Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xZDb8aRTerlpqnYTd8SFgjH0erc.roa
File: xZDb8aRTerlpqnYTd8SFgjH0erc.roa (raw, json)
Hash identifier: masgxkkcxjey9oPXRTjg8UyBdDHOADX90WJSSz0awZI=
Subject key identifier: C5:90:DB:F1:A4:53:7A:B9:69:AA:76:13:77:C4:85:82:31:F4:7A:B7
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0189DBA8C4BBF4970E7243D13FEA4B56F065
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xZDb8aRTerlpqnYTd8SFgjH0erc.roa
Signing time: Wed 09 Aug 2023 18:56:57 +0000
ROA not before: Wed 09 Aug 2023 18:56:57 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 5.180.49.0/24 maxlen: 24
5.253.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:db:a8:c4:bb:f4:97:0e:72:43:d1:3f:ea:4b:56:f0:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 9 18:56:57 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c590dbf1a4537ab969aa761377c4858231f47ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:26:e9:ed:10:ee:81:0a:b3:6f:7d:a4:56:85:
d3:14:98:4b:5a:02:a4:1f:57:62:3a:0a:02:20:58:
1f:4b:30:68:b9:16:de:93:17:13:c1:53:d0:28:13:
c1:43:48:ff:04:be:92:56:de:9d:65:dd:d2:ac:9c:
fb:40:71:72:a9:7c:80:62:a8:b1:62:16:30:c6:97:
ff:6f:10:aa:54:dd:73:83:31:5d:30:77:7e:7d:9e:
de:25:16:ab:d3:28:aa:dd:8a:d9:87:72:2d:74:17:
49:0a:7b:45:72:6d:30:5e:d5:ae:34:ba:e0:2d:fe:
85:42:52:8e:26:f0:46:08:70:cb:f8:8a:19:b3:39:
91:9a:b4:93:98:76:31:ce:6c:09:be:ea:b8:01:e4:
b6:21:71:c2:42:e0:55:06:1e:b5:78:95:b4:dd:05:
ce:4d:f6:29:57:b1:f4:c4:ae:af:37:ea:93:47:34:
5c:54:63:ec:6a:30:cc:93:5a:22:9b:d4:47:84:21:
f0:1a:08:ad:3a:8c:ed:3a:bd:3d:ef:4d:79:42:a5:
ab:4a:11:70:bc:d3:0c:b0:a7:f6:23:16:2a:2b:ac:
76:1a:ff:dc:a7:5e:a9:26:6b:53:80:97:01:bb:c4:
fd:4c:67:d8:a7:63:b7:40:dc:84:3f:43:7c:c6:09:
54:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:90:DB:F1:A4:53:7A:B9:69:AA:76:13:77:C4:85:82:31:F4:7A:B7
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/xZDb8aRTerlpqnYTd8SFgjH0erc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.49.0/24
5.253.46.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:12:2b:c1:e7:53:d2:48:5d:92:ec:95:f4:84:8b:55:d0:82:
bd:c3:61:dc:4a:e0:3f:e3:70:7b:7a:f7:52:26:88:4c:6a:9c:
0a:94:91:32:0d:9b:e8:52:5b:64:dc:dc:ae:41:71:63:0b:71:
b2:7d:0d:50:18:94:3b:99:b5:12:0f:00:4f:ae:73:a3:06:64:
77:21:b1:d7:67:cc:32:df:b0:d2:f2:12:46:54:a0:65:ad:4c:
bf:b9:79:f2:14:38:2a:ed:8c:cd:fe:b2:33:ff:d6:0d:4f:4f:
03:e6:9f:b2:4c:35:9d:cd:e6:8c:03:e3:3f:1a:81:75:f8:0f:
91:b9:84:d8:c2:fc:98:e9:78:d1:e0:da:0f:5e:60:9a:c2:a5:
16:c4:d7:04:8f:d8:8b:f7:37:c3:e5:f9:59:82:87:ea:e6:ee:
48:94:8b:90:67:19:65:e6:89:3d:fa:65:2b:35:f0:74:04:6b:
57:74:33:4a:94:35:5a:0d:18:eb:88:eb:78:3e:80:58:ff:6c:
b3:b5:25:a5:42:6c:62:b8:7c:1e:94:08:57:5b:c4:69:63:1f:
e7:fe:8c:5f:43:c7:81:1c:ce:72:fc:4b:29:f6:c5:c7:5e:05:
ce:74:ad:b7:67:56:64:e1:9d:fd:1e:40:ac:50:c6:b7:6b:e5:
32:41:15:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYnbqMS79JcOckPRP+pLVvBlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjMwODA5MTg1NjU3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTkwZGJmMWE0NTM3YWI5NjlhYTc2MTM3N2M0ODU4MjMxZjQ3YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Sbp7RDugQqzb32kVoXTFJhLWgKk
H1diOgoCIFgfSzBouRbekxcTwVPQKBPBQ0j/BL6SVt6dZd3SrJz7QHFyqXyAYqix
YhYwxpf/bxCqVN1zgzFdMHd+fZ7eJRar0yiq3YrZh3ItdBdJCntFcm0wXtWuNLrg
Lf6FQlKOJvBGCHDL+IoZszmRmrSTmHYxzmwJvuq4AeS2IXHCQuBVBh61eJW03QXO
TfYpV7H0xK6vN+qTRzRcVGPsajDMk1oim9RHhCHwGgitOoztOr097015QqWrShFw
vNMMsKf2IxYqK6x2Gv/cp16pJmtTgJcBu8T9TGfYp2O3QNyEP0N8xglUQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMWQ2/GkU3q5aap2E3fEhYIx9Hq3MB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEveFpEYjhhUlRlcmxwcW5ZVGQ4U0ZnakgwZXJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbQxAwQA
Bf0uMA0GCSqGSIb3DQEBCwUAA4IBAQCsEivB51PSSF2S7JX0hItV0IK9w2HcSuA/
43B7evdSJohMapwKlJEyDZvoUltk3NyuQXFjC3GyfQ1QGJQ7mbUSDwBPrnOjBmR3
IbHXZ8wy37DS8hJGVKBlrUy/uXnyFDgq7YzN/rIz/9YNT08D5p+yTDWdzeaMA+M/
GoF1+A+RuYTYwvyY6XjR4NoPXmCawqUWxNcEj9iL9zfD5flZgofq5u5IlIuQZxll
5ok9+mUrNfB0BGtXdDNKlDVaDRjriOt4PoBY/2yztSWlQmxiuHwelAhXW8RpYx/n
/oxfQ8eBHM5y/Esp9sXHXgXOdK23Z1Zk4Z39HkCsUMa3a+UyQRWN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:15:06 2025 by rpki-client