Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XLEHjSHoD3m92XHqWoI0B07kHZA.roa
File: XLEHjSHoD3m92XHqWoI0B07kHZA.roa (raw, json)
Hash identifier: iWp6691U850hr6IcluWelZbiB+ELrGz5z/jFWDAQddM=
Subject key identifier: 5C:B1:07:8D:21:E8:0F:79:BD:D9:71:EA:5A:82:34:07:4E:E4:1D:90
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018571FA254F03AF924EAB3D808D5C72B11D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XLEHjSHoD3m92XHqWoI0B07kHZA.roa
Signing time: Mon 02 Jan 2023 10:14:57 +0000
ROA not before: Mon 02 Jan 2023 10:14:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 44486
IP address blocks: 81.5.189.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:25:4f:03:af:92:4e:ab:3d:80:8d:5c:72:b1:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 2 10:14:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cb1078d21e80f79bdd971ea5a8234074ee41d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:92:3b:16:02:70:7e:fa:10:2c:fa:11:dd:ee:
b7:2f:1a:08:a7:33:66:81:0e:e0:21:ea:24:9e:d4:
4a:01:14:f2:d0:12:6a:2a:6e:4b:e8:7f:3b:29:60:
a2:e0:2b:54:93:93:11:4c:0f:05:cd:69:f7:33:05:
8a:67:de:4a:95:11:d4:20:48:79:ee:0d:b3:fc:82:
ab:bf:a9:4b:db:61:d8:7d:54:ec:61:88:60:08:59:
b5:88:d4:b2:77:60:d9:38:6a:02:b1:36:3a:ff:79:
56:d9:90:d9:79:1b:93:98:ca:4a:05:aa:4c:5a:aa:
e9:53:d5:4c:b8:61:1c:78:36:b9:8c:da:52:38:f0:
71:82:2a:e3:98:0e:10:cd:57:56:71:f5:58:a4:ae:
f5:79:02:5d:2a:5b:97:c3:0f:d4:bd:e8:48:37:8e:
91:0e:cf:7c:84:01:fb:8a:aa:60:a2:b6:a2:63:8c:
4a:e9:61:e1:59:58:32:61:04:c4:55:e5:e7:fb:2f:
04:00:61:32:9c:6f:98:ee:6b:96:97:d7:c4:11:1b:
65:bd:42:77:7e:47:28:43:f4:ad:88:28:22:b9:cf:
ee:ba:ad:bb:5b:d4:cd:ab:cd:a8:c6:d2:88:49:70:
10:5a:7f:c7:52:d2:47:32:d4:7f:f1:cd:04:21:e2:
85:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:B1:07:8D:21:E8:0F:79:BD:D9:71:EA:5A:82:34:07:4E:E4:1D:90
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XLEHjSHoD3m92XHqWoI0B07kHZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:5f:7f:66:9b:b2:b0:70:39:0a:c2:59:52:1f:28:1f:27:08:
ed:37:2c:f4:42:3f:ff:68:88:9c:ea:d8:31:55:8e:d7:26:e9:
97:79:c4:72:59:c4:64:bd:b3:ad:7b:23:64:0c:9a:ff:0d:23:
af:86:b4:41:d9:0d:a4:2b:57:41:ab:1d:12:10:cc:c3:9f:7a:
3d:58:17:93:69:56:fc:6a:6a:97:f8:fe:0e:a5:b2:07:ae:25:
a4:ed:c7:09:48:6e:eb:45:72:6f:f6:10:ad:68:d5:04:de:99:
de:0a:0a:12:1d:68:d8:16:dc:b0:6c:ef:21:dc:ce:ed:34:cd:
14:81:01:bb:18:6d:b7:58:90:13:4a:0b:61:c5:68:19:11:ff:
e8:47:30:42:37:45:ca:ef:88:f6:1e:ca:26:c5:71:82:3d:86:
b0:84:85:a4:71:93:e7:aa:28:1a:f1:36:f3:34:5c:84:58:ea:
b9:07:34:32:fb:f3:3c:f0:29:12:5e:df:4d:e3:5d:38:27:30:
6f:cc:2d:71:fb:8c:87:24:0c:21:55:fd:15:66:ea:90:a7:34:
5e:eb:20:de:67:af:54:82:e1:bc:67:91:69:f1:62:fc:c1:b5:
e6:1c:44:29:be:33:ff:62:7e:5e:2d:11:cb:21:22:96:b9:c8:
86:08:2f:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+iVPA6+STqs9gI1ccrEdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjMwMTAyMTAxNDU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2IxMDc4ZDIxZTgwZjc5YmRkOTcxZWE1YTgyMzQwNzRlZTQxZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspI7FgJwfvoQLPoR3e63LxoIpzNm
gQ7gIeokntRKARTy0BJqKm5L6H87KWCi4CtUk5MRTA8FzWn3MwWKZ95KlRHUIEh5
7g2z/IKrv6lL22HYfVTsYYhgCFm1iNSyd2DZOGoCsTY6/3lW2ZDZeRuTmMpKBapM
WqrpU9VMuGEceDa5jNpSOPBxgirjmA4QzVdWcfVYpK71eQJdKluXww/UvehIN46R
Ds98hAH7iqpgoraiY4xK6WHhWVgyYQTEVeXn+y8EAGEynG+Y7muWl9fEERtlvUJ3
fkcoQ/StiCgiuc/uuq27W9TNq82oxtKISXAQWn/HUtJHMtR/8c0EIeKFIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFyxB40h6A95vdlx6lqCNAdO5B2QMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWExFSGpTSG9EM205MlhIcVdvSTBCMDdrSFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUQW9MA0G
CSqGSIb3DQEBCwUAA4IBAQBrX39mm7KwcDkKwllSHygfJwjtNyz0Qj//aIic6tgx
VY7XJumXecRyWcRkvbOteyNkDJr/DSOvhrRB2Q2kK1dBqx0SEMzDn3o9WBeTaVb8
amqX+P4OpbIHriWk7ccJSG7rRXJv9hCtaNUE3pneCgoSHWjYFtywbO8h3M7tNM0U
gQG7GG23WJATSgthxWgZEf/oRzBCN0XK74j2HsomxXGCPYawhIWkcZPnqiga8Tbz
NFyEWOq5BzQy+/M88CkSXt9N4104JzBvzC1x+4yHJAwhVf0VZuqQpzRe6yDeZ69U
guG8Z5Fp8WL8wbXmHEQpvjP/Yn5eLRHLISKWuciGCC9h
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:30:33 2025 by rpki-client