Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/0fcfbd-2790-4850-bafa-890eb2266657/1/xLe_UhQD3cZFCq9H0P0sE3nbNP8.roa
File: xLe_UhQD3cZFCq9H0P0sE3nbNP8.roa (raw, json)
Hash identifier: N/9O36jHiJ6QIHTpiw7qNrRHbH0+Ogd/YHTSkKlq35w=
Subject key identifier: C4:B7:BF:52:14:03:DD:C6:45:0A:AF:47:D0:FD:2C:13:79:DB:34:FF
Certificate issuer: /CN=0dd33ca83affbb801172d5094b00e06856e6f547
Certificate serial: 01856CF87DA92C47D68AC17D04D3FD2E197B
Authority key identifier: 0D:D3:3C:A8:3A:FF:BB:80:11:72:D5:09:4B:00:E0:68:56:E6:F5:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdM8qDr_u4ARctUJSwDgaFbm9Uc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/0fcfbd-2790-4850-bafa-890eb2266657/1/xLe_UhQD3cZFCq9H0P0sE3nbNP8.roa
Signing time: Sun 01 Jan 2023 10:55:02 +0000
ROA not before: Sun 01 Jan 2023 10:55:02 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48345
IP address blocks: 194.0.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:f8:7d:a9:2c:47:d6:8a:c1:7d:04:d3:fd:2e:19:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd33ca83affbb801172d5094b00e06856e6f547
Validity
Not Before: Jan 1 10:55:02 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4b7bf521403ddc6450aaf47d0fd2c1379db34ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:4f:3c:33:79:4c:fa:fe:f9:0a:90:6e:bc:47:
d2:72:09:72:56:c1:16:7c:11:db:20:a5:9d:53:10:
b4:58:f7:e8:09:cd:17:c9:07:66:3a:97:0b:1f:a5:
75:d2:a8:0f:6b:0d:6c:bc:d4:a7:ca:09:a6:c5:47:
0b:04:02:b7:63:df:55:9e:b8:f3:ef:99:cc:7f:9d:
d7:d6:0b:8b:2f:50:85:89:74:ad:dd:77:51:4a:33:
cf:0e:38:58:0a:c5:d0:6c:c7:05:4f:50:4a:e7:ed:
b1:6e:6d:ae:a4:b3:a4:0b:33:01:58:85:dd:d8:2d:
c4:bd:b3:43:02:b8:b4:6b:03:31:8b:0a:55:a0:62:
1c:ca:c1:5c:af:12:6e:62:85:a8:ac:5d:09:0a:b7:
2f:5c:d5:c5:c2:d4:57:2c:88:ae:94:4b:64:70:18:
cf:92:78:a0:74:d1:c6:40:b1:65:3b:cc:95:a5:a8:
57:58:e7:60:17:0b:ca:30:bc:d6:50:fc:1f:d3:98:
e4:9d:e9:6c:a5:e1:98:16:74:9c:91:d7:28:11:e3:
d1:c0:91:65:99:8f:d2:75:5b:e2:d0:32:3e:36:d5:
d9:61:37:d2:d9:a7:15:24:b9:e6:a8:8f:cc:25:15:
0f:e0:21:43:e3:0d:fb:14:fc:88:17:07:89:51:ed:
2e:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:B7:BF:52:14:03:DD:C6:45:0A:AF:47:D0:FD:2C:13:79:DB:34:FF
X509v3 Authority Key Identifier:
keyid:0D:D3:3C:A8:3A:FF:BB:80:11:72:D5:09:4B:00:E0:68:56:E6:F5:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdM8qDr_u4ARctUJSwDgaFbm9Uc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0fcfbd-2790-4850-bafa-890eb2266657/1/xLe_UhQD3cZFCq9H0P0sE3nbNP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/0fcfbd-2790-4850-bafa-890eb2266657/1/DdM8qDr_u4ARctUJSwDgaFbm9Uc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.215.0/24
