Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/294683-5747-4ea1-b77c-9bebf7dcc1a6/1/XVOef0KYSMQfh9gZENaCCrUrfWw.roa
File: XVOef0KYSMQfh9gZENaCCrUrfWw.roa (raw, json)
Hash identifier: jGQqtHR4vsrPi3/bklOOLEtU9r0izGbxj2XBeiG9APw=
Subject key identifier: 5D:53:9E:7F:42:98:48:C4:1F:87:D8:19:10:D6:82:0A:B5:2B:7D:6C
Certificate issuer: /CN=f1f5e0181c4bbae5c090ab159d06562f1322e278
Certificate serial: 0187BC60EE5845E9EDA7E50A1AB7ACE59AA3
Authority key identifier: F1:F5:E0:18:1C:4B:BA:E5:C0:90:AB:15:9D:06:56:2F:13:22:E2:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8fXgGBxLuuXAkKsVnQZWLxMi4ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/294683-5747-4ea1-b77c-9bebf7dcc1a6/1/XVOef0KYSMQfh9gZENaCCrUrfWw.roa
Signing time: Wed 26 Apr 2023 07:04:41 +0000
ROA not before: Wed 26 Apr 2023 07:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 43734
IP address blocks: 109.235.80.0/21 maxlen: 21
78.24.240.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:bc:60:ee:58:45:e9:ed:a7:e5:0a:1a:b7:ac:e5:9a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1f5e0181c4bbae5c090ab159d06562f1322e278
Validity
Not Before: Apr 26 07:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d539e7f429848c41f87d81910d6820ab52b7d6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b6:cb:c4:1b:03:0a:46:9b:13:20:f5:87:64:
2d:c0:c1:3a:4d:51:4f:18:ca:7c:92:e6:c8:65:a8:
53:60:99:34:6c:6f:71:65:ad:6f:d5:bc:90:44:0f:
60:ba:cb:b8:5f:b4:29:46:29:71:b2:26:99:67:0f:
23:96:fe:8c:fd:cd:e8:5d:fb:d6:9d:ba:d4:a9:59:
de:e5:95:b8:11:41:ce:32:a4:39:9c:cc:54:51:fe:
4c:c5:91:73:1a:a0:a0:ff:b1:30:37:25:b2:88:2b:
d1:ce:0f:97:84:d6:1d:29:ba:29:d2:f8:9d:23:d6:
ae:10:ae:db:30:d8:42:74:d4:bc:d4:4d:d8:21:ce:
d4:2b:4c:ec:73:19:40:30:cc:87:45:30:c3:15:46:
b1:c1:cc:67:19:96:2e:78:56:74:5b:35:a0:bd:d3:
cb:69:06:10:4b:0c:39:1a:87:7d:db:e6:bc:ec:21:
d2:5d:22:51:cc:b8:47:34:14:ff:b0:64:e8:23:62:
8d:43:26:9d:c0:4b:01:19:33:1c:e6:23:43:c5:97:
f9:59:15:84:0a:58:76:9a:b6:88:40:fe:26:35:7a:
79:70:c0:dc:bd:21:ae:5f:8b:c3:03:e3:ce:34:8a:
9d:28:6a:e3:09:09:65:5f:16:91:8c:23:87:8f:d3:
2c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:53:9E:7F:42:98:48:C4:1F:87:D8:19:10:D6:82:0A:B5:2B:7D:6C
X509v3 Authority Key Identifier:
keyid:F1:F5:E0:18:1C:4B:BA:E5:C0:90:AB:15:9D:06:56:2F:13:22:E2:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8fXgGBxLuuXAkKsVnQZWLxMi4ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/294683-5747-4ea1-b77c-9bebf7dcc1a6/1/XVOef0KYSMQfh9gZENaCCrUrfWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/294683-5747-4ea1-b77c-9bebf7dcc1a6/1/8fXgGBxLuuXAkKsVnQZWLxMi4ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.240.0/21
