Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/98867c-856e-46c9-8925-6ea5d8b75411/1/XA9fusjE_qbdezd4YM8tkADcKBU.roa
File: XA9fusjE_qbdezd4YM8tkADcKBU.roa (raw, json)
Hash identifier: DK/gLohEfbQBGYS9kNFmxc7k3LWbhI9431uyZzWq5nA=
Subject key identifier: 5C:0F:5F:BA:C8:C4:FE:A6:DD:7B:37:78:60:CF:2D:90:00:DC:28:15
Certificate issuer: /CN=a2ae3569689ff542a911d7098b82466e6ea9fc85
Certificate serial: 01856E01C9A3A54F3AB487EE94EBB697DBA8
Authority key identifier: A2:AE:35:69:68:9F:F5:42:A9:11:D7:09:8B:82:46:6E:6E:A9:FC:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oq41aWif9UKpEdcJi4JGbm6p_IU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/98867c-856e-46c9-8925-6ea5d8b75411/1/XA9fusjE_qbdezd4YM8tkADcKBU.roa
Signing time: Sun 01 Jan 2023 15:44:48 +0000
ROA not before: Sun 01 Jan 2023 15:44:48 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 211668
IP address blocks: 80.249.132.0/24 maxlen: 24
2a10:b5c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:01:c9:a3:a5:4f:3a:b4:87:ee:94:eb:b6:97:db:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ae3569689ff542a911d7098b82466e6ea9fc85
Validity
Not Before: Jan 1 15:44:48 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c0f5fbac8c4fea6dd7b377860cf2d9000dc2815
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:b4:5d:93:88:d5:29:b8:61:50:1c:0f:94:15:
31:d9:03:44:e9:a1:d0:5c:dd:d8:6a:8d:da:6c:48:
05:c9:a6:6d:c9:8c:98:44:b7:e7:ae:35:3b:de:43:
06:c9:1d:42:45:a7:60:c9:b4:ea:ce:ff:b4:2a:96:
46:60:e3:8d:2c:28:4b:d9:f5:cb:8b:ef:57:e7:84:
04:e2:b1:15:9c:28:fc:45:df:e0:5b:21:da:c2:03:
74:46:0c:37:ba:e5:5b:ed:31:a5:e7:e4:10:9d:ba:
5e:a5:ac:4d:2e:f4:dd:5d:27:12:6f:5f:83:8f:2b:
89:43:ea:9b:33:02:7b:8d:04:72:ce:12:bd:f2:7e:
dd:00:11:c1:bb:28:6a:93:cc:75:1a:bf:61:c9:ae:
cf:0a:48:f3:20:bb:44:d3:e4:22:ea:96:05:a9:96:
29:67:6d:8c:ae:aa:02:00:04:5f:e6:9c:ef:27:bf:
a0:18:33:e4:ff:4f:ca:77:0b:2a:6e:e8:c9:9a:b3:
84:c2:15:be:b0:94:ba:94:c0:f3:7c:08:d6:b4:b6:
2c:45:6b:4c:a2:3d:f6:6a:26:b6:6e:27:9f:ba:eb:
88:ee:ba:12:32:f1:f2:5d:19:f6:eb:10:fa:8e:c1:
7d:cd:7d:11:a3:5a:2d:2f:8e:a9:03:f5:ec:5f:27:
c4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0F:5F:BA:C8:C4:FE:A6:DD:7B:37:78:60:CF:2D:90:00:DC:28:15
X509v3 Authority Key Identifier:
keyid:A2:AE:35:69:68:9F:F5:42:A9:11:D7:09:8B:82:46:6E:6E:A9:FC:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oq41aWif9UKpEdcJi4JGbm6p_IU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/98867c-856e-46c9-8925-6ea5d8b75411/1/XA9fusjE_qbdezd4YM8tkADcKBU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/98867c-856e-46c9-8925-6ea5d8b75411/1/oq41aWif9UKpEdcJi4JGbm6p_IU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.249.132.0/24
IPv6:
2a10:b5c0::/29
Signature Algorithm: sha256WithRSAEncryption
5b:50:c0:e6:ba:f0:40:1b:0c:c6:af:90:84:ef:4d:f2:db:5e:
e8:f7:29:ec:22:bc:aa:2b:b4:b1:4f:6a:ad:b4:7b:ce:4f:cb:
30:fd:82:9b:19:c9:bb:8a:44:05:23:04:41:af:a4:fe:9f:77:
33:65:37:68:6e:fc:1d:fc:03:0f:36:c4:9a:8e:63:b5:c4:34:
b0:58:49:2f:8c:ce:b1:7b:56:42:9e:77:87:33:c9:17:4d:c2:
ef:74:d3:92:33:a1:f5:20:01:69:55:9a:95:7b:a4:ad:72:ca:
6a:5c:41:ef:84:c9:52:34:d4:5d:72:77:0c:ba:08:70:25:e0:
1c:77:e7:1e:40:b9:d3:34:1f:cf:34:c5:f2:3b:71:a2:4b:d6:
78:03:31:54:2b:05:e8:c5:75:9e:7b:1c:57:77:ca:eb:d9:36:
76:eb:44:df:67:8d:82:db:5e:d7:d7:a3:67:ab:8d:a3:e8:83:
f3:12:d0:b2:19:d7:b9:f5:13:08:1c:27:86:50:95:4d:1c:ac:
9a:ba:82:09:48:ed:da:96:64:66:4f:35:9f:6b:a2:dd:aa:fc:
17:81:8d:a5:dd:da:27:ff:8b:f1:1f:e3:be:25:61:b8:50:a6:
f6:5b:52:7c:68:e7:d9:db:bb:7d:24:3d:13:5b:90:8f:8a:85:
9d:63:7a:72
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuAcmjpU86tIfulOu2l9uoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYWUzNTY5Njg5ZmY1NDJhOTExZDcwOThiODI0NjZlNmVh
OWZjODUwHhcNMjMwMTAxMTU0NDQ4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzBmNWZiYWM4YzRmZWE2ZGQ3YjM3Nzg2MGNmMmQ5MDAwZGMyODE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyrRdk4jVKbhhUBwPlBUx2QNE6aHQ
XN3Yao3abEgFyaZtyYyYRLfnrjU73kMGyR1CRadgybTqzv+0KpZGYOONLChL2fXL
i+9X54QE4rEVnCj8Rd/gWyHawgN0Rgw3uuVb7TGl5+QQnbpepaxNLvTdXScSb1+D
jyuJQ+qbMwJ7jQRyzhK98n7dABHBuyhqk8x1Gr9hya7PCkjzILtE0+Qi6pYFqZYp
Z22MrqoCAARf5pzvJ7+gGDPk/0/KdwsqbujJmrOEwhW+sJS6lMDzfAjWtLYsRWtM
oj32aia2biefuuuI7roSMvHyXRn26xD6jsF9zX0Ro1otL46pA/XsXyfE7QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFFwPX7rIxP6m3Xs3eGDPLZAA3CgVMB8GA1UdIwQY
MBaAFKKuNWlon/VCqRHXCYuCRm5uqfyFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3E0MWFXaWY5VUtwRWRjSmk0SkdibTZwX0lVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS85ODg2N2MtODU2ZS00NmM5LTg5MjUt
NmVhNWQ4Yjc1NDExLzEvWEE5ZnVzakVfcWJkZXpkNFlNOHRrQURjS0JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS85ODg2N2MtODU2ZS00NmM5LTg5MjUtNmVhNWQ4Yjc1NDEx
LzEvb3E0MWFXaWY5VUtwRWRjSmk0SkdibTZwX0lVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAUPmEMA0E
AgACMAcDBQMqELXAMA0GCSqGSIb3DQEBCwUAA4IBAQBbUMDmuvBAGwzGr5CE703y
217o9ynsIryqK7SxT2qttHvOT8sw/YKbGcm7ikQFIwRBr6T+n3czZTdobvwd/AMP
NsSajmO1xDSwWEkvjM6xe1ZCnneHM8kXTcLvdNOSM6H1IAFpVZqVe6StcspqXEHv
hMlSNNRdcncMughwJeAcd+ceQLnTNB/PNMXyO3GiS9Z4AzFUKwXoxXWeexxXd8rr
2TZ260TfZ42C217X16Nnq42j6IPzEtCyGde59RMIHCeGUJVNHKyauoIJSO3almRm
TzWfa6LdqvwXgY2l3don/4vxH+O+JWG4UKb2W1J8aOfZ27t9JD0TW5CPioWdY3py
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:37 2025 by rpki-client