Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/XkwxyrWLUo26po0UV0OJ6vwMP4E.roa
File: XkwxyrWLUo26po0UV0OJ6vwMP4E.roa (raw, json)
Hash identifier: SDikArKoKysg0HXsYT1Wd+jrrQyPXA6zJ9CJuwBYUYA=
Subject key identifier: 5E:4C:31:CA:B5:8B:52:8D:BA:A6:8D:14:57:43:89:EA:FC:0C:3F:81
Certificate issuer: /CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Certificate serial: 01856ED4EB9A93F31AA009123B985A6BBC8F
Authority key identifier: 11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/XkwxyrWLUo26po0UV0OJ6vwMP4E.roa
Signing time: Sun 01 Jan 2023 19:35:25 +0000
ROA not before: Sun 01 Jan 2023 19:35:25 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60084
IP address blocks: 2a00:ab00:7000::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:d4:eb:9a:93:f3:1a:a0:09:12:3b:98:5a:6b:bc:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11b69b59d19f2987e49f1852d60bb1777f80a301
Validity
Not Before: Jan 1 19:35:25 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e4c31cab58b528dbaa68d14574389eafc0c3f81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9d:6c:fc:61:15:12:36:7a:b9:c7:40:f5:38:
d4:36:2e:69:c8:12:4c:8f:5a:76:b0:51:51:95:c1:
45:5f:0a:33:c9:58:2c:51:03:54:da:a4:d5:e3:cf:
96:26:33:bc:24:10:39:75:1e:e5:7a:29:61:41:5c:
c1:68:03:5b:94:a9:0f:8f:ff:b0:90:a3:e0:68:11:
8c:9d:54:c8:bb:f4:98:d4:7b:f1:a3:05:08:41:2b:
0a:78:38:18:64:3f:dc:ec:91:cf:59:37:bc:90:32:
09:68:ee:e7:3d:e2:fe:93:ce:27:aa:b2:3f:f3:b2:
fc:28:ee:b1:88:ee:0a:0e:9f:3c:19:48:7f:92:d2:
99:2e:14:9e:60:50:b5:8a:d9:1b:da:d3:ee:2c:45:
79:4c:32:4b:c1:b0:4d:a4:08:be:18:35:17:d7:5d:
72:42:70:12:88:92:c2:76:fc:27:bf:cb:4f:78:4b:
30:39:80:4d:ab:da:2b:c5:f6:ee:79:c6:1e:fc:e7:
4d:02:e4:c8:29:6c:8c:34:1e:4e:f7:f0:f2:cb:95:
2d:96:a9:4a:52:a3:82:4e:8a:ca:1e:ac:fe:4b:0e:
a8:8d:7c:c6:47:1c:fe:08:57:27:7d:20:14:6e:c6:
17:06:e4:3c:80:3e:a1:8b:12:e4:a7:d7:6d:48:44:
2b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:4C:31:CA:B5:8B:52:8D:BA:A6:8D:14:57:43:89:EA:FC:0C:3F:81
X509v3 Authority Key Identifier:
keyid:11:B6:9B:59:D1:9F:29:87:E4:9F:18:52:D6:0B:B1:77:7F:80:A3:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EbabWdGfKYfknxhS1guxd3-AowE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/XkwxyrWLUo26po0UV0OJ6vwMP4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/5edf7a-ab9a-45e7-a612-d169c088b412/1/EbabWdGfKYfknxhS1guxd3-AowE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:ab00:7000::/36
