Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/xdzrWLDnZVk-QxBrfgN53i7HHJM.roa
File: xdzrWLDnZVk-QxBrfgN53i7HHJM.roa (raw, json)
Hash identifier: RS0C1Bz7T1zCNS/E1GcSoNDfkLVQJmuA2p4h/JfNZ6Y=
Subject key identifier: C5:DC:EB:58:B0:E7:65:59:3E:43:10:6B:7E:03:79:DE:2E:C7:1C:93
Certificate issuer: /CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Certificate serial: 0189440BCE0F8C5E33C6700340822DF6DF37
Authority key identifier: A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/xdzrWLDnZVk-QxBrfgN53i7HHJM.roa
Signing time: Tue 11 Jul 2023 08:22:51 +0000
ROA not before: Tue 11 Jul 2023 08:22:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 202945
IP address blocks: 45.154.60.0/24 maxlen: 24
2a0f:b100:2::/48 maxlen: 48
2a0f:b100:5::/48 maxlen: 64
2a0f:b100::/44 maxlen: 44
2a0f:b100:4::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:44:0b:ce:0f:8c:5e:33:c6:70:03:40:82:2d:f6:df:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6562d0869480dc11b74a552cd167b6f6339c8ba
Validity
Not Before: Jul 11 08:22:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5dceb58b0e765593e43106b7e0379de2ec71c93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:2e:cb:4f:55:67:98:d6:6c:3f:22:59:90:d8:
8e:27:ba:0b:54:f0:48:03:d0:e2:dd:f5:d5:5c:48:
1a:a2:c8:4f:e5:8c:fa:c4:e5:5b:43:0d:18:d0:cf:
93:5b:f4:08:05:f0:1a:4c:20:d2:da:94:e2:37:66:
4a:5d:61:8d:05:32:84:ee:5f:7c:a9:69:cd:66:a3:
fb:ac:d9:05:b4:b6:7d:bc:bb:8c:95:22:26:16:ab:
28:e0:56:a8:98:0a:b0:76:12:25:77:a1:c5:ba:37:
55:1a:0f:c2:d8:6d:a0:c6:6c:fc:5d:88:c7:5c:5d:
8a:16:6a:02:50:7c:10:07:75:3d:dd:5a:9c:76:d0:
76:7e:f1:26:02:f3:ed:06:2e:51:65:97:f9:95:43:
78:6b:28:e5:be:ff:90:1b:68:51:96:c0:76:e3:d7:
c0:87:ab:be:bb:f5:0a:6e:90:c1:8f:35:a9:02:8f:
57:32:e3:16:1e:5f:6e:6e:54:6f:62:fb:65:05:46:
c1:e5:5a:44:19:42:d5:5a:7f:f3:57:42:cf:52:23:
c4:0b:0e:42:7c:4c:92:7f:34:43:21:05:e3:66:7d:
02:ff:c7:c5:6d:f0:a4:07:34:62:56:f7:33:af:ea:
a9:98:27:3c:46:12:9b:ef:37:ae:ba:5a:60:e1:71:
4c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DC:EB:58:B0:E7:65:59:3E:43:10:6B:7E:03:79:DE:2E:C7:1C:93
X509v3 Authority Key Identifier:
keyid:A6:56:2D:08:69:48:0D:C1:1B:74:A5:52:CD:16:7B:6F:63:39:C8:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plYtCGlIDcEbdKVSzRZ7b2M5yLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/xdzrWLDnZVk-QxBrfgN53i7HHJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/212dd2-da8d-4048-916a-45a8fed3a2a5/1/plYtCGlIDcEbdKVSzRZ7b2M5yLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.60.0/24
