Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/xZxaLJdfRx5QAsPHbv6rHhYhXf0.roa
File: xZxaLJdfRx5QAsPHbv6rHhYhXf0.roa (raw, json)
Hash identifier: HR66aN/uAGsffGbFHZSPCckaMp6V0iP4l1SlTiA8B0s=
Subject key identifier: C5:9C:5A:2C:97:5F:47:1E:50:02:C3:C7:6E:FE:AB:1E:16:21:5D:FD
Certificate issuer: /CN=91d8c32a703972aaea093a01f8dedf57f9675575
Certificate serial: 018ACC0A4E3E76C6DBD2E1F1C67127200412
Authority key identifier: 91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/xZxaLJdfRx5QAsPHbv6rHhYhXf0.roa
Signing time: Mon 25 Sep 2023 11:12:21 +0000
ROA not before: Mon 25 Sep 2023 11:12:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41887
IP address blocks: 81.23.231.0/24 maxlen: 24
81.23.230.0/24 maxlen: 24
81.23.230.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:cc:0a:4e:3e:76:c6:db:d2:e1:f1:c6:71:27:20:04:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d8c32a703972aaea093a01f8dedf57f9675575
Validity
Not Before: Sep 25 11:12:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c59c5a2c975f471e5002c3c76efeab1e16215dfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:da:2e:d9:4c:d1:bb:a9:a0:42:42:fe:06:58:
30:fc:a7:f1:a5:83:6b:eb:5a:ad:dc:8f:ba:48:a8:
27:bd:da:79:b2:35:00:b9:22:c3:09:80:7d:de:8e:
73:a7:75:84:ec:8c:9a:2e:75:3a:06:dd:4e:12:13:
82:56:fe:d2:62:30:a6:d9:56:e5:8c:60:4f:80:06:
95:44:dc:ee:e5:46:54:73:3c:97:b9:77:8f:ce:ab:
16:82:65:24:3d:83:cd:1f:b8:5b:ae:50:e4:19:b0:
b3:cf:cb:da:f5:73:44:ce:f4:fb:e5:d2:06:1b:77:
c5:b6:32:1c:f5:62:80:31:43:a8:13:50:96:7c:53:
40:41:24:45:de:ff:d5:be:bd:a0:32:60:8e:b5:10:
f4:4f:ba:ea:ed:2c:3c:08:97:f5:e8:df:97:7c:1f:
1b:94:68:39:50:05:7e:e5:c4:ec:d2:e0:fa:0f:af:
28:64:c8:7b:bb:4e:1c:8a:af:3e:2b:10:9e:a6:0f:
b0:05:ad:9c:56:64:d2:9c:d5:b6:fa:28:47:06:b3:
ac:65:4c:98:a0:fb:f7:6d:e2:01:01:ff:48:3c:04:
dd:b4:e7:2c:fa:52:d7:53:75:a4:f1:a9:17:7f:e3:
27:25:28:12:17:e4:47:c6:18:d6:a9:19:6b:c9:14:
83:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:9C:5A:2C:97:5F:47:1E:50:02:C3:C7:6E:FE:AB:1E:16:21:5D:FD
X509v3 Authority Key Identifier:
keyid:91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/xZxaLJdfRx5QAsPHbv6rHhYhXf0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/kdjDKnA5cqrqCToB-N7fV_lnVXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.230.0/23
Signature Algorithm: sha256WithRSAEncryption
4a:80:cb:1c:ce:aa:3c:92:00:20:ac:bd:c6:37:b6:76:12:6a:
b0:10:16:0b:f1:ea:8b:e9:d4:a2:f7:be:54:5c:3c:d8:45:60:
56:aa:4f:46:f4:cb:be:ec:27:13:72:48:b3:1b:8e:e8:f9:5d:
c0:89:e9:59:d4:f1:58:31:30:3d:2d:17:84:cc:11:e6:c6:9e:
f0:06:e5:a1:2d:c2:90:82:5c:97:16:ba:a1:e3:0f:19:fb:7e:
32:ba:d1:f7:f6:b3:cf:b7:bc:ca:55:a6:14:29:1a:de:b7:85:
ae:98:06:8d:83:86:20:b7:11:e0:06:08:ab:38:c9:83:f7:ec:
98:5d:d3:b4:d5:b6:91:da:5f:b4:f9:6b:89:5e:4b:0e:89:0d:
30:15:3c:45:7a:06:0a:25:55:b9:4e:52:a2:65:7a:db:1f:c4:
41:c7:e7:9f:5f:1c:16:bc:08:33:ea:19:9f:e1:a5:a9:d3:7b:
b0:13:43:0d:6c:3b:45:e1:47:e5:2a:5b:21:cf:82:57:30:a6:
cb:cb:b2:e6:15:8f:e9:bc:7d:49:9f:f4:aa:17:3d:a2:39:85:
e3:b7:2b:7e:e0:e5:4e:a3:0e:60:ac:3d:c7:01:f2:18:a4:85:
28:8d:ba:4c:76:7f:36:a5:6e:e5:d1:3b:86:58:7d:16:15:55:
46:27:7a:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYrMCk4+dsbb0uHxxnEnIAQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDhjMzJhNzAzOTcyYWFlYTA5M2EwMWY4ZGVkZjU3Zjk2
NzU1NzUwHhcNMjMwOTI1MTExMjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTljNWEyYzk3NWY0NzFlNTAwMmMzYzc2ZWZlYWIxZTE2MjE1ZGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9ou2UzRu6mgQkL+Blgw/KfxpYNr
61qt3I+6SKgnvdp5sjUAuSLDCYB93o5zp3WE7IyaLnU6Bt1OEhOCVv7SYjCm2Vbl
jGBPgAaVRNzu5UZUczyXuXePzqsWgmUkPYPNH7hbrlDkGbCzz8va9XNEzvT75dIG
G3fFtjIc9WKAMUOoE1CWfFNAQSRF3v/Vvr2gMmCOtRD0T7rq7Sw8CJf16N+XfB8b
lGg5UAV+5cTs0uD6D68oZMh7u04ciq8+KxCepg+wBa2cVmTSnNW2+ihHBrOsZUyY
oPv3beIBAf9IPATdtOcs+lLXU3Wk8akXf+MnJSgSF+RHxhjWqRlryRSDjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMWcWiyXX0ceUALDx27+qx4WIV39MB8GA1UdIwQY
MBaAFJHYwypwOXKq6gk6Afje31f5Z1V1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RqREtuQTVjcXJxQ1RvQi1ON2ZWX2xuVlhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80ZTgxNmQtZDhlYy00MzdjLTk4NmEt
M2MxMjc4MWUyMDJkLzEveFp4YUxKZGZSeDVRQXNQSGJ2NnJIaFloWGYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80ZTgxNmQtZDhlYy00MzdjLTk4NmEtM2MxMjc4MWUyMDJk
LzEva2RqREtuQTVjcXJxQ1RvQi1ON2ZWX2xuVlhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBURfmMA0G
CSqGSIb3DQEBCwUAA4IBAQBKgMsczqo8kgAgrL3GN7Z2EmqwEBYL8eqL6dSi975U
XDzYRWBWqk9G9Mu+7CcTckizG47o+V3AielZ1PFYMTA9LReEzBHmxp7wBuWhLcKQ
glyXFrqh4w8Z+34yutH39rPPt7zKVaYUKRret4WumAaNg4YgtxHgBgirOMmD9+yY
XdO01baR2l+0+WuJXksOiQ0wFTxFegYKJVW5TlKiZXrbH8RBx+efXxwWvAgz6hmf
4aWp03uwE0MNbDtF4UflKlshz4JXMKbLy7LmFY/pvH1Jn/SqFz2iOYXjtyt+4OVO
ow5grD3HAfIYpIUojbpMdn82pW7l0TuGWH0WFVVGJ3oj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:33 2025 by rpki-client