Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/xyj2cH5S3OGO-XtkVlwrFBVtnro.roa
File: xyj2cH5S3OGO-XtkVlwrFBVtnro.roa (raw, json)
Hash identifier: 1cpp99OUppr0SAJa5fUZI6gQhhuBiQOnbGYrOl56yG4=
Subject key identifier: C7:28:F6:70:7E:52:DC:E1:8E:F9:7B:64:56:5C:2B:14:15:6D:9E:BA
Certificate issuer: /CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Certificate serial: 0187EC3BF5E411D09678D687F05539B15FA5
Authority key identifier: AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/xyj2cH5S3OGO-XtkVlwrFBVtnro.roa
Signing time: Fri 05 May 2023 14:06:05 +0000
ROA not before: Fri 05 May 2023 14:06:05 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 203889
IP address blocks: 194.99.113.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:ec:3b:f5:e4:11:d0:96:78:d6:87:f0:55:39:b1:5f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae1dc18a4b1fbfe2c2babd8bbb47fe1fd1cf22f8
Validity
Not Before: May 5 14:06:05 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c728f6707e52dce18ef97b64565c2b14156d9eba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:15:89:98:b9:56:85:da:4f:53:aa:04:8e:e4:
8b:fa:27:3e:01:5b:f0:29:2f:01:e0:dd:eb:84:ef:
71:75:49:e0:1c:60:c2:d6:c6:aa:4a:d5:c5:17:54:
6d:8c:39:0f:cb:57:c7:2c:29:b8:03:2d:78:a1:4c:
00:09:2b:9b:0e:81:90:2b:40:84:bb:74:3b:69:eb:
4b:53:c8:91:d3:eb:3d:b5:b0:89:25:b0:48:06:bd:
e8:e1:e1:4e:c5:59:23:f4:23:44:0f:de:12:83:34:
60:12:5b:36:95:3b:27:67:78:2e:ad:1a:ae:a0:f8:
07:13:ce:54:9f:b2:c9:68:17:3f:d4:27:29:1b:71:
f7:e0:dd:d8:17:18:57:72:de:6f:88:da:ab:3c:8d:
42:3e:59:b4:16:3a:58:94:9e:7c:04:05:93:52:e7:
b9:35:c5:86:cd:a7:47:81:5b:d9:cf:14:1a:06:0e:
1c:17:01:a6:71:c0:40:d6:fd:6c:04:d7:9f:c5:24:
73:ec:91:22:2b:c9:67:a9:b5:ee:ed:fb:93:ca:18:
b9:e5:9d:79:85:9d:dc:60:63:08:0b:20:c6:6d:c4:
fa:ee:cd:15:fd:2c:9b:e4:0b:ee:e4:e0:74:a6:97:
3a:4a:7c:d2:8b:8c:31:fe:5e:1c:f9:8d:74:e1:c2:
2f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:28:F6:70:7E:52:DC:E1:8E:F9:7B:64:56:5C:2B:14:15:6D:9E:BA
X509v3 Authority Key Identifier:
keyid:AE:1D:C1:8A:4B:1F:BF:E2:C2:BA:BD:8B:BB:47:FE:1F:D1:CF:22:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rh3Biksfv-LCur2Lu0f-H9HPIvg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/xyj2cH5S3OGO-XtkVlwrFBVtnro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/0376d1-12ca-4135-9483-8e7149f04a4e/1/rh3Biksfv-LCur2Lu0f-H9HPIvg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.113.0/24
