Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XvrxepfQpFGobXdXQfyowzLSBC0.roa
File: XvrxepfQpFGobXdXQfyowzLSBC0.roa (raw, json)
Hash identifier: c/cBawxIL+JoUUXAz1zancdIfl8143yuylLPyL8k7Ls=
Subject key identifier: 5E:FA:F1:7A:97:D0:A4:51:A8:6D:77:57:41:FC:A8:C3:32:D2:04:2D
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 018505E131F47B8685B1E8E7A9F3DB9B0FF9
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XvrxepfQpFGobXdXQfyowzLSBC0.roa
Signing time: Mon 12 Dec 2022 10:28:42 +0000
ROA not before: Mon 12 Dec 2022 10:28:42 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 47395
IP address blocks: 109.188.0.0/17 maxlen: 17
94.25.128.0/18 maxlen: 18
188.162.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:05:e1:31:f4:7b:86:85:b1:e8:e7:a9:f3:db:9b:0f:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Dec 12 10:28:42 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5efaf17a97d0a451a86d775741fca8c332d2042d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:0f:ef:00:2d:2d:0c:eb:7b:37:31:bc:25:2a:
88:db:a6:0c:b2:d5:5e:1f:53:e2:5c:ae:00:71:c3:
21:54:6e:26:91:58:d2:48:39:f2:9e:33:2c:49:dc:
11:9c:4b:ac:01:f1:0c:ff:98:56:17:88:ee:16:2e:
63:a3:0a:a8:1d:de:76:18:25:c9:f5:9d:19:86:74:
14:36:81:1d:93:66:4f:78:a7:0a:b9:55:53:82:f2:
91:32:92:f2:ec:e9:e0:ee:ca:6c:d4:2a:e1:a1:28:
61:9d:75:73:ad:9a:9e:c9:09:e0:ff:9c:3d:5e:5d:
a0:7a:36:69:69:76:a2:1b:f7:71:1b:a6:c1:87:27:
4f:7d:f7:1b:19:52:b9:1c:fa:3f:bf:87:f9:60:30:
3f:1d:ed:1b:1d:72:23:c2:e4:0c:f1:9c:a0:cd:eb:
be:af:03:65:25:d7:55:98:48:34:a5:24:97:7a:ab:
73:7b:fe:cb:ec:e1:59:45:66:e3:1d:59:10:2e:22:
56:82:54:a1:a6:97:15:69:fc:26:9d:9c:be:06:33:
52:c6:e6:71:83:e8:8b:6d:db:44:b7:54:20:9c:ae:
71:fa:01:c3:ab:62:6a:e2:93:ed:ff:76:a6:a7:f3:
64:02:cd:a5:a4:53:1a:43:a3:51:f9:76:f6:1f:a3:
31:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:FA:F1:7A:97:D0:A4:51:A8:6D:77:57:41:FC:A8:C3:32:D2:04:2D
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/XvrxepfQpFGobXdXQfyowzLSBC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.25.128.0/18
109.188.0.0/17
188.162.0.0/16
Signature Algorithm: sha256WithRSAEncryption
30:d9:bb:5b:11:24:45:d8:9f:4b:20:0a:f4:e1:2b:f8:21:a8:
e2:bb:63:66:b0:a6:24:31:ec:c8:db:ad:b3:6d:39:14:f7:95:
13:d2:12:17:56:ef:8f:62:5d:b4:e7:f5:64:99:81:91:e8:b5:
b3:a9:ef:f4:82:47:f6:87:d5:1d:c3:3b:32:f1:45:26:b0:e6:
0b:a5:a4:51:d4:70:ab:e9:70:a8:58:80:7d:db:96:39:01:29:
98:e0:ef:fc:1e:0d:9f:ad:bc:a0:62:97:ed:bc:b9:5c:b7:a8:
5b:b7:5e:87:72:9b:50:5a:5b:f7:a7:e3:41:be:c9:3a:cd:62:
87:fa:d7:90:22:ce:de:89:b9:3a:31:00:5f:b6:29:85:a8:b6:
3b:a1:b7:86:fa:ea:e4:c5:7d:a0:e5:72:7b:63:b7:8b:bb:cf:
82:33:8a:c2:be:0d:d3:3e:fe:0d:28:c2:9d:8a:e9:c4:cc:fb:
87:61:c1:80:bd:39:79:6a:75:0b:d6:ae:9c:8f:0a:bb:b4:18:
09:e4:86:ee:cd:22:d6:d0:7e:8a:a1:35:15:44:d1:1c:40:da:
b1:7d:08:97:0f:b5:a8:cc:f0:bf:05:34:dc:5e:36:6b:5c:20:
fe:45:cf:78:c2:ad:43:98:be:b8:57:85:b7:12:37:83:30:7f:
3c:5a:e9:4a
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAYUF4TH0e4aFsejnqfPbmw/5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjIxMjEyMTAyODQyWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWZhZjE3YTk3ZDBhNDUxYTg2ZDc3NTc0MWZjYThjMzMyZDIwNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxg/vAC0tDOt7NzG8JSqI26YMstVe
H1PiXK4AccMhVG4mkVjSSDnynjMsSdwRnEusAfEM/5hWF4juFi5jowqoHd52GCXJ
9Z0ZhnQUNoEdk2ZPeKcKuVVTgvKRMpLy7Ong7sps1CrhoShhnXVzrZqeyQng/5w9
Xl2gejZpaXaiG/dxG6bBhydPffcbGVK5HPo/v4f5YDA/He0bHXIjwuQM8Zygzeu+
rwNlJddVmEg0pSSXeqtze/7L7OFZRWbjHVkQLiJWglShppcVafwmnZy+BjNSxuZx
g+iLbdtEt1QgnK5x+gHDq2Jq4pPt/3amp/NkAs2lpFMaQ6NR+Xb2H6Mx2QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFF768XqX0KRRqG13V0H8qMMy0gQtMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvWHZyeGVwZlFwRkdvYlhkWFFmeW93ekxTQkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwQGXhmAAwQH
bbwAAwMAvKIwDQYJKoZIhvcNAQELBQADggEBADDZu1sRJEXYn0sgCvThK/ghqOK7
Y2awpiQx7MjbrbNtORT3lRPSEhdW749iXbTn9WSZgZHotbOp7/SCR/aH1R3DOzLx
RSaw5gulpFHUcKvpcKhYgH3bljkBKZjg7/weDZ+tvKBil+28uVy3qFu3Xodym1Ba
W/en40G+yTrNYof615Aizt6JuToxAF+2KYWotjuht4b66uTFfaDlcntjt4u7z4Iz
isK+DdM+/g0owp2K6cTM+4dhwYC9OXlqdQvWrpyPCru0GAnkhu7NItbQfoqhNRVE
0RxA2rF9CJcPtajM8L8FNNxeNmtcIP5Fz3jCrUOYvrhXhbcSN4Mwfzxa6Uo=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:11:15 2025 by rpki-client