Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/d3684a-4525-476f-8c48-69d71bf2d353/1/Xmk2SQzF2H4amwBxmDpEdkXHB5k.roa
File: Xmk2SQzF2H4amwBxmDpEdkXHB5k.roa (raw, json)
Hash identifier: JR4QK6JO+TZY/uainEkIsMyt9zZiwEFdkW9KqfrX/0c=
Subject key identifier: 5E:69:36:49:0C:C5:D8:7E:1A:9B:00:71:98:3A:44:76:45:C7:07:99
Certificate issuer: /CN=f7c0ebd9ff7dc6e81f8c3548c7c2e8cdc7967d6f
Certificate serial: 01857321E8DC9BDDF8D335B6F847B1392706
Authority key identifier: F7:C0:EB:D9:FF:7D:C6:E8:1F:8C:35:48:C7:C2:E8:CD:C7:96:7D:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/98Dr2f99xugfjDVIx8LozceWfW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/d3684a-4525-476f-8c48-69d71bf2d353/1/Xmk2SQzF2H4amwBxmDpEdkXHB5k.roa
Signing time: Mon 02 Jan 2023 15:38:00 +0000
ROA not before: Mon 02 Jan 2023 15:38:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50111
IP address blocks: 193.104.138.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:21:e8:dc:9b:dd:f8:d3:35:b6:f8:47:b1:39:27:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7c0ebd9ff7dc6e81f8c3548c7c2e8cdc7967d6f
Validity
Not Before: Jan 2 15:38:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e6936490cc5d87e1a9b0071983a447645c70799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a4:27:10:b6:c2:e6:ce:df:9c:0e:eb:ff:f1:
31:e0:23:24:e3:ce:6c:ef:e3:b8:19:51:96:cf:13:
e3:8c:fc:34:4c:d7:dd:15:aa:bf:e6:a8:c8:d5:c4:
4a:c4:cf:a1:60:11:18:6f:d1:05:3c:95:d2:98:9f:
1b:43:e3:d0:ba:fe:bf:fa:5a:0e:8c:fe:e5:f7:5c:
be:83:7b:95:70:73:67:61:a8:08:79:0f:ee:b8:67:
d4:d0:4a:0a:11:31:23:20:d6:4a:78:e9:6e:ae:9e:
41:71:a7:7f:c7:20:90:e0:1b:b5:d9:54:d6:a5:c8:
08:85:ea:0f:93:27:06:15:10:67:01:04:a5:f2:d1:
33:02:07:74:e7:dd:d4:f5:21:73:18:86:3e:1d:a3:
b6:fe:b6:ab:3d:cb:c2:21:f6:11:5d:76:f5:40:26:
77:2d:ed:ce:38:88:4f:f5:97:39:c8:67:f4:24:e7:
9f:6f:a2:83:9c:00:b4:d9:dd:b7:39:43:33:96:68:
a2:14:19:24:08:58:da:d5:12:a0:5d:2b:6e:f5:37:
01:68:9f:ac:44:f0:30:4a:9d:83:20:f4:eb:42:80:
f6:c0:bf:19:87:ff:0a:d4:ce:b3:9c:fc:35:16:e5:
77:eb:c5:28:c0:34:b2:68:b6:79:50:8d:05:e2:92:
d7:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:69:36:49:0C:C5:D8:7E:1A:9B:00:71:98:3A:44:76:45:C7:07:99
X509v3 Authority Key Identifier:
keyid:F7:C0:EB:D9:FF:7D:C6:E8:1F:8C:35:48:C7:C2:E8:CD:C7:96:7D:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/98Dr2f99xugfjDVIx8LozceWfW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/d3684a-4525-476f-8c48-69d71bf2d353/1/Xmk2SQzF2H4amwBxmDpEdkXHB5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/d3684a-4525-476f-8c48-69d71bf2d353/1/98Dr2f99xugfjDVIx8LozceWfW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.138.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b0:63:39:a7:af:58:70:b2:de:25:4c:34:13:30:59:00:0b:
