Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/XZe7ZVH9wYE9eMhwu6Tr-0oQszM.roa
File: XZe7ZVH9wYE9eMhwu6Tr-0oQszM.roa (raw, json)
Hash identifier: +/ViguV0deBS//v9cvuU9/iLApP76f1ilVgTWwu5Ieo=
Subject key identifier: 5D:97:BB:65:51:FD:C1:81:3D:78:C8:70:BB:A4:EB:FB:4A:10:B3:33
Certificate issuer: /CN=47b7054d656153d2d55add8b9dfe3f6d137ad27e
Certificate serial: 018871E4FBCB956F298FFECAE0F0ED500311
Authority key identifier: 47:B7:05:4D:65:61:53:D2:D5:5A:DD:8B:9D:FE:3F:6D:13:7A:D2:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/XZe7ZVH9wYE9eMhwu6Tr-0oQszM.roa
Signing time: Wed 31 May 2023 13:00:11 +0000
ROA not before: Wed 31 May 2023 13:00:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208097
IP address blocks: 84.38.245.0/24 maxlen: 24
192.122.253.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:71:e4:fb:cb:95:6f:29:8f:fe:ca:e0:f0:ed:50:03:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47b7054d656153d2d55add8b9dfe3f6d137ad27e
Validity
Not Before: May 31 13:00:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d97bb6551fdc1813d78c870bba4ebfb4a10b333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:fc:65:a5:2e:2d:8d:77:e6:63:dd:ca:ca:d6:
14:e6:26:8f:c0:b8:12:69:ac:89:da:90:2c:e1:a9:
e3:34:98:53:ac:a0:cb:07:c2:df:cc:ea:49:91:ed:
63:3f:8a:af:a8:f5:1c:74:02:cf:5e:3f:57:26:d9:
85:58:fa:0e:bd:6d:f2:c1:ff:4f:10:c0:f9:d0:b0:
13:2d:59:e2:cd:f3:78:b2:fa:b3:00:35:da:0a:d5:
e1:c2:4c:45:01:1b:ee:e0:e3:74:d3:e4:9d:ca:0d:
45:e6:81:42:3a:4f:fa:13:4e:de:cf:3e:86:e6:8d:
22:8f:c3:09:78:a7:e1:7a:68:e0:0f:05:d3:65:48:
ea:48:e5:49:e2:18:5b:1e:b4:07:95:fa:0b:95:03:
cd:db:c4:15:c0:e0:5a:49:5e:ca:82:7c:73:4c:07:
e9:ab:e9:16:da:a1:fe:83:3c:1a:0f:6b:97:b3:4a:
f6:33:c0:34:b0:f7:b6:dd:2d:6d:a1:9f:ff:35:07:
83:12:6a:88:4f:8e:02:df:75:09:75:de:97:dc:09:
93:ca:22:63:a1:b9:99:45:8b:b6:cc:f5:ee:82:b0:
f5:f5:7c:bc:2a:3e:9b:10:fe:d1:71:9b:f3:c0:b0:
20:9e:1c:89:76:83:32:8b:99:71:66:81:67:28:3d:
cf:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:97:BB:65:51:FD:C1:81:3D:78:C8:70:BB:A4:EB:FB:4A:10:B3:33
X509v3 Authority Key Identifier:
keyid:47:B7:05:4D:65:61:53:D2:D5:5A:DD:8B:9D:FE:3F:6D:13:7A:D2:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R7cFTWVhU9LVWt2Lnf4_bRN60n4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/XZe7ZVH9wYE9eMhwu6Tr-0oQszM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/9286bb-c5e5-429f-8a76-0fd862da3ae1/1/R7cFTWVhU9LVWt2Lnf4_bRN60n4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.245.0/24
192.122.253.0/24
