Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/Xrzxh12p3elyEmnUwwEYIq0KRMs.roa
File: Xrzxh12p3elyEmnUwwEYIq0KRMs.roa (raw, json)
Hash identifier: aqisDZodwI5zAlHae6Flrleku0pyhsua1Iokij0SMdk=
Subject key identifier: 5E:BC:F1:87:5D:A9:DD:E9:72:12:69:D4:C3:01:18:22:AD:0A:44:CB
Certificate issuer: /CN=5e5810557cb0670bc9c0933e027e9bd82ab156df
Certificate serial: 109EA073
Authority key identifier: 5E:58:10:55:7C:B0:67:0B:C9:C0:93:3E:02:7E:9B:D8:2A:B1:56:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XlgQVXywZwvJwJM-An6b2CqxVt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/Xrzxh12p3elyEmnUwwEYIq0KRMs.roa
Signing time: Sat 01 Jan 2022 12:04:06 +0000
ROA not before: Sat 01 Jan 2022 12:04:06 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 52148
IP address blocks: 91.209.37.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 278831219 (0x109ea073)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e5810557cb0670bc9c0933e027e9bd82ab156df
Validity
Not Before: Jan 1 12:04:06 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ebcf1875da9dde9721269d4c3011822ad0a44cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7d:a7:f9:6b:04:b5:5f:ed:bc:ed:67:28:c9:
ef:33:29:8f:81:79:1c:79:a2:e5:fc:01:46:80:60:
39:1f:44:f4:26:9b:c1:be:15:e8:38:3a:ae:66:0e:
45:c6:2d:1e:40:5f:c9:2e:a6:95:21:c6:93:db:de:
64:d5:74:cc:c4:d6:df:3d:f4:11:31:5a:b5:5e:05:
10:22:8d:81:12:d1:dc:b0:46:61:dd:d8:40:03:51:
05:9e:3e:6b:1d:7e:91:cb:59:98:39:fe:3a:2a:82:
95:78:9e:58:63:40:40:f3:18:6e:ed:48:3b:72:d3:
0a:96:55:d5:dd:de:4d:72:f4:69:71:c3:eb:9f:ed:
ca:b7:e8:81:15:9f:ed:e5:3e:c4:1b:ce:a7:b3:23:
1a:53:f4:b4:a3:a1:e1:a6:e7:d3:cc:a9:a0:25:36:
b8:f1:d0:6c:7a:3b:92:dc:45:88:10:17:0d:46:7d:
e9:ab:23:6e:ef:f3:d6:4a:66:00:94:33:74:96:9c:
f5:a2:8a:61:15:6e:6c:45:61:90:0a:be:cb:99:38:
17:3f:64:c3:e1:a6:cd:c7:3e:85:27:89:6f:7f:17:
43:9e:1d:95:ac:47:8a:b6:f8:f8:a8:f4:53:9d:b0:
66:d2:8a:0b:4e:31:01:4c:26:ae:fd:67:53:e8:17:
ca:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:BC:F1:87:5D:A9:DD:E9:72:12:69:D4:C3:01:18:22:AD:0A:44:CB
X509v3 Authority Key Identifier:
keyid:5E:58:10:55:7C:B0:67:0B:C9:C0:93:3E:02:7E:9B:D8:2A:B1:56:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XlgQVXywZwvJwJM-An6b2CqxVt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/Xrzxh12p3elyEmnUwwEYIq0KRMs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/97c414-3afa-49ee-ab70-a4407a5d321a/1/XlgQVXywZwvJwJM-An6b2CqxVt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.37.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:12:aa:48:31:43:cc:27:5e:a1:7e:a9:23:41:ca:2a:aa:8d:
