Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/xhp0q2Fe9qtYHIfQX2aFqcwqa0I.roa
File: xhp0q2Fe9qtYHIfQX2aFqcwqa0I.roa (raw, json)
Hash identifier: MF0YN3GBKYl7RFI7hpmX/Ya3OU5lLP9Y0UklRykINAM=
Subject key identifier: C6:1A:74:AB:61:5E:F6:AB:58:1C:87:D0:5F:66:85:A9:CC:2A:6B:42
Certificate issuer: /CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Certificate serial: 01856F8B6934BF599B76FF5B005110ACB113
Authority key identifier: E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/xhp0q2Fe9qtYHIfQX2aFqcwqa0I.roa
Signing time: Sun 01 Jan 2023 22:54:45 +0000
ROA not before: Sun 01 Jan 2023 22:54:45 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41227
IP address blocks: 78.111.1.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:8b:69:34:bf:59:9b:76:ff:5b:00:51:10:ac:b1:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e94978779e930e01fbfe7e0c5fcb41611129d4e8
Validity
Not Before: Jan 1 22:54:45 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c61a74ab615ef6ab581c87d05f6685a9cc2a6b42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f3:36:02:02:ef:1d:97:83:f9:17:fd:de:a9:
37:4a:65:d6:0a:12:ea:77:e1:27:ef:21:f6:00:a4:
82:51:af:a0:e1:51:14:2b:a2:bd:52:f5:00:d8:f0:
a1:91:02:90:73:8a:9f:2b:ef:82:aa:f2:0c:5f:d2:
22:3e:7b:1a:27:00:f3:0e:dd:5f:8d:5c:6e:24:7f:
77:cb:58:a3:02:9b:aa:48:47:db:cb:f9:da:02:1b:
28:e6:31:02:77:7d:2e:b6:ee:a6:6d:c0:f5:18:bf:
3b:a2:3c:ec:7f:70:e5:5b:1f:98:8a:44:9b:81:2c:
1b:a1:e5:a8:11:d1:ab:2b:68:88:7e:e6:b1:f6:e1:
79:8d:4f:fb:a9:be:ca:2c:72:20:1b:7f:ef:44:48:
98:a7:83:a2:73:de:5e:58:3b:64:75:28:3b:18:d9:
cb:e2:ff:73:04:44:08:35:da:03:03:04:e6:e6:60:
33:c6:69:ba:6c:8e:ad:8b:b8:46:e6:1f:38:f2:01:
da:5c:7e:e6:99:a8:56:0b:13:6e:d2:5f:1b:dc:ac:
43:b0:1c:7f:a1:c3:06:ab:be:26:e1:1c:b7:20:58:
a0:24:69:f8:82:64:95:89:54:08:2a:2f:97:4d:2d:
33:17:55:6c:e8:cb:92:35:0c:e5:18:5c:03:58:4b:
20:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:1A:74:AB:61:5E:F6:AB:58:1C:87:D0:5F:66:85:A9:CC:2A:6B:42
X509v3 Authority Key Identifier:
keyid:E9:49:78:77:9E:93:0E:01:FB:FE:7E:0C:5F:CB:41:61:11:29:D4:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Ul4d56TDgH7_n4MX8tBYREp1Og.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/xhp0q2Fe9qtYHIfQX2aFqcwqa0I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/78db29-e46d-41f4-87c7-95c42e4a84c0/1/6Ul4d56TDgH7_n4MX8tBYREp1Og.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.1.0/24
