Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/XSVO7pm9dsnJ1Ici8x6DWmjdB8k.roa
File: XSVO7pm9dsnJ1Ici8x6DWmjdB8k.roa (raw, json)
Hash identifier: qqSG/PK4wF4UjZtRlYJILnxliISp5EIndqoZ0CYPW7Y=
Subject key identifier: 5D:25:4E:EE:99:BD:76:C9:C9:D4:87:22:F3:1E:83:5A:68:DD:07:C9
Certificate issuer: /CN=256452a3420f4f18dfa3a14d26b3348fdfcf3d3b
Certificate serial: 04906CE9
Authority key identifier: 25:64:52:A3:42:0F:4F:18:DF:A3:A1:4D:26:B3:34:8F:DF:CF:3D:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JWRSo0IPTxjfo6FNJrM0j9_PPTs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/XSVO7pm9dsnJ1Ici8x6DWmjdB8k.roa
Signing time: Sat 01 Jan 2022 04:58:59 +0000
ROA not before: Sat 01 Jan 2022 04:58:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 206894
IP address blocks: 193.25.96.0/23 maxlen: 23
193.24.38.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 76573929 (0x4906ce9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=256452a3420f4f18dfa3a14d26b3348fdfcf3d3b
Validity
Not Before: Jan 1 04:58:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d254eee99bd76c9c9d48722f31e835a68dd07c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c1:13:34:49:a4:4c:48:5c:24:b7:be:c4:92:
d8:16:8d:8a:72:bc:93:7e:09:f5:3d:a7:b1:a1:ad:
31:24:2c:41:f5:90:e4:30:df:f6:f0:d7:a2:86:46:
45:92:db:54:e0:bb:68:fa:cb:04:9a:62:d8:3b:21:
57:0a:20:f7:68:49:80:f8:59:70:9e:9c:7f:be:fc:
7d:a0:6c:fc:44:0c:f2:a4:b9:d8:e5:7e:26:3d:9c:
e4:4f:68:90:61:3c:b8:c5:d8:73:5e:03:15:27:24:
67:3b:cb:07:1e:4b:a0:30:3b:19:83:5d:89:80:37:
48:65:97:8f:71:3b:ea:c0:4f:8b:f2:27:f0:3b:b3:
07:e8:27:ea:9f:1d:0c:e6:c4:1d:a5:7f:c8:34:ba:
a6:57:b9:e3:29:c8:96:b8:bc:37:ba:92:fc:c1:6d:
30:4b:03:6b:df:46:e7:2f:b2:e1:59:13:41:20:b2:
ad:58:85:06:a4:64:d3:78:52:6c:e7:fd:a2:f5:3c:
aa:e2:38:b8:b5:c3:d9:0f:2b:4a:79:61:c2:be:3e:
83:e5:0c:72:33:69:bc:c8:a8:80:ad:0c:d1:d7:ed:
57:20:9d:11:f9:ac:99:a7:13:27:dd:1f:e0:e9:5b:
85:b3:17:a7:96:e4:36:17:ec:f8:0a:6f:04:c0:4a:
64:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:25:4E:EE:99:BD:76:C9:C9:D4:87:22:F3:1E:83:5A:68:DD:07:C9
X509v3 Authority Key Identifier:
keyid:25:64:52:A3:42:0F:4F:18:DF:A3:A1:4D:26:B3:34:8F:DF:CF:3D:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JWRSo0IPTxjfo6FNJrM0j9_PPTs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/XSVO7pm9dsnJ1Ici8x6DWmjdB8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/a48388-2ed7-44cf-9557-f38b289ff969/1/JWRSo0IPTxjfo6FNJrM0j9_PPTs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.38.0/23
193.25.96.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:d7:31:9b:90:4e:93:81:a7:08:df:1a:f5:ed:ab:9a:7f:89:
bc:41:77:16:30:da:98:22:4f:c8:65:7a:3f:16:3e:b3:b4:38:
97:a4:71:c9:70:11:45:b7:ea:6f:09:f1:59:cf:a5:80:9b:3b:
72:62:d9:bf:75:00:0f:9c:96:5a:d2:6c:c2:c0:5c:59:45:8b:
bb:f0:3e:61:88:6c:03:37:08:7d:6f:1e:0b:35:35:da:b5:ff:
29:b3:95:92:f7:cf:b1:f5:79:ff:53:a2:17:fc:92:af:fb:0b:
39:1b:b8:cf:99:d4:a3:f9:47:7b:69:d1:fe:a8:54:9f:e0:f7:
ca:34:91:b7:6c:cd:46:62:b7:d3:f8:e5:b5:d7:de:ef:70:1a:
73:07:ad:4d:08:ae:94:70:6f:cd:a3:49:e0:54:73:e2:58:d0:
5e:ce:77:5a:87:72:29:46:e5:7c:22:dd:e3:64:43:1d:d2:cf:
c7:57:61:44:6c:94:9f:51:91:c7:61:2f:23:86:ce:8d:27:4f:
e7:6d:2f:77:8d:e9:e9:b7:69:ae:42:da:3a:b5:4a:72:ef:ab:
21:03:35:97:c7:c2:58:c3:71:6a:55:94:1c:32:86:57:15:38:
aa:88:b4:a5:43:c5:37:2c:3e:eb:84:a7:aa:84:aa:d2:29:4b:
4d:45:17:9a
-----BEGIN CERTIFICATE-----
MIIE9TCCA92gAwIBAgIEBJBs6TANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygy
NTY0NTJhMzQyMGY0ZjE4ZGZhM2ExNGQyNmIzMzQ4ZmRmY2YzZDNiMB4XDTIyMDEw
MTA0NTg1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQyNTRlZWU5OWJk
NzZjOWM5ZDQ4NzIyZjMxZTgzNWE2OGRkMDdjOTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAK/BEzRJpExIXCS3vsSS2BaNinK8k34J9T2nsaGtMSQsQfWQ
5DDf9vDXooZGRZLbVOC7aPrLBJpi2DshVwog92hJgPhZcJ6cf778faBs/EQM8qS5
2OV+Jj2c5E9okGE8uMXYc14DFSckZzvLBx5LoDA7GYNdiYA3SGWXj3E76sBPi/In
8DuzB+gn6p8dDObEHaV/yDS6ple54ynIlri8N7qS/MFtMEsDa99G5y+y4VkTQSCy
rViFBqRk03hSbOf9ovU8quI4uLXD2Q8rSnlhwr4+g+UMcjNpvMiogK0M0dftVyCd
EfmsmacTJ90f4OlbhbMXp5bkNhfs+ApvBMBKZEsCAwEAAaOCAg8wggILMB0GA1Ud
DgQWBBRdJU7umb12ycnUhyLzHoNaaN0HyTAfBgNVHSMEGDAWgBQlZFKjQg9PGN+j
oU0mszSP3889OzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L0pXUlNvMElQVHhqZm82Rk5Kck0wajlfUFBUcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOGYvYTQ4Mzg4LTJlZDctNDRjZi05NTU3LWYzOGIyODlmZjk2OS8x
L1hTVk83cG05ZHNuSjFJY2k4eDZEV21qZEI4ay5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOGYv
YTQ4Mzg4LTJlZDctNDRjZi05NTU3LWYzOGIyODlmZjk2OS8xL0pXUlNvMElQVHhq
Zm82Rk5Kck0wajlfUFBUcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAcEYJgMEAcEZYDANBgkqhkiG9w0B
AQsFAAOCAQEAO9cxm5BOk4GnCN8a9e2rmn+JvEF3FjDamCJPyGV6PxY+s7Q4l6Rx
yXARRbfqbwnxWc+lgJs7cmLZv3UAD5yWWtJswsBcWUWLu/A+YYhsAzcIfW8eCzU1
2rX/KbOVkvfPsfV5/1OiF/ySr/sLORu4z5nUo/lHe2nR/qhUn+D3yjSRt2zNRmK3
0/jltdfe73AacwetTQiulHBvzaNJ4FRz4ljQXs53WodyKUblfCLd42RDHdLPx1dh
RGyUn1GRx2EvI4bOjSdP520vd43p6bdprkLaOrVKcu+rIQM1l8fCWMNxalWUHDKG
VxU4qoi0pUPFNyw+64SnqoSq0ilLTUUXmg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:24:30 2025 by rpki-client