Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/Xqm_1tUz5Jrhg95qof05dG2g0dw.roa
File: Xqm_1tUz5Jrhg95qof05dG2g0dw.roa (raw, json)
Hash identifier: KWkWpZR81n4mwuivTWiDYIAF5ZAkeMhvhOBjxrUZL4Y=
Subject key identifier: 5E:A9:BF:D6:D5:33:E4:9A:E1:83:DE:6A:A1:FD:39:74:6D:A0:D1:DC
Certificate issuer: /CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Certificate serial: 3465489C
Authority key identifier: 48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/Xqm_1tUz5Jrhg95qof05dG2g0dw.roa
Signing time: Sat 01 Jan 2022 10:56:47 +0000
ROA not before: Sat 01 Jan 2022 10:56:47 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 57811
IP address blocks: 188.64.85.0/24 maxlen: 24
188.64.82.0/24 maxlen: 24
188.64.80.0/23 maxlen: 23
188.64.83.0/24 maxlen: 24
188.64.87.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 879052956 (0x3465489c)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e06a351a5189bcdc44840948dbfb40abf58be5
Validity
Not Before: Jan 1 10:56:47 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ea9bfd6d533e49ae183de6aa1fd39746da0d1dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:6c:54:07:fd:8e:77:5e:b0:14:5e:85:9e:67:
c5:a7:d8:a0:88:23:f0:23:b3:95:eb:14:f7:4b:91:
3d:78:6e:0c:b5:49:95:bd:1c:8b:ef:b4:88:ef:b4:
94:4a:cc:08:3a:77:19:e6:3c:b6:d0:95:56:70:f6:
c4:a3:6c:85:5e:c8:66:ce:d3:7e:fc:ff:f5:0c:31:
91:c4:d1:6d:76:27:c6:5f:66:a6:68:fd:9e:1c:0e:
19:9f:fb:96:bc:31:04:bd:55:a8:25:ca:76:b4:59:
40:d1:7b:d0:1a:0e:26:58:2f:bc:29:ce:90:91:12:
70:f2:23:05:76:98:2e:e9:5d:5f:08:eb:6d:9b:09:
de:1e:3d:14:8c:00:15:6e:ca:7f:00:c6:43:28:84:
09:95:42:70:da:91:00:64:3a:a8:b4:f2:10:51:ec:
7c:00:f5:e3:99:72:7e:07:f9:94:29:58:66:76:04:
44:69:47:43:28:0f:13:d2:c2:65:d8:26:03:0a:17:
98:c4:5b:38:16:63:dc:50:87:58:47:7f:43:3a:c6:
0c:c0:25:26:23:e8:a3:cc:81:0e:35:a9:92:e2:30:
65:e1:7e:6f:73:7a:2b:b8:32:6b:17:f1:41:20:86:
86:6a:61:54:99:3c:5c:c0:d0:95:85:27:6e:30:79:
55:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:A9:BF:D6:D5:33:E4:9A:E1:83:DE:6A:A1:FD:39:74:6D:A0:D1:DC
X509v3 Authority Key Identifier:
keyid:48:E0:6A:35:1A:51:89:BC:DC:44:84:09:48:DB:FB:40:AB:F5:8B:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOBqNRpRibzcRIQJSNv7QKv1i-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/Xqm_1tUz5Jrhg95qof05dG2g0dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/600aea-9ea5-4c67-a602-ab1a87ecdf1b/1/SOBqNRpRibzcRIQJSNv7QKv1i-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.64.80.0/22
188.64.85.0/24
188.64.87.0/24
Signature Algorithm: sha256WithRSAEncryption
