Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/xbCYhy3PSP2Lay7--sYmbObb3pU.roa
File: xbCYhy3PSP2Lay7--sYmbObb3pU.roa (raw, json)
Hash identifier: 1g/XTs3E4p/ybF0Wo7nF31zScl6UiuNUpQX5OWebw9g=
Subject key identifier: C5:B0:98:87:2D:CF:48:FD:8B:6B:2E:FE:FA:C6:26:6C:E6:DB:DE:95
Certificate issuer: /CN=530493a3dc3c0b7e30c7771e2be20f811ebc47e0
Certificate serial: 01852FBD816AC02ABBC26F5615ED2DE07A97
Authority key identifier: 53:04:93:A3:DC:3C:0B:7E:30:C7:77:1E:2B:E2:0F:81:1E:BC:47:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UwSTo9w8C34wx3ceK-IPgR68R-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/xbCYhy3PSP2Lay7--sYmbObb3pU.roa
Signing time: Tue 20 Dec 2022 13:33:46 +0000
ROA not before: Tue 20 Dec 2022 13:33:46 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 9123
IP address blocks: 213.109.204.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:2f:bd:81:6a:c0:2a:bb:c2:6f:56:15:ed:2d:e0:7a:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=530493a3dc3c0b7e30c7771e2be20f811ebc47e0
Validity
Not Before: Dec 20 13:33:46 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5b098872dcf48fd8b6b2efefac6266ce6dbde95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b6:5b:03:3e:6a:91:a5:10:2d:14:20:9a:7a:
a1:2e:da:65:77:b6:ce:e9:1e:8e:a4:dc:8b:2c:cf:
99:4d:d7:db:2c:f1:30:fc:97:50:85:12:27:0a:c5:
57:36:c7:48:19:00:08:a0:c2:c8:1c:f0:2b:88:12:
aa:b8:a4:c4:4a:d3:a6:3b:4c:f0:28:1f:19:b9:93:
28:47:f8:9e:4f:4e:60:28:a3:a9:91:d9:9a:d4:55:
db:2b:bd:90:00:5d:da:28:f5:09:87:4e:4d:1c:77:
2c:0b:a3:73:37:4a:83:d1:b4:e7:7c:ee:ca:1a:9c:
b8:4b:32:d8:6f:38:52:5f:c8:71:89:0e:b0:d7:04:
aa:94:ae:2a:54:36:80:91:03:5d:ce:31:56:80:0f:
a1:a5:53:9d:47:33:56:36:8b:0d:d4:37:f2:58:84:
ce:1b:90:97:42:37:7b:13:5f:13:49:d2:ac:1a:23:
ab:81:3c:f7:ff:9c:6f:f2:95:35:c4:40:0f:70:f2:
98:0e:17:f4:ce:d8:58:65:13:93:56:dd:b7:a1:a9:
e0:ee:85:d4:a6:34:7e:b4:55:04:ec:0f:7f:9d:13:
20:04:8f:72:ec:b9:c7:d9:3b:bc:99:4a:e0:21:1f:
91:d4:95:5f:f8:8e:92:b0:ae:f6:e1:76:c2:d3:33:
f8:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:B0:98:87:2D:CF:48:FD:8B:6B:2E:FE:FA:C6:26:6C:E6:DB:DE:95
X509v3 Authority Key Identifier:
keyid:53:04:93:A3:DC:3C:0B:7E:30:C7:77:1E:2B:E2:0F:81:1E:BC:47:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UwSTo9w8C34wx3ceK-IPgR68R-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/xbCYhy3PSP2Lay7--sYmbObb3pU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/8df9d9-b420-41da-b3aa-afdea12fb965/1/UwSTo9w8C34wx3ceK-IPgR68R-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.204.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:b7:d3:74:ab:35:09:bd:05:f8:6d:67:90:21:67:89:4d:30:
