Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/IzM_hXhSdncUBzuF0nVrgOR0kM0.roa
File: IzM_hXhSdncUBzuF0nVrgOR0kM0.roa (raw, json)
Hash identifier: nDUQUJ1oyuPk525s/B6c1px8N/9IRc+k+GkSMyLbFbo=
Subject key identifier: 23:33:3F:85:78:52:76:77:14:07:3B:85:D2:75:6B:80:E4:74:90:CD
Certificate issuer: /CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Certificate serial: 01856EEFE4C43D42B6504888BBE850CD6370
Authority key identifier: 5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/IzM_hXhSdncUBzuF0nVrgOR0kM0.roa
Signing time: Sun 01 Jan 2023 20:04:53 +0000
ROA not before: Sun 01 Jan 2023 20:04:53 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 16027
IP address blocks: 193.168.160.0/22 maxlen: 22
217.71.64.0/20 maxlen: 20
217.71.69.0/24 maxlen: 24
217.71.67.0/24 maxlen: 24
217.71.68.0/24 maxlen: 24
217.71.73.0/24 maxlen: 24
217.71.78.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:ef:e4:c4:3d:42:b6:50:48:88:bb:e8:50:cd:63:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5eba57e1707e43b2fa97fceb078a5d460e56c1bf
Validity
Not Before: Jan 1 20:04:53 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=23333f857852767714073b85d2756b80e47490cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:40:d7:77:ce:4b:a4:4f:c1:0d:f1:f7:78:cc:
80:25:06:3c:b6:79:e3:3b:5d:58:c2:a0:20:db:51:
3f:6a:ef:c5:ef:4b:50:c2:ed:5e:34:59:ef:8a:c9:
de:d2:6b:44:75:95:26:e5:f1:c8:64:4c:50:69:a1:
73:5e:a4:f0:c5:89:19:b6:ed:a8:2c:6c:a2:60:9b:
68:b4:96:6d:30:38:d7:a4:ef:09:3c:bf:89:58:15:
69:47:91:d8:8f:69:ad:80:63:99:e8:4f:f3:12:6f:
62:83:fb:b1:52:65:e1:3f:aa:df:d5:4d:ca:6b:92:
15:05:6f:f6:d6:59:ee:9d:49:1e:6e:fe:e0:08:e1:
0a:3d:7b:1b:28:77:ae:3c:ec:d4:e6:5a:8d:e7:99:
60:18:9c:65:dd:c0:fe:3d:19:04:76:da:96:69:5c:
d9:66:9e:bc:87:ae:fb:d1:14:b8:e5:c7:44:88:45:
84:2d:cc:da:7e:77:57:2e:bd:80:41:f1:1e:40:77:
5e:bf:b4:46:f4:c0:8f:23:af:2d:01:ef:8d:53:5e:
36:77:39:1b:3d:52:18:cf:3b:48:93:f8:64:2f:44:
79:fb:41:53:fb:f2:e6:02:fd:e6:ba:4e:11:53:6e:
db:d7:7f:a8:2f:66:24:91:8a:b7:50:0c:9d:2b:19:
69:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:33:3F:85:78:52:76:77:14:07:3B:85:D2:75:6B:80:E4:74:90:CD
X509v3 Authority Key Identifier:
keyid:5E:BA:57:E1:70:7E:43:B2:FA:97:FC:EB:07:8A:5D:46:0E:56:C1:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/IzM_hXhSdncUBzuF0nVrgOR0kM0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/cbcac6-abeb-4a38-8ccc-b5972709bb02/1/XrpX4XB-Q7L6l_zrB4pdRg5Wwb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.168.160.0/22
217.71.64.0/20
