55:
54:57:f5:de:16:d4:67:ce:6d:b1:4a:89:01:0e:f3:e0:39:2f:
9e:c0:e5:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVt1AKVyOF8F/wLf3aRQCB8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2JjMWRjMmUxMWQ0OTFiOWI4NWUwOGQwMWMyMjJmOTc3
NmMzY2MwHhcNMjMwMTAxMTQ1NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmNhNTQ5NjhmMTUyMmIyMDYzMDNjZjQ2NTAxN2U4YmNmY2IwNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkV6GCZovzL+xZuoJkXHTl3nFj85
nPbRE3nbZwj1J0Wiz+z+LEmzjruiL8KhR/vJgOoHoCKlbFjN9Ldh4+Py0eKKCRuw
5YKuUOCwBQ4H+u9HETAlmb39/vsF/bMqyn25aKNTTCRZuZXxGYAKIOvvJNd0lEHd
70qgEt6zEo5woGczg0ZOFNX/gAwJxkh7qmk7SlKGfTmk76Qe37AZjpAAyyDdcTTY
2kjPlqevjP4PSS9MxZ/0obY+2y4wtLcObtqaVmJPnudjU/Itw+FUcmZ2/tuYrclI
pvF9JOF7CObVliqsnhvVwJcwAMpnKl+YXs3w1eOavl0pTXHtefhPVo8HFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbKVJaPFSKyBjA89GUBfovPywcVMB8GA1UdIwQY
MBaAFEB7wdwuEdSRubheCNAcIi+XdsPMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh2QjNDNFIxSkc1dUY0STBCd2lMNWQydzh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS9mMTBiYzctN2M5ZS00ZDk4LThkN2It
N2FmMGExNWY0MGI1LzEveHNwVWxvOFZJcklHTUR6MFpRRi1pOF9MQnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS9mMTBiYzctN2M5ZS00ZDk4LThkN2ItN2FmMGExNWY0MGI1
LzEvUUh2QjNDNFIxSkc1dUY0STBCd2lMNWQydzh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8bFMA0G
CSqGSIb3DQEBCwUAA4IBAQBlq9jXvXuQpLUYpm7zRhFJiMBmQbeeDuAF+0dX53cc
tXSVjW0ufZAy8h+J0oq/T6MKdb3zfMF1zgf8tDnTkCbVypRzOj9EKj2zG1zBWDNc
5P+c77anQnaOjilPGYb6E7Kw4yIx27r9mq6CD1VK+LCCjMuuA3xRdhQ9kv07m1gA
MgnZLyZxa95GY6v993xDY05h5vVkqgg2eeoU5q0IIYwsTZ7I4S+fbsSuFHVTvinb
mPAwtCC2oy0Rs1mkHoiAmO3+fymknbDZ/2tgFqaY62eGELKjyKDh2EsKzNS8Fmzi
LVLqq9bQmgZMy1VUV/XeFtRnzm2xSokBDvPgOS+ewOVd
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:26 2025 by rpki-client