Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/Xj3_IeKr41rjtN9K4s2Oz1BDAWw.roa
File: Xj3_IeKr41rjtN9K4s2Oz1BDAWw.roa (raw, json)
Hash identifier: AGEceOeWuQOFR+aoUkAvCAXHiZf0eub90jOTw/LtSd8=
Subject key identifier: 5E:3D:FF:21:E2:AB:E3:5A:E3:B4:DF:4A:E2:CD:8E:CF:50:43:01:6C
Certificate issuer: /CN=5525775a706ac00c82fa29339e22e43108099e79
Certificate serial: 0203DAE1
Authority key identifier: 55:25:77:5A:70:6A:C0:0C:82:FA:29:33:9E:22:E4:31:08:09:9E:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSV3WnBqwAyC-ikzniLkMQgJnnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/Xj3_IeKr41rjtN9K4s2Oz1BDAWw.roa
Signing time: Sat 01 Jan 2022 10:55:52 +0000
ROA not before: Sat 01 Jan 2022 10:55:52 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 212694
IP address blocks: 109.233.40.0/21 maxlen: 21
178.17.212.0/22 maxlen: 22
2a04:c040::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 33807073 (0x203dae1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5525775a706ac00c82fa29339e22e43108099e79
Validity
Not Before: Jan 1 10:55:52 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e3dff21e2abe35ae3b4df4ae2cd8ecf5043016c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ec:67:06:99:1b:95:ad:c4:37:13:d8:c0:c8:
04:da:7e:5b:47:12:19:3a:74:2f:22:73:1e:0e:7a:
61:95:f1:c4:f3:95:9d:de:25:35:7d:20:b3:b8:b2:
0e:69:ec:51:a5:83:91:80:dd:a9:51:9e:ce:09:99:
27:5e:c0:4f:d1:3b:83:9a:c1:9e:12:ed:f9:61:44:
b7:4e:eb:13:b5:14:f2:34:06:7c:a5:87:ba:39:ef:
a8:be:e9:f6:1c:49:ce:58:38:a9:9e:e1:71:bb:0d:
80:f7:8a:f6:cf:53:14:e2:29:7e:7f:5b:c3:37:ac:
36:78:1e:fe:c9:6c:a3:ab:75:8d:96:46:28:b2:70:
85:06:c0:0d:94:77:93:f1:54:b7:ab:70:61:2d:e8:
84:50:1c:f5:74:66:c5:f2:57:14:75:4d:7f:13:77:
c0:6a:06:e5:7a:30:da:91:4c:e5:58:fd:14:aa:44:
6a:32:99:68:58:ca:07:22:74:cb:c3:93:b5:a9:17:
fd:b4:5b:c1:3d:fe:2a:94:6e:ea:30:67:b2:35:17:
e4:8a:c1:32:ce:d7:72:af:57:21:35:58:9c:24:12:
a6:1e:e0:98:4d:1c:40:c0:97:8f:0e:ac:03:7d:b7:
3f:40:b3:93:29:35:d9:ba:4d:3c:c5:e6:79:af:b6:
16:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3D:FF:21:E2:AB:E3:5A:E3:B4:DF:4A:E2:CD:8E:CF:50:43:01:6C
X509v3 Authority Key Identifier:
keyid:55:25:77:5A:70:6A:C0:0C:82:FA:29:33:9E:22:E4:31:08:09:9E:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSV3WnBqwAyC-ikzniLkMQgJnnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/Xj3_IeKr41rjtN9K4s2Oz1BDAWw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/f46d4e-ac33-4fd1-9e69-7954ed38c8ba/1/VSV3WnBqwAyC-ikzniLkMQgJnnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.40.0/21
178.17.212.0/22
IPv6:
2a04:c040::/29
