Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/XN5jTaN7ed98r-UAJqn7COdIink.roa
File: XN5jTaN7ed98r-UAJqn7COdIink.roa (raw, json)
Hash identifier: dVlvbU+Jnh35K+IG6MmbVVr/MLGAiThNY07HOokYP+Y=
Subject key identifier: 5C:DE:63:4D:A3:7B:79:DF:7C:AF:E5:00:26:A9:FB:08:E7:48:8A:79
Certificate issuer: /CN=2ef957aba2ef00352850e202464c71d33ca81448
Certificate serial: 018A02470A40E4F7DEB8A8E22EFDA428629A
Authority key identifier: 2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/XN5jTaN7ed98r-UAJqn7COdIink.roa
Signing time: Thu 17 Aug 2023 06:55:24 +0000
ROA not before: Thu 17 Aug 2023 06:55:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15557
IP address blocks: 193.54.67.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:02:47:0a:40:e4:f7:de:b8:a8:e2:2e:fd:a4:28:62:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ef957aba2ef00352850e202464c71d33ca81448
Validity
Not Before: Aug 17 06:55:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5cde634da37b79df7cafe50026a9fb08e7488a79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:78:ce:c7:a0:c7:51:1c:b9:f4:6a:ed:df:c3:
7f:ce:53:fe:67:bb:e7:02:f1:cd:ef:92:36:b7:e9:
43:b4:3c:19:d7:12:e0:a0:b0:44:7a:f3:56:e6:67:
51:49:41:a9:d6:d3:b6:34:9b:16:bb:4b:20:4e:db:
17:37:3e:46:be:4e:e0:9c:94:bd:97:96:b5:3f:fb:
bb:2f:d0:e5:94:b0:ab:84:68:44:7d:00:db:0f:44:
fd:2c:a3:26:66:fa:cd:d4:a2:80:f7:67:bb:02:31:
45:eb:8a:87:e3:74:ff:cc:78:40:07:57:01:1f:4f:
be:bc:07:45:fb:c4:c5:46:c1:f3:88:ae:b3:03:68:
25:93:60:2d:a5:86:ce:22:25:a4:24:38:e2:d7:73:
0b:84:d0:d1:6f:bf:79:db:82:f7:06:ac:35:af:84:
ef:ac:a8:2f:d1:40:80:a0:a4:84:8d:3f:47:77:dc:
42:f6:c7:04:c0:a1:b7:1e:60:97:ae:3a:b9:8c:19:
37:e6:45:ea:58:fc:7d:55:3a:d1:b5:98:77:ae:2a:
3c:33:7a:df:84:03:94:1d:dd:1e:d6:3f:b6:71:0b:
29:1d:36:6a:7e:24:4d:8f:77:2c:a9:7d:65:9d:cb:
4f:f9:d6:e8:6a:d0:9a:9d:ad:8b:05:69:02:02:d6:
05:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:DE:63:4D:A3:7B:79:DF:7C:AF:E5:00:26:A9:FB:08:E7:48:8A:79
X509v3 Authority Key Identifier:
keyid:2E:F9:57:AB:A2:EF:00:35:28:50:E2:02:46:4C:71:D3:3C:A8:14:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LvlXq6LvADUoUOICRkxx0zyoFEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/XN5jTaN7ed98r-UAJqn7COdIink.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/a584e4-ccd4-4c4f-9d16-04a27c4d5453/1/LvlXq6LvADUoUOICRkxx0zyoFEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.54.67.0/24
Signature Algorithm: sha256WithRSAEncryption
16:fc:d2:f5:fb:81:98:1e:54:a7:63:a1:f2:83:9a:f7:22:1f:
4b:3d:5b:c9:3c:c3:32:a6:dd:7f:67:90:96:7f:b7:37:81:07:
c7:c1:90:0b:5d:ab:66:da:51:c5:5a:e0:c1:2e:c4:63:8f:42:
3a:54:84:d9:dc:f2:f0:62:02:33:5c:fc:8c:bb:9a:67:ab:23:
03:ff:9c:6f:0e:eb:df:9e:e9:43:a9:fe:d2:18:a9:9a:89:f6:
60:e9:ac:75:ca:a9:c2:9a:a1:57:f9:21:7e:a0:53:4a:cf:27:
01:d6:70:30:12:d7:e7:9c:ac:2d:a3:19:6d:53:bc:65:3b:a9:
3f:59:aa:15:d9:bb:59:d9:c3:28:52:aa:8c:c0:a9:d4:89:b8:
a7:ce:b9:6d:c4:81:68:58:12:66:21:8c:ec:b0:52:8f:40:f2:
46:e6:0a:f4:c3:dc:f0:c3:a0:ad:d4:21:86:c2:7d:35:41:2f:
fd:af:36:1a:a6:01:a3:3c:91:ae:28:b2:fe:e1:e2:01:ca:e7:
84:94:07:7e:f4:12:e8:da:a2:2e:38:a7:79:9e:6b:d6:35:65:
a5:bc:05:85:d2:db:16:c2:2a:d4:7e:d6:18:b5:7d:0f:36:76:
79:40:e5:bc:6e:f3:03:47:11:b8:f6:82:8a:26:ce:4a:e5:e1:
7e:51:b4:16
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYoCRwpA5PfeuKjiLv2kKGKaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZjk1N2FiYTJlZjAwMzUyODUwZTIwMjQ2NGM3MWQzM2Nh
ODE0NDgwHhcNMjMwODE3MDY1NTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2RlNjM0ZGEzN2I3OWRmN2NhZmU1MDAyNmE5ZmIwOGU3NDg4YTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkXjOx6DHURy59Grt38N/zlP+Z7vn
AvHN75I2t+lDtDwZ1xLgoLBEevNW5mdRSUGp1tO2NJsWu0sgTtsXNz5Gvk7gnJS9
l5a1P/u7L9DