Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/xUsG1xwcC21C7ZV4LQQje1LEFVA.roa
File: xUsG1xwcC21C7ZV4LQQje1LEFVA.roa (raw, json)
Hash identifier: x5hAtuxTlLjIb0rmCEWwMB40yC7GFXKMgrSmG1JrlpA=
Subject key identifier: C5:4B:06:D7:1C:1C:0B:6D:42:ED:95:78:2D:04:23:7B:52:C4:15:50
Certificate issuer: /CN=d6fb452a0ae33dfa52aaaacba794df1af6bc4334
Certificate serial: 01857054C6AD16601E89646CEB478D03EB86
Authority key identifier: D6:FB:45:2A:0A:E3:3D:FA:52:AA:AA:CB:A7:94:DF:1A:F6:BC:43:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1vtFKgrjPfpSqqrLp5TfGva8QzQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/xUsG1xwcC21C7ZV4LQQje1LEFVA.roa
Signing time: Mon 02 Jan 2023 02:34:42 +0000
ROA not before: Mon 02 Jan 2023 02:34:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60720
IP address blocks: 81.25.64.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:54:c6:ad:16:60:1e:89:64:6c:eb:47:8d:03:eb:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6fb452a0ae33dfa52aaaacba794df1af6bc4334
Validity
Not Before: Jan 2 02:34:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c54b06d71c1c0b6d42ed95782d04237b52c41550
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:c3:8c:69:2c:fc:dd:dc:8c:33:f8:0d:e0:21:
36:d1:a0:7f:16:23:aa:4e:1c:56:81:f0:b6:45:60:
37:7e:73:0b:8d:70:e6:02:65:1a:61:37:01:af:50:
38:67:f4:43:90:96:67:15:06:a9:35:53:c1:00:ab:
97:1d:7c:2a:58:6e:f4:c5:1e:1f:cd:ce:90:9d:b6:
6b:93:e2:c4:85:43:9c:72:48:cc:e7:74:82:00:08:
e3:10:aa:3e:ac:d3:76:64:14:77:77:53:97:e9:9b:
03:a9:a3:d5:62:05:7b:76:2e:54:09:3e:c0:e0:20:
22:31:cf:44:c5:39:6d:96:b0:71:da:f0:d1:88:60:
0b:1c:b3:69:26:35:73:02:b1:7e:37:8a:37:f9:e3:
ca:cf:a0:53:09:3b:b1:03:39:fd:6b:15:78:91:9b:
00:81:7e:dd:b4:31:8f:b8:10:f9:65:df:e9:cf:fb:
12:60:75:7c:57:d8:5a:68:fc:86:9c:ca:fe:71:7c:
e3:d9:a6:29:5b:dc:24:80:ea:5c:82:6f:ef:dd:67:
f3:fe:b4:e8:e2:64:8a:15:66:ce:16:d9:45:64:90:
52:22:63:9a:4e:e4:91:e7:8c:16:9b:d9:dd:f1:9d:
6a:06:6e:7c:bb:52:5f:52:e0:28:11:69:41:d6:88:
25:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:4B:06:D7:1C:1C:0B:6D:42:ED:95:78:2D:04:23:7B:52:C4:15:50
X509v3 Authority Key Identifier:
keyid:D6:FB:45:2A:0A:E3:3D:FA:52:AA:AA:CB:A7:94:DF:1A:F6:BC:43:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1vtFKgrjPfpSqqrLp5TfGva8QzQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/xUsG1xwcC21C7ZV4LQQje1LEFVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/3bdd7e-a729-49ad-85aa-f75962d30e36/1/1vtFKgrjPfpSqqrLp5TfGva8QzQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.25.64.0/22