Signature Algorithm: sha256WithRSAEncryption
89:f4:d6:69:fb:a2:a9:cf:c6:f6:26:9b:71:22:16:7f:66:92:
6c:67:58:7b:0f:9c:90:f7:1c:a4:28:44:00:03:72:1b:a3:7d:
ff:be:e6:19:a7:c5:07:bc:e9:c4:ab:17:d0:6c:ef:67:f4:f9:
6b:53:a1:30:ce:f4:64:b1:72:99:51:23:b8:d2:c8:80:54:03:
c0:7f:c8:08:b0:96:5f:b6:c4:98:14:1c:96:b7:c3:98:45:40:
6e:cd:0c:4c:c0:10:d7:63:3b:7a:a6:35:5f:d9:d7:9e:99:1b:
4a:63:e9:7e:b4:76:c3:42:ee:ff:51:dc:b6:cd:48:05:a9:c1:
ec:94:e7:1d:88:45:fc:cc:93:be:ed:54:77:4f:4c:ff:da:85:
bd:32:25:d8:b0:4e:d1:04:59:87:eb:14:c7:47:2b:54:b4:c3:
38:e0:3d:e3:0f:47:58:df:0e:cf:d3:91:3c:ff:b9:72:6e:25:
a2:9b:0f:12:d8:d8:fc:fa:4b:29:65:b5:41:b5:2d:d5:b5:43:
60:33:2a:2c:20:b4:03:2c:2b:6d:86:85:a5:1e:89:24:87:af:
a5:99:d7:54:e7:1b:46:a5:5f:2f:88:eb:cc:0d:0e:a4:90:89:
7c:fd:97:30:28:d5:1b:d5:0a:93:30:e5:78:cd:59:83:d4:6a:
28:f4:7b:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvi2k0v1mbdv9bAFEQrLETMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NDk3ODc3OWU5MzBlMDFmYmZlN2UwYzVmY2I0MTYxMTEy
OWQ0ZTgwHhcNMjMwMTAxMjI1NDQ1WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjFhNzRhYjYxNWVmNmFiNTgxYzg3ZDA1ZjY2ODVhOWNjMmE2YjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/M2AgLvHZeD+Rf93qk3SmXWChLq
d+En7yH2AKSCUa+g4VEUK6K9UvUA2PChkQKQc4qfK++CqvIMX9IiPnsaJwDzDt1f
jVxuJH93y1ijApuqSEfby/naAhso5jECd30utu6mbcD1GL87ojzsf3DlWx+YikSb
gSwboeWoEdGrK2iIfuax9uF5jU/7qb7KLHIgG3/vREiYp4Oic95eWDtkdSg7GNnL
4v9zBEQINdoDAwTm5mAzxmm6bI6ti7hG5h848gHaXH7mmahWCxNu0l8b3KxDsBx/
ocMGq74m4Ry3IFigJGn4gmSViVQIKi+XTS0zF1Vs6MuSNQzlGFwDWEsgyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMYadKthXvarWByH0F9mhanMKmtCMB8GA1UdIwQY
MBaAFOlJeHeekw4B+/5+DF/LQWERKdToMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3Yzct
OTVjNDJlNGE4NGMwLzEveGhwMHEyRmU5cXRZSElmUVgyYUZxY3dxYTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83OGRiMjktZTQ2ZC00MWY0LTg3YzctOTVjNDJlNGE4NGMw
LzEvNlVsNGQ1NlREZ0g3X240TVg4dEJZUkVwMU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQATm8BMA0G
CSqGSIb3DQEBCwUAA4IBAQCJ9NZp+6Kpz8b2JptxIhZ/ZpJsZ1h7D5yQ9xykKEQA
A3Ibo33/vuYZp8UHvOnEqxfQbO9n9PlrU6EwzvRksXKZUSO40siAVAPAf8gIsJZf
tsSYFByWt8OYRUBuzQxMwBDXYzt6pjVf2deemRtKY+l+tHbDQu7/Udy2zUgFqcHs
lOcdiEX8zJO+7VR3T0z/2oW9MiXYsE7RBFmH6xTHRytUtMM44D3jD0dY3w7P05E8
/7lybiWimw8S2Nj8+kspZbVBtS3VtUNgMyosILQDLCtthoWlHokkh6+lmddU5xtG
pV8viOvMDQ6kkIl8/ZcwKNUb1QqTMOV4zVmD1Goo9HvD
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:50:49 2025 by rpki-client