Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/cXkOYL_NtCYuvkPh5oY2LDHPZVw.roa
File: cXkOYL_NtCYuvkPh5oY2LDHPZVw.roa (raw, json)
Hash identifier: +4lKvos1hxL7dyZLui3SmJusrvTjPOM2Jwlc/nm+yfU=
Subject key identifier: 71:79:0E:60:BF:CD:B4:26:2E:BE:43:E1:E6:86:36:2C:31:CF:65:5C
Certificate issuer: /CN=e5a83b40b3f4d7d31fb3368dafaca1199a449892
Certificate serial: 018C97B56B146C0CF8D6C607D5336183D7D5
Authority key identifier: E5:A8:3B:40:B3:F4:D7:D3:1F:B3:36:8D:AF:AC:A1:19:9A:44:98:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5ag7QLP019MfszaNr6yhGZpEmJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/cXkOYL_NtCYuvkPh5oY2LDHPZVw.roa
Signing time: Sat 23 Dec 2023 17:24:58 +0000
ROA not before: Sat 23 Dec 2023 17:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 47857
IP address blocks: 185.25.8.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:b5:6b:14:6c:0c:f8:d6:c6:07:d5:33:61:83:d7:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5a83b40b3f4d7d31fb3368dafaca1199a449892
Validity
Not Before: Dec 23 17:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=71790e60bfcdb4262ebe43e1e686362c31cf655c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:b8:90:15:51:5a:67:ed:81:28:68:ee:05:41:
37:de:7d:ea:8f:ff:c6:f2:1b:ff:ae:a6:42:82:50:
92:2f:83:30:93:fb:2f:f7:6c:e1:aa:27:10:8c:65:
cf:23:01:d4:aa:b3:56:15:75:73:27:1e:86:b9:59:
0f:44:b7:d8:b7:43:93:3c:80:db:3e:a5:6c:e5:32:
66:be:14:08:64:76:ad:cf:1d:dc:32:f7:ba:dc:a1:
db:dc:89:14:9b:49:50:86:50:25:90:32:d0:a7:06:
40:35:1a:e1:55:09:76:e0:d2:98:6c:2b:2f:ae:cf:
91:89:ca:ff:02:03:05:13:ef:06:26:79:36:01:b8:
12:fe:44:c7:74:30:c9:29:75:c7:d9:83:9f:2d:41:
bd:8f:40:93:5a:47:6a:9b:7e:bd:31:ff:c8:84:ae:
31:e3:7d:b4:8f:3d:ce:ae:77:7c:86:25:4f:11:f8:
f9:e1:f0:29:68:57:de:6c:a0:e3:68:9d:bf:ea:56:
a1:61:73:02:b2:ae:21:5e:cb:20:f6:52:29:21:a4:
cb:9b:3d:7a:8f:4e:91:f2:79:4c:35:4b:f5:b9:79:
60:6f:57:d6:2b:0f:ff:45:b4:f9:ea:79:9e:98:d8:
3a:5c:65:2d:6c:a4:06:f8:6f:35:78:c5:18:e3:f3:
4f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:79:0E:60:BF:CD:B4:26:2E:BE:43:E1:E6:86:36:2C:31:CF:65:5C
X509v3 Authority Key Identifier:
keyid:E5:A8:3B:40:B3:F4:D7:D3:1F:B3:36:8D:AF:AC:A1:19:9A:44:98:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5ag7QLP019MfszaNr6yhGZpEmJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/cXkOYL_NtCYuvkPh5oY2LDHPZVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/24cab4-0125-4383-85fa-3d388606da12/1/5ag7QLP019MfszaNr6yhGZpEmJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.25.8.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:f3:20:c6:49:75:7d:0f:8b:60:2b:cc:63:7b:96:f7:31:b9:
7d:a4:c3:5f:7e:a6:52:5b:f8:b9:7e:ee:b9:46:f7:0e:ce:ed:
f7:35:df:b7:5e:0f:74:25:c3:bb:74:f0:05:83:ac:3a:21:be:
6c:9c:6e:c0:c7:f7:80:7d:95:c6:ac:9b:fa:5e:fb:ba:0a:c1:
57:37:5d:89:18:8a:04:d3:7e:41:d6:21:e3:17:21:c3:51:08:
61:a1:64:1f:e1:c0:c0:17:c4:7b:ac:bf:07:f1:b4:8d:a5:e0:
86:26:11:7e:b5:1e:eb:73:12:cc:b3:ca:a7:b3:be:72:90:b9:
1b:c1:c1:22:85:20:29:dc:83:35:e0:3b:ec:a0:57:28:ef:69:
9a:a4:e2:92:81:ab:32:7c:30:79:95:95:24:66:36:12:01:48:
6a:ed:6b:01:5d:06:72:a9:ef:d0:b1:74:3f:b7:02:fb:66:d6:
6e:68:f6:bb:f3:2f:b3:33:16:25:0d:09:0d:8c:c2:45:c2:45:
a7:bc:c0:12:2e:af:d5:d8:fa:a9:23:1f:bb:c7:b7:2d:7b:97:
11:67:f2:0d:44:91:c6:fc:bb:f1:b9:36:aa:ce:3a:40:75:a3:
f8:71:9b:d7:e1:10:bd:32:f7:97:62:b2:43:ba:3f:94:dc:99:
02:f9:39:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyXtWsUbAz41sYH1TNhg9fVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YTgzYjQwYjNmNGQ3ZDMxZmIzMzY4ZGFmYWNhMTE5OWE0
NDk4OTIwHhcNMjMxMjIzMTcyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTc5MGU2MGJmY2RiNDI2MmViZTQzZTFlNjg2MzYyYzMxY2Y2NTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkriQFVFaZ+2BKGjuBUE33n3qj//G
8hv/rqZCglCSL4Mwk/sv92zhqicQjGXPIwHUqrNWFXVzJx6GuVkPRLfYt0OTPIDb
PqVs5TJmvhQIZHatzx3cMve63KHb3IkUm0lQhlAlkDLQpwZANRrhVQl24NKYbCsv
rs+Ricr/AgMFE+8GJnk2AbgS/kTHdDDJKXXH2YOfLUG9j0CTWkdqm369Mf/IhK4x
4320jz3Ornd8hiVPEfj54fApaFfebKDjaJ2/6lahYXMCsq4hXssg9lIpIaTLmz16
j06R8nlMNUv1uXlgb1fWKw//RbT56nmemNg6XGUtbKQG+G81eMUY4/NPDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHF5DmC/zbQmLr5D4eaGNiwxz2VcMB8GA1UdIwQY
MBaAFOWoO0Cz9NfTH7M2ja+soRmaRJiSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWFnN1FMUDAxOU1mc3phTnI2eWhHWnBFbUpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8yNGNhYjQtMDEyNS00MzgzLTg1ZmEt
M2QzODg2MDZkYTEyLzEvY1hrT1lMX050Q1l1dmtQaDVvWTJMREhQWlZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8yNGNhYjQtMDEyNS00MzgzLTg1ZmEtM2QzODg2MDZkYTEy
LzEvNWFnN1FMUDAxOU1mc3phTnI2eWhHWnBFbUpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRkIMA0G
CSqGSIb3DQEBCwUAA4IBAQAv8yDGSXV9D4tgK8xje5b3Mbl9pMNffqZSW/i5fu65
RvcOzu33Nd+3Xg90JcO7dPAFg6w6Ib5snG7Ax/eAfZXGrJv6Xvu6CsFXN12JGIoE
035B1iHjFyHDUQhhoWQf4cDAF8R7rL8H8bSNpeCGJhF+tR7rcxLMs8qns75ykLkb
wcEihSAp3IM14DvsoFco72mapOKSgasyfDB5lZUkZjYSAUhq7WsBXQZyqe/QsXQ/
twL7ZtZuaPa78y+zMxYlDQkNjMJFwkWnvMASLq/V2PqpIx+7x7cte5cRZ/INRJHG
/LvxuTaqzjpAdaP4cZvX4RC9MveXYrJDuj+U3JkC+TmC
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:00:29 2025 by rpki-client