Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/xoRxAA00MC5waVH-40V0p_ncUug.roa
File: xoRxAA00MC5waVH-40V0p_ncUug.roa (raw, json)
Hash identifier: 5YnMll2eNUQbi0XiBRmMdStwSthuwAlgHHskptYWfW0=
Subject key identifier: C6:84:71:00:0D:34:30:2E:70:69:51:FE:E3:45:74:A7:F9:DC:52:E8
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018573589436F0092793CA401F775646CECB
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/xoRxAA00MC5waVH-40V0p_ncUug.roa
Signing time: Mon 02 Jan 2023 16:37:42 +0000
ROA not before: Mon 02 Jan 2023 16:37:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 212174
IP address blocks: 89.35.233.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:73:58:94:36:f0:09:27:93:ca:40:1f:77:56:46:ce:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Jan 2 16:37:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c68471000d34302e706951fee34574a7f9dc52e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:f6:db:50:1a:f6:c9:08:4b:2b:7f:25:58:e2:
be:cb:50:05:07:2e:76:15:fa:39:c9:47:e1:9a:95:
7f:42:cf:59:b5:cb:f5:af:89:83:71:39:90:84:e2:
d6:5c:24:d1:97:84:94:91:8b:dc:e5:86:05:22:bd:
49:58:81:ae:7c:16:a0:18:0d:c2:a9:88:ba:3e:c2:
61:ef:05:8f:af:dd:bb:bb:1f:a7:6b:19:61:0a:96:
42:7a:ca:3d:ff:5c:ea:ad:27:15:3d:19:b0:36:6f:
0d:cf:d1:8d:ea:94:04:3c:b9:6f:0f:5f:62:70:ff:
fb:92:4a:77:3b:1e:58:51:6f:e1:e3:09:9c:68:c3:
98:97:db:7c:da:91:53:d8:73:05:1c:3f:f5:33:0a:
39:a0:e7:53:1b:57:b6:bf:c3:2c:39:61:c5:c0:75:
7a:49:91:61:2f:bf:96:be:40:80:d3:e9:9f:ef:24:
f1:ba:da:6e:b3:af:b6:fc:0f:22:3a:8b:0b:ad:77:
c1:1a:9e:57:2f:38:20:ad:70:b8:d5:54:ec:37:47:
7e:5b:f1:c1:ad:0a:bf:e0:a3:5d:e6:b4:fb:57:52:
79:4f:39:76:0c:b0:89:34:01:c1:f2:d2:76:c8:d9:
60:0e:e7:2b:62:a5:16:a8:0a:70:d7:2e:9e:7d:0d:
88:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:84:71:00:0D:34:30:2E:70:69:51:FE:E3:45:74:A7:F9:DC:52:E8
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/xoRxAA00MC5waVH-40V0p_ncUug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.233.0/24
Signature Algorithm: sha256WithRSAEncryption
76:a9:40:b5:19:28:68:80:fe:85:d9:52:ef:33:72:b9:53:d1:
9f:16:c1:98:07:6c:23:ac:f5:40:77:36:ca:a0:77:1b:ae:68:
46:c5:e7:e0:ec:c1:e6:31:19:cb:24:e9:64:df:f5:d4:db:73:
ff:9d:8f:16:c0:97:43:3f:b6:f7:91:3c:bb:a2:cb:76:99:f6:
01:ea:66:13:de:59:95:1b:c2:da:1d:a0:bf:43:4c:0d:d2:fd:
d7:19:b4:46:89:52:87:8f:15:e2:f8:e9:09:83:27:40:70:6d:
55:f1:23:80:ff:65:a1:4e:ae:9c:bb:a1:d9:20:f2:76:c0:28:
30:84:3f:42:a5:d8:40:b1:66:61:9e:85:67:17:4e:ff:e1:9a:
4d:5f:5f:92:eb:89:05:9a:af:c3:65:c2:73:6f:9b:6f:e3:07:
62:56:86:24:40:45:42:74:77:fb:33:93:26:d8:59:56:c5:68:
4e:33:bc:4c:bd:aa:d7:e3:81:06:9b:e8:ca:ea:80:5c:95:35:
63:d4:10:55:89:5b:d1:aa:da:50:b6:fe:fb:b4:00:8f:64:f8:
9a:ef:38:db:5d:71:62:7a:a9:84:20:74:17:da:5c:05:b4:19:
b9:22:1f:de:ee:3c:c5:c7:ab:58:4c:2c:f1:3a:63:03:54:74:
a9:6f:48:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVzWJQ28Aknk8pAH3dWRs7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjMwMTAyMTYzNzQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjg0NzEwMDBkMzQzMDJlNzA2OTUxZmVlMzQ1NzRhN2Y5ZGM1MmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvfbbUBr2yQhLK38lWOK+y1AFBy52
Ffo5yUfhmpV/Qs9Ztcv1r4mDcTmQhOLWXCTRl4SUkYvc5YYFIr1JWIGufBagGA3C
qYi6PsJh7wWPr927ux+naxlhCpZCeso9/1zqrScVPRmwNm8Nz9GN6pQEPLlvD19i
cP/7kkp3Ox5YUW/h4wmcaMOYl9t82pFT2HMFHD/1Mwo5oOdTG1e2v8MsOWHFwHV6
SZFhL7+WvkCA0+mf7yTxutpus6+2/A8iOosLrXfBGp5XLzggrXC41VTsN0d+W/HB
rQq/4KNd5rT7V1J5Tzl2DLCJNAHB8tJ2yNlgDucrYqUWqApw1y6efQ2IuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMaEcQANNDAucGlR/uNFdKf53FLoMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEveG9SeEFBMDBNQzV3YVZILTQwVjBwX25jVXVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSPpMA0G
CSqGSIb3DQEBCwUAA4IBAQB2qUC1GShogP6F2VLvM3K5U9GfFsGYB2wjrPVAdzbK
oHcbrmhGxefg7MHmMRnLJOlk3/XU23P/nY8WwJdDP7b3kTy7ost2mfYB6mYT3lmV
G8LaHaC/Q0wN0v3XGbRGiVKHjxXi+OkJgydAcG1V8SOA/2WhTq6cu6HZIPJ2wCgw
hD9CpdhAsWZhnoVnF07/4ZpNX1+S64kFmq/DZcJzb5tv4wdiVoYkQEVCdHf7M5Mm
2FlWxWhOM7xMvarX44EGm+jK6oBclTVj1BBViVvRqtpQtv77tACPZPia7zjbXXFi
eqmEIHQX2lwFtBm5Ih/e7jzFx6tYTCzxOmMDVHSpb0iH
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:52 2025 by rpki-client