12:58:2b:4e:9c:96:af:e4:e6:14:08:59:1d:b8:e9:22:47:4f:
f1:14:40:77:5f:45:7c:9f:24:c8:b4:4b:f4:06:49:39:a5:2d:
5d:db:87:0d:b2:3e:1b:5f:f0:b1:36:2f:98:c5:ee:f9:bb:76:
d9:ec:27:37:16:ef:69:0e:3a:13:51:23:34:33:fc:5e:c6:92:
06:23:d2:14:d6:81:9b:13:b2:b0:c2:bc:16:3c:3c:0f:76:48:
4b:dc:cd:42:f3:df:ca:48:7f:96:9b:09:99:c4:d4:62:b4:ef:
bb:ea:56:ee:4d:81:ca:b4:77:c0:62:1d:ff:93:11:2a:ac:56:
ab:4a:3e:2e:56:e4:34:77:19:13:c8:82:4e:d2:b0:b1:23:d0:
3e:8a:f1:38:93:af:5a:5d:79:f7:b6:00:66:ed:53:93:6b:24:
29:93:bf:f4:82:8e:f6:8c:2f:80:1e:ed:12:fc:5b:bf:91:9a:
9d:a8:49:c2:9d:c7:b1:9d:e2:b1:f2:1c:c4:5e:4e:c0:b3:03:
d0:d5:2e:0f:9c:94:8a:60:a6:09:ae:1b:9a:13:64:f2:35:96:
db:3c:e4:97:90:d4:1a:f3:0f:b7:8b:5a:b3:25:d8:35:b4:a2:
96:7d:a4:c6:ee:25:68:f2:59:f4:b3:80:55:8d:c2:88:ef:fc:
4c:aa:45:c2
-----BEGIN CERTIFICATE-----
MIIE+zCCA+OgAwIBAgIENGVInDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg0
OGUwNmEzNTFhNTE4OWJjZGM0NDg0MDk0OGRiZmI0MGFiZjU4YmU1MB4XDTIyMDEw
MTEwNTY0N1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWVhOWJmZDZkNTMz
ZTQ5YWUxODNkZTZhYTFmZDM5NzQ2ZGEwZDFkYzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMxsVAf9jndesBRehZ5nxafYoIgj8COzlesU90uRPXhuDLVJ
lb0ci++0iO+0lErMCDp3GeY8ttCVVnD2xKNshV7IZs7Tfvz/9QwxkcTRbXYnxl9m
pmj9nhwOGZ/7lrwxBL1VqCXKdrRZQNF70BoOJlgvvCnOkJEScPIjBXaYLuldXwjr
bZsJ3h49FIwAFW7KfwDGQyiECZVCcNqRAGQ6qLTyEFHsfAD145lyfgf5lClYZnYE
RGlHQygPE9LCZdgmAwoXmMRbOBZj3FCHWEd/QzrGDMAlJiPoo8yBDjWpkuIwZeF+
b3N6K7gyaxfxQSCGhmphVJk8XMDQlYUnbjB5VQECAwEAAaOCAhUwggIRMB0GA1Ud
DgQWBBReqb/W1TPkmuGD3mqh/Tl0baDR3DAfBgNVHSMEGDAWgBRI4Go1GlGJvNxE
hAlI2/tAq/WL5TAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1NPQnFOUnBSaWJ6Y1JJUUpTTnY3UUt2MWktVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNWEvNjAwYWVhLTllYTUtNGM2Ny1hNjAyLWFiMWE4N2VjZGYxYi8x
L1hxbV8xdFV6NUpyaGc5NXFvZjA1ZEcyZzBkdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNWEv
NjAwYWVhLTllYTUtNGM2Ny1hNjAyLWFiMWE4N2VjZGYxYi8xL1NPQnFOUnBSaWJ6
Y1JJUUpTTnY3UUt2MWktVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEArxAUAMEALxAVQMEALxAVzANBgkq
hkiG9w0BAQsFAAOCAQEAElgrTpyWr+TmFAhZHbjpIkdP8RRAd19FfJ8kyLRL9AZJ
OaUtXduHDbI+G1/wsTYvmMXu+bt22ewnNxbvaQ46E1EjNDP8XsaSBiPSFNaBmxOy
sMK8Fjw8D3ZIS9zNQvPfykh/lpsJmcTUYrTvu+pW7k2ByrR3wGId/5MRKqxWq0o+
LlbkNHcZE8iCTtKwsSPQPorxOJOvWl1597YAZu1Tk2skKZO/9IKO9owvgB7tEvxb
v5GanahJwp3HsZ3isfIcxF5OwLMD0NUuD5yUimCmCa4bmhNk8jWW2zzkl5DUGvMP
t4tasyXYNbSiln2kxu4laPJZ9LOAVY3CiO/8TKpFwg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 17:57:53 2025 by rpki-client