Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/Xnap6OmnLxlHce5KWFAIS_dB0-k.roa
File: Xnap6OmnLxlHce5KWFAIS_dB0-k.roa (raw, json)
Hash identifier: nfJfjEJd7wdJgJjHpu/g/CZpykPTv8hyFoHwTqc/GqE=
Subject key identifier: 5E:76:A9:E8:E9:A7:2F:19:47:71:EE:4A:58:50:08:4B:F7:41:D3:E9
Certificate issuer: /CN=d0e84d6d6a9eede682ef1b5c78f1b3f0a3313911
Certificate serial: 01894976D5BC0D02D3829EACEAAE063B6C4F
Authority key identifier: D0:E8:4D:6D:6A:9E:ED:E6:82:EF:1B:5C:78:F1:B3:F0:A3:31:39:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0OhNbWqe7eaC7xtcePGz8KMxORE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/Xnap6OmnLxlHce5KWFAIS_dB0-k.roa
Signing time: Wed 12 Jul 2023 09:37:51 +0000
ROA not before: Wed 12 Jul 2023 09:37:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 13154
IP address blocks: 193.105.161.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:49:76:d5:bc:0d:02:d3:82:9e:ac:ea:ae:06:3b:6c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d0e84d6d6a9eede682ef1b5c78f1b3f0a3313911
Validity
Not Before: Jul 12 09:37:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e76a9e8e9a72f194771ee4a5850084bf741d3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8d:9a:ee:32:fa:6a:cd:1c:c1:b9:99:c8:20:
6c:1e:2a:93:b5:8b:31:39:89:d2:03:11:02:cd:9c:
46:ac:b2:bd:14:8d:b4:ca:b7:83:f5:88:12:71:28:
0f:da:67:5e:4b:8a:5f:88:9d:7f:0f:ec:7f:7d:40:
8b:96:22:48:e7:bd:d7:c3:3a:09:5b:88:af:5e:fb:
d9:4d:b7:4e:30:cd:25:23:9c:49:39:bd:8a:9d:d0:
d2:a5:44:a4:9d:ab:f0:e9:5f:1e:14:d3:5f:f3:ab:
b3:6d:1b:18:71:58:6f:a9:b9:70:5e:43:99:1e:f3:
d9:b6:0d:d8:25:f5:e2:ec:b6:ba:06:56:02:92:93:
ca:7a:6d:4c:8a:c6:2f:f3:d6:45:e7:84:4b:a2:fb:
e7:9e:50:b7:32:15:bb:c2:96:36:c4:de:67:e4:42:
0e:6d:5d:38:2d:4d:d7:3e:9c:00:77:8c:0b:6f:bc:
ff:b9:5b:f4:e7:25:cd:f9:2c:d9:1b:0e:df:3b:07:
dc:cb:8b:ae:94:b8:c9:7c:f0:3c:af:3b:3c:b9:3f:
29:4a:db:a1:92:11:c9:b9:cb:4a:5f:2e:3e:9b:94:
77:b7:6a:8b:3c:01:56:7e:d1:be:04:96:67:d7:41:
7f:57:73:0c:ed:97:bc:0b:59:b2:30:eb:65:ef:8b:
a9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:76:A9:E8:E9:A7:2F:19:47:71:EE:4A:58:50:08:4B:F7:41:D3:E9
X509v3 Authority Key Identifier:
keyid:D0:E8:4D:6D:6A:9E:ED:E6:82:EF:1B:5C:78:F1:B3:F0:A3:31:39:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0OhNbWqe7eaC7xtcePGz8KMxORE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/Xnap6OmnLxlHce5KWFAIS_dB0-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/62b775-7841-4a61-b78c-b7ba28165a77/1/0OhNbWqe7eaC7xtcePGz8KMxORE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.105.161.0/24
Signature Algorithm: sha256WithRSAEncryption
39:a4:f7:20:3f:a3:1a:8c:09:b6:f7:d8:e8:de:3a:5c:12:74:
97:dd:8b:b8:46:fc:33:52:fc:7e:23:3d:0f:ae:7e:77:fd:b4:
66:58:3b:44:ef:bc:b0:f8:97:f0:b3:34:81:47:4d:15:cd:ba:
08:df:6e:99:2e:e6:b6:61:5f:c8:79:ab:80:9b:5f:68:55:52:
6b:ce:67:74:b9:f2:25:c4:1d:40:a1:11:b8:a9:a9:c3:2d:8b:
f8:0c:31:a1:fb:ac:70:a1:7e:9f:bd:60:44:08:77:5f:70:8c:
82:6c:90:2e:08:69:bd:87:93:83:f3:c0:9b:ea:39:e6:b5:98:
85:41:09:4e:22:60:f5:3a:12:b4:97:93:e8:c3:c2:d5:fd:2c:
6b:86:ab:49:cc:4a:72:07:ba:5b:5c:d5:da:38:69:98:a8:15:
a4:35:e8:07:30:e6:32:a9:79:cb:ba:32:f9:53:d4:2c:48:13:
fa:56:ca:6c:48:89:f2:bb:56:9d:f2:33:c2:79:88:8e:39:0a:
cf:f8:bf:b8:34:40:47:aa:ec:a2:aa:9a:a0:e9:2a:0b:78:55:
72:b5:71:8d:17:5b:6e:ae:40:e5:5a:06:fb:d3:55:31:d1:e0:
4e:6c:b6:f4:8e:ed:43:fb:18:08:83:a1:9c:32:bd:ed:17:b9:
25:23:5a:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYlJdtW8DQLTgp6s6q4GO2xPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwZTg0ZDZkNmE5ZWVkZTY4MmVmMWI1Yzc4ZjFiM2YwYTMz
MTM5MTEwHhcNMjMwNzEyMDkzNzUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc2YTllOGU5YTcyZjE5NDc3MWVlNGE1ODUwMDg0YmY3NDFkM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAho2a7jL6as0cwbmZyCBsHiqTtYsx
OYnSAxECzZxGrLK9FI20yreD9YgScSgP2mdeS4pfiJ1/D+x/fUCLliJI573XwzoJ
W4ivXvvZTbdOMM0lI5xJOb2KndDSpUSknavw6V8eFNNf86uzbRsYcVhvqblwXkOZ
HvPZtg3YJfXi7La6BlYCkpPKem1MisYv89ZF54RLovvnnlC3MhW7wpY2xN5n5EIO
bV04LU3XPpwAd4wLb7z/uVv05yXN+SzZGw7fOwfcy4uulLjJfPA8rzs8uT8pStuh
khHJuctKXy4+m5R3t2qLPAFWftG+BJZn10F/V3MM7Ze8C1myMOtl74upLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF52qejppy8ZR3HuSlhQCEv3QdPpMB8GA1UdIwQY
MBaAFNDoTW1qnu3mgu8bXHjxs/CjMTkRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvME9oTmJXcWU3ZWFDN3h0Y2VQR3o4S014T1JFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS82MmI3NzUtNzg0MS00YTYxLWI3OGMt
YjdiYTI4MTY1YTc3LzEvWG5hcDZPbW5MeGxIY2U1S1dGQUlTX2RCMC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS82MmI3NzUtNzg0MS00YTYxLWI3OGMtYjdiYTI4MTY1YTc3
LzEvME9oTmJXcWU3ZWFDN3h0Y2VQR3o4S014T1JFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWmhMA0G
CSqGSIb3DQEBCwUAA4IBAQA5pPcgP6MajAm299jo3jpcEnSX3Yu4RvwzUvx+Iz0P
rn53/bRmWDtE77yw+JfwszSBR00VzboI326ZLua2YV/IeauAm19oVVJrzmd0ufIl
xB1AoRG4qanDLYv4DDGh+6xwoX6fvWBECHdfcIyCbJAuCGm9h5OD88Cb6jnmtZiF
QQlOImD1OhK0l5Pow8LV/SxrhqtJzEpyB7pbXNXaOGmYqBWkNegHMOYyqXnLujL5
U9QsSBP6VspsSInyu1ad8jPCeYiOOQrP+L+4NEBHquyiqpqg6SoLeFVytXGNF1tu
rkDlWgb701Ux0eBObLb0ju1D+xgIg6GcMr3tF7klI1o1
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:37:54 2025 by rpki-client