Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xca90bUdOMUAC6bqkI7UHWCEcR8.roa
File: Xca90bUdOMUAC6bqkI7UHWCEcR8.roa (raw, json)
Hash identifier: B9lUJMrZ5ktzkDMrQmIhPL8l30NhybY6MiyN7sfKuJE=
Subject key identifier: 5D:C6:BD:D1:B5:1D:38:C5:00:0B:A6:EA:90:8E:D4:1D:60:84:71:1F
Certificate issuer: /CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Certificate serial: 0184EC08748022D36D8B53B3BA276D16FD0F
Authority key identifier: 43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xca90bUdOMUAC6bqkI7UHWCEcR8.roa
Signing time: Wed 07 Dec 2022 10:01:27 +0000
ROA not before: Wed 07 Dec 2022 10:01:27 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15830
IP address blocks: 57.250.40.0/24 maxlen: 24
57.250.42.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:ec:08:74:80:22:d3:6d:8b:53:b3:ba:27:6d:16:fd:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43d5ba0815c9f5193f80989ee893acacc4ba8849
Validity
Not Before: Dec 7 10:01:27 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5dc6bdd1b51d38c5000ba6ea908ed41d6084711f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:93:4d:b8:49:aa:56:4f:5a:b3:47:e5:bf:8a:
e8:dc:63:e5:02:b2:4a:d5:ec:9b:aa:87:48:60:67:
f1:b1:32:22:ba:46:6d:00:97:c5:43:aa:58:48:96:
9a:5c:4d:09:b4:14:26:8a:32:ab:89:43:3a:17:ca:
51:f2:07:bd:d6:8b:6d:3c:6e:19:e3:ff:46:2b:3e:
c7:10:0d:cf:a3:95:0d:3b:a7:bf:90:fd:12:78:5e:
03:2e:01:0f:6d:fc:dd:5a:04:5d:24:b3:ed:4d:a8:
6d:5c:72:41:8b:8a:e8:23:65:d1:d9:de:c8:38:98:
59:39:ec:61:4d:df:39:a3:b0:31:13:6c:c5:91:c3:
3a:a1:b2:11:32:ad:28:50:3b:b9:50:34:c9:2b:f2:
f2:d1:ae:ed:af:bf:14:25:f2:2a:e1:e3:0b:af:8d:
d4:52:17:86:13:d6:5d:4f:49:1b:76:00:05:66:79:
45:e9:d6:a9:56:3d:b7:2a:70:cf:bb:c4:3c:b4:e0:
2d:9f:d5:30:8c:83:fb:a3:a4:18:d9:ab:58:42:e3:
0d:eb:22:e4:c2:2a:8e:de:d4:cc:d1:e2:49:2b:b6:
57:32:97:ae:66:be:e5:73:9c:64:03:41:41:3c:01:
2c:13:5e:38:5a:36:be:6e:15:54:ed:0d:0d:ab:6f:
04:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C6:BD:D1:B5:1D:38:C5:00:0B:A6:EA:90:8E:D4:1D:60:84:71:1F
X509v3 Authority Key Identifier:
keyid:43:D5:BA:08:15:C9:F5:19:3F:80:98:9E:E8:93:AC:AC:C4:BA:88:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Xca90bUdOMUAC6bqkI7UHWCEcR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/7282b4-7f11-4ee0-abea-e13e5579c5dc/1/Q9W6CBXJ9Rk_gJie6JOsrMS6iEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.250.40.0/24
57.250.42.0/24
Signature Algorithm: sha256WithRSAEncryption