Signature Algorithm: sha256WithRSAEncryption
86:5f:90:9f:40:6b:0e:5f:87:83:f0:1a:b7:46:a7:8e:c6:52:
82:5f:b8:bc:b3:9e:9c:09:be:bd:be:1e:c7:f5:e6:f3:2a:ed:
b8:a6:90:80:29:47:b1:85:25:cd:0b:21:22:74:60:f4:7e:a5:
a5:4f:f9:fc:8b:97:3c:a7:fa:dd:b0:a1:bd:40:92:8c:1d:05:
64:f4:e2:7d:35:e0:06:7e:e6:f7:e1:9e:68:c1:9d:f4:be:93:
ea:08:05:bc:c3:3e:f1:1a:fd:17:5a:82:cb:b3:79:e3:ff:19:
1a:56:01:ab:42:d6:0d:15:58:84:d7:56:71:1a:39:4a:e5:e3:
e5:ed:d1:54:ce:70:84:85:0a:65:f0:f8:bb:7d:51:9a:3b:25:
99:14:b8:b4:18:47:dd:ea:b8:2e:a4:be:9f:82:cd:62:0d:fc:
9d:f4:14:c0:21:63:3d:35:43:fc:07:7c:38:14:0d:99:1e:98:
eb:76:51:6f:f9:19:2d:f5:46:b3:20:8a:6b:01:91:8c:c4:72:
a9:09:97:2c:d8:7a:ac:10:a8:f6:65:0f:c4:f9:75:2a:a5:3e:
88:93:b8:d1:3f:34:8c:b0:62:2f:c0:79:cd:bb:b8:f5:75:85:
ba:0d:61:ac:f6:8b:96:5e:36:b6:50:71:c7:3b:2c:33:18:24:
42:92:f8:c7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVu7+TEPUK2UEiIu+hQzWNwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlYmE1N2UxNzA3ZTQzYjJmYTk3ZmNlYjA3OGE1ZDQ2MGU1
NmMxYmYwHhcNMjMwMTAxMjAwNDUzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzMzM2Y4NTc4NTI3Njc3MTQwNzNiODVkMjc1NmI4MGU0NzQ5MGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkDXd85LpE/BDfH3eMyAJQY8tnnj
O11YwqAg21E/au/F70tQwu1eNFnvisne0mtEdZUm5fHIZExQaaFzXqTwxYkZtu2o
LGyiYJtotJZtMDjXpO8JPL+JWBVpR5HYj2mtgGOZ6E/zEm9ig/uxUmXhP6rf1U3K
a5IVBW/21lnunUkebv7gCOEKPXsbKHeuPOzU5lqN55lgGJxl3cD+PRkEdtqWaVzZ
Zp68h6770RS45cdEiEWELczafndXLr2AQfEeQHdev7RG9MCPI68tAe+NU142dzkb
PVIYzztIk/hkL0R5+0FT+/LmAv3muk4RU27b13+oL2YkkYq3UAydKxlpewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMzP4V4UnZ3FAc7hdJ1a4DkdJDNMB8GA1UdIwQY
MBaAFF66V+FwfkOy+pf86weKXUYOVsG/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHJwWDRYQi1RN0w2bF96ckI0cGRSZzVXd2I4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy9jYmNhYzYtYWJlYi00YTM4LThjY2Mt
YjU5NzI3MDliYjAyLzEvSXpNX2hYaFNkbmNVQnp1RjBuVnJnT1Iwa00wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy9jYmNhYzYtYWJlYi00YTM4LThjY2MtYjU5NzI3MDliYjAy
LzEvWHJwWDRYQi1RN0w2bF96ckI0cGRSZzVXd2I4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwaigAwQE
2UdAMA0GCSqGSIb3DQEBCwUAA4IBAQCGX5CfQGsOX4eD8Bq3RqeOxlKCX7i8s56c
Cb69vh7H9ebzKu24ppCAKUexhSXNCyEidGD0fqWlT/n8i5c8p/rdsKG9QJKMHQVk
9OJ9NeAGfub34Z5owZ30vpPqCAW8wz7xGv0XWoLLs3nj/xkaVgGrQtYNFViE11Zx
GjlK5ePl7dFUznCEhQpl8Pi7fVGaOyWZFLi0GEfd6rgupL6fgs1iDfyd9BTAIWM9
NUP8B3w4FA2ZHpjrdlFv+Rkt9UazIIprAZGMxHKpCZcs2HqsEKj2ZQ/E+XUqpT6I
k7jRPzSMsGIvwHnNu7j1dYW6DWGs9ouWXja2UHHHOywzGCRCkvjH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:13:36 2025 by rpki-client