Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/71c608-1cc2-4899-a5fa-846aaf0eb1ad/1/xawX21jkMA6_VQKZtuaE0V5SnnU.roa
File: xawX21jkMA6_VQKZtuaE0V5SnnU.roa (raw, json)
Hash identifier: O24IFe3Cl2fawpjGj2C2ECN5xXiOykbnSqusy5pZtCA=
Subject key identifier: C5:AC:17:DB:58:E4:30:0E:BF:55:02:99:B6:E6:84:D1:5E:52:9E:75
Certificate issuer: /CN=2ee96208925d836f8d037d179980a83a1b0c1342
Certificate serial: 01856BD37CD229190AAD5B521C74ECC12C9C
Authority key identifier: 2E:E9:62:08:92:5D:83:6F:8D:03:7D:17:99:80:A8:3A:1B:0C:13:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LuliCJJdg2-NA30XmYCoOhsME0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/71c608-1cc2-4899-a5fa-846aaf0eb1ad/1/xawX21jkMA6_VQKZtuaE0V5SnnU.roa
Signing time: Sun 01 Jan 2023 05:35:00 +0000
ROA not before: Sun 01 Jan 2023 05:35:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 57256
IP address blocks: 193.30.98.0/24 maxlen: 24
193.30.97.0/24 maxlen: 24
193.30.96.0/24 maxlen: 24
193.30.99.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:d3:7c:d2:29:19:0a:ad:5b:52:1c:74:ec:c1:2c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ee96208925d836f8d037d179980a83a1b0c1342
Validity
Not Before: Jan 1 05:35:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5ac17db58e4300ebf550299b6e684d15e529e75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:40:b3:23:b8:fd:4c:12:e8:06:c2:1d:f2:b2:
32:30:27:b5:11:b1:62:e4:69:85:73:56:bf:82:67:
79:0b:2a:d4:0e:ab:25:26:5a:e2:c7:4f:a8:e1:d5:
43:fc:70:43:e2:f3:b5:30:4d:31:fa:07:2f:18:49:
49:b5:e3:72:8b:9b:09:49:89:e1:f8:a4:10:b3:32:
70:ef:88:66:86:2d:10:f6:18:6b:06:81:fa:f3:ff:
81:98:6c:f3:48:79:47:76:2b:70:8a:58:38:e0:49:
7f:79:ac:f3:0c:8c:34:15:73:be:96:ae:68:54:5c:
45:84:37:9f:c6:92:aa:b7:b1:6e:59:80:34:e1:94:
d1:2c:aa:f6:ad:79:5b:87:04:8c:8a:30:2e:d9:46:
cf:5b:e3:41:e0:b3:59:1f:ed:b9:d8:ce:26:56:23:
57:41:e5:38:ab:d0:b9:fe:41:5c:32:d4:e4:41:cb:
4a:c8:85:df:be:fd:8b:66:ad:7d:1b:ad:b7:03:0f:
1e:e1:1e:49:e3:48:41:ff:6b:95:00:4a:0e:1a:9f:
24:19:5d:d7:7e:3c:1a:09:39:2d:44:bc:63:cc:39:
a5:c6:cf:f9:dd:86:4f:74:c5:ea:2b:86:90:cd:5f:
d1:12:b1:9f:fa:1e:39:34:2d:2b:2a:36:20:12:b9:
d9:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AC:17:DB:58:E4:30:0E:BF:55:02:99:B6:E6:84:D1:5E:52:9E:75
X509v3 Authority Key Identifier:
keyid:2E:E9:62:08:92:5D:83:6F:8D:03:7D:17:99:80:A8:3A:1B:0C:13:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LuliCJJdg2-NA30XmYCoOhsME0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/71c608-1cc2-4899-a5fa-846aaf0eb1ad/1/xawX21jkMA6_VQKZtuaE0V5SnnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/71c608-1cc2-4899-a5fa-846aaf0eb1ad/1/LuliCJJdg2-NA30XmYCoOhsME0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.30.96.0/22