09:d0:8b:86:c5:f0:ae:22:db:a5:45:9c:96:68:e1:87:24:29:
1b:46:38:1a:bf:78:9b:63:71:70:e9:05:96:eb:09:e0:fb:d6:
51:1c:e0:d3:25:90:d1:64:45:df:59:5d:7f:e9:a7:b7:1f:93:
01:4f:44:47:e2:0b:b6:24:26:ea:b5:e7:fc:27:cf:8b:f0:cf:
9d:64:3a:e8:91:ba:c7:ff:2a:fd:25:5c:3c:07:83:bd:09:80:
0c:c0:46:6d:b5:03:a2:04:45:20:20:25:6f:d1:d4:37:01:83:
9b:88:75:d6:7a:2e:04:b9:34:af:a0:b2:f5:fa:5b:7e:c2:f8:
dc:38:6a:eb:35:56:dc:29:a5:6d:c9:69:a6:96:02:6e:69:e1:
dd:55:9f:66:05:f3:8f:63:6d:97:16:54:9a:13:fc:0a:fe:19:
a1:1f:5e:be:dc:b5:a1:c0:26:1b:6e:f8:69:91:32:cb:7e:d5:
1e:73:43:d9:af:3c:df:76:44:fe:0f:fc:02:fa:51:35:7f:47:
94:d0:73:1f:a4:8c:9f:05:fa:68:f0:4f:42:03:ac:6c:39:6e:
d6:65:2e:48:67:3b:1d:d1:65:a1:9a:f4:a9:24:78:2e:6a:cf:
03:e3:3e:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYUvvYFqwCq7wm9WFe0t4HqXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzMDQ5M2EzZGMzYzBiN2UzMGM3NzcxZTJiZTIwZjgxMWVi
YzQ3ZTAwHhcNMjIxMjIwMTMzMzQ2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWIwOTg4NzJkY2Y0OGZkOGI2YjJlZmVmYWM2MjY2Y2U2ZGJkZTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbZbAz5qkaUQLRQgmnqhLtpld7bO
6R6OpNyLLM+ZTdfbLPEw/JdQhRInCsVXNsdIGQAIoMLIHPAriBKquKTEStOmO0zw
KB8ZuZMoR/ieT05gKKOpkdma1FXbK72QAF3aKPUJh05NHHcsC6NzN0qD0bTnfO7K
Gpy4SzLYbzhSX8hxiQ6w1wSqlK4qVDaAkQNdzjFWgA+hpVOdRzNWNosN1DfyWITO
G5CXQjd7E18TSdKsGiOrgTz3/5xv8pU1xEAPcPKYDhf0zthYZROTVt23oang7oXU
pjR+tFUE7A9/nRMgBI9y7LnH2Tu8mUrgIR+R1JVf+I6SsK724XbC0zP4OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWwmIctz0j9i2su/vrGJmzm296VMB8GA1UdIwQY
MBaAFFMEk6PcPAt+MMd3HiviD4EevEfgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXdTVG85dzhDMzR3eDNjZUstSVBnUjY4Ui1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC84ZGY5ZDktYjQyMC00MWRhLWIzYWEt
YWZkZWExMmZiOTY1LzEveGJDWWh5M1BTUDJMYXk3LS1zWW1iT2JiM3BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC84ZGY5ZDktYjQyMC00MWRhLWIzYWEtYWZkZWExMmZiOTY1
LzEvVXdTVG85dzhDMzR3eDNjZUstSVBnUjY4Ui1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W3MMA0G
CSqGSIb3DQEBCwUAA4IBAQAMt9N0qzUJvQX4bWeQIWeJTTAJ0IuGxfCuItulRZyW
aOGHJCkbRjgav3ibY3Fw6QWW6wng+9ZRHODTJZDRZEXfWV1/6ae3H5MBT0RH4gu2
JCbqtef8J8+L8M+dZDrokbrH/yr9JVw8B4O9CYAMwEZttQOiBEUgICVv0dQ3AYOb
iHXWei4EuTSvoLL1+lt+wvjcOGrrNVbcKaVtyWmmlgJuaeHdVZ9mBfOPY22XFlSa
E/wK/hmhH16+3LWhwCYbbvhpkTLLftUec0PZrzzfdkT+D/wC+lE1f0eU0HMfpIyf
Bfpo8E9CA6xsOW7WZS5IZzsd0WWhmvSpJHguas8D4z55
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:59:01 2023 by rpki-client on console-fra.rpki-client.org