Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/xTMXtXaL4DP0zD5O17Kj84Kyzx4.roa
File: xTMXtXaL4DP0zD5O17Kj84Kyzx4.roa (raw, json)
Hash identifier: EkXgGMCDNYaqRY68z84W3FFuqvdp2RhEURk6u+TtR0M=
Subject key identifier: C5:33:17:B5:76:8B:E0:33:F4:CC:3E:4E:D7:B2:A3:F3:82:B2:CF:1E
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018BF09D975B2160FE467E10878F38E8A6C6
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/xTMXtXaL4DP0zD5O17Kj84Kyzx4.roa
Signing time: Tue 21 Nov 2023 06:42:21 +0000
ROA not before: Tue 21 Nov 2023 06:42:21 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 9123
IP address blocks: 80.76.60.0/24 maxlen: 24
185.192.246.0/24 maxlen: 24
185.192.247.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8b:f0:9d:97:5b:21:60:fe:46:7e:10:87:8f:38:e8:a6:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Nov 21 06:42:21 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c53317b5768be033f4cc3e4ed7b2a3f382b2cf1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:11:07:72:5c:95:fa:01:f5:f0:a2:cb:0e:1f:
26:07:c9:df:a2:ed:6c:2d:ac:4f:0a:2b:74:68:80:
a1:30:44:0d:4a:97:a4:ea:59:fa:85:54:7b:21:90:
7b:42:65:45:40:3e:71:83:39:be:a7:ab:0f:02:d0:
40:cf:32:7b:45:da:8e:b4:ff:88:7b:33:c3:84:c8:
4a:80:60:66:73:7c:32:75:0f:89:45:46:7f:38:69:
5b:e1:98:ee:34:09:4b:1d:b8:3a:d1:3c:da:09:44:
10:fa:0c:38:fa:a4:19:87:7b:0c:65:fe:22:c2:40:
7f:28:5d:2c:76:ed:24:70:e0:d9:21:26:86:08:01:
e0:27:74:5c:03:e6:96:14:2f:3a:ac:59:44:ab:54:
d8:75:05:f8:5e:73:62:19:0b:0d:36:d7:6b:23:d7:
df:27:65:7c:5f:1c:9d:63:36:d9:2a:7b:0c:fb:51:
ab:57:53:70:e2:2e:73:b9:e3:bd:68:c7:41:db:42:
5e:b5:7c:fb:6b:bd:6e:80:98:f6:61:14:33:d7:fc:
ad:ee:dd:2e:d8:57:16:75:5b:5e:c7:a7:1f:78:72:
f3:12:d8:50:c3:83:0c:5f:1c:03:a0:1d:db:d8:0c:
c1:e8:18:7d:fa:c6:62:c0:d4:f3:a9:a6:16:b1:18:
c0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:33:17:B5:76:8B:E0:33:F4:CC:3E:4E:D7:B2:A3:F3:82:B2:CF:1E
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/xTMXtXaL4DP0zD5O17Kj84Kyzx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.60.0/24
185.192.246.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:05:a5:32:ea:7a:6d:10:f5:de:1a:8f:cd:de:bf:82:5e:9d:
58:45:c2:38:eb:93:1f:4e:87:5c:62:03:6c:73:62:6d:f3:14:
56:b4:82:0b:4a:13:51:fb:8e:e0:8d:28:e9:7c:9a:fe:bc:d4:
35:73:05:52:1b:c5:2b:1a:d3:1c:4a:0e:dc:e4:9f:d9:62:31:
5f:ae:f8:93:02:53:fa:5b:36:da:68:19:f9:ad:59:d5:7c:49:
0c:33:7e:eb:39:3c:7d:a7:ab:dc:40:ca:12:63:f7:6d:1a:e4:
06:87:59:49:5d:6a:7b:34:b8:7e:f5:1f:82:76:94:28:f1:f5:
af:0a:77:62:cd:8d:65:0f:ce:77:ee:3a:b0:63:06:d6:5c:a4:
0d:7e:63:88:82:e2:41:f7:d1:df:23:97:4e:61:91:bb:1f:8b:
a4:67:8e:8b:1a:31:35:8e:e3:29:22:1e:7e:f1:0d:3c:04:f3:
e2:57:4d:f7:e3:eb:05:45:43:54:f7:3c:c8:81:28:dd:08:13:
54:a9:1a:24:eb:07:6d:07:a8:27:1a:91:24:89:2e:be:e1:0a:
69:20:4c:1c:c4:1f:1e:4c:c5:bd:a3:39:7a:55:2c:61:8b:2d:
bc:12:12:12:c7:b3:be:ac:21:91:e0:a1:20:4c:58:f7:46:43:
50:4b:9b:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYvwnZdbIWD+Rn4Qh4846KbGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjMxMTIxMDY0MjIxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTMzMTdiNTc2OGJlMDMzZjRjYzNlNGVkN2IyYTNmMzgyYjJjZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAihEHclyV+gH18KLLDh8mB8nfou1s
LaxPCit0aIChMEQNSpek6ln6hVR7IZB7QmVFQD5xgzm+p6sPAtBAzzJ7RdqOtP+I
ezPDhMhKgGBmc3wydQ+JRUZ/OGlb4ZjuNAlLHbg60TzaCUQQ+gw4+qQZh3sMZf4i
wkB/KF0sdu0kcODZISaGCAHgJ3RcA+aWFC86rFlEq1TYdQX4XnNiGQsNNtdrI9ff
J2V8XxydYzbZKnsM+1GrV1Nw4i5zueO9aMdB20JetXz7a71ugJj2YRQz1/yt7t0u
2FcWdVtex6cfeHLzEthQw4MMXxwDoB3b2AzB6Bh9+sZiwNTzqaYWsRjA6wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMUzF7V2i+Az9Mw+Tteyo/OCss8eMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEveFRNWHRYYUw0RFAwekQ1TzE3S2o4NEt5eng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUEw8AwQB
ucD2MA0GCSqGSIb3DQEBCwUAA4IBAQAbBaUy6nptEPXeGo/N3r+CXp1YRcI465Mf
TodcYgNsc2Jt8xRWtIILShNR+47gjSjpfJr+vNQ1cwVSG8UrGtMcSg7c5J/ZYjFf
rviTAlP6WzbaaBn5rVnVfEkMM37rOTx9p6vcQMoSY/dtGuQGh1lJXWp7NLh+9R+C
dpQo8fWvCndizY1lD8537jqwYwbWXKQNfmOIguJB99HfI5dOYZG7H4ukZ46LGjE1
juMpIh5+8Q08BPPiV0334+sFRUNU9zzIgSjdCBNUqRok6wdtB6gnGpEkiS6+4Qpp
IEwcxB8eTMW9ozl6VSxhiy28EhISx7O+rCGR4KEgTFj3RkNQS5uK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:43 2025 by rpki-client