Signature Algorithm: sha256WithRSAEncryption
be:62:50:6f:73:10:7e:14:bb:94:07:1a:5f:f7:c7:4f:56:a8:
ac:46:92:6c:d3:6f:41:f6:0a:6c:82:fa:d0:b6:e0:cd:d7:d3:
c7:c9:3a:bf:b9:f9:9b:63:a8:c0:8e:04:62:d5:4b:ce:2b:48:
ee:e3:a4:e5:92:58:4a:b8:6f:57:d4:cc:a3:4b:c3:54:8e:b8:
8d:3e:c6:6c:a6:91:e9:b3:d2:f4:31:da:0e:e8:6c:5c:52:f3:
52:4c:8d:2e:ce:ed:68:a5:60:59:8d:49:28:c4:ea:e7:e1:1b:
34:98:7b:13:e3:b5:c7:6a:3a:d1:c6:24:06:49:47:86:3a:3d:
93:63:ad:24:92:38:99:b9:60:34:d9:a2:e7:7a:dc:69:f1:66:
2a:cf:44:0d:0a:d7:57:c5:e5:70:11:5f:0e:ca:93:60:7c:8b:
b4:6a:b4:d6:42:ea:22:34:e3:8e:6e:e7:c5:70:40:4e:77:aa:
6b:78:26:72:b5:aa:4c:03:9d:f1:44:e7:bf:d6:0b:04:b3:f9:
c1:bd:8e:73:76:b8:06:6a:2d:61:1d:c7:0f:16:a3:99:10:34:
74:c2:87:70:14:c0:b0:5b:30:da:30:7e:a6:da:41:ae:29:f2:
13:5a:30:76:7b:1e:81:f9:a3:cd:12:3f:70:ae:4d:02:1d:b4:
6f:1b:bd:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVr03zSKRkKrVtSHHTswSycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZTk2MjA4OTI1ZDgzNmY4ZDAzN2QxNzk5ODBhODNhMWIw
YzEzNDIwHhcNMjMwMTAxMDUzNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWFjMTdkYjU4ZTQzMDBlYmY1NTAyOTliNmU2ODRkMTVlNTI5ZTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgUCzI7j9TBLoBsId8rIyMCe1EbFi
5GmFc1a/gmd5CyrUDqslJlrix0+o4dVD/HBD4vO1ME0x+gcvGElJteNyi5sJSYnh
+KQQszJw74hmhi0Q9hhrBoH68/+BmGzzSHlHditwilg44El/eazzDIw0FXO+lq5o
VFxFhDefxpKqt7FuWYA04ZTRLKr2rXlbhwSMijAu2UbPW+NB4LNZH+252M4mViNX
QeU4q9C5/kFcMtTkQctKyIXfvv2LZq19G623Aw8e4R5J40hB/2uVAEoOGp8kGV3X
fjwaCTktRLxjzDmlxs/53YZPdMXqK4aQzV/RErGf+h45NC0rKjYgErnZKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWsF9tY5DAOv1UCmbbmhNFeUp51MB8GA1UdIwQY
MBaAFC7pYgiSXYNvjQN9F5mAqDobDBNCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHVsaUNKSmRnMi1OQTMwWG1ZQ29PaHNNRTBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC83MWM2MDgtMWNjMi00ODk5LWE1ZmEt
ODQ2YWFmMGViMWFkLzEveGF3WDIxamtNQTZfVlFLWnR1YUUwVjVTbm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC83MWM2MDgtMWNjMi00ODk5LWE1ZmEtODQ2YWFmMGViMWFk
LzEvTHVsaUNKSmRnMi1OQTMwWG1ZQ29PaHNNRTBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwR5gMA0G
CSqGSIb3DQEBCwUAA4IBAQC+YlBvcxB+FLuUBxpf98dPVqisRpJs029B9gpsgvrQ
tuDN19PHyTq/ufmbY6jAjgRi1UvOK0ju46TlklhKuG9X1MyjS8NUjriNPsZsppHp
s9L0MdoO6GxcUvNSTI0uzu1opWBZjUkoxOrn4Rs0mHsT47XHajrRxiQGSUeGOj2T
Y60kkjiZuWA02aLnetxp8WYqz0QNCtdXxeVwEV8OypNgfIu0arTWQuoiNOOObufF
cEBOd6preCZytapMA53xROe/1gsEs/nBvY5zdrgGai1hHccPFqOZEDR0wodwFMCw
WzDaMH6m2kGuKfITWjB2ex6B+aPNEj9wrk0CHbRvG737
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:39:26 2025 by rpki-client