Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/XF2Uy8q9DfXVG-pDnzowwEthQU0.roa
File: XF2Uy8q9DfXVG-pDnzowwEthQU0.roa (raw, json)
Hash identifier: FH1e90SDJOqCzkP7VcPQ/RQPaDL3hJdFkwmpWeNgP/s=
Subject key identifier: 5C:5D:94:CB:CA:BD:0D:F5:D5:1B:EA:43:9F:3A:30:C0:4B:61:41:4D
Certificate issuer: /CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Certificate serial: 01856E01C823DE7E2017E517CA1EA0A7729F
Authority key identifier: 2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/XF2Uy8q9DfXVG-pDnzowwEthQU0.roa
Signing time: Sun 01 Jan 2023 15:44:48 +0000
ROA not before: Sun 01 Jan 2023 15:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211419
IP address blocks: 193.38.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:c8:23:de:7e:20:17:e5:17:ca:1e:a0:a7:72:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fe4173626f4602640e8d4e96b54a1a096abe78b
Validity
Not Before: Jan 1 15:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c5d94cbcabd0df5d51bea439f3a30c04b61414d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ae:c7:fb:75:7f:c4:12:e0:24:e8:bb:d9:b3:
23:32:a3:fd:01:f3:3f:69:3e:8c:3e:77:46:14:eb:
30:98:8c:a6:e4:af:8b:71:9d:80:ce:37:2c:3d:28:
f5:62:2a:c3:f1:09:93:36:ce:15:f9:28:a2:30:d0:
e3:3c:f0:f1:dd:7c:d1:81:d4:df:ca:35:b0:70:4f:
ed:45:a5:cd:05:57:9b:6a:2b:78:4f:13:20:c1:66:
84:ae:75:42:de:2c:a5:53:1d:63:6d:ee:84:69:b7:
68:37:2b:f6:bf:e9:95:ac:23:e4:0c:93:ef:0a:49:
e7:36:5b:62:f0:cf:16:05:35:cb:2b:7e:e7:8b:94:
57:84:9d:92:6f:9d:40:b9:04:cb:1c:8a:bd:4d:1b:
93:04:95:01:50:93:db:8b:cc:ae:29:c5:23:2f:e9:
14:db:ad:fa:3e:cc:75:29:31:a0:31:5f:53:40:7e:
76:c6:f6:be:5a:e1:ba:f0:fd:c0:24:62:18:0f:3d:
d2:79:4f:52:bc:9b:d5:1f:e9:8a:e1:b7:ac:c9:bd:
69:24:46:44:4a:34:fe:7a:e7:33:ba:7c:54:76:38:
35:93:f6:d9:15:2c:1e:df:02:5d:88:12:96:48:0c:
83:85:50:76:b4:52:bf:64:a1:fe:c7:87:7c:57:cd:
35:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:5D:94:CB:CA:BD:0D:F5:D5:1B:EA:43:9F:3A:30:C0:4B:61:41:4D
X509v3 Authority Key Identifier:
keyid:2F:E4:17:36:26:F4:60:26:40:E8:D4:E9:6B:54:A1:A0:96:AB:E7:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L-QXNib0YCZA6NTpa1ShoJar54s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/XF2Uy8q9DfXVG-pDnzowwEthQU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/a4cd0d-af14-49c3-9481-35479c54dcbd/1/L-QXNib0YCZA6NTpa1ShoJar54s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.247.0/24
Signature Algorithm: sha256WithRSAEncryption
76:12:1b:f6:7c:6c:45:17:e1:0d:9d:93:b0:f1:c8:81:ed:ce:
e3:e1:93:06:15:f8:62:ca:35:db:fb:11:08:bc:64:ce:6c:c4:
b1:df:d0:83:94:7b:dd:ff:80:ac:fb:a9:ca:21:36:22:47:fb:
a9:6d:a4:2c:95:7c:12:a4:c1:7d:76:7e:95:02:79:07:dc:de:
7d:d7:4f:85:72:ef:26:97:cd:9e:67:f0:f7:aa:2d:37:76:bc:
df:97:6c:06:7b:12:2e:92:eb:0b:ed:fc:a2:c7:33:d7:15:f9:
fb:79:5f:b1:f0:24:ec:ae:d3:15:cc:e5:05:89:c1:c7:7d:c3:
b5:63:ba:ae:32:9a:82:d7:62:ac:c7:35:a0:3c:71:c1:b1:b2:
e6:57:68:0a:56:e6:19:9e:e6:10:d2:ef:93:41:a4:a3:58:d1:
91:83:fa:59:d2:6d:46:9c:54:94:9c:79:40:85:5d:71:ba:8b:
8e:98:e6:6f:86:a9:94:3f:d8:bb:a3:fa:86:87:7d:ec:46:98:
f4:9c:aa:b3:28:34:d9:42:0f:3e:12:52:bf:85:16:88:19:11:
23:69:ac:c0:15:c6:20:95:d2:1c:09:5f:9a:40:b2:5f:41:9c:
bc:16:45:27:62:dc:12:dd:54:5c:64:d8:7b:90:75:e9:63:8a:
e3:70:b5:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVuAcgj3n4gF+UXyh6gp3KfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZTQxNzM2MjZmNDYwMjY0MGU4ZDRlOTZiNTRhMWEwOTZh
YmU3OGIwHhcNMjMwMTAxMTU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzVkOTRjYmNhYmQwZGY1ZDUxYmVhNDM5ZjNhMzBjMDRiNjE0MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma7H+3V/xBLgJOi72bMjMqP9AfM/
aT6MPndGFOswmIym5K+LcZ2AzjcsPSj1YirD8QmTNs4V+SiiMNDjPPDx3XzRgdTf
yjWwcE/tRaXNBVebait4TxMgwWaErnVC3iylUx1jbe6EabdoNyv2v+mVrCPkDJPv
CknnNlti8M8WBTXLK37ni5RXhJ2Sb51AuQTLHIq9TRuTBJUBUJPbi8yuKcUjL+kU
2636Psx1KTGgMV9TQH52xva+WuG68P3AJGIYDz3SeU9SvJvVH+mK4besyb1pJEZE
SjT+euczunxUdjg1k/bZFSwe3wJdiBKWSAyDhVB2tFK/ZKH+x4d8V801twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFxdlMvKvQ311RvqQ586MMBLYUFNMB8GA1UdIwQY
MBaAFC/kFzYm9GAmQOjU6WtUoaCWq+eLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEt
MzU0NzljNTRkY2JkLzEvWEYyVXk4cTlEZlhWRy1wRG56b3d3RXRoUVUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9hNGNkMGQtYWYxNC00OWMzLTk0ODEtMzU0NzljNTRkY2Jk
LzEvTC1RWE5pYjBZQ1pBNk5UcGExU2hvSmFyNTRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSb3MA0G
CSqGSIb3DQEBCwUAA4IBAQB2Ehv2fGxFF+ENnZOw8ciB7c7j4ZMGFfhiyjXb+xEI
vGTObMSx39CDlHvd/4Cs+6nKITYiR/upbaQslXwSpMF9dn6VAnkH3N5910+Fcu8m
l82eZ/D3qi03drzfl2wGexIukusL7fyixzPXFfn7eV+x8CTsrtMVzOUFicHHfcO1
Y7quMpqC12KsxzWgPHHBsbLmV2gKVuYZnuYQ0u+TQaSjWNGRg/pZ0m1GnFSUnHlA
hV1xuouOmOZvhqmUP9i7o/qGh33sRpj0nKqzKDTZQg8+ElK/hRaIGREjaazAFcYg
ldIcCV+aQLJfQZy8FkUnYtwS3VRcZNh7kHXpY4rjcLW0
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:35:35 2025 by rpki-client