Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/XYdqHztom0xi5utmuHnMTgfI0R0.roa
File: XYdqHztom0xi5utmuHnMTgfI0R0.roa (raw, json)
Hash identifier: mFk9dv6Qq2MtLi9jWMis5EnlfLQ4CDsXllzz91OeeCs=
Subject key identifier: 5D:87:6A:1F:3B:68:9B:4C:62:E6:EB:66:B8:79:CC:4E:07:C8:D1:1D
Certificate issuer: /CN=360a9d26dbb3ea5dfaae83b61908add8fc6dd36f
Certificate serial: 018571B0EDECAFA17734CE9D352C8234EAA1
Authority key identifier: 36:0A:9D:26:DB:B3:EA:5D:FA:AE:83:B6:19:08:AD:D8:FC:6D:D3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NgqdJtuz6l36roO2GQit2Pxt028.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/XYdqHztom0xi5utmuHnMTgfI0R0.roa
Signing time: Mon 02 Jan 2023 08:54:58 +0000
ROA not before: Mon 02 Jan 2023 08:54:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 59617
IP address blocks: 185.104.129.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:b0:ed:ec:af:a1:77:34:ce:9d:35:2c:82:34:ea:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=360a9d26dbb3ea5dfaae83b61908add8fc6dd36f
Validity
Not Before: Jan 2 08:54:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d876a1f3b689b4c62e6eb66b879cc4e07c8d11d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:8e:39:86:04:a7:e3:3d:fc:ce:c6:e2:3e:5b:
3b:12:c8:e1:01:76:9c:38:b0:85:43:e8:ee:98:d9:
a2:2c:34:64:03:8c:0a:c5:e6:fd:df:02:52:72:9c:
0a:66:a6:26:23:82:06:9b:68:57:30:c6:60:89:3c:
b9:e5:e7:d3:c5:16:aa:bb:96:1c:42:d5:6d:46:ee:
90:73:52:d9:ef:14:5e:f9:0e:a0:6c:73:7e:18:7e:
80:02:1a:e8:8e:e3:e3:b1:89:35:29:a8:8b:cb:99:
4c:9e:7f:f2:32:e1:d6:61:20:61:e5:1a:3d:2f:67:
55:97:4c:85:80:f2:8c:18:28:3c:72:f3:08:a9:ce:
7d:fa:fb:4e:c9:98:61:66:b1:38:95:35:f2:ec:ca:
6d:02:33:64:3f:0c:b2:d2:a7:e8:64:96:dd:92:eb:
80:76:5b:0a:9a:83:3a:9e:c1:24:f6:75:88:21:f6:
a8:9b:20:dc:5b:3f:90:54:cf:3b:82:1a:59:b6:18:
4c:98:63:a9:17:d4:67:7d:87:fc:41:3d:e5:d4:d1:
e9:2e:2a:d1:19:82:f2:78:a8:30:8c:e6:a2:1d:4d:
07:4d:d2:99:2a:65:ee:5c:ad:61:c3:e2:9d:52:17:
c6:bb:e5:c3:2e:09:34:10:bb:47:91:0b:21:79:bf:
08:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:87:6A:1F:3B:68:9B:4C:62:E6:EB:66:B8:79:CC:4E:07:C8:D1:1D
X509v3 Authority Key Identifier:
keyid:36:0A:9D:26:DB:B3:EA:5D:FA:AE:83:B6:19:08:AD:D8:FC:6D:D3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NgqdJtuz6l36roO2GQit2Pxt028.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/XYdqHztom0xi5utmuHnMTgfI0R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/27e29e-c894-4d39-ac23-12e96ba235d8/1/NgqdJtuz6l36roO2GQit2Pxt028.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.104.129.0/24
Signature Algorithm: sha256WithRSAEncryption
99:e0:97:f7:46:77:53:0d:db:6d:39:fe:86:b4:e4:3a:67:57:
cb:6d:fc:c8:20:83:ec:51:a6:52:64:8d:d7:20:5c:4e:88:20:
6b:ac:84:4c:b8:01:ee:42:66:af:f3:2c:23:17:33:85:58:55:
d1:17:93:fa:80:d0:3e:d5:c8:5e:7b:ce:ae:5f:69:18:79:96:
ed:0a:ec:c1:eb:36:62:f4:0b:76:a8:a6:08:9f:d6:c3:f5:d4:
5d:4f:35:f1:66:34:c7:0b:d6:2c:b3:f9:ec:1a:b9:93:14:73:
84:6d:10:88:17:8c:f3:87:12:e5:96:31:ff:6d:a6:53:86:84:
97:5a:cf:8e:08:15:83:c5:ae:14:7c:09:90:9b:ba:fc:be:fa:
76:12:a7:d4:b4:f0:c8:6b:ad:69:e0:6f:50:d3:6e:77:27:30:
69:87:74:4b:56:c6:86:7f:3a:e3:03:26:d6:dd:a7:bd:74:69:
7e:04:93:3b:cc:c8:95:9e:ad:dc:78:dd:ac:dd:b7:29:c2:3c:
59:33:ae:74:f6:68:d9:47:f8:4a:98:6a:5e:a3:98:4a:81:70:
af:1a:d3:8e:f5:d6:fc:93:e6:70:05:72:a3:4c:ff:10:d9:18:
2c:fd:dd:50:c5:11:fb:cc:be:b5:d3:56:ac:f6:cb:37:b5:f5:
1f:9b:2b:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxsO3sr6F3NM6dNSyCNOqhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2MGE5ZDI2ZGJiM2VhNWRmYWFlODNiNjE5MDhhZGQ4ZmM2
ZGQzNmYwHhcNMjMwMTAyMDg1NDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDg3NmExZjNiNjg5YjRjNjJlNmViNjZiODc5Y2M0ZTA3YzhkMTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi445hgSn4z38zsbiPls7EsjhAXac
OLCFQ+jumNmiLDRkA4wKxeb93wJScpwKZqYmI4IGm2hXMMZgiTy55efTxRaqu5Yc
QtVtRu6Qc1LZ7xRe+Q6gbHN+GH6AAhrojuPjsYk1KaiLy5lMnn/yMuHWYSBh5Ro9
L2dVl0yFgPKMGCg8cvMIqc59+vtOyZhhZrE4lTXy7MptAjNkPwyy0qfoZJbdkuuA
dlsKmoM6nsEk9nWIIfaomyDcWz+QVM87ghpZthhMmGOpF9RnfYf8QT3l1NHpLirR
GYLyeKgwjOaiHU0HTdKZKmXuXK1hw+KdUhfGu+XDLgk0ELtHkQsheb8IOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF2Hah87aJtMYubrZrh5zE4HyNEdMB8GA1UdIwQY
MBaAFDYKnSbbs+pd+q6DthkIrdj8bdNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmdxZEp0dXo2bDM2cm9PMkdRaXQyUHh0MDI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC8yN2UyOWUtYzg5NC00ZDM5LWFjMjMt
MTJlOTZiYTIzNWQ4LzEvWFlkcUh6dG9tMHhpNXV0bXVIbk1UZ2ZJMFIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC8yN2UyOWUtYzg5NC00ZDM5LWFjMjMtMTJlOTZiYTIzNWQ4
LzEvTmdxZEp0dXo2bDM2cm9PMkdRaXQyUHh0MDI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWiBMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ4Jf3RndTDdttOf6GtOQ6Z1fLbfzIIIPsUaZSZI3X
IFxOiCBrrIRMuAHuQmav8ywjFzOFWFXRF5P6gNA+1chee86uX2kYeZbtCuzB6zZi
9At2qKYIn9bD9dRdTzXxZjTHC9Yss/nsGrmTFHOEbRCIF4zzhxLlljH/baZThoSX
Ws+OCBWDxa4UfAmQm7r8vvp2EqfUtPDIa61p4G9Q0253JzBph3RLVsaGfzrjAybW
3ae9dGl+BJM7zMiVnq3ceN2s3bcpwjxZM6509mjZR/hKmGpeo5hKgXCvGtOO9db8
k+ZwBXKjTP8Q2Rgs/d1QxRH7zL6101as9ss3tfUfmyvw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:27:27 2025 by rpki-client