Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/07bf93-6b71-4752-887e-71b5056d5b02/1/XWyhkxq29RF5MCfJcGV8J1q-3nM.roa
File: XWyhkxq29RF5MCfJcGV8J1q-3nM.roa (raw, json)
Hash identifier: EhK6rs4PLUmiaQ9HPWKoBnY4Ws7HR+i/cBMUsB5/DsE=
Subject key identifier: 5D:6C:A1:93:1A:B6:F5:11:79:30:27:C9:70:65:7C:27:5A:BE:DE:73
Certificate issuer: /CN=be8baeae76001a87daeeb0bc2a8dd10ce65f865d
Certificate serial: 018571150925BEDBD1DBDC7F2C4A32A5A11E
Authority key identifier: BE:8B:AE:AE:76:00:1A:87:DA:EE:B0:BC:2A:8D:D1:0C:E6:5F:86:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vouurnYAGofa7rC8Ko3RDOZfhl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/07bf93-6b71-4752-887e-71b5056d5b02/1/XWyhkxq29RF5MCfJcGV8J1q-3nM.roa
Signing time: Mon 02 Jan 2023 06:04:41 +0000
ROA not before: Mon 02 Jan 2023 06:04:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 207674
IP address blocks: 193.26.146.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:15:09:25:be:db:d1:db:dc:7f:2c:4a:32:a5:a1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8baeae76001a87daeeb0bc2a8dd10ce65f865d
Validity
Not Before: Jan 2 06:04:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d6ca1931ab6f511793027c970657c275abede73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:11:34:96:69:06:33:26:ed:11:71:cf:35:1b:
ab:2c:0a:f3:50:1f:44:c6:b7:18:40:19:3a:fd:88:
1a:71:16:71:e2:ed:11:a8:8e:bc:76:07:67:45:f1:
70:b0:5a:40:39:98:98:c3:8a:1c:fb:c7:7e:80:7d:
5c:23:14:4d:4c:1e:2a:ac:a6:45:9b:b5:83:87:79:
64:72:22:22:a6:7d:74:11:65:69:9f:8c:76:9a:ff:
a1:0c:57:42:35:ce:61:d1:60:16:7a:2b:e3:1d:d8:
bf:01:8c:c4:c1:35:d6:54:28:e1:17:5d:7e:10:f9:
c7:cc:14:d4:c4:8d:30:90:c6:eb:4e:54:31:fc:16:
56:5d:6f:36:70:3d:35:ba:73:32:e2:48:9e:7b:60:
87:ce:26:c0:b3:c2:28:8f:dc:91:72:de:82:72:3e:
f1:7d:08:4b:35:41:ab:c9:68:5d:81:62:97:ae:2d:
ba:f8:4a:26:77:74:6c:d8:74:9b:0e:ed:b4:da:07:
35:dc:4e:70:4e:3e:b0:9c:8e:5b:e6:d8:7b:99:55:
17:d2:3a:4d:21:40:18:6b:94:d3:ca:28:e1:0b:09:
a6:03:c5:bb:6e:27:88:53:9e:2b:08:26:4f:ac:e8:
2e:89:c1:22:99:f0:4c:36:73:b0:24:a4:4a:17:e2:
bc:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:6C:A1:93:1A:B6:F5:11:79:30:27:C9:70:65:7C:27:5A:BE:DE:73
X509v3 Authority Key Identifier:
keyid:BE:8B:AE:AE:76:00:1A:87:DA:EE:B0:BC:2A:8D:D1:0C:E6:5F:86:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vouurnYAGofa7rC8Ko3RDOZfhl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/07bf93-6b71-4752-887e-71b5056d5b02/1/XWyhkxq29RF5MCfJcGV8J1q-3nM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/07bf93-6b71-4752-887e-71b5056d5b02/1/vouurnYAGofa7rC8Ko3RDOZfhl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.26.146.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:16:69:cc:d0:94:36:0e:33:61:e7:d6:9c:28:1a:7c:9a:f1:
af:29:c2:44:a1:85:11:3a:dd:95:1a:78:0f:86:32:0e:e3:f3:
13:ca:7c:f4:53:a0:7c:c4:e1:4a:0a:fe:12:d4:d6:9e:c1:50:
04:91:24:cf:b0:80:90:a3:d3:a3:51:df:84:5b:92:c6:7f:95:
bc:76:3a:65:d8:bc:59:da:41:d2:8c:07:56:25:a7:5a:50:f4:
bc:f4:ec:15:72:4c:6b:75:29:f0:88:e8:60:83:07:4c:47:f4:
75:11:90:a2:74:b5:bd:18:7e:e3:1f:76:b7:c7:f4:63:cb:17:
0e:2e:80:63:af:8d:4b:c2:e5:2c:9a:53:2a:42:ed:6a:39:c2:
6c:aa:62:ba:dc:77:48:dd:87:88:e3:4f:3f:64:38:2a:28:51:
26:1b:6c:b1:18:d2:ed:4d:fd:8c:12:26:e1:f5:dc:e4:6b:07:
f3:bd:76:86:b7:9d:62:ed:6e:eb:f0:49:68:c5:6e:7d:6d:2f:
61:eb:c2:b6:d7:f1:d5:48:36:df:f4:e5:ca:50:6b:ed:81:f1:
cf:ed:62:85:32:57:8f:b5:7f:fe:72:ff:80:b9:03:79:19:58:
8b:76:56:d9:00:f4:96:28:ed:c1:f3:bf:14:2f:97:ed:42:75:
b7:5a:97:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxFQklvtvR29x/LEoypaEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGJhZWFlNzYwMDFhODdkYWVlYjBiYzJhOGRkMTBjZTY1
Zjg2NWQwHhcNMjMwMTAyMDYwNDQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDZjYTE5MzFhYjZmNTExNzkzMDI3Yzk3MDY1N2MyNzVhYmVkZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyxE0lmkGMybtEXHPNRurLArzUB9E
xrcYQBk6/YgacRZx4u0RqI68dgdnRfFwsFpAOZiYw4oc+8d+gH1cIxRNTB4qrKZF
m7WDh3lkciIipn10EWVpn4x2mv+hDFdCNc5h0WAWeivjHdi/AYzEwTXWVCjhF11+
EPnHzBTUxI0wkMbrTlQx/BZWXW82cD01unMy4kiee2CHzibAs8Ioj9yRct6Ccj7x
fQhLNUGryWhdgWKXri26+Eomd3Rs2HSbDu202gc13E5wTj6wnI5b5th7mVUX0jpN
IUAYa5TTyijhCwmmA8W7bieIU54rCCZPrOguicEimfBMNnOwJKRKF+K8awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1soZMatvUReTAnyXBlfCdavt5zMB8GA1UdIwQY
MBaAFL6Lrq52ABqH2u6wvCqN0QzmX4ZdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm91dXJuWUFHb2ZhN3JDOEtvM1JET1pmaGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8wN2JmOTMtNmI3MS00NzUyLTg4N2Ut
NzFiNTA1NmQ1YjAyLzEvWFd5aGt4cTI5UkY1TUNmSmNHVjhKMXEtM25NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8wN2JmOTMtNmI3MS00NzUyLTg4N2UtNzFiNTA1NmQ1YjAy
LzEvdm91dXJuWUFHb2ZhN3JDOEtvM1JET1pmaGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwRqSMA0G
CSqGSIb3DQEBCwUAA4IBAQCxFmnM0JQ2DjNh59acKBp8mvGvKcJEoYUROt2VGngP
hjIO4/MTynz0U6B8xOFKCv4S1NaewVAEkSTPsICQo9OjUd+EW5LGf5W8djpl2LxZ
2kHSjAdWJadaUPS89OwVckxrdSnwiOhggwdMR/R1EZCidLW9GH7jH3a3x/RjyxcO
LoBjr41LwuUsmlMqQu1qOcJsqmK63HdI3YeI408/ZDgqKFEmG2yxGNLtTf2MEibh
9dzkawfzvXaGt51i7W7r8EloxW59bS9h68K21/HVSDbf9OXKUGvtgfHP7WKFMleP
tX/+cv+AuQN5GViLdlbZAPSWKO3B878UL5ftQnW3Wpen
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:47:20 2025 by rpki-client