Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/XDKNAFkSF5VRZkNxNNUidGaaEss.roa
File: XDKNAFkSF5VRZkNxNNUidGaaEss.roa (raw, json)
Hash identifier: by/i1exd+f0kfp8Oz0aL7kWAYr3HGFx7qTHPQ+a2eCw=
Subject key identifier: 5C:32:8D:00:59:12:17:95:51:66:43:71:34:D5:22:74:66:9A:12:CB
Certificate issuer: /CN=c72a524f9b1b3801dbd7c89a160aec076b57e729
Certificate serial: 018573A842F72812B73DFE82D88B245188A6
Authority key identifier: C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/XDKNAFkSF5VRZkNxNNUidGaaEss.roa
Signing time: Mon 02 Jan 2023 18:04:45 +0000
ROA not before: Mon 02 Jan 2023 18:04:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47626
IP address blocks: 91.205.190.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:a8:42:f7:28:12:b7:3d:fe:82:d8:8b:24:51:88:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c72a524f9b1b3801dbd7c89a160aec076b57e729
Validity
Not Before: Jan 2 18:04:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c328d00591217955166437134d52274669a12cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:10:dd:72:ea:3b:86:b1:25:6b:5b:15:34:3c:
3d:fc:9d:0f:7c:eb:58:22:48:7b:fe:5d:8a:28:78:
59:68:1d:45:9f:68:80:e9:94:e2:94:1d:e9:96:f4:
ba:97:4b:3b:31:21:a2:b5:3b:8a:42:4e:14:ba:72:
6e:07:39:ee:33:fe:af:cb:29:13:5a:e5:2c:70:27:
4d:9a:08:e4:56:96:d1:a2:6f:94:80:46:38:c5:42:
f5:16:64:17:4b:4f:09:b0:f0:df:d7:74:27:48:5b:
19:e5:a0:7f:73:54:63:c7:88:c9:d0:f6:58:28:92:
5c:8e:e6:ec:4e:c2:c8:68:08:b0:6f:3c:b3:64:c1:
60:49:67:24:56:e1:f4:8b:cf:b1:61:e9:44:7b:ea:
6d:fa:ba:75:0e:6f:d8:2c:ea:3b:51:f8:06:2d:2e:
8d:6d:b3:f7:f6:46:93:e5:70:ec:9b:1c:3c:9e:ec:
71:21:00:03:ae:49:48:52:b7:e2:42:f0:5e:ad:dc:
94:ff:29:ac:7c:7e:6d:de:a3:b8:eb:a9:5c:cd:ed:
41:25:7f:e9:ac:66:7d:f5:d5:71:e5:86:3c:c4:3b:
91:89:bd:54:80:ac:db:63:4e:d3:84:b2:f7:35:c3:
0f:bd:84:31:23:ef:0f:4d:7a:1b:fe:d6:32:69:c6:
c5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:32:8D:00:59:12:17:95:51:66:43:71:34:D5:22:74:66:9A:12:CB
X509v3 Authority Key Identifier:
keyid:C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/XDKNAFkSF5VRZkNxNNUidGaaEss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.190.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:dd:aa:e0:4e:9e:07:27:e5:15:a4:dc:ec:cc:46:41:c3:78:
82:fe:5c:8e:12:7f:d9:84:15:4a:48:69:67:8b:80:79:7f:67:
51:d2:13:12:cc:5f:97:b9:ae:1c:3c:93:9c:bb:1b:76:c1:5e:
3a:e1:0d:ea:d5:b5:89:e3:50:f2:b4:3e:19:9d:4b:c1:c7:c8:
4e:54:f4:b0:bf:9f:e6:30:dc:32:bf:95:58:5a:b5:f4:cb:0b:
b7:97:2e:b2:e0:cf:08:64:48:a6:bc:a0:a7:e7:c4:55:1a:72:
be:6b:21:b8:12:78:16:31:62:3a:54:ab:91:e4:b9:b8:91:b4:
f0:0f:d0:2a:7a:58:37:c3:a3:24:16:60:25:b8:01:1e:d4:db:
b7:64:fb:53:9a:1b:d5:d6:fc:a4:1a:91:9e:a7:1e:ec:12:95:
8f:8d:7b:a1:d2:0b:e3:fe:18:10:1b:9e:e7:7a:66:09:9b:52:
46:6d:61:a3:e0:10:d7:ba:df:e4:7a:01:d7:4f:d1:a3:b1:d1:
26:2e:21:0c:2d:e2:f8:78:b1:0a:7c:d4:58:68:ae:78:52:77:
0e:c8:9a:e2:16:09:63:a1:c1:3f:3a:a1:97:8f:ea:e4:1e:ee:
df:fd:62:e9:5e:6a:50:50:15:66:77:26:2a:d9:2e:a7:7b:20:
66:55:f1:3a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzqEL3KBK3Pf6C2IskUYimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MmE1MjRmOWIxYjM4MDFkYmQ3Yzg5YTE2MGFlYzA3NmI1
N2U3MjkwHhcNMjMwMTAyMTgwNDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzMyOGQwMDU5MTIxNzk1NTE2NjQzNzEzNGQ1MjI3NDY2OWExMmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBDdcuo7hrEla1sVNDw9/J0PfOtY
Ikh7/l2KKHhZaB1Fn2iA6ZTilB3plvS6l0s7MSGitTuKQk4UunJuBznuM/6vyykT
WuUscCdNmgjkVpbRom+UgEY4xUL1FmQXS08JsPDf13QnSFsZ5aB/c1Rjx4jJ0PZY
KJJcjubsTsLIaAiwbzyzZMFgSWckVuH0i8+xYelEe+pt+rp1Dm/YLOo7UfgGLS6N
bbP39kaT5XDsmxw8nuxxIQADrklIUrfiQvBerdyU/ymsfH5t3qO466lcze1BJX/p
rGZ99dVx5YY8xDuRib1UgKzbY07ThLL3NcMPvYQxI+8PTXob/tYyacbF5wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFwyjQBZEheVUWZDcTTVInRmmhLLMB8GA1UdIwQY
MBaAFMcqUk+bGzgB29fImhYK7AdrV+cpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHlwU1Q1c2JPQUhiMThpYUZncnNCMnRYNXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80ZTNjYzItMWEzMy00OTVhLTk5OWYt
ZDdhNjg0YTU3YjE5LzEvWERLTkFGa1NGNVZSWmtOeE5OVWlkR2FhRXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80ZTNjYzItMWEzMy00OTVhLTk5OWYtZDdhNjg0YTU3YjE5
LzEveHlwU1Q1c2JPQUhiMThpYUZncnNCMnRYNXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW82+MA0G
CSqGSIb3DQEBCwUAA4IBAQBf3argTp4HJ+UVpNzszEZBw3iC/lyOEn/ZhBVKSGln
i4B5f2dR0hMSzF+Xua4cPJOcuxt2wV464Q3q1bWJ41DytD4ZnUvBx8hOVPSwv5/m
MNwyv5VYWrX0ywu3ly6y4M8IZEimvKCn58RVGnK+ayG4EngWMWI6VKuR5Lm4kbTw
D9Aqelg3w6MkFmAluAEe1Nu3ZPtTmhvV1vykGpGepx7sEpWPjXuh0gvj/hgQG57n
emYJm1JGbWGj4BDXut/kegHXT9GjsdEmLiEMLeL4eLEKfNRYaK54UncOyJriFglj
ocE/OqGXj+rkHu7f/WLpXmpQUBVmdyYq2S6neyBmVfE6
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:24:18 2025 by rpki-client