Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/43f177-5368-4b31-89c9-5b3f64181fff/1/XhMjCagMRlCCUWVMiRauFHylDWI.roa
File: XhMjCagMRlCCUWVMiRauFHylDWI.roa (raw, json)
Hash identifier: TAqZ5rFmLE+ZYaz1QdLS9eisBlah10K9kDbf41mWHt8=
Subject key identifier: 5E:13:23:09:A8:0C:46:50:82:51:65:4C:89:16:AE:14:7C:A5:0D:62
Certificate issuer: /CN=fd0b268321570aa04217b353847c10bf731254b5
Certificate serial: 018455BF96798D75A47B1A166EB9FDF81985
Authority key identifier: FD:0B:26:83:21:57:0A:A0:42:17:B3:53:84:7C:10:BF:73:12:54:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_QsmgyFXCqBCF7NThHwQv3MSVLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/43f177-5368-4b31-89c9-5b3f64181fff/1/XhMjCagMRlCCUWVMiRauFHylDWI.roa
Signing time: Tue 08 Nov 2022 05:38:49 +0000
ROA not before: Tue 08 Nov 2022 05:38:49 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51262
IP address blocks: 193.84.120.0/22 maxlen: 22
193.84.123.0/24 maxlen: 24
193.84.120.0/24 maxlen: 24
193.84.122.0/24 maxlen: 24
193.84.121.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:55:bf:96:79:8d:75:a4:7b:1a:16:6e:b9:fd:f8:19:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd0b268321570aa04217b353847c10bf731254b5
Validity
Not Before: Nov 8 05:38:49 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e132309a80c46508251654c8916ae147ca50d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c3:35:fb:96:7d:48:65:5a:b4:9c:01:5d:41:
0c:e4:e2:12:ec:89:8d:51:5a:a7:0e:dd:4b:fb:8c:
ed:64:f8:2d:f4:65:70:28:85:c0:4a:f0:be:e8:08:
0a:09:34:e2:4d:2f:66:b7:58:ca:b6:f1:29:e7:d4:
8b:77:ca:7f:da:3f:ae:74:74:53:36:12:67:b6:9f:
84:61:4f:93:97:73:88:33:46:27:40:82:94:d5:a8:
17:f6:4e:b8:2d:67:d0:31:77:55:15:20:3f:b1:1b:
c3:59:80:3d:6e:8b:4e:e8:99:af:b0:ba:a6:26:83:
4f:70:16:bc:c7:cd:97:53:ae:60:f1:f1:6f:80:c6:
57:f0:12:a3:31:6c:bc:aa:52:d6:2b:71:a5:38:f9:
5e:f9:af:dd:09:d6:e3:26:d1:e4:c5:85:9a:20:08:
7f:8c:21:6a:89:f7:ec:32:ef:f8:d8:3d:0b:40:e5:
a4:2d:0f:ed:04:20:e6:f8:dd:52:f6:57:a7:a8:c0:
c0:df:86:e7:2c:a9:d9:ae:32:25:ce:c1:1b:1b:cb:
26:fe:09:b7:55:3a:94:f7:4c:a0:78:70:bb:8c:3c:
48:94:40:ab:e8:5d:d2:73:9a:fc:9c:12:b9:a7:2e:
26:32:04:b2:ae:2a:f3:f6:16:00:76:93:af:8c:0c:
bb:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:13:23:09:A8:0C:46:50:82:51:65:4C:89:16:AE:14:7C:A5:0D:62
X509v3 Authority Key Identifier:
keyid:FD:0B:26:83:21:57:0A:A0:42:17:B3:53:84:7C:10:BF:73:12:54:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_QsmgyFXCqBCF7NThHwQv3MSVLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/43f177-5368-4b31-89c9-5b3f64181fff/1/XhMjCagMRlCCUWVMiRauFHylDWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/43f177-5368-4b31-89c9-5b3f64181fff/1/_QsmgyFXCqBCF7NThHwQv3MSVLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.84.120.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:63:9a:da:eb:4f:20:12:a6:e8:42:dd:91:e4:59:52:d2:e2:
36:a9:2a:12:f7:b6:3a:92:b6:de:8d:f2:c3:d6:c6:1e:75:58:
96:0f:a6:e0:6f:a3:56:1d:aa:3e:ab:d6:ac:a8:19:7d:7e:85:
f8:69:33:b6:00:b7:64:92:ce:47:bf:24:fa:8b:d5:05:bf:ba:
05:1c:b7:91:3b:aa:e5:30:27:b7:02:b6:08:80:c3:06:b5:3b:
1d:ce:95:1a:4c:b7:ec:d5:6b:ee:38:11:9f:83:f3:a5:12:26:
37:74:ec:1b:b6:5d:ac:47:1e:fa:4c:77:99:c9:2f:3b:21:70:
52:a3:b9:38:03:58:89:e8:b8:cf:0a:a9:ba:f3:8c:49:6f:86:
71:94:3e:59:4c:ef:41:79:17:29:27:14:52:31:f5:2f:71:36:
d3:e9:2e:91:c8:d1:df:11:43:13:ed:ae:64:26:1a:8a:9a:dc:
80:68:9e:be:78:4f:d2:77:7e:c8:be:40:ad:22:1c:4c:b3:6a:
57:6b:0d:e8:49:bc:bd:e9:72:2e:2b:95:8d:74:ef:e8:35:99:
0a:87:41:fa:e3:43:9d:a5:29:00:77:2d:2d:40:a4:3e:e9:bd:
4d:76:b3:43:b2:bc:7c:fb:8d:1c:81:ec:f7:e6:da:d2:4f:cd:
2a:d6:0c:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYRVv5Z5jXWkexoWbrn9+BmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkMGIyNjgzMjE1NzBhYTA0MjE3YjM1Mzg0N2MxMGJmNzMx
MjU0YjUwHhcNMjIxMTA4MDUzODQ5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTEzMjMwOWE4MGM0NjUwODI1MTY1NGM4OTE2YWUxNDdjYTUwZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMM1+5Z9SGVatJwBXUEM5OIS7ImN
UVqnDt1L+4ztZPgt9GVwKIXASvC+6AgKCTTiTS9mt1jKtvEp59SLd8p/2j+udHRT
NhJntp+EYU+Tl3OIM0YnQIKU1agX9k64LWfQMXdVFSA/sRvDWYA9botO6JmvsLqm
JoNPcBa8x82XU65g8fFvgMZX8BKjMWy8qlLWK3GlOPle+a/dCdbjJtHkxYWaIAh/
jCFqiffsMu/42D0LQOWkLQ/tBCDm+N1S9lenqMDA34bnLKnZrjIlzsEbG8sm/gm3
VTqU90ygeHC7jDxIlECr6F3Sc5r8nBK5py4mMgSyrirz9hYAdpOvjAy7ewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF4TIwmoDEZQglFlTIkWrhR8pQ1iMB8GA1UdIwQY
MBaAFP0LJoMhVwqgQhezU4R8EL9zElS1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1FzbWd5RlhDcUJDRjdOVGhId1F2M01TVkxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi80M2YxNzctNTM2OC00YjMxLTg5Yzkt
NWIzZjY0MTgxZmZmLzEvWGhNakNhZ01SbENDVVdWTWlSYXVGSHlsRFdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi80M2YxNzctNTM2OC00YjMxLTg5YzktNWIzZjY0MTgxZmZm
LzEvX1FzbWd5RlhDcUJDRjdOVGhId1F2M01TVkxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwVR4MA0G
CSqGSIb3DQEBCwUAA4IBAQCiY5ra608gEqboQt2R5FlS0uI2qSoS97Y6krbejfLD
1sYedViWD6bgb6NWHao+q9asqBl9foX4aTO2ALdkks5HvyT6i9UFv7oFHLeRO6rl
MCe3ArYIgMMGtTsdzpUaTLfs1WvuOBGfg/OlEiY3dOwbtl2sRx76THeZyS87IXBS
o7k4A1iJ6LjPCqm684xJb4ZxlD5ZTO9BeRcpJxRSMfUvcTbT6S6RyNHfEUMT7a5k
JhqKmtyAaJ6+eE/Sd37IvkCtIhxMs2pXaw3oSby96XIuK5WNdO/oNZkKh0H640Od
pSkAdy0tQKQ+6b1NdrNDsrx8+40cgez35trST80q1gwi
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:39:46 2025 by rpki-client