Signature Algorithm: sha256WithRSAEncryption
59:9a:53:8a:93:fc:6c:32:fc:60:74:1f:1c:f5:df:9a:c7:a2:
70:31:46:ae:df:ff:90:40:6d:87:5c:dd:71:a7:ad:89:1b:fc:
c7:b7:c9:e9:7d:97:6e:df:88:0e:a9:b4:2e:56:33:76:1b:7f:
47:1b:a2:df:98:43:9d:a4:c8:f9:ce:42:c8:99:bb:b6:e9:56:
3e:1d:95:7b:84:15:43:06:a0:fc:d7:59:5f:df:f7:83:93:99:
57:51:f7:96:c9:d2:39:9c:b7:f9:47:4e:e4:36:ba:31:30:1f:
38:ff:a4:46:45:d0:57:ec:85:55:a2:1a:ec:41:8b:5c:63:07:
d9:eb:cd:ee:ab:08:0b:35:ef:ec:fa:e2:71:57:9f:8f:11:23:
28:0e:2d:01:20:b6:65:4e:a9:af:5f:66:b5:03:2d:59:1d:13:
33:54:7f:55:95:70:a7:6a:21:1f:ee:1f:4e:2a:a9:d9:cb:26:
57:b8:aa:ec:5f:18:d7:4a:ba:1e:69:8a:bc:b6:75:9f:ae:4e:
3b:dd:cd:11:46:6b:f9:f6:2b:e9:fc:ce:f4:10:9b:98:22:9d:
40:3c:0a:d2:39:cf:05:52:1f:00:45:32:4d:ef:8e:37:45:05:
5a:22:c8:80:b6:a8:80:14:ed:12:64:ad:a8:1c:52:e4:a1:a6:
b4:2e:b0:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYhx5PvLlW8pj/7K4PDtUAMRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3YjcwNTRkNjU2MTUzZDJkNTVhZGQ4YjlkZmUzZjZkMTM3
YWQyN2UwHhcNMjMwNTMxMTMwMDExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDk3YmI2NTUxZmRjMTgxM2Q3OGM4NzBiYmE0ZWJmYjRhMTBiMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj/xlpS4tjXfmY93KytYU5iaPwLgS
aayJ2pAs4anjNJhTrKDLB8LfzOpJke1jP4qvqPUcdALPXj9XJtmFWPoOvW3ywf9P
EMD50LATLVnizfN4svqzADXaCtXhwkxFARvu4ON00+Sdyg1F5oFCOk/6E07ezz6G
5o0ij8MJeKfhemjgDwXTZUjqSOVJ4hhbHrQHlfoLlQPN28QVwOBaSV7KgnxzTAfp
q+kW2qH+gzwaD2uXs0r2M8A0sPe23S1toZ//NQeDEmqIT44C33UJdd6X3AmTyiJj
obmZRYu2zPXugrD19Xy8Kj6bEP7RcZvzwLAgnhyJdoMyi5lxZoFnKD3PqwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF2Xu2VR/cGBPXjIcLuk6/tKELMzMB8GA1UdIwQY
MBaAFEe3BU1lYVPS1Vrdi53+P20TetJ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjdjRlRXVmhVOUxWV3QyTG5mNF9iUk42MG40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi85Mjg2YmItYzVlNS00MjlmLThhNzYt
MGZkODYyZGEzYWUxLzEvWFplN1pWSDl3WUU5ZU1od3U2VHItMG9Rc3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi85Mjg2YmItYzVlNS00MjlmLThhNzYtMGZkODYyZGEzYWUx
LzEvUjdjRlRXVmhVOUxWV3QyTG5mNF9iUk42MG40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCb1AwQA
wHr9MA0GCSqGSIb3DQEBCwUAA4IBAQBZmlOKk/xsMvxgdB8c9d+ax6JwMUau3/+Q
QG2HXN1xp62JG/zHt8npfZdu34gOqbQuVjN2G39HG6LfmEOdpMj5zkLImbu26VY+
HZV7hBVDBqD811lf3/eDk5lXUfeWydI5nLf5R07kNroxMB84/6RGRdBX7IVVohrs
QYtcYwfZ683uqwgLNe/s+uJxV5+PESMoDi0BILZlTqmvX2a1Ay1ZHRMzVH9VlXCn
aiEf7h9OKqnZyyZXuKrsXxjXSroeaYq8tnWfrk473c0RRmv59ivp/M70EJuYIp1A
PArSOc8FUh8ARTJN7443RQVaIsiAtqiAFO0SZK2oHFLkoaa0LrAp
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:41 2025 by rpki-client