IPv6:
2a0f:b100::/44
Signature Algorithm: sha256WithRSAEncryption
23:5e:55:f7:1c:e4:86:4a:aa:fe:5c:54:f8:cb:75:e8:53:a7:
b1:d1:eb:39:e6:bb:f7:bf:44:b5:d3:b2:6b:35:39:0f:5c:c8:
58:d7:02:f3:7f:84:c7:60:f5:3f:06:45:68:31:f0:96:74:e7:
57:b4:96:fb:b7:db:f4:3b:07:6a:90:55:56:db:99:02:14:af:
4c:48:3c:7a:54:1c:a7:0e:0b:d1:09:de:9f:ed:f3:7a:e8:41:
76:9b:49:2a:58:cc:e3:5d:10:04:03:bb:c0:07:93:59:1f:cb:
a9:ba:ae:3f:e2:aa:af:94:6c:46:49:f4:70:81:7f:61:93:b1:
0c:fe:27:0c:cd:f0:7f:07:ab:21:4a:34:4e:45:f3:18:6e:15:
c8:2a:68:4f:58:1e:a4:18:f2:4b:1e:b6:3d:9d:54:e7:a1:09:
51:9d:cf:9e:fa:90:cc:79:46:08:7d:2c:de:37:5e:c5:2f:fd:
34:81:f7:1c:2f:e0:46:a3:b1:9c:ea:04:02:0d:f2:65:e8:ba:
4a:7e:66:f8:97:fe:f9:f6:c7:94:d9:64:70:f7:e6:98:a5:b3:
cd:f9:f4:da:cf:15:82:f6:0a:36:12:49:94:97:44:ef:22:9c:
0e:c8:aa:ef:c1:24:23:58:33:5d:28:7e:aa:82:86:f0:fb:29:
19:8b:b6:ab
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYlEC84PjF4zxnADQIIt9t83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTYyZDA4Njk0ODBkYzExYjc0YTU1MmNkMTY3YjZmNjMz
OWM4YmEwHhcNMjMwNzExMDgyMjUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRjZWI1OGIwZTc2NTU5M2U0MzEwNmI3ZTAzNzlkZTJlYzcxYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAui7LT1VnmNZsPyJZkNiOJ7oLVPBI
A9Di3fXVXEgaoshP5Yz6xOVbQw0Y0M+TW/QIBfAaTCDS2pTiN2ZKXWGNBTKE7l98
qWnNZqP7rNkFtLZ9vLuMlSImFqso4FaomAqwdhIld6HFujdVGg/C2G2gxmz8XYjH
XF2KFmoCUHwQB3U93VqcdtB2fvEmAvPtBi5RZZf5lUN4ayjlvv+QG2hRlsB249fA
h6u+u/UKbpDBjzWpAo9XMuMWHl9ublRvYvtlBUbB5VpEGULVWn/zV0LPUiPECw5C
fEySfzRDIQXjZn0C/8fFbfCkBzRiVvczr+qpmCc8RhKb7zeuulpg4XFMhQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFMXc61iw52VZPkMQa34Ded4uxxyTMB8GA1UdIwQY
MBaAFKZWLQhpSA3BG3SlUs0We29jOci6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEt
NDVhOGZlZDNhMmE1LzEveGR6cldMRG5aVmstUXhCcmZnTjUzaTdISEpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8yMTJkZDItZGE4ZC00MDQ4LTkxNmEtNDVhOGZlZDNhMmE1
LzEvcGxZdENHbElEY0ViZEtWU3pSWjdiMk01eUxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQALZo8MA8E
AgACMAkDBwQqD7EAAAAwDQYJKoZIhvcNAQELBQADggEBACNeVfcc5IZKqv5cVPjL
dehTp7HR6znmu/e/RLXTsms1OQ9cyFjXAvN/hMdg9T8GRWgx8JZ051e0lvu32/Q7
B2qQVVbbmQIUr0xIPHpUHKcOC9EJ3p/t83roQXabSSpYzONdEAQDu8AHk1kfy6m6
rj/iqq+UbEZJ9HCBf2GTsQz+JwzN8H8HqyFKNE5F8xhuFcgqaE9YHqQY8ksetj2d
VOehCVGdz576kMx5Rgh9LN43XsUv/TSB9xwv4EajsZzqBAIN8mXoukp+ZviX/vn2
x5TZZHD35pils8359NrPFYL2CjYSSZSXRO8inA7Iqu/BJCNYM10ofqqChvD7KRmL
tqs=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:10:24 2025 by rpki-client