d7:24:a1:dd:15:e9:ba:76:4e:46:ee:5d:e3:19:68:a5:1d:3d:
7b:94:67:ee:0a:73:aa:01:9d:ad:09:3e:35:5c:c6:3c:d3:cc:
cb:d3:f7:3c:c8:e7:03:47:2e:80:c3:7b:61:2b:11:56:d5:ae:
85:b0:c2:2e:97:92:f7:08:6f:a3:41:80:6b:2c:b5:30:f6:9e:
bd:54:1a:09:0f:4c:93:94:d6:16:48:15:08:03:76:0b:b2:16:
7d:66:4a:5e:ee:06:8e:01:f8:e2:66:f5:c3:aa:f9:ae:d7:2f:
b5:bd:aa:2e:88:a4:aa:42:6a:f8:29:6b:ae:a0:05:a1:6f:e0:
c4:f2:73:7e:d2:b9:05:32:87:02:9b:f1:18:17:cb:4c:b2:e9:
e2:cc:4b:db:e3:8e:0a:0a:52:5d:8d:31:cb:c1:9a:97:7e:71:
7e:24:a3:6d:03:6f:d9:08:f0:b2:c6:bb:57:b0:d4:04:4c:c2:
71:4f:c3:67:e2:87:44:f9:1b:3a:09:eb:98:a5:e6:b5:f1:ec:
73:9e:55:cb:36:ac:39:f4:6c:5b:14:86:b3:db:a9:d4:0c:87:
e0:2f:51:df:00:14:92:b8:45:f6:bd:38:df:41:77:fc:6a:e1:
a9:a4:88:5b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEJ6gczANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZTU4MTA1NTdjYjA2NzBiYzljMDkzM2UwMjdlOWJkODJhYjE1NmRmMB4XDTIyMDEw
MTEyMDQwNloXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWViY2YxODc1ZGE5
ZGRlOTcyMTI2OWQ0YzMwMTE4MjJhZDBhNDRjYjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJh9p/lrBLVf7bztZyjJ7zMpj4F5HHmi5fwBRoBgOR9E9Cab
wb4V6Dg6rmYORcYtHkBfyS6mlSHGk9veZNV0zMTW3z30ETFatV4FECKNgRLR3LBG
Yd3YQANRBZ4+ax1+kctZmDn+OiqClXieWGNAQPMYbu1IO3LTCpZV1d3eTXL0aXHD
65/tyrfogRWf7eU+xBvOp7MjGlP0tKOh4abn08ypoCU2uPHQbHo7ktxFiBAXDUZ9
6asjbu/z1kpmAJQzdJac9aKKYRVubEVhkAq+y5k4Fz9kw+Gmzcc+hSeJb38XQ54d
laxHirb4+Kj0U52wZtKKC04xAUwmrv1nU+gXymMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRevPGHXand6XISadTDARgirQpEyzAfBgNVHSMEGDAWgBReWBBVfLBnC8nA
kz4CfpvYKrFW3zAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hsZ1FWWHl3Wnd2SndKTS1BbjZiMkNxeFZ0OC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvYWUvOTdjNDE0LTNhZmEtNDllZS1hYjcwLWE0NDA3YTVkMzIxYS8x
L1hyenhoMTJwM2VseUVtblV3d0VZSXEwS1JNcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYWUv
OTdjNDE0LTNhZmEtNDllZS1hYjcwLWE0NDA3YTVkMzIxYS8xL1hsZ1FWWHl3Wnd2
SndKTS1BbjZiMkNxeFZ0OC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFvRJTANBgkqhkiG9w0BAQsFAAOC
AQEALxKqSDFDzCdeoX6pI0HKKqqN1ySh3RXpunZORu5d4xlopR09e5Rn7gpzqgGd
rQk+NVzGPNPMy9P3PMjnA0cugMN7YSsRVtWuhbDCLpeS9whvo0GAayy1MPaevVQa
CQ9Mk5TWFkgVCAN2C7IWfWZKXu4GjgH44mb1w6r5rtcvtb2qLoikqkJq+ClrrqAF
oW/gxPJzftK5BTKHApvxGBfLTLLp4sxL2+OOCgpSXY0xy8Gal35xfiSjbQNv2Qjw
ssa7V7DUBEzCcU/DZ+KHRPkbOgnrmKXmtfHsc55VyzasOfRsWxSGs9up1AyH4C9R
3wAUkrhF9r0430F3/GrhqaSIWw==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:26:57 2025 by rpki-client