Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/XkAGlbdJmDkemIWfQbzZZwJk4H4.roa
File: XkAGlbdJmDkemIWfQbzZZwJk4H4.roa (raw, json)
Hash identifier: MHLHw4meLU5D4X4ZydG3Fx5Lol9hIZ0QngZqDB3ezkA=
Subject key identifier: 5E:40:06:95:B7:49:98:39:1E:98:85:9F:41:BC:D9:67:02:64:E0:7E
Certificate issuer: /CN=218b2c6a1a61a17bab7c032080aa3bf24478b6dd
Certificate serial: 8753
Authority key identifier: 21:8B:2C:6A:1A:61:A1:7B:AB:7C:03:20:80:AA:3B:F2:44:78:B6:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYssahphoXurfAMggKo78kR4tt0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/XkAGlbdJmDkemIWfQbzZZwJk4H4.roa
Signing time: Wed 11 May 2022 13:59:32 +0000
ROA not before: Wed 11 May 2022 13:59:32 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 44719
IP address blocks: 195.42.116.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34643 (0x8753)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218b2c6a1a61a17bab7c032080aa3bf24478b6dd
Validity
Not Before: May 11 13:59:32 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e400695b74998391e98859f41bcd9670264e07e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:27:e7:de:40:8a:6d:3f:0c:72:9f:d1:b0:09:
2e:c3:93:4c:e3:25:7e:fe:3d:89:d5:b3:a5:27:b5:
3a:1e:f0:02:97:d8:26:8f:f1:d0:ac:d0:01:2f:c7:
1b:fd:6a:e2:98:80:1f:96:bf:5b:ea:a9:78:f3:d9:
7a:73:de:5c:97:91:45:78:49:e6:49:6e:79:69:de:
da:44:a4:a0:97:8d:04:98:5e:8c:84:04:d3:ed:39:
0e:b0:85:57:b6:e4:24:3c:6e:8a:bf:d8:4e:d1:6e:
56:00:de:38:b5:d0:b8:f9:24:bc:ab:ad:f4:a9:1a:
61:8f:9a:a9:f2:8c:fa:4b:c5:9d:83:61:56:47:66:
59:b4:9a:0b:9d:90:39:f6:25:bf:ad:ac:4d:ee:ad:
6a:a9:2c:47:86:7b:1c:70:4e:22:5b:c2:d5:ee:07:
bd:c9:43:79:d3:e2:43:d2:2e:d6:10:19:3a:1f:3a:
59:ef:18:46:b4:0d:40:e6:da:25:65:cb:c2:2f:42:
5b:41:06:e5:39:f8:be:de:43:ad:a6:7a:25:a5:c5:
2f:39:51:00:a1:4a:89:b2:db:3f:ab:41:b8:e1:05:
4e:bf:0c:3c:1c:bd:af:82:65:ed:d7:17:10:d1:54:
bb:10:8e:32:16:9c:6a:d2:5e:93:f1:cc:0b:f8:e9:
20:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:40:06:95:B7:49:98:39:1E:98:85:9F:41:BC:D9:67:02:64:E0:7E
X509v3 Authority Key Identifier:
keyid:21:8B:2C:6A:1A:61:A1:7B:AB:7C:03:20:80:AA:3B:F2:44:78:B6:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYssahphoXurfAMggKo78kR4tt0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/XkAGlbdJmDkemIWfQbzZZwJk4H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/849140-c853-48cd-9a84-b993168bc593/1/IYssahphoXurfAMggKo78kR4tt0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.116.0/23
Signature Algorithm: sha256WithRSAEncryption
