Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/Xh7MClZ0dqS4IcfxCIDetHICK0M.roa
File: Xh7MClZ0dqS4IcfxCIDetHICK0M.roa (raw, json)
Hash identifier: sPD25ziZrcWjaB8VYxWLzbO6tKMgpLU1lk2R68dSpLY=
Subject key identifier: 5E:1E:CC:0A:56:74:76:A4:B8:21:C7:F1:08:80:DE:B4:72:02:2B:43
Certificate issuer: /CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Certificate serial: 01856F0B74F0039F873B4B5418DF2CAECDB0
Authority key identifier: 48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/Xh7MClZ0dqS4IcfxCIDetHICK0M.roa
Signing time: Sun 01 Jan 2023 20:34:59 +0000
ROA not before: Sun 01 Jan 2023 20:34:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 201653
IP address blocks: 185.73.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:74:f0:03:9f:87:3b:4b:54:18:df:2c:ae:cd:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Validity
Not Before: Jan 1 20:34:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e1ecc0a567476a4b821c7f10880deb472022b43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5d:48:bf:52:b6:b2:8b:b5:86:5b:9e:39:c6:
33:90:84:81:45:e5:55:a0:9d:ac:e0:02:bb:c0:15:
4d:be:11:4a:c2:86:c8:e7:8a:b4:b9:3c:40:f8:d4:
d1:0c:28:6b:32:ac:c0:1f:e6:8c:0a:3c:9e:f7:eb:
10:09:04:ec:70:18:ea:20:0c:67:a0:d8:64:b3:16:
22:45:33:ad:8b:f2:aa:a0:03:ce:5f:99:96:19:76:
cf:8e:aa:85:a3:96:f0:f9:3e:ca:f1:61:02:25:d7:
b7:7a:9d:f8:70:08:c0:40:7a:20:ca:97:ac:e6:71:
54:1a:f3:9b:fb:17:1c:32:61:96:df:9e:ab:37:e2:
d8:e2:4d:53:64:e2:75:ce:f9:c6:3f:b9:7a:9d:76:
1b:55:9d:4d:a7:f0:a9:84:af:d8:0e:0f:61:1c:14:
69:92:19:6a:a3:c5:74:70:78:27:24:2e:1e:50:fc:
7c:8a:ed:0c:88:50:e4:63:39:9d:94:e5:ec:97:36:
1c:d8:4f:d7:08:24:0a:d2:f6:24:1b:c7:a0:14:05:
f6:b9:3d:a8:f9:3a:1c:1b:a7:ae:64:48:43:9f:c1:
49:43:7c:89:78:52:b9:b0:7c:14:36:e1:42:bc:21:
72:78:7c:bb:e0:ba:10:8d:bc:3d:0d:cb:5a:c1:b1:
8f:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1E:CC:0A:56:74:76:A4:B8:21:C7:F1:08:80:DE:B4:72:02:2B:43
X509v3 Authority Key Identifier:
keyid:48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/Xh7MClZ0dqS4IcfxCIDetHICK0M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.73.208.0/24
Signature Algorithm: sha256WithRSAEncryption
34:22:2e:7d:c1:9e:94:b8:93:74:76:6b:04:4a:da:0f:d4:01:
53:52:74:18:1a:b9:90:1c:dd:4c:73:12:37:97:08:c0:2a:69:
63:5f:49:36:4b:65:f1:f5:a1:04:3c:57:e8:77:3d:ac:ee:70:
84:e0:38:14:d2:b2:a2:13:dd:c6:e1:2e:89:f5:d7:44:97:e3:
01:57:3c:36:87:41:d5:fc:a7:11:07:36:78:91:44:9d:49:17:
02:0e:73:37:89:6b:3c:e5:ee:60:44:bd:e7:c2:0a:80:6f:8c:
69:a8:c8:87:a5:50:01:51:55:4c:01:91:0c:e5:3a:cb:d2:d1:
a2:57:fc:af:20:98:5b:34:7b:d6:34:33:7d:16:1b:a3:d5:57:
62:67:cd:d7:aa:3f:37:cb:88:56:e5:c3:3a:a6:f3:d0:5d:9f:
06:18:7f:c1:af:be:75:50:ac:5b:6c:2c:5e:5b:74:49:ec:f4:
45:03:c4:e9:5b:9f:c0:7a:56:cb:12:89:ec:a8:4c:b3:cd:88:
11:43:90:00:82:51:62:27:6b:3a:31:cd:37:cb:af:dd:f1:44:
f6:53:d0:27:fa:a7:3e:d6:a2:51:07:1a:3e:00:18:12:f9:f1:
33:8e:19:3a:b7:f9:a0:cf:cc:80:ce:1f:6e:f6:94:f6:9f:a0:
fc:06:9c:18
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC3TwA5+HO0tUGN8srs2wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTA2YTM1MWE1MTg5YmNkYzQ0ODQwOTQ4ZGJmYjQwYWJm
NThiZTUwHhcNMjMwMTAxMjAzNDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFlY2MwYTU2NzQ3NmE0YjgyMWM3ZjEwODgwZGViNDcyMDIyYjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl1Iv1K2sou1hlueOcYzkISBReVV
oJ2s4AK7wBVNvhFKwobI54q0uTxA+NTRDChrMqzAH+aMCjye9+sQCQTscBjqIAxn
oNhksxYiRTOti/KqoAPOX5mWGXbPjqqFo5bw+T7K8WECJde3ep34cAjAQHogypes
5nFUGvOb+xccMmGW356rN+LY4k1TZOJ1zvnGP7l6nXYbVZ1Np/CphK/YDg9hHBRp
khlqo8V0cHgnJC4eUPx8iu0MiFDkYzmdlOXslzYc2E/XCCQK0vYkG8egFAX2uT2o
+TocG6euZEhDn8FJQ3yJeFK5sHwUNuFCvCFyeHy74LoQjbw9DctawbGPkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4ezApWdHakuCHH8QiA3rRyAitDMB8GA1UdIwQY
MBaAFEjgajUaUYm83ESECUjb+0Cr9YvlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDIt
YWIxYTg3ZWNkZjFiLzEvWGg3TUNsWjBkcVM0SWNmeENJRGV0SElDSzBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS82MDBhZWEtOWVhNS00YzY3LWE2MDItYWIxYTg3ZWNkZjFi
LzEvU09CcU5ScFJpYnpjUklRSlNOdjdRS3YxaS1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuUnQMA0G
CSqGSIb3DQEBCwUAA4IBAQA0Ii59wZ6UuJN0dmsEStoP1AFTUnQYGrmQHN1McxI3
lwjAKmljX0k2S2Xx9aEEPFfodz2s7nCE4DgU0rKiE93G4S6J9ddEl+MBVzw2h0HV
/KcRBzZ4kUSdSRcCDnM3iWs85e5gRL3nwgqAb4xpqMiHpVABUVVMAZEM5TrL0tGi
V/yvIJhbNHvWNDN9Fhuj1VdiZ83Xqj83y4hW5cM6pvPQXZ8GGH/Br751UKxbbCxe
W3RJ7PRFA8TpW5/AelbLEonsqEyzzYgRQ5AAglFiJ2s6Mc03y6/d8UT2U9An+qc+
1qJRBxo+ABgS+fEzjhk6t/mgz8yAzh9u9pT2n6D8BpwY
-----END CERTIFICATE-----
Generated at Mon Apr 21 01:26:00 2025 by rpki-client