Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/XgyEOW5CjLYGRmPi35mSb53uGfU.roa
File: XgyEOW5CjLYGRmPi35mSb53uGfU.roa (raw, json)
Hash identifier: L+GGaoMXXBJstm5lWH5hPHmj4mPV8o3Qj6Fe93QmZ94=
Subject key identifier: 5E:0C:84:39:6E:42:8C:B6:06:46:63:E2:DF:99:92:6F:9D:EE:19:F5
Certificate issuer: /CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Certificate serial: 0ECE75C7
Authority key identifier: 32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/XgyEOW5CjLYGRmPi35mSb53uGfU.roa
Signing time: Sat 01 Jan 2022 12:59:59 +0000
ROA not before: Sat 01 Jan 2022 12:59:59 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47682
IP address blocks: 91.205.8.0/22 maxlen: 22
2001:67c:18c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 248411591 (0xece75c7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=32a77427c03709b339a95b0ad9a4ac9d2c92c903
Validity
Not Before: Jan 1 12:59:59 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e0c84396e428cb6064663e2df99926f9dee19f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:35:80:70:f1:6c:0e:5b:64:24:8b:cc:3e:74:
87:e8:c1:69:9a:cf:8b:2c:45:0f:5c:f5:06:0f:14:
6d:d6:9d:24:a2:b3:00:1a:2e:26:3f:a2:a0:46:c5:
45:9e:66:f1:08:07:4f:f3:74:74:2a:69:8c:ca:7f:
74:16:04:e7:60:74:35:2a:98:2b:2b:16:a6:94:2d:
49:50:0e:22:1a:4a:47:c4:85:fb:39:99:aa:a0:91:
1f:a5:23:94:ba:33:e8:bb:6d:7c:f5:58:e3:db:e9:
d2:d4:65:5b:3c:d1:c2:e5:03:af:b2:d2:5a:92:11:
92:e7:22:c3:96:95:c8:5e:0f:23:65:79:2e:2f:07:
07:a1:f3:12:d5:06:03:ea:cb:dc:4d:35:75:a1:af:
e7:b3:5d:0c:5d:69:08:3b:41:63:d7:52:ea:ca:e7:
7e:df:05:80:45:b0:5c:09:41:f0:fb:ec:f0:2f:cc:
02:c2:a7:e1:8d:82:81:e3:4a:a8:c8:11:ee:5e:df:
6a:cb:ad:59:6b:fb:d8:2e:dd:86:9d:08:b9:a5:46:
d3:e4:ba:ee:fc:66:ae:0e:08:da:ba:45:60:1b:4b:
d8:a4:ad:e4:92:9c:58:c2:db:7a:b1:bc:38:88:e3:
70:94:55:f6:2a:74:0b:58:4b:98:81:69:a7:3f:8e:
86:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:0C:84:39:6E:42:8C:B6:06:46:63:E2:DF:99:92:6F:9D:EE:19:F5
X509v3 Authority Key Identifier:
keyid:32:A7:74:27:C0:37:09:B3:39:A9:5B:0A:D9:A4:AC:9D:2C:92:C9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mqd0J8A3CbM5qVsK2aSsnSySyQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/XgyEOW5CjLYGRmPi35mSb53uGfU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/f251ed-5967-4ddd-932b-7d40b7c8fb01/1/Mqd0J8A3CbM5qVsK2aSsnSySyQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.8.0/22
IPv6:
2001:67c:18c::/48
Signature Algorithm: sha256WithRSAEncryption
d0:f2:e7:32:50:1a:28:d9:a5:36:42:48:60:46:b1:8f:d6:27:
e8:f7:c2:83:60:19:c5:03:20:0b:d1:1d:70:c2:1b:54:c2:4e:
e0:8b:7c:82:39:ca:7d:4d:87:5e:d8:2f:7f:96:9c:13:75:6f:
3c:07:59:9d:97:9c:d3:d9:28:99:67:a4:39:3b:94:e8:d8:19:
7f:a7:8c:3b:83:03:0e:9a:fd:dd:dc:3d:76:68:61:c6:15:ad:
d3:7d:4b:7c:2c:c1:6c:be:9d:00:3f:01:aa:9f:de:dd:cb:b1:
a6:83:d9:7f:5a:c5:d3:6c:a5:a1:e3:fe:33:32:bc:a7:de:08:
e6:e9:23:f8:f6:05:10:25:7a:ef:e7:42:9b:71:0a:cc:38:c6:
21:88:6c:6a:97:77:e8:d4:2a:31:fb:09:3d:31:ab:5f:89:d9:
35:bd:ad:67:55:91:e4:b6:a8:cf:c9:20:a7:0a:d1:74:af:06:
71:ab:bf:6d:db:d8:f8:94:5b:8c:9e:a0:1d:dc:d5:61:e8:74:
9a:ed:09:c6:7f:37:8b:ed:e6:60:c3:04:cc:04:7d:f5:d3:af:
88:aa:e1:94:55:ee:f9:93:7e:5e:7c:15:42:56:59:67:6c:a3:
fd:b7:3c:9a:00:4f:ff:0d:fa:6a:d9:b5:79:6b:97:45:2c:1f:
fb:b1:0f:b0
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIEDs51xzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEygz
MmE3NzQyN2MwMzcwOWIzMzlhOTViMGFkOWE0YWM5ZDJjOTJjOTAzMB4XDTIyMDEw
MTEyNTk1OVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWUwYzg0Mzk2ZTQy
OGNiNjA2NDY2M2UyZGY5OTkyNmY5ZGVlMTlmNTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAL41gHDxbA5bZCSLzD50h+jBaZrPiyxFD1z1Bg8UbdadJKKz
ABouJj+ioEbFRZ5m8QgHT/N0dCppjMp/dBYE52B0NSqYKysWppQtSVAOIhpKR8SF
+zmZqqCRH6UjlLoz6LttfPVY49vp0tRlWzzRwuUDr7LSWpIRkuciw5aVyF4PI2V5
Li8HB6HzEtUGA+rL3E01daGv57NdDF1pCDtBY9dS6srnft8FgEWwXAlB8Pvs8C/M
AsKn4Y2CgeNKqMgR7l7fasutWWv72C7dhp0IuaVG0+S67vxmrg4I2rpFYBtL2KSt
5JKcWMLberG8OIjjcJRV9ip0C1hLmIFppz+Ohr0CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBReDIQ5bkKMtgZGY+LfmZJvne4Z9TAfBgNVHSMEGDAWgBQyp3QnwDcJszmp
WwrZpKydLJLJAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L01xZDBKOEEzQ2JNNXFWc0syYVNzblN5U3lRTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvOWMvZjI1MWVkLTU5NjctNGRkZC05MzJiLTdkNDBiN2M4ZmIwMS8x
L1hneUVPVzVDakxZR1JtUGkzNW1TYjUzdUdmVS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOWMv
ZjI1MWVkLTU5NjctNGRkZC05MzJiLTdkNDBiN2M4ZmIwMS8xL01xZDBKOEEzQ2JN
NXFWc0syYVNzblN5U3lRTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAlvNCDAPBAIAAjAJAwcAIAEGfAGM
MA0GCSqGSIb3DQEBCwUAA4IBAQDQ8ucyUBoo2aU2QkhgRrGP1ifo98KDYBnFAyAL
0R1wwhtUwk7gi3yCOcp9TYde2C9/lpwTdW88B1mdl5zT2SiZZ6Q5O5To2Bl/p4w7
gwMOmv3d3D12aGHGFa3TfUt8LMFsvp0APwGqn97dy7Gmg9l/WsXTbKWh4/4zMryn
3gjm6SP49gUQJXrv50KbcQrMOMYhiGxql3fo1Cox+wk9Matfidk1va1nVZHktqjP
ySCnCtF0rwZxq79t29j4lFuMnqAd3NVh6HSa7QnGfzeL7eZgwwTMBH3106+IquGU
Ve75k35efBVCVllnbKP9tzyaAE//Dfpq2bV5a5dFLB/7sQ+w
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:22 2025 by rpki-client