47:56:77:d0:9a:4a:eb:aa:cc:2c:b1:de:64:3f:17:1d:38:65:
c9:5e:70:a3:46:bf:c8:c7:7f:62:a1:5c:00:fe:66:8f:49:96:
1b:41:8b:3a:00:2b:27:fb:82:13:53:f4:6f:54:7e:60:c8:0a:
e2:ce:51:d0:91:cc:07:ac:0e:1a:f9:e6:53:e9:57:06:7e:55:
a4:ca:d9:f9:93:9a:ac:60:59:bc:3b:9d:73:ca:7f:b8:9d:99:
ee:45:ee:0f:cc:44:b5:b2:a5:42:0c:f5:a8:db:d1:b0:18:d1:
b1:0f:41:82:ce:8e:41:10:87:45:10:e7:f5:ff:de:df:95:7b:
f5:ab:4d:13:d3:64:c7:1c:b5:8a:4f:53:fe:87:15:80:c2:23:
5e:71:81:57:ab:dc:70:db:2b:d4:cd:7d:f4:46:38:33:77:90:
aa:02:46:0c:e2:b9:3d:80:c9:2c:c7:da:72:0a:cd:20:04:5e:
5c:7a:d7:53:41:45:0b:db:45:bb:8f:a6:75:9b:ae:31:ca:8a:
4c:fc:53:92:00:ad:f3:1c:67:ee:ce:75:34:ad:26:11:de:96:
af:5d:04:1d:c2:2e:d7:f1:ac:47:7b:59:bf:d2:2e:4f:87:5a:
9d:fe:be:5f:c5:b6:5c:02:ca:8c:c7:49:ec:24:32:97:21:ab:
f3:da:ed:e8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYTsCHSAItNti1OzuidtFv0PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZDViYTA4MTVjOWY1MTkzZjgwOTg5ZWU4OTNhY2FjYzRi
YTg4NDkwHhcNMjIxMjA3MTAwMTI3WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGM2YmRkMWI1MWQzOGM1MDAwYmE2ZWE5MDhlZDQxZDYwODQ3MTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpNNuEmqVk9as0flv4ro3GPlArJK
1eybqodIYGfxsTIiukZtAJfFQ6pYSJaaXE0JtBQmijKriUM6F8pR8ge91ottPG4Z
4/9GKz7HEA3Po5UNO6e/kP0SeF4DLgEPbfzdWgRdJLPtTahtXHJBi4roI2XR2d7I
OJhZOexhTd85o7AxE2zFkcM6obIRMq0oUDu5UDTJK/Ly0a7tr78UJfIq4eMLr43U
UheGE9ZdT0kbdgAFZnlF6dapVj23KnDPu8Q8tOAtn9UwjIP7o6QY2atYQuMN6yLk
wiqO3tTM0eJJK7ZXMpeuZr7lc5xkA0FBPAEsE144Wja+bhVU7Q0Nq28EGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF3GvdG1HTjFAAum6pCO1B1ghHEfMB8GA1UdIwQY
MBaAFEPVuggVyfUZP4CYnuiTrKzEuohJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEt
ZTEzZTU1NzljNWRjLzEvWGNhOTBiVWRPTVVBQzZicWtJN1VIV0NFY1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi83MjgyYjQtN2YxMS00ZWUwLWFiZWEtZTEzZTU1NzljNWRj
LzEvUTlXNkNCWEo5UmtfZ0ppZTZKT3NyTVM2aUVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAOfooAwQA
OfoqMA0GCSqGSIb3DQEBCwUAA4IBAQBHVnfQmkrrqswssd5kPxcdOGXJXnCjRr/I
x39ioVwA/maPSZYbQYs6ACsn+4ITU/RvVH5gyArizlHQkcwHrA4a+eZT6VcGflWk
ytn5k5qsYFm8O51zyn+4nZnuRe4PzES1sqVCDPWo29GwGNGxD0GCzo5BEIdFEOf1
/97flXv1q00T02THHLWKT1P+hxWAwiNecYFXq9xw2yvUzX30Rjgzd5CqAkYM4rk9
gMksx9pyCs0gBF5cetdTQUUL20W7j6Z1m64xyopM/FOSAK3zHGfuznU0rSYR3pav
XQQdwi7X8axHe1m/0i5Ph1qd/r5fxbZcAsqMx0nsJDKXIavz2u3o
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:49:17 2024 by rpki-client on console-fra.rpki-client.org