109.235.80.0/21
Signature Algorithm: sha256WithRSAEncryption
70:ad:2b:65:8e:f7:9c:e5:a2:e7:9f:be:47:c3:4f:c8:b3:ca:
97:93:21:1d:38:1b:9a:a1:bb:1d:8a:7b:88:3e:c8:50:a5:be:
0f:e6:19:86:03:df:a9:db:cf:f1:9b:47:ad:36:8b:c7:02:74:
ff:64:32:56:8c:28:54:c7:c6:43:65:a7:f0:62:90:eb:07:a3:
c1:ce:a7:a9:48:95:cf:7b:97:b6:8c:7b:a4:91:9b:19:81:94:
89:db:bd:56:f7:a5:45:4c:6f:d8:a5:4a:60:b7:63:c9:92:4a:
54:80:d0:49:ad:d5:65:d9:fe:79:c4:58:80:50:80:32:61:bf:
09:e7:09:d0:5b:e5:d3:64:43:60:c2:7b:65:aa:dc:48:c6:d4:
3e:11:18:60:e9:78:de:0a:b4:4b:e6:87:1e:bd:f2:65:6a:b2:
50:e2:78:68:89:70:47:ec:22:2b:13:3d:cc:63:09:d1:94:46:
ca:32:c4:9f:f4:ab:d6:08:ef:f4:f4:1a:c2:63:75:f0:f6:85:
aa:29:6e:1b:7b:04:53:ea:83:e0:63:65:be:57:28:3c:47:c0:
e2:9b:a2:1f:47:06:34:6a:ab:6f:ad:d9:fe:80:a1:4b:47:39:
05:38:c2:84:da:1e:8e:e6:b6:4c:dc:11:0c:2b:ab:20:4e:d5:
43:e1:f5:f1
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYe8YO5YRentp+UKGres5ZqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZjVlMDE4MWM0YmJhZTVjMDkwYWIxNTlkMDY1NjJmMTMy
MmUyNzgwHhcNMjMwNDI2MDcwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDUzOWU3ZjQyOTg0OGM0MWY4N2Q4MTkxMGQ2ODIwYWI1MmI3ZDZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLbLxBsDCkabEyD1h2QtwME6TVFP
GMp8kubIZahTYJk0bG9xZa1v1byQRA9gusu4X7QpRilxsiaZZw8jlv6M/c3oXfvW
nbrUqVne5ZW4EUHOMqQ5nMxUUf5MxZFzGqCg/7EwNyWyiCvRzg+XhNYdKbop0vid
I9auEK7bMNhCdNS81E3YIc7UK0zscxlAMMyHRTDDFUaxwcxnGZYueFZ0WzWgvdPL
aQYQSww5God92+a87CHSXSJRzLhHNBT/sGToI2KNQyadwEsBGTMc5iNDxZf5WRWE
Clh2mraIQP4mNXp5cMDcvSGuX4vDA+PONIqdKGrjCQllXxaRjCOHj9Ms6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF1Tnn9CmEjEH4fYGRDWggq1K31sMB8GA1UdIwQY
MBaAFPH14BgcS7rlwJCrFZ0GVi8TIuJ4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGZYZ0dCeEx1dVhBa0tzVm5RWldMeE1pNG5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8yOTQ2ODMtNTc0Ny00ZWExLWI3N2Mt
OWJlYmY3ZGNjMWE2LzEvWFZPZWYwS1lTTVFmaDlnWkVOYUNDclVyZld3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8yOTQ2ODMtNTc0Ny00ZWExLWI3N2MtOWJlYmY3ZGNjMWE2
LzEvOGZYZ0dCeEx1dVhBa0tzVm5RWldMeE1pNG5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDThjwAwQD
betQMA0GCSqGSIb3DQEBCwUAA4IBAQBwrStljvec5aLnn75Hw0/Is8qXkyEdOBua
obsdinuIPshQpb4P5hmGA9+p28/xm0etNovHAnT/ZDJWjChUx8ZDZafwYpDrB6PB
zqepSJXPe5e2jHukkZsZgZSJ271W96VFTG/YpUpgt2PJkkpUgNBJrdVl2f55xFiA
UIAyYb8J5wnQW+XTZENgwntlqtxIxtQ+ERhg6XjeCrRL5ocevfJlarJQ4nhoiXBH
7CIrEz3MYwnRlEbKMsSf9KvWCO/09BrCY3Xw9oWqKW4bewRT6oPgY2W+Vyg8R8Di
m6IfRwY0aqtvrdn+gKFLRzkFOMKE2h6O5rZM3BEMK6sgTtVD4fXx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:15 2025 by rpki-client