Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/XwUxSY1WH0b0Csjn8zYvOuXcehc.roa
File: XwUxSY1WH0b0Csjn8zYvOuXcehc.roa (raw, json)
Hash identifier: SfAt2JGmnQEfRekjFDqgGA3Cz5uBxtrjEpPKMl6NB6Y=
Subject key identifier: 5F:05:31:49:8D:56:1F:46:F4:0A:C8:E7:F3:36:2F:3A:E5:DC:7A:17
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 01856F024386B3D45C6EC034BF51A3BC7A6E
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/XwUxSY1WH0b0Csjn8zYvOuXcehc.roa
Signing time: Sun 01 Jan 2023 20:24:57 +0000
ROA not before: Sun 01 Jan 2023 20:24:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198949
IP address blocks: 89.111.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:43:86:b3:d4:5c:6e:c0:34:bf:51:a3:bc:7a:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 20:24:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f0531498d561f46f40ac8e7f3362f3ae5dc7a17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5f:7c:ae:0d:b2:1e:93:c8:ef:18:41:85:3c:
44:86:b8:62:4c:d4:b7:19:ee:5e:59:5a:34:49:86:
1d:69:de:6a:9c:23:10:a9:c7:54:12:2a:87:bb:0b:
92:1f:f7:b6:2c:26:d5:c6:dd:e2:a0:c7:3b:5d:a4:
3b:2e:44:8d:b0:ee:10:2a:36:c7:0c:3b:e0:ab:52:
b2:80:bf:f6:5e:b8:43:b3:2c:54:aa:4b:34:3a:b4:
d9:4b:3a:01:8f:4b:df:73:72:62:a4:73:6e:9e:ce:
64:f4:88:60:9b:5a:cb:5e:a1:f7:2b:3c:62:91:ef:
fc:d4:31:34:cf:ff:7e:d9:2c:71:a5:9a:95:3d:5a:
26:2d:11:82:45:d7:51:6a:08:94:53:c2:bc:66:ac:
e4:c9:17:07:46:21:f9:c0:31:49:f9:20:6d:67:95:
9c:b7:d9:74:b0:7f:f6:24:34:ce:52:7a:71:43:b3:
16:c7:c0:06:4c:1d:56:dc:73:8a:a6:8a:5e:cd:ba:
b9:9c:ef:c2:be:6f:57:89:f4:5f:b6:75:b9:31:8b:
f8:a2:fe:e9:da:2c:77:3c:30:fc:a1:85:c3:24:4d:
de:d9:11:5e:c7:fc:35:cc:54:c4:a6:63:0c:70:59:
76:a2:14:ea:78:34:f4:62:dc:17:8b:85:c4:ec:b2:
f5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:05:31:49:8D:56:1F:46:F4:0A:C8:E7:F3:36:2F:3A:E5:DC:7A:17
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/XwUxSY1WH0b0Csjn8zYvOuXcehc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.240.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:99:72:d9:32:11:9c:c6:b3:63:f7:61:23:ee:97:21:f9:3e:
7c:22:3a:df:18:13:63:b5:51:fe:9e:14:07:0d:98:e0:88:24:
50:a9:08:b9:11:8b:36:e9:c3:12:4e:6c:bb:b6:ab:fa:9c:63:
45:e9:5a:06:76:d9:72:17:08:f4:39:4c:08:b8:e6:2a:91:14:
c0:e5:a3:3b:93:3a:6c:a1:5e:2d:ce:da:e2:cf:5c:7a:fe:2a:
fa:9b:a5:cd:39:ef:6c:b5:80:56:e6:47:01:8b:b8:6c:93:fe:
34:93:95:00:ab:e9:22:8d:af:7c:2d:07:37:ab:2e:e9:82:b7:
37:64:b3:8d:f0:c0:48:29:97:1d:a4:6c:fe:cc:3f:98:21:76:
de:37:bc:97:ec:d3:c2:2b:5a:1b:0d:95:8f:ad:c5:b4:f3:f7:
9d:c9:73:08:92:88:b2:74:f9:b4:52:6c:ae:33:a6:95:ad:0c:
19:17:fa:dd:33:37:75:72:75:1e:8e:71:a0:71:03:94:6a:49:
46:46:8e:a4:90:c6:f4:d4:95:39:37:01:b8:7e:79:26:8f:0d:
9e:f2:fe:44:05:1f:bb:3f:c6:4c:93:70:77:a8:b1:5f:68:03:
a5:e9:37:2c:c1:68:93:74:31:1d:77:56:02:77:53:f4:c3:5f:
a6:e0:14:7b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkOGs9RcbsA0v1GjvHpuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjMwMTAxMjAyNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjA1MzE0OThkNTYxZjQ2ZjQwYWM4ZTdmMzM2MmYzYWU1ZGM3YTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwF98rg2yHpPI7xhBhTxEhrhiTNS3
Ge5eWVo0SYYdad5qnCMQqcdUEiqHuwuSH/e2LCbVxt3ioMc7XaQ7LkSNsO4QKjbH
DDvgq1KygL/2XrhDsyxUqks0OrTZSzoBj0vfc3JipHNuns5k9Ihgm1rLXqH3Kzxi
ke/81DE0z/9+2SxxpZqVPVomLRGCRddRagiUU8K8ZqzkyRcHRiH5wDFJ+SBtZ5Wc
t9l0sH/2JDTOUnpxQ7MWx8AGTB1W3HOKpopezbq5nO/Cvm9XifRftnW5MYv4ov7p
2ix3PDD8oYXDJE3e2RFex/w1zFTEpmMMcFl2ohTqeDT0YtwXi4XE7LL1EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8FMUmNVh9G9ArI5/M2Lzrl3HoXMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvWHdVeFNZMVdIMGIwQ3Nqbjh6WXZPdVhjZWhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWW/wMA0G
CSqGSIb3DQEBCwUAA4IBAQBtmXLZMhGcxrNj92Ej7pch+T58IjrfGBNjtVH+nhQH
DZjgiCRQqQi5EYs26cMSTmy7tqv6nGNF6VoGdtlyFwj0OUwIuOYqkRTA5aM7kzps
oV4tztriz1x6/ir6m6XNOe9stYBW5kcBi7hsk/40k5UAq+kija98LQc3qy7pgrc3
ZLON8MBIKZcdpGz+zD+YIXbeN7yX7NPCK1obDZWPrcW08/edyXMIkoiydPm0Umyu
M6aVrQwZF/rdMzd1cnUejnGgcQOUaklGRo6kkMb01JU5NwG4fnkmjw2e8v5EBR+7
P8ZMk3B3qLFfaAOl6TcswWiTdDEdd1YCd1P0w1+m4BR7
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:15 2025 by rpki-client