Signature Algorithm: sha256WithRSAEncryption
05:51:be:5c:39:f4:ff:e0:04:3f:2b:ff:52:11:4c:6c:46:ad:
9d:b0:6d:04:56:35:c8:01:86:b7:a6:14:d4:1a:51:dd:43:1b:
7f:66:88:57:b2:c4:b6:c9:53:68:c8:a9:d4:0f:0e:1e:a9:78:
d9:f9:4c:6c:dd:94:f3:f3:ba:ac:00:31:35:cd:5c:a8:cc:79:
83:ca:9e:92:c2:9c:49:7c:a4:50:e3:b7:6d:e8:aa:c9:50:97:
44:8c:52:67:3d:c5:3d:47:7c:34:b7:5b:71:d2:4e:e2:46:84:
7f:2f:e4:12:c4:16:a8:0a:2d:8d:a8:69:f5:1d:df:b5:4e:72:
dd:ed:23:a1:8c:91:05:64:42:b5:3f:d3:1f:b3:d4:b6:6b:d0:
bf:ed:fe:a5:01:a4:2a:ca:ab:fd:fc:8e:7a:0d:43:29:1b:40:
10:43:5e:a0:55:0f:6a:33:13:81:51:8d:34:c4:4c:2f:35:96:
ac:bd:cb:50:83:0c:42:4c:af:ae:f6:fc:78:1e:b9:48:16:95:
ae:dc:12:28:73:3b:8a:71:3b:a1:9c:37:c5:41:66:bc:02:ab:
93:55:52:19:34:fe:15:df:ea:09:37:43:92:90:19:e7:2b:f3:
55:34:88:e1:a7:72:90:7d:32:dc:a8:f4:67:77:10:f7:d2:b1:
93:24:c8:a2
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVu1Ouak/MaoAkSO5haa7yPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYjY5YjU5ZDE5ZjI5ODdlNDlmMTg1MmQ2MGJiMTc3N2Y4
MGEzMDEwHhcNMjMwMTAxMTkzNTI1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTRjMzFjYWI1OGI1MjhkYmFhNjhkMTQ1NzQzODllYWZjMGMzZjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ1s/GEVEjZ6ucdA9TjUNi5pyBJM
j1p2sFFRlcFFXwozyVgsUQNU2qTV48+WJjO8JBA5dR7leilhQVzBaANblKkPj/+w
kKPgaBGMnVTIu/SY1HvxowUIQSsKeDgYZD/c7JHPWTe8kDIJaO7nPeL+k84nqrI/
87L8KO6xiO4KDp88GUh/ktKZLhSeYFC1itkb2tPuLEV5TDJLwbBNpAi+GDUX111y
QnASiJLCdvwnv8tPeEswOYBNq9orxfbuecYe/OdNAuTIKWyMNB5O9/Dyy5UtlqlK
UqOCTorKHqz+Sw6ojXzGRxz+CFcnfSAUbsYXBuQ8gD6hixLkp9dtSEQrjQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF5MMcq1i1KNuqaNFFdDier8DD+BMB8GA1UdIwQY
MBaAFBG2m1nRnymH5J8YUtYLsXd/gKMBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTIt
ZDE2OWMwODhiNDEyLzEvWGt3eHlyV0xVbzI2cG8wVVYwT0o2dndNUDRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC81ZWRmN2EtYWI5YS00NWU3LWE2MTItZDE2OWMwODhiNDEy
LzEvRWJhYldkR2ZLWWZrbnhoUzFndXhkMy1Bb3dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgCrAHAw
DQYJKoZIhvcNAQELBQADggEBAAVRvlw59P/gBD8r/1IRTGxGrZ2wbQRWNcgBhrem
FNQaUd1DG39miFeyxLbJU2jIqdQPDh6peNn5TGzdlPPzuqwAMTXNXKjMeYPKnpLC
nEl8pFDjt23oqslQl0SMUmc9xT1HfDS3W3HSTuJGhH8v5BLEFqgKLY2oafUd37VO
ct3tI6GMkQVkQrU/0x+z1LZr0L/t/qUBpCrKq/38jnoNQykbQBBDXqBVD2ozE4FR
jTTETC81lqy9y1CDDEJMr672/HgeuUgWla7cEihzO4pxO6GcN8VBZrwCq5NVUhk0
/hXf6gk3Q5KQGecr81U0iOGncpB9Mtyo9Gd3EPfSsZMkyKI=
-----END CERTIFICATE-----
Generated at Sun Apr 13 17:24:13 2025 by rpki-client