3b:18:0c:8f:eb:8a:8f:4a:3d:05:47:ca:c2:34:a2:7a:f0:af:
12:f3:59:8f:48:0e:2a:77:e3:db:f2:29:83:a0:7d:e5:f7:57:
5a:15:13:89:f5:da:b8:c8:d5:de:6d:bf:6d:7f:4c:b5:20:56:
ba:fa:33:d2:13:d8:f9:9c:59:5f:ed:8a:13:65:77:72:34:fc:
05:31:1a:de:a6:85:37:ed:49:64:77:1a:64:a9:0a:19:a2:7e:
ac:85:07:0a:5e:05:43:8a:5f:1e:93:d5:52:d0:35:50:b0:fd:
e0:4d:75:a9:f1:59:94:35:fb:c8:99:6c:d4:76:7d:d0:d3:e4:
90:ae:5b:75:93:15:b5:01:d3:db:d7:7c:2e:8d:aa:17:5c:5b:
9d:5a:6f:67:6c:60:c7:ed:43:54:88:3f:a6:3b:5c:67:99:f9:
7c:9e:da:a9:29:ba:e2:09:ba:5f:22:e5:de:1e:57:9f:e5:3f:
57:48:3c:a9:a5:65:90:d5:e7:72:05:5c:38:25:a6:cb:8d:88:
f2:94:f1:7f:16:c8:0b:33:01:a5:cf:1a:31:e9:7c:81:ba:e7:
43:f9:c2:f6:d0:2b:da:40:5f:1c:c9:ec:e1:8b:cb:e0:22:26:
ce:f6:1b:05:67:fb:cf:2e:63:98:13:5c:db:84:0d:33:ae:14:
e4:e4:3d:f3
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDAIdTMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDIx
OGIyYzZhMWE2MWExN2JhYjdjMDMyMDgwYWEzYmYyNDQ3OGI2ZGQwHhcNMjIwNTEx
MTM1OTMyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZTQwMDY5NWI3NDk5
ODM5MWU5ODg1OWY0MWJjZDk2NzAyNjRlMDdlMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtyfn3kCKbT8Mcp/RsAkuw5NM4yV+/j2J1bOlJ7U6HvACl9gm
j/HQrNABL8cb/WrimIAflr9b6ql489l6c95cl5FFeEnmSW55ad7aRKSgl40EmF6M
hATT7TkOsIVXtuQkPG6Kv9hO0W5WAN44tdC4+SS8q630qRphj5qp8oz6S8Wdg2FW
R2ZZtJoLnZA59iW/raxN7q1qqSxHhnsccE4iW8LV7ge9yUN50+JD0i7WEBk6HzpZ
7xhGtA1A5tolZcvCL0JbQQblOfi+3kOtpnolpcUvOVEAoUqJsts/q0G44QVOvww8
HL2vgmXt1xcQ0VS7EI4yFpxq0l6T8cwL+OkgwwIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFF5ABpW3SZg5HpiFn0G82WcCZOB+MB8GA1UdIwQYMBaAFCGLLGoaYaF7q3wD
IICqO/JEeLbdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
SVlzc2FocGhvWHVyZkFNZ2dLbzc4a1I0dHQwLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC85YS84NDkxNDAtYzg1My00OGNkLTlhODQtYjk5MzE2OGJjNTkzLzEv
WGtBR2xiZEptRGtlbUlXZlFielpad0prNEg0LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS84
NDkxNDAtYzg1My00OGNkLTlhODQtYjk5MzE2OGJjNTkzLzEvSVlzc2FocGhvWHVy
ZkFNZ2dLbzc4a1I0dHQwLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwyp0MA0GCSqGSIb3DQEBCwUAA4IB
AQA7GAyP64qPSj0FR8rCNKJ68K8S81mPSA4qd+Pb8imDoH3l91daFROJ9dq4yNXe
bb9tf0y1IFa6+jPSE9j5nFlf7YoTZXdyNPwFMRrepoU37UlkdxpkqQoZon6shQcK
XgVDil8ek9VS0DVQsP3gTXWp8VmUNfvImWzUdn3Q0+SQrlt1kxW1AdPb13wujaoX
XFudWm9nbGDH7UNUiD+mO1xnmfl8ntqpKbriCbpfIuXeHlef5T9XSDyppWWQ1edy
BVw4JabLjYjylPF/FsgLMwGlzxox6XyBuudD+cL20CvaQF8cyezhi8vgIibO9hsF
Z/vPLmOYE1zbhA0zrhTk5D3z
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:39:00 2025 by rpki-client