Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/28d3cd-d799-43f6-87fe-f5baeaee865a/1/p_XERXOgXwyL8yiZsIAwjM-0j2I.roa
File: p_XERXOgXwyL8yiZsIAwjM-0j2I.roa (raw, json)
Hash identifier: DBz0hcTQdtqE0VqLFItE56tEHMCDz3Ez0ua1DQcRxCo=
Subject key identifier: A7:F5:C4:45:73:A0:5F:0C:8B:F3:28:99:B0:80:30:8C:CF:B4:8F:62
Certificate issuer: /CN=8b17fe8dd72c50c628dea973158d0f942326da8f
Certificate serial: 0189DB373F41C62C194D2BDE431C95390274
Authority key identifier: 8B:17:FE:8D:D7:2C:50:C6:28:DE:A9:73:15:8D:0F:94:23:26:DA:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ixf-jdcsUMYo3qlzFY0PlCMm2o8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/28d3cd-d799-43f6-87fe-f5baeaee865a/1/p_XERXOgXwyL8yiZsIAwjM-0j2I.roa
Signing time: Wed 09 Aug 2023 16:52:58 +0000
ROA not before: Wed 09 Aug 2023 16:52:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9208
IP address blocks: 193.58.48.0/20 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:37:3f:41:c6:2c:19:4d:2b:de:43:1c:95:39:02:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b17fe8dd72c50c628dea973158d0f942326da8f
Validity
Not Before: Aug 9 16:52:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7f5c44573a05f0c8bf32899b080308ccfb48f62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:fa:08:15:e4:c3:76:3f:7c:b6:ea:2c:79:62:
bf:cd:b6:87:56:a0:52:b0:13:94:f8:23:01:d9:e2:
83:bf:66:8b:86:e8:45:c9:67:1d:ed:eb:8c:f1:85:
6d:90:41:64:c5:41:1e:f5:24:09:4a:65:52:af:10:
e0:d5:80:01:14:9a:6d:69:c7:08:6a:0c:91:a1:07:
09:e5:e5:b2:45:89:d0:bd:82:a5:82:26:ae:7a:66:
14:6d:34:de:c1:cc:e9:3b:b9:1d:1a:eb:11:f2:7c:
bf:c2:70:53:5a:33:13:2d:16:89:73:b2:db:84:60:
27:b8:cb:6c:72:a8:65:41:60:43:88:fe:c3:65:5c:
41:de:e5:14:b7:f2:44:86:57:b0:91:62:20:c7:29:
12:b2:41:16:29:92:01:f8:e4:95:4c:f1:7d:57:ef:
40:3b:94:52:ed:ea:82:6e:2b:63:cf:33:18:4d:46:
e4:f4:e5:85:4c:15:65:b3:62:2f:43:f3:e2:11:15:
b1:c0:a6:f4:02:74:60:0a:5f:c5:17:74:8d:c7:01:
30:1e:f2:ea:f3:d5:d7:e9:0f:d8:30:62:b6:25:8f:
09:65:88:cf:8b:7c:16:a9:b4:dd:1c:f9:b9:ef:79:
8e:60:0b:a2:57:95:b8:64:91:cc:c7:c3:ab:64:2e:
e3:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:F5:C4:45:73:A0:5F:0C:8B:F3:28:99:B0:80:30:8C:CF:B4:8F:62
X509v3 Authority Key Identifier:
keyid:8B:17:FE:8D:D7:2C:50:C6:28:DE:A9:73:15:8D:0F:94:23:26:DA:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ixf-jdcsUMYo3qlzFY0PlCMm2o8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/28d3cd-d799-43f6-87fe-f5baeaee865a/1/p_XERXOgXwyL8yiZsIAwjM-0j2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/28d3cd-d799-43f6-87fe-f5baeaee865a/1/ixf-jdcsUMYo3qlzFY0PlCMm2o8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.58.48.0/20
