Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/dff181-2b76-4ca2-96e4-6b158b22b48f/1/XNWqYXMLIVHKHHGBzO-LQ1dYa90.roa
File: XNWqYXMLIVHKHHGBzO-LQ1dYa90.roa (raw, json)
Hash identifier: D4L4zrtOAiye/O6Tn1aNyb/D7krcDu/iR9ZD3kSZf8c=
Subject key identifier: 5C:D5:AA:61:73:0B:21:51:CA:1C:71:81:CC:EF:8B:43:57:58:6B:DD
Certificate issuer: /CN=0314514897a0aa3ffbf45b48606124627f15e506
Certificate serial: 018571FA338106AAF8B95DC7F4DFE08AEA82
Authority key identifier: 03:14:51:48:97:A0:AA:3F:FB:F4:5B:48:60:61:24:62:7F:15:E5:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AxRRSJegqj_79FtIYGEkYn8V5QY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/dff181-2b76-4ca2-96e4-6b158b22b48f/1/XNWqYXMLIVHKHHGBzO-LQ1dYa90.roa
Signing time: Mon 02 Jan 2023 10:15:00 +0000
ROA not before: Mon 02 Jan 2023 10:15:00 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 48854
IP address blocks: 37.140.219.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:fa:33:81:06:aa:f8:b9:5d:c7:f4:df:e0:8a:ea:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0314514897a0aa3ffbf45b48606124627f15e506
Validity
Not Before: Jan 2 10:15:00 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cd5aa61730b2151ca1c7181ccef8b4357586bdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a1:67:d2:05:0a:21:e1:fe:63:cf:71:37:b5:
3d:bc:ed:10:c9:57:14:bb:f3:3c:12:87:4d:0e:7e:
23:fa:fc:07:02:b4:85:4b:ff:db:a7:06:5e:31:83:
3f:9c:06:cf:ba:54:85:80:e4:60:bd:29:68:dc:7d:
f4:61:49:5f:66:b4:c1:49:59:15:e5:5e:57:b4:2d:
8b:84:ad:bf:f1:48:66:f7:41:33:d6:a9:fb:b2:52:
9f:61:95:8f:30:98:39:71:80:e3:97:91:34:a3:0c:
f0:34:16:b3:d0:d7:1f:dc:d7:dc:56:c1:8f:41:f0:
6e:98:0b:d4:58:09:8e:29:22:37:5b:44:70:dc:1b:
7a:59:4b:a4:bc:d4:9c:de:dd:c2:63:c6:30:5f:06:
30:d0:35:20:02:de:63:be:43:fb:17:ef:f5:2b:84:
a7:e3:e9:e7:43:a5:48:06:5d:81:42:d3:81:b3:1c:
6b:90:70:b4:90:e3:46:1a:20:b9:29:d6:63:ae:d3:
b1:e2:57:53:76:e1:02:ac:a9:b7:31:23:e2:df:7f:
9d:01:f8:a2:c5:c3:f0:0b:8f:f8:31:77:44:ee:d9:
97:fa:50:38:38:3f:86:80:90:da:77:fc:3f:de:9f:
09:c0:80:df:af:12:20:64:13:88:f4:c4:50:69:e9:
07:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:D5:AA:61:73:0B:21:51:CA:1C:71:81:CC:EF:8B:43:57:58:6B:DD
X509v3 Authority Key Identifier:
keyid:03:14:51:48:97:A0:AA:3F:FB:F4:5B:48:60:61:24:62:7F:15:E5:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AxRRSJegqj_79FtIYGEkYn8V5QY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/dff181-2b76-4ca2-96e4-6b158b22b48f/1/XNWqYXMLIVHKHHGBzO-LQ1dYa90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/dff181-2b76-4ca2-96e4-6b158b22b48f/1/AxRRSJegqj_79FtIYGEkYn8V5QY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.219.0/24
Signature Algorithm: sha256WithRSAEncryption
73:a6:d1:ff:1e:89:ca:76:fe:16:8c:b5:bc:89:e3:bb:86:cf:
06:ca:b1:f8:65:ce:f7:d6:93:b9:1d:b8:fb:9b:26:b2:50:1d:
ef:9a:cd:72:28:80:56:ea:d8:4b:b3:dd:71:18:a4:04:b4:b4:
94:e2:f5:49:83:94:96:09:80:35:70:f7:81:91:04:2e:1b:77:
c5:5c:bf:76:ef:b0:db:3a:b1:0a:c0:96:e8:67:58:95:4c:8a:
d6:d1:70:5a:02:af:15:95:d1:ea:dc:3d:df:c4:a3:00:38:75:
c5:b1:99:07:c7:82:33:0c:16:93:17:6e:e4:af:d8:ee:d0:7b:
df:3f:63:46:c7:5c:a7:78:cb:8a:3a:07:19:45:0a:a7:9d:30:
1a:a8:01:c5:42:32:37:77:d3:ce:1e:b5:fb:88:75:b9:ce:35:
1d:ad:8e:37:06:ad:65:f3:85:04:57:a0:03:8b:f6:dd:a3:81:
f5:3b:62:e9:ad:5b:44:02:72:73:9a:a0:8d:ab:4e:cb:a9:60:
34:7d:84:e0:cb:26:6a:f8:40:7b:3d:f0:6f:85:80:9d:8f:56:
24:77:e7:96:06:68:06:15:b4:34:de:ec:2d:d2:a2:8e:45:26:
48:6d:e1:a3:36:98:ad:2b:ea:a1:16:b6:ac:52:c0:cb:2b:67:
38:1b:fd:0f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVx+jOBBqr4uV3H9N/giuqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzMTQ1MTQ4OTdhMGFhM2ZmYmY0NWI0ODYwNjEyNDYyN2Yx
NWU1MDYwHhcNMjMwMTAyMTAxNTAwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2Q1YWE2MTczMGIyMTUxY2ExYzcxODFjY2VmOGI0MzU3NTg2YmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraFn0gUKIeH+Y89xN7U9vO0QyVcU
u/M8EodNDn4j+vwHArSFS//bpwZeMYM/nAbPulSFgORgvSlo3H30YUlfZrTBSVkV
5V5XtC2LhK2/8Uhm90Ez1qn7slKfYZWPMJg5cYDjl5E0owzwNBaz0Ncf3NfcVsGP
QfBumAvUWAmOKSI3W0Rw3Bt6WUukvNSc3t3CY8YwXwYw0DUgAt5jvkP7F+/1K4Sn
4+nnQ6VIBl2BQtOBsxxrkHC0kONGGiC5KdZjrtOx4ldTduECrKm3MSPi33+dAfii
xcPwC4/4MXdE7tmX+lA4OD+GgJDad/w/3p8JwIDfrxIgZBOI9MRQaekH6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzVqmFzCyFRyhxxgczvi0NXWGvdMB8GA1UdIwQY
MBaAFAMUUUiXoKo/+/RbSGBhJGJ/FeUGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXhSUlNKZWdxal83OUZ0SVlHRWtZbjhWNVFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kZmYxODEtMmI3Ni00Y2EyLTk2ZTQt
NmIxNThiMjJiNDhmLzEvWE5XcVlYTUxJVkhLSEhHQnpPLUxRMWRZYTkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kZmYxODEtMmI3Ni00Y2EyLTk2ZTQtNmIxNThiMjJiNDhm
LzEvQXhSUlNKZWdxal83OUZ0SVlHRWtZbjhWNVFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJYzbMA0G
CSqGSIb3DQEBCwUAA4IBAQBzptH/HonKdv4WjLW8ieO7hs8GyrH4Zc731pO5Hbj7
myayUB3vms1yKIBW6thLs91xGKQEtLSU4vVJg5SWCYA1cPeBkQQuG3fFXL9277Db
OrEKwJboZ1iVTIrW0XBaAq8VldHq3D3fxKMAOHXFsZkHx4IzDBaTF27kr9ju0Hvf
P2NGx1yneMuKOgcZRQqnnTAaqAHFQjI3d9POHrX7iHW5zjUdrY43Bq1l84UEV6AD
i/bdo4H1O2LprVtEAnJzmqCNq07LqWA0fYTgyyZq+EB7PfBvhYCdj1Ykd+eWBmgG
FbQ03uwt0qKORSZIbeGjNpitK+qhFrasUsDLK2c4G/0P
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:29:36 2025 by rpki-client