d3:2b:15:51:ed:96:21:06:d7:f8:4d:93:4f:68:94:10:15:8c:
ea:60:ff:4d:bc:30:9c:c0:9b:da:1d:ff:3d:fb:e2:1e:60:c3:
0c:1e:34:e4:b9:5c:e8:19:4a:ba:bd:24:dc:1c:d3:bc:3d:77:
95:5d:44:41:7e:8c:65:98:63:79:0b:7f:c2:bd:05:df:59:9c:
9b:0f:2e:92:64:68:90:b3:f0:3f:a5:63:ce:02:cc:5e:90:3b:
23:a3:3a:a8:da:f6:12:35:7e:f3:64:4a:a1:14:db:5e:2c:8a:
ab:24:5d:c0:9e:4f:d1:6d:11:ea:09:5b:68:f9:03:38:c2:f6:
f1:58:c6:20:2c:b2:bb:ca:b9:20:e5:bf:40:2b:93:4c:46:f0:
55:a4:64:65:16:d3:48:8f:50:a7:d0:5d:57:dd:16:27:2b:67:
21:38:48:f4:da:26:14:0b:c5:07:9b:df:1f:82:c2:e8:cf:76:
9d:b5:a9:8d:43:7f:63:a5:89:bd:06:4f:08:1c:82:99:54:f6:
5a:10:39:85:8b:b9:d3:ef:70:64:1c:84:25:1f:3b:f9:11:17:
b2:55:3c:ac:c0:04:85:6f:83:ef:15:db:a6:07:26:fe:23:30:
ff:c0:4a:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzIejcm9340zW2+EexOScGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3YzBlYmQ5ZmY3ZGM2ZTgxZjhjMzU0OGM3YzJlOGNkYzc5
NjdkNmYwHhcNMjMwMTAyMTUzODAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTY5MzY0OTBjYzVkODdlMWE5YjAwNzE5ODNhNDQ3NjQ1YzcwNzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxaQnELbC5s7fnA7r//Ex4CMk485s
7+O4GVGWzxPjjPw0TNfdFaq/5qjI1cRKxM+hYBEYb9EFPJXSmJ8bQ+PQuv6/+loO
jP7l91y+g3uVcHNnYagIeQ/uuGfU0EoKETEjINZKeOlurp5Bcad/xyCQ4Bu12VTW
pcgIheoPkycGFRBnAQSl8tEzAgd0593U9SFzGIY+HaO2/rarPcvCIfYRXXb1QCZ3
Le3OOIhP9Zc5yGf0JOefb6KDnAC02d23OUMzlmiiFBkkCFja1RKgXStu9TcBaJ+s
RPAwSp2DIPTrQoD2wL8Zh/8K1M6znPw1FuV368UowDSyaLZ5UI0F4pLXFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5pNkkMxdh+GpsAcZg6RHZFxweZMB8GA1UdIwQY
MBaAFPfA69n/fcboH4w1SMfC6M3Hln1vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOThEcjJmOTl4dWdmakRWSXg4TG96Y2VXZlc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9kMzY4NGEtNDUyNS00NzZmLThjNDgt
NjlkNzFiZjJkMzUzLzEvWG1rMlNRekYySDRhbXdCeG1EcEVka1hIQjVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9kMzY4NGEtNDUyNS00NzZmLThjNDgtNjlkNzFiZjJkMzUz
LzEvOThEcjJmOTl4dWdmakRWSXg4TG96Y2VXZlc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWiKMA0G
CSqGSIb3DQEBCwUAA4IBAQBKsGM5p69YcLLeJUw0EzBZAAvTKxVR7ZYhBtf4TZNP
aJQQFYzqYP9NvDCcwJvaHf89++IeYMMMHjTkuVzoGUq6vSTcHNO8PXeVXURBfoxl
mGN5C3/CvQXfWZybDy6SZGiQs/A/pWPOAsxekDsjozqo2vYSNX7zZEqhFNteLIqr
JF3Ank/RbRHqCVto+QM4wvbxWMYgLLK7yrkg5b9AK5NMRvBVpGRlFtNIj1Cn0F1X
3RYnK2chOEj02iYUC8UHm98fgsLoz3adtamNQ39jpYm9Bk8IHIKZVPZaEDmFi7nT
73BkHIQlHzv5EReyVTyswASFb4PvFdumByb+IzD/wEr+
-----END CERTIFICATE-----
Generated at Wed Apr 23 03:53:30 2025 by rpki-client