Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1bd1be-cdde-45ae-a124-a7bd83a8f56c/1/JXxSJZAQrpHBF43Ix2OWqk9vptI.roa
File: JXxSJZAQrpHBF43Ix2OWqk9vptI.roa (raw, json)
Hash identifier: AO78o4UAnRU5m5xgY9KtCTLx4xUxk9+YHS9YUGqig2E=
Subject key identifier: 25:7C:52:25:90:10:AE:91:C1:17:8D:C8:C7:63:96:AA:4F:6F:A6:D2
Certificate issuer: /CN=5f45b134c091410e31423eac2ccad0aedb8a6ec5
Certificate serial: 01856F0B4174BDEDF0B63E179305146C91AA
Authority key identifier: 5F:45:B1:34:C0:91:41:0E:31:42:3E:AC:2C:CA:D0:AE:DB:8A:6E:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X0WxNMCRQQ4xQj6sLMrQrtuKbsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1bd1be-cdde-45ae-a124-a7bd83a8f56c/1/JXxSJZAQrpHBF43Ix2OWqk9vptI.roa
Signing time: Sun 01 Jan 2023 20:34:46 +0000
ROA not before: Sun 01 Jan 2023 20:34:46 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 25460
IP address blocks: 193.32.18.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:0b:41:74:bd:ed:f0:b6:3e:17:93:05:14:6c:91:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f45b134c091410e31423eac2ccad0aedb8a6ec5
Validity
Not Before: Jan 1 20:34:46 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=257c52259010ae91c1178dc8c76396aa4f6fa6d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:89:e6:41:df:ed:e5:15:a4:d8:96:fb:e5:48:
a5:c0:a3:39:65:73:89:eb:c3:0d:8d:5e:81:de:ea:
2b:fb:5b:09:b8:54:74:36:bb:51:78:5d:27:23:8b:
04:ad:c6:a7:3b:c2:00:3a:8a:64:21:42:8a:d6:b6:
02:08:4e:e9:f3:79:55:2b:f5:1d:6b:fe:08:04:b5:
62:b4:2f:6c:8b:16:f4:b4:22:45:ce:65:e5:08:4d:
a8:09:70:5b:cb:b0:2e:2a:d2:17:8f:79:a6:18:0b:
82:69:de:6a:1c:6d:14:0c:95:b7:16:39:f1:a1:89:
d7:b4:7f:20:8e:e6:13:22:7a:74:aa:fd:11:b7:9f:
0b:fe:fd:db:68:0c:92:e6:d7:79:43:a9:92:52:6a:
98:2e:fc:6e:ae:89:6b:a0:0c:ae:77:e0:bd:6d:a6:
6a:f4:18:ad:82:d4:20:f6:c1:96:c1:b7:42:7a:3b:
f9:33:44:94:30:34:8b:61:c4:84:95:16:cc:d6:bc:
1f:7f:fb:99:02:b9:5d:24:17:53:50:99:be:01:ae:
1a:64:db:db:03:15:c3:70:ad:06:66:97:d2:a3:74:
69:2f:f0:80:de:39:39:13:52:98:06:60:6c:49:17:
d8:b1:6c:ad:bf:48:87:42:4f:21:ee:32:a1:a7:aa:
de:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:7C:52:25:90:10:AE:91:C1:17:8D:C8:C7:63:96:AA:4F:6F:A6:D2
X509v3 Authority Key Identifier:
keyid:5F:45:B1:34:C0:91:41:0E:31:42:3E:AC:2C:CA:D0:AE:DB:8A:6E:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X0WxNMCRQQ4xQj6sLMrQrtuKbsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1bd1be-cdde-45ae-a124-a7bd83a8f56c/1/JXxSJZAQrpHBF43Ix2OWqk9vptI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1bd1be-cdde-45ae-a124-a7bd83a8f56c/1/X0WxNMCRQQ4xQj6sLMrQrtuKbsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.18.0/24
Signature Algorithm: sha256WithRSAEncryption
38:be:7f:5b:f5:20:6e:97:13:f6:42:2b:81:f3:d5:1b:29:22:
83:f7:4d:83:7b:99:30:e7:4b:66:05:48:3d:18:1d:be:28:d0:
30:08:90:9e:37:15:c7:13:23:54:44:9f:46:6e:d4:99:0e:76:
e6:53:02:b6:f3:bb:bd:26:4a:0a:a5:0d:25:67:0b:8f:db:a1:
de:09:83:6e:4d:57:8a:26:0f:81:3b:83:94:57:fb:32:9c:de:
3e:a9:ad:b9:89:12:e1:73:53:0a:91:5a:8f:0e:2e:a3:21:d5:
5b:d4:70:8a:d2:83:bb:79:09:6c:70:9c:69:c8:1f:8d:26:5e:
d5:21:29:8e:51:73:c5:15:f7:fa:2b:ad:0f:10:86:5d:21:f6:
84:53:54:96:f0:2f:9a:c7:0e:a8:eb:a9:17:4e:2b:4f:a0:7d:
9f:43:41:cb:a9:1a:d6:8f:2b:fd:45:ec:8d:57:07:46:35:06:
3f:d8:6a:0d:98:7e:39:f2:ce:8a:19:94:15:d0:58:27:49:e7:
e4:6a:9b:0b:64:d0:2b:0c:42:cb:3b:82:97:ba:57:b8:7b:ca:
4e:3c:4f:8a:e2:4c:9b:18:7d:f5:55:aa:ca:bf:26:81:c8:7d:
22:d3:d3:dd:58:de:09:df:90:49:ab:41:db:83:ba:07:0a:0e:
09:ae:3b:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvC0F0ve3wtj4XkwUUbJGqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmNDViMTM0YzA5MTQxMGUzMTQyM2VhYzJjY2FkMGFlZGI4
YTZlYzUwHhcNMjMwMTAxMjAzNDQ2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTdjNTIyNTkwMTBhZTkxYzExNzhkYzhjNzYzOTZhYTRmNmZhNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24nmQd/t5RWk2Jb75UilwKM5ZXOJ
68MNjV6B3uor+1sJuFR0NrtReF0nI4sErcanO8IAOopkIUKK1rYCCE7p83lVK/Ud
a/4IBLVitC9sixb0tCJFzmXlCE2oCXBby7AuKtIXj3mmGAuCad5qHG0UDJW3Fjnx
oYnXtH8gjuYTInp0qv0Rt58L/v3baAyS5td5Q6mSUmqYLvxurolroAyud+C9baZq
9BitgtQg9sGWwbdCejv5M0SUMDSLYcSElRbM1rwff/uZArldJBdTUJm+Aa4aZNvb
AxXDcK0GZpfSo3RpL/CA3jk5E1KYBmBsSRfYsWytv0iHQk8h7jKhp6rexQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCV8UiWQEK6RwReNyMdjlqpPb6bSMB8GA1UdIwQY
MBaAFF9FsTTAkUEOMUI+rCzK0K7bim7FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDBXeE5NQ1JRUTR4UWo2c0xNclFydHVLYnNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xYmQxYmUtY2RkZS00NWFlLWExMjQt
YTdiZDgzYThmNTZjLzEvSlh4U0paQVFycEhCRjQzSXgyT1dxazl2cHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xYmQxYmUtY2RkZS00NWFlLWExMjQtYTdiZDgzYThmNTZj
LzEvWDBXeE5NQ1JRUTR4UWo2c0xNclFydHVLYnNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSASMA0G
CSqGSIb3DQEBCwUAA4IBAQA4vn9b9SBulxP2QiuB89UbKSKD902De5kw50tmBUg9
GB2+KNAwCJCeNxXHEyNURJ9GbtSZDnbmUwK287u9JkoKpQ0lZwuP26HeCYNuTVeK
Jg+BO4OUV/synN4+qa25iRLhc1MKkVqPDi6jIdVb1HCK0oO7eQlscJxpyB+NJl7V
ISmOUXPFFff6K60PEIZdIfaEU1SW8C+axw6o66kXTitPoH2fQ0HLqRrWjyv9ReyN
VwdGNQY/2GoNmH458s6KGZQV0FgnSefkapsLZNArDELLO4KXule4e8pOPE+K4kyb
GH31VarKvyaByH0i09PdWN4J35BJq0Hbg7oHCg4JrjuK
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:40:35 2025 by rpki-client