Signature Algorithm: sha256WithRSAEncryption
70:3d:8f:8a:6c:49:6d:96:16:1e:d5:d3:73:e4:6e:0a:6d:cf:
cd:1d:37:cc:21:28:e3:5d:29:c1:99:42:a2:fc:1f:d2:fc:74:
24:9d:e9:f8:1a:fe:d8:79:3c:1d:90:47:39:40:1e:7e:2d:0b:
be:3c:6c:87:b3:3a:fa:cf:88:69:0e:52:e3:71:76:f8:06:97:
0e:0a:2e:ac:d2:95:c4:a1:47:34:ab:40:1e:39:19:7f:0f:e3:
78:98:45:72:23:da:af:3f:90:bc:fb:dd:2d:25:c6:b2:6c:ea:
71:27:46:64:c8:c7:56:89:83:aa:72:b4:29:f0:e1:b3:e0:c3:
ca:1e:61:36:e2:03:36:ac:f5:25:8b:74:b0:d7:3d:c9:10:e1:
c7:87:5c:98:dc:b8:a0:eb:75:aa:81:5f:60:c7:9b:12:55:ba:
36:a8:8e:a4:1c:05:59:55:30:30:55:e2:59:56:0f:17:a1:d0:
ba:b2:8d:c8:c9:7b:c7:db:5f:9e:10:e5:03:b6:8d:a3:6c:38:
77:23:0e:c0:4e:d6:e4:e4:54:56:41:02:94:72:86:44:46:72:
1d:0a:58:21:17:41:30:30:15:d2:3a:ed:b8:ff:d3:67:eb:e9:
62:9c:6f:b2:73:c0:95:f3:97:04:f7:3d:cb:73:9f:56:47:fc:
49:13:27:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYnbNz9BxiwZTSveQxyVOQJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiMTdmZThkZDcyYzUwYzYyOGRlYTk3MzE1OGQwZjk0MjMy
NmRhOGYwHhcNMjMwODA5MTY1MjU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Y1YzQ0NTczYTA1ZjBjOGJmMzI4OTliMDgwMzA4Y2NmYjQ4ZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPoIFeTDdj98tuoseWK/zbaHVqBS
sBOU+CMB2eKDv2aLhuhFyWcd7euM8YVtkEFkxUEe9SQJSmVSrxDg1YABFJptaccI
agyRoQcJ5eWyRYnQvYKlgiauemYUbTTewczpO7kdGusR8ny/wnBTWjMTLRaJc7Lb
hGAnuMtscqhlQWBDiP7DZVxB3uUUt/JEhlewkWIgxykSskEWKZIB+OSVTPF9V+9A
O5RS7eqCbitjzzMYTUbk9OWFTBVls2IvQ/PiERWxwKb0AnRgCl/FF3SNxwEwHvLq
89XX6Q/YMGK2JY8JZYjPi3wWqbTdHPm573mOYAuiV5W4ZJHMx8OrZC7jFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKf1xEVzoF8Mi/MombCAMIzPtI9iMB8GA1UdIwQY
MBaAFIsX/o3XLFDGKN6pcxWND5QjJtqPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXhmLWpkY3NVTVlvM3FsekZZMFBsQ01tMm84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yOGQzY2QtZDc5OS00M2Y2LTg3ZmUt
ZjViYWVhZWU4NjVhLzEvcF9YRVJYT2dYd3lMOHlpWnNJQXdqTS0wajJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yOGQzY2QtZDc5OS00M2Y2LTg3ZmUtZjViYWVhZWU4NjVh
LzEvaXhmLWpkY3NVTVlvM3FsekZZMFBsQ01tMm84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEwTowMA0G
CSqGSIb3DQEBCwUAA4IBAQBwPY+KbEltlhYe1dNz5G4Kbc/NHTfMISjjXSnBmUKi
/B/S/HQknen4Gv7YeTwdkEc5QB5+LQu+PGyHszr6z4hpDlLjcXb4BpcOCi6s0pXE
oUc0q0AeORl/D+N4mEVyI9qvP5C8+90tJcaybOpxJ0ZkyMdWiYOqcrQp8OGz4MPK
HmE24gM2rPUli3Sw1z3JEOHHh1yY3Lig63WqgV9gx5sSVbo2qI6kHAVZVTAwVeJZ
Vg8XodC6so3IyXvH21+eEOUDto2jbDh3Iw7ATtbk5FRWQQKUcoZERnIdClghF0Ew
MBXSOu24/9Nn6+linG+yc8CV85cE9z3Lc59WR/xJEye8
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:57:37 2025 by rpki-client