Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/X4bS8K78yAmh3gdIxH-HZHPeTCk.roa
File: X4bS8K78yAmh3gdIxH-HZHPeTCk.roa (raw, json)
Hash identifier: plvvqY0ocMnq2LhEj7mMQqWfO5VqzbAb9xQDx8SKx1o=
Subject key identifier: 5F:86:D2:F0:AE:FC:C8:09:A1:DE:07:48:C4:7F:87:64:73:DE:4C:29
Certificate issuer: /CN=beba48c7e2c9e05eda546d899146b89f799df85d
Certificate serial: 35A0EBF0
Authority key identifier: BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/X4bS8K78yAmh3gdIxH-HZHPeTCk.roa
Signing time: Sat 01 Jan 2022 08:54:54 +0000
ROA not before: Sat 01 Jan 2022 08:54:54 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 43726
IP address blocks: 193.26.214.0/24 maxlen: 24
91.198.130.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 899738608 (0x35a0ebf0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=beba48c7e2c9e05eda546d899146b89f799df85d
Validity
Not Before: Jan 1 08:54:54 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5f86d2f0aefcc809a1de0748c47f876473de4c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:ad:ea:a9:9d:08:62:2c:e9:a2:4b:a8:03:57:
0d:27:47:d0:ba:ff:20:86:e5:86:4e:50:c3:a8:5d:
74:7e:82:0a:a1:17:53:a3:50:d2:49:c4:43:aa:2d:
2d:6a:2d:01:3b:1e:2c:9c:f1:ed:32:3e:82:67:85:
44:5a:05:bb:6f:28:91:32:6c:5c:33:d1:81:fa:98:
6e:62:25:d2:d4:d7:71:0d:33:25:cf:37:6d:79:d6:
30:09:91:b3:8d:99:ef:3c:f2:5c:0c:79:1d:ca:eb:
4f:2c:24:6d:54:8f:36:17:d9:e1:96:a0:e1:74:74:
9c:94:ef:05:8f:2a:6d:b5:e0:3b:ff:bd:b4:ff:6a:
a7:5b:1a:86:1b:d6:a9:4a:df:32:67:e6:a3:6f:71:
2b:ca:50:21:9a:e8:d8:be:08:67:90:46:fe:9d:6d:
c0:44:96:b6:f0:46:02:7c:52:37:5a:a5:82:eb:4e:
77:9e:fa:a7:ee:a8:1b:3f:5e:93:9a:5d:5d:37:68:
f8:db:06:7f:aa:7e:c1:8a:bf:77:87:b5:04:4c:9e:
0c:b6:99:93:ab:e0:62:77:66:88:51:99:e9:8d:df:
62:9e:5a:b8:fd:c1:c4:d8:5d:b8:40:a5:1a:a2:68:
e2:f7:aa:7c:ce:21:ca:94:b9:ab:4c:f1:69:78:13:
e9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:86:D2:F0:AE:FC:C8:09:A1:DE:07:48:C4:7F:87:64:73:DE:4C:29
X509v3 Authority Key Identifier:
keyid:BE:BA:48:C7:E2:C9:E0:5E:DA:54:6D:89:91:46:B8:9F:79:9D:F8:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vrpIx-LJ4F7aVG2JkUa4n3md-F0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/X4bS8K78yAmh3gdIxH-HZHPeTCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/7f8821-1566-43f4-ab26-3d522181a2c4/1/vrpIx-LJ4F7aVG2JkUa4n3md-F0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.130.0/24
193.26.214.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:01:c4:df:86:d9:7f:a4:33:82:e4:cc:f3:84:33:42:e3:7e:
4e:97:bb:c8:5d:2c:fb:1d:58:4b:77:a3:dc:77:04:bb:45:54:
02:22:5f:42:ba:85:a9:7d:d9:dd:d7:37:81:64:1c:1c:f6:18:
dd:c4:6f:c9:7a:0c:2d:0b:e1:60:1e:0a:4d:27:06:ec:73:ed:
71:c3:a5:f0:29:1a:83:71:a9:4c:59:78:92:35:88:31:d9:81:
77:36:c7:06:f0:dc:30:07:11:3d:78:5c:f0:a6:c7:a3:5e:ab:
b4:f1:79:4e:00:e7:6f:33:58:c1:c9:df:da:54:3e:5e:52:82:
58:52:87:0c:dd:cb:d3:5e:47:bf:cd:55:63:65:de:11:a9:7e:
d8:8f:0a:8b:3f:78:c5:f0:dc:bc:f9:21:ac:aa:ea:16:f7:78:
c0:61:0f:12:bd:fe:10:ba:47:b4:8c:32:55:65:10:78:44:8b:
dd:24:e6:14:e8:30:11:70:f5:96:ad:e1:f3:89:de:b4:53:1f:
ee:00:76:8c:a8:c1:3a:4f:54:23:75:6e:12:da:1b:ce:f6:ea:
38:52:b9:56:ab:c3:3c:e0:2d:75:3d:88:07:2a:81:06:72:cc:
d1:6f:94:93:45:a4:7f:e5:aa:c4:68:f0:3b:69:81:ab:2c:c8:
e6:66:23:b3
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIENaDr8DANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZWJhNDhjN2UyYzllMDVlZGE1NDZkODk5MTQ2Yjg5Zjc5OWRmODVkMB4XDTIyMDEw
MTA4NTQ1NFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWY4NmQyZjBhZWZj
YzgwOWExZGUwNzQ4YzQ3Zjg3NjQ3M2RlNGMyOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALKt6qmdCGIs6aJLqANXDSdH0Lr/IIblhk5Qw6hddH6CCqEX
U6NQ0knEQ6otLWotATseLJzx7TI+gmeFRFoFu28okTJsXDPRgfqYbmIl0tTXcQ0z
Jc83bXnWMAmRs42Z7zzyXAx5HcrrTywkbVSPNhfZ4Zag4XR0nJTvBY8qbbXgO/+9
tP9qp1sahhvWqUrfMmfmo29xK8pQIZro2L4IZ5BG/p1twESWtvBGAnxSN1qlgutO
d576p+6oGz9ek5pdXTdo+NsGf6p+wYq/d4e1BEyeDLaZk6vgYndmiFGZ6Y3fYp5a
uP3BxNhduEClGqJo4veqfM4hypS5q0zxaXgT6TECAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRfhtLwrvzICaHeB0jEf4dkc95MKTAfBgNVHSMEGDAWgBS+ukjH4sngXtpU
bYmRRrifeZ34XTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZycEl4LUxKNEY3YVZHMkprVWE0bjNtZC1GMC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNmQvN2Y4ODIxLTE1NjYtNDNmNC1hYjI2LTNkNTIyMTgxYTJjNC8x
L1g0YlM4Szc4eUFtaDNnZEl4SC1IWkhQZVRDay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNmQv
N2Y4ODIxLTE1NjYtNDNmNC1hYjI2LTNkNTIyMTgxYTJjNC8xL3ZycEl4LUxKNEY3
YVZHMkprVWE0bjNtZC1GMC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAFvGggMEAMEa1jANBgkqhkiG9w0B
AQsFAAOCAQEArgHE34bZf6QzguTM84QzQuN+Tpe7yF0s+x1YS3ej3HcEu0VUAiJf
QrqFqX3Z3dc3gWQcHPYY3cRvyXoMLQvhYB4KTScG7HPtccOl8Ckag3GpTFl4kjWI
MdmBdzbHBvDcMAcRPXhc8KbHo16rtPF5TgDnbzNYwcnf2lQ+XlKCWFKHDN3L015H
v81VY2XeEal+2I8Kiz94xfDcvPkhrKrqFvd4wGEPEr3+ELpHtIwyVWUQeESL3STm
FOgwEXD1lq3h84netFMf7gB2jKjBOk9UI3VuEtobzvbqOFK5VqvDPOAtdT2IByqB
BnLM0W+Uk0Wkf+WqxGjwO2mBqyzI5mYjsw==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:33:59 2025 by rpki-client