Signature Algorithm: sha256WithRSAEncryption
a5:df:9b:c4:a7:87:9b:96:44:13:da:e6:40:96:c2:d8:f5:3f:
b9:d2:f6:39:e1:46:e3:86:eb:d6:cf:ad:0a:6b:bc:d9:0a:ed:
14:98:6a:93:c2:c9:22:6c:19:cf:18:55:17:94:06:c9:2a:10:
58:f7:ee:c7:62:96:67:f0:af:7b:1e:5e:d5:0d:e7:3e:90:81:
fd:f6:ba:a2:8c:f3:ee:d6:5b:7b:4a:8a:91:d6:7a:76:cf:6f:
32:20:ad:29:85:df:fb:35:eb:22:1b:2a:54:33:72:b7:df:48:
82:91:63:93:04:fb:b8:63:0c:e4:d0:59:50:f5:7b:f1:9f:e5:
b9:0e:2c:96:40:14:b2:ed:4a:1c:ae:95:3f:0c:c6:1f:ea:e3:
79:fc:89:4c:78:a9:ee:7f:9f:26:e7:21:9b:82:80:6e:df:36:
3f:2b:85:27:71:3d:63:8d:a4:78:60:c8:57:69:c2:55:64:05:
ff:b3:6f:03:a3:6e:52:df:4f:f8:8d:8d:d0:70:bf:d3:37:48:
14:94:9b:09:37:7d:04:6f:2e:3c:e1:52:cf:d5:2a:4c:3d:b9:
83:e6:41:67:fb:3d:6f:8c:2b:be:d7:d5:64:7b:29:cb:53:5f:
1c:20:2b:27:b2:e1:ce:8c:61:d8:92:2f:07:5b:9b:25:7d:9d:
c2:cf:f4:0d
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgIEAgPa4TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
NTI1Nzc1YTcwNmFjMDBjODJmYTI5MzM5ZTIyZTQzMTA4MDk5ZTc5MB4XDTIyMDEw
MTEwNTU1MloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUzZGZmMjFlMmFi
ZTM1YWUzYjRkZjRhZTJjZDhlY2Y1MDQzMDE2YzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAKHsZwaZG5WtxDcT2MDIBNp+W0cSGTp0LyJzHg56YZXxxPOV
nd4lNX0gs7iyDmnsUaWDkYDdqVGezgmZJ17AT9E7g5rBnhLt+WFEt07rE7UU8jQG
fKWHujnvqL7p9hxJzlg4qZ7hcbsNgPeK9s9TFOIpfn9bwzesNnge/slso6t1jZZG
KLJwhQbADZR3k/FUt6twYS3ohFAc9XRmxfJXFHVNfxN3wGoG5Xow2pFM5Vj9FKpE
ajKZaFjKByJ0y8OTtakX/bRbwT3+KpRu6jBnsjUX5IrBMs7Xcq9XITVYnCQSph7g
mE0cQMCXjw6sA323P0Czkyk12bpNPMXmea+2FhcCAwEAAaOCAh4wggIaMB0GA1Ud
DgQWBBRePf8h4qvjWuO030rizY7PUEMBbDAfBgNVHSMEGDAWgBRVJXdacGrADIL6
KTOeIuQxCAmeeTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1ZTVjNXbkJxd0F5Qy1pa3puaUxrTVFnSm5uay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNzgvZjQ2ZDRlLWFjMzMtNGZkMS05ZTY5LTc5NTRlZDM4YzhiYS8x
L1hqM19JZUtyNDFyanROOUs0czJPejFCREFXdy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgv
ZjQ2ZDRlLWFjMzMtNGZkMS05ZTY5LTc5NTRlZDM4YzhiYS8xL1ZTVjNXbkJxd0F5
Qy1pa3puaUxrTVFnSm5uay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjA0
BggrBgEFBQcBBwEB/wQlMCMwEgQCAAEwDAMEA23pKAMEArIR1DANBAIAAjAHAwUD
KgTAQDANBgkqhkiG9w0BAQsFAAOCAQEApd+bxKeHm5ZEE9rmQJbC2PU/udL2OeFG
44br1s+tCmu82QrtFJhqk8LJImwZzxhVF5QGySoQWPfux2KWZ/Cvex5e1Q3nPpCB
/fa6oozz7tZbe0qKkdZ6ds9vMiCtKYXf+zXrIhsqVDNyt99IgpFjkwT7uGMM5NBZ
UPV78Z/luQ4slkAUsu1KHK6VPwzGH+rjefyJTHip7n+fJuchm4KAbt82PyuFJ3E9
Y42keGDIV2nCVWQF/7NvA6NuUt9P+I2N0HC/0zdIFJSbCTd9BG8uPOFSz9UqTD25
g+ZBZ/s9b4wrvtfVZHspy1NfHCArJ7Lhzoxh2JIvB1ubJX2dws/0DQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:04 2025 by rpki-client