Signature Algorithm: sha256WithRSAEncryption
76:5c:00:48:22:34:db:a0:20:36:49:ce:fa:cf:a8:ba:68:3e:
ea:97:3c:79:f7:ed:01:1a:da:4d:e1:eb:41:b7:11:00:4b:21:
db:f2:7f:c4:62:db:20:0d:13:bb:62:53:7e:09:40:3e:80:55:
89:9b:76:fb:42:a9:b6:aa:2c:ba:b6:43:26:db:16:99:ce:ef:
70:1b:21:7e:7c:f0:2e:09:25:e0:69:8a:26:96:8e:2e:ee:a0:
23:b1:8c:d1:1d:68:c6:66:3c:bd:3d:af:0d:70:b0:44:d7:e1:
80:1b:12:76:5e:b0:2e:e5:63:ff:74:d8:a9:2e:4d:94:99:7c:
fd:9b:ee:19:83:2b:a6:49:99:9e:14:c4:91:4e:88:bd:bf:17:
9c:27:03:7b:b3:42:42:e4:19:0f:03:c2:b4:bd:56:18:08:88:
52:bc:e3:22:28:12:7c:52:25:00:b4:c0:f6:b2:a6:ff:29:a7:
be:3c:2c:56:4f:d2:76:99:a7:60:74:a3:14:be:c1:a2:d4:8f:
0f:a5:83:91:d9:92:89:64:b7:7e:20:bd:54:be:14:06:35:7e:
92:54:dc:0d:09:75:b7:42:7e:e6:8f:ce:a9:a3:dc:85:3f:ab:
96:93:ad:aa:8f:e6:a6:65:5a:eb:ed:43:99:8b:44:15:bc:6b:
77:21:72:64
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYfsO/XkEdCWeNaH8FU5sV+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlMWRjMThhNGIxZmJmZTJjMmJhYmQ4YmJiNDdmZTFmZDFj
ZjIyZjgwHhcNMjMwNTA1MTQwNjA1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzI4ZjY3MDdlNTJkY2UxOGVmOTdiNjQ1NjVjMmIxNDE1NmQ5ZWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBWJmLlWhdpPU6oEjuSL+ic+AVvw
KS8B4N3rhO9xdUngHGDC1saqStXFF1RtjDkPy1fHLCm4Ay14oUwACSubDoGQK0CE
u3Q7aetLU8iR0+s9tbCJJbBIBr3o4eFOxVkj9CNED94SgzRgEls2lTsnZ3gurRqu
oPgHE85Un7LJaBc/1CcpG3H34N3YFxhXct5viNqrPI1CPlm0FjpYlJ58BAWTUue5
NcWGzadHgVvZzxQaBg4cFwGmccBA1v1sBNefxSRz7JEiK8lnqbXu7fuTyhi55Z15
hZ3cYGMICyDGbcT67s0V/Syb5Avu5OB0ppc6SnzSi4wx/l4c+Y104cIvxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMco9nB+Utzhjvl7ZFZcKxQVbZ66MB8GA1UdIwQY
MBaAFK4dwYpLH7/iwrq9i7tH/h/RzyL4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMt
OGU3MTQ5ZjA0YTRlLzEveHlqMmNINVMzT0dPLVh0a1Zsd3JGQlZ0bnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8wMzc2ZDEtMTJjYS00MTM1LTk0ODMtOGU3MTQ5ZjA0YTRl
LzEvcmgzQmlrc2Z2LUxDdXIyTHUwZi1IOUhQSXZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmNxMA0G
CSqGSIb3DQEBCwUAA4IBAQB2XABIIjTboCA2Sc76z6i6aD7qlzx59+0BGtpN4etB
txEASyHb8n/EYtsgDRO7YlN+CUA+gFWJm3b7Qqm2qiy6tkMm2xaZzu9wGyF+fPAu
CSXgaYomlo4u7qAjsYzRHWjGZjy9Pa8NcLBE1+GAGxJ2XrAu5WP/dNipLk2UmXz9
m+4ZgyumSZmeFMSRToi9vxecJwN7s0JC5BkPA8K0vVYYCIhSvOMiKBJ8UiUAtMD2
sqb/Kae+PCxWT9J2madgdKMUvsGi1I8PpYOR2ZKJZLd+IL1UvhQGNX6SVNwNCXW3
Qn7mj86po9yFP6uWk62qj+amZVrr7UOZi0QVvGt3IXJk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:27 2025 by rpki-client