Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/eddabc-5135-4e4b-b411-1eba6ff77eac/1/XheOGRCUdhKQorpzGmDjiJlI2P8.roa
File: XheOGRCUdhKQorpzGmDjiJlI2P8.roa (raw, json)
Hash identifier: DOMDeOKokWY9tv0nDXDu0sHynBFXscUOoD20ch6U2Fc=
Subject key identifier: 5E:17:8E:19:10:94:76:12:90:A2:BA:73:1A:60:E3:88:99:48:D8:FF
Certificate issuer: /CN=3d4c7870193ddfcdb890b6647cc8b56c1196ff08
Certificate serial: 01856C0A59425A269AFB4726EF2AD3842AF6
Authority key identifier: 3D:4C:78:70:19:3D:DF:CD:B8:90:B6:64:7C:C8:B5:6C:11:96:FF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PUx4cBk93824kLZkfMi1bBGW_wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/eddabc-5135-4e4b-b411-1eba6ff77eac/1/XheOGRCUdhKQorpzGmDjiJlI2P8.roa
Signing time: Sun 01 Jan 2023 06:34:55 +0000
ROA not before: Sun 01 Jan 2023 06:34:55 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34950
IP address blocks: 193.242.103.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:0a:59:42:5a:26:9a:fb:47:26:ef:2a:d3:84:2a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d4c7870193ddfcdb890b6647cc8b56c1196ff08
Validity
Not Before: Jan 1 06:34:55 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e178e191094761290a2ba731a60e3889948d8ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:ae:56:7a:ae:8e:bc:57:8a:e5:d1:e7:87:c4:
44:1b:1b:51:14:c7:f9:12:d9:c8:d3:b6:19:8b:53:
d3:3c:6d:07:a7:a2:e9:eb:11:47:b1:49:80:8c:4e:
b5:d6:0e:cf:cd:9c:a5:02:00:08:78:19:68:46:62:
f5:fa:b9:20:23:19:02:00:36:40:f5:2b:e1:96:15:
8c:ad:e0:a6:09:e6:85:a1:77:33:06:e7:3f:49:c7:
93:17:a1:dd:7e:ef:4c:9c:b9:06:5b:70:92:f9:b2:
02:6c:bb:48:92:da:78:a3:5f:70:44:4a:0a:87:53:
ce:e3:f4:fb:2e:77:d0:3c:ef:33:f7:c5:01:98:fa:
f4:a6:1b:b4:e3:96:99:53:29:92:34:2e:b6:cd:16:
62:0e:44:cf:57:60:c6:11:b8:55:36:56:24:3a:72:
3f:3c:cb:78:66:fd:69:06:91:e5:31:00:f9:a3:48:
d8:de:3b:49:0e:5e:80:1b:52:21:a5:67:f3:2f:ce:
fa:df:b4:22:f8:02:73:01:bf:43:88:20:6b:f0:e3:
9b:0e:5a:b2:bb:c5:0f:95:5f:08:dc:8b:f5:f7:eb:
f4:4c:e6:1f:b1:cc:eb:4b:18:4e:17:cb:85:58:72:
88:34:c5:50:f4:c1:54:77:12:c2:0e:f5:8e:71:45:
d0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:17:8E:19:10:94:76:12:90:A2:BA:73:1A:60:E3:88:99:48:D8:FF
X509v3 Authority Key Identifier:
keyid:3D:4C:78:70:19:3D:DF:CD:B8:90:B6:64:7C:C8:B5:6C:11:96:FF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PUx4cBk93824kLZkfMi1bBGW_wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/eddabc-5135-4e4b-b411-1eba6ff77eac/1/XheOGRCUdhKQorpzGmDjiJlI2P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/eddabc-5135-4e4b-b411-1eba6ff77eac/1/PUx4cBk93824kLZkfMi1bBGW_wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.242.103.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:56:d5:bc:37:41:d9:f7:30:f6:ba:b6:f9:9e:f2:58:34:fe:
d9:f6:d3:3d:0f:a0:8b:c3:ef:a6:48:5e:bf:54:b3:d0:50:0b:
9c:95:53:ba:3d:3f:43:0f:aa:a8:7e:a6:56:7f:74:57:40:0c:
a8:93:0b:cf:85:18:3e:fe:5f:f7:89:9d:9a:17:ef:d4:86:d2:
d5:88:db:77:81:0e:6a:a8:17:5c:84:4b:78:24:96:30:be:3a:
64:de:36:27:5a:4b:33:af:a2:54:e3:17:77:3c:e4:7e:e1:8f:
ad:be:14:26:bf:b1:c5:50:50:1a:3d:2a:13:58:e6:61:95:b0:
a1:e6:11:9b:f6:e4:f3:f3:43:83:e0:76:15:9b:52:15:9a:be:
dc:0f:e1:c1:d1:38:f3:e7:2c:55:2b:b9:32:17:3e:de:2c:a3:
2d:d3:8e:18:64:fb:cb:95:f7:c7:47:66:a6:bd:ed:b8:15:06:
67:85:eb:09:ce:d6:c7:25:d4:95:ad:1e:b2:6e:9e:c4:23:61:
76:2b:19:3e:5d:bd:f9:56:30:48:90:4c:dd:61:ae:8b:31:be:
6c:8a:d0:71:9c:4d:98:6d:b3:65:fd:b3:84:f7:27:d4:4b:af:
d8:68:f4:6a:94:ea:4f:5c:a4:be:c9:4f:97:5f:63:be:7e:3f:
b5:f0:94:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVsCllCWiaa+0cm7yrThCr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkNGM3ODcwMTkzZGRmY2RiODkwYjY2NDdjYzhiNTZjMTE5
NmZmMDgwHhcNMjMwMTAxMDYzNDU1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTE3OGUxOTEwOTQ3NjEyOTBhMmJhNzMxYTYwZTM4ODk5NDhkOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAla5Weq6OvFeK5dHnh8REGxtRFMf5
EtnI07YZi1PTPG0Hp6Lp6xFHsUmAjE611g7PzZylAgAIeBloRmL1+rkgIxkCADZA
9SvhlhWMreCmCeaFoXczBuc/SceTF6Hdfu9MnLkGW3CS+bICbLtIktp4o19wREoK
h1PO4/T7LnfQPO8z98UBmPr0phu045aZUymSNC62zRZiDkTPV2DGEbhVNlYkOnI/
PMt4Zv1pBpHlMQD5o0jY3jtJDl6AG1IhpWfzL87637Qi+AJzAb9DiCBr8OObDlqy
u8UPlV8I3Iv19+v0TOYfsczrSxhOF8uFWHKINMVQ9MFUdxLCDvWOcUXQywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4XjhkQlHYSkKK6cxpg44iZSNj/MB8GA1UdIwQY
MBaAFD1MeHAZPd/NuJC2ZHzItWwRlv8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFV4NGNCazkzODI0a0xaa2ZNaTFiQkdXX3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy9lZGRhYmMtNTEzNS00ZTRiLWI0MTEt
MWViYTZmZjc3ZWFjLzEvWGhlT0dSQ1VkaEtRb3JwekdtRGppSmxJMlA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy9lZGRhYmMtNTEzNS00ZTRiLWI0MTEtMWViYTZmZjc3ZWFj
LzEvUFV4NGNCazkzODI0a0xaa2ZNaTFiQkdXX3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwfJnMA0G
CSqGSIb3DQEBCwUAA4IBAQA9VtW8N0HZ9zD2urb5nvJYNP7Z9tM9D6CLw++mSF6/
VLPQUAuclVO6PT9DD6qofqZWf3RXQAyokwvPhRg+/l/3iZ2aF+/UhtLViNt3gQ5q
qBdchEt4JJYwvjpk3jYnWkszr6JU4xd3POR+4Y+tvhQmv7HFUFAaPSoTWOZhlbCh
5hGb9uTz80OD4HYVm1IVmr7cD+HB0Tjz5yxVK7kyFz7eLKMt044YZPvLlffHR2am
ve24FQZnhesJztbHJdSVrR6ybp7EI2F2Kxk+Xb35VjBIkEzdYa6LMb5sitBxnE2Y
bbNl/bOE9yfUS6/YaPRqlOpPXKS+yU+XX2O+fj+18JTq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:26:36 2025 by rpki-client