Signature Algorithm: sha256WithRSAEncryption
07:7d:b2:f7:64:7e:19:d2:88:f1:4a:c2:86:bf:06:41:47:57:
ff:32:e5:f7:03:56:47:86:93:5f:0f:f8:86:de:71:24:9d:66:
4b:8f:8c:36:f7:2c:cb:16:af:5f:94:8d:3f:63:d7:98:d3:4f:
4d:53:33:66:6e:9d:49:f6:0a:4c:53:22:fc:01:e6:b0:45:ee:
b4:30:40:82:39:36:e0:e9:d6:03:e8:99:77:4b:de:03:7b:74:
41:34:37:a8:c6:d7:48:d7:6a:f3:bb:f2:26:51:2f:9a:68:50:
1a:cc:c3:c8:e4:79:1d:cc:f4:7b:ac:d2:74:a6:b5:6a:34:6f:
7f:aa:d8:fa:9a:89:f6:0c:e9:51:41:46:dc:2a:16:55:0e:22:
59:32:43:4d:d9:d6:57:4d:2f:1b:fc:cf:8c:21:ae:3b:7c:ef:
c0:00:37:45:a6:14:46:3c:e3:a1:55:31:99:b1:ad:40:47:29:
fa:66:e4:ea:29:28:99:82:2c:81:b3:21:37:36:1a:7e:1a:96:
4c:d7:a2:41:97:6f:e0:11:c3:cf:dc:ec:25:a6:c6:84:ee:96:
78:aa:61:32:bc:47:64:76:2d:5a:88:55:a1:b3:70:93:db:d4:
85:e8:fd:12:ed:58:e8:82:93:12:e7:16:61:9e:ac:50:f6:d4:
35:b7:e9:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVs+H2pLEfWisF9BNP9Lhl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDMzY2E4M2FmZmJiODAxMTcyZDUwOTRiMDBlMDY4NTZl
NmY1NDcwHhcNMjMwMTAxMTA1NTAyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGI3YmY1MjE0MDNkZGM2NDUwYWFmNDdkMGZkMmMxMzc5ZGIzNGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsE88M3lM+v75CpBuvEfScglyVsEW
fBHbIKWdUxC0WPfoCc0XyQdmOpcLH6V10qgPaw1svNSnygmmxUcLBAK3Y99Vnrjz
75nMf53X1guLL1CFiXSt3XdRSjPPDjhYCsXQbMcFT1BK5+2xbm2upLOkCzMBWIXd
2C3EvbNDAri0awMxiwpVoGIcysFcrxJuYoWorF0JCrcvXNXFwtRXLIiulEtkcBjP
knigdNHGQLFlO8yVpahXWOdgFwvKMLzWUPwf05jknelspeGYFnSckdcoEePRwJFl
mY/SdVvi0DI+NtXZYTfS2acVJLnmqI/MJRUP4CFD4w37FPyIFweJUe0uJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMS3v1IUA93GRQqvR9D9LBN52zT/MB8GA1UdIwQY
MBaAFA3TPKg6/7uAEXLVCUsA4GhW5vVHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRNOHFEcl91NEFSY3RVSlN3RGdhRmJtOVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni8wZmNmYmQtMjc5MC00ODUwLWJhZmEt
ODkwZWIyMjY2NjU3LzEveExlX1VoUUQzY1pGQ3E5SDBQMHNFM25iTlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni8wZmNmYmQtMjc5MC00ODUwLWJhZmEtODkwZWIyMjY2NjU3
LzEvRGRNOHFEcl91NEFSY3RVSlN3RGdhRmJtOVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgDXMA0G
CSqGSIb3DQEBCwUAA4IBAQAHfbL3ZH4Z0ojxSsKGvwZBR1f/MuX3A1ZHhpNfD/iG
3nEknWZLj4w29yzLFq9flI0/Y9eY009NUzNmbp1J9gpMUyL8AeawRe60MECCOTbg
6dYD6Jl3S94De3RBNDeoxtdI12rzu/ImUS+aaFAazMPI5HkdzPR7rNJ0prVqNG9/
qtj6mon2DOlRQUbcKhZVDiJZMkNN2dZXTS8b/M+MIa47fO/AADdFphRGPOOhVTGZ
sa1ARyn6ZuTqKSiZgiyBsyE3Nhp+GpZM16JBl2/gEcPP3OwlpsaE7pZ4qmEyvEdk
di1aiFWhs3CT29SF6P0S7VjogpMS5xZhnqxQ9tQ1t+kf
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:19:30 2025 by rpki-client