Signature Algorithm: sha256WithRSAEncryption
99:7e:f8:c2:41:37:2d:33:7a:9e:9b:17:e4:83:a5:0c:78:c1:
f0:7a:34:7f:d9:66:20:92:1d:31:df:63:e8:66:fe:42:27:44:
bf:45:8d:48:81:1a:b1:68:bd:ff:08:af:a2:5e:8e:91:29:28:
a4:39:32:79:be:b0:7e:a1:77:8d:ba:65:9d:67:0e:80:75:ab:
f5:07:8f:be:f2:02:ce:ac:31:68:a2:ff:7f:bc:ac:f2:13:eb:
ce:42:f0:ce:95:5a:cf:f9:8d:0b:a5:e0:b0:ef:24:92:a7:0b:
82:41:22:03:b3:8c:44:41:fb:76:d9:ae:f5:e4:a3:59:40:00:
83:38:3a:f7:33:9f:c4:a3:0a:4c:ca:e9:3e:a0:8e:bc:f4:db:
8e:d2:c0:9c:2f:69:18:59:36:ea:27:4b:99:29:4a:40:b5:1e:
1c:6b:3a:0c:da:10:f3:4d:4d:04:f5:5f:9e:1e:44:d8:66:d0:
eb:43:94:ec:74:02:e6:74:06:d0:ba:80:eb:f3:dd:82:92:39:
8f:3a:d9:37:6f:12:7f:10:52:2e:b5:64:83:fc:d8:c0:79:12:
98:68:be:64:69:16:b2:92:6b:2e:be:48:80:01:e7:f8:d7:38:
11:8a:92:61:49:14:d1:69:28:0b:cb:b5:80:33:0f:a6:bf:08:
51:9e:31:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVwVMatFmAeiWRs60eNA+uGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2ZmI0NTJhMGFlMzNkZmE1MmFhYWFjYmE3OTRkZjFhZjZi
YzQzMzQwHhcNMjMwMTAyMDIzNDQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTRiMDZkNzFjMWMwYjZkNDJlZDk1NzgyZDA0MjM3YjUyYzQxNTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhMOMaSz83dyMM/gN4CE20aB/FiOq
ThxWgfC2RWA3fnMLjXDmAmUaYTcBr1A4Z/RDkJZnFQapNVPBAKuXHXwqWG70xR4f
zc6QnbZrk+LEhUOcckjM53SCAAjjEKo+rNN2ZBR3d1OX6ZsDqaPVYgV7di5UCT7A
4CAiMc9ExTltlrBx2vDRiGALHLNpJjVzArF+N4o3+ePKz6BTCTuxAzn9axV4kZsA
gX7dtDGPuBD5Zd/pz/sSYHV8V9haaPyGnMr+cXzj2aYpW9wkgOpcgm/v3Wfz/rTo
4mSKFWbOFtlFZJBSImOaTuSR54wWm9nd8Z1qBm58u1JfUuAoEWlB1oglZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMVLBtccHAttQu2VeC0EI3tSxBVQMB8GA1UdIwQY
MBaAFNb7RSoK4z36Uqqqy6eU3xr2vEM0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXZ0RktncmpQZnBTcXFyTHA1VGZHdmE4UXpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS8zYmRkN2UtYTcyOS00OWFkLTg1YWEt
Zjc1OTYyZDMwZTM2LzEveFVzRzF4d2NDMjFDN1pWNExRUWplMUxFRlZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS8zYmRkN2UtYTcyOS00OWFkLTg1YWEtZjc1OTYyZDMwZTM2
LzEvMXZ0RktncmpQZnBTcXFyTHA1VGZHdmE4UXpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCURlAMA0G
CSqGSIb3DQEBCwUAA4IBAQCZfvjCQTctM3qemxfkg6UMeMHwejR/2WYgkh0x32Po
Zv5CJ0S/RY1IgRqxaL3/CK+iXo6RKSikOTJ5vrB+oXeNumWdZw6Adav1B4++8gLO
rDFoov9/vKzyE+vOQvDOlVrP+Y0LpeCw7ySSpwuCQSIDs4xEQft22a715KNZQACD
ODr3M5/EowpMyuk+oI689NuO0sCcL2kYWTbqJ0uZKUpAtR4cazoM2hDzTU0E9V+e
HkTYZtDrQ5TsdALmdAbQuoDr892CkjmPOtk3bxJ/EFIutWSD/NjAeRKYaL5kaRay
kmsuvkiAAef41zgRipJhSRTRaSgLy7WAMw+mvwhRnjEh
-----END CERTIFICATE-----
Generated at Fri Apr 18 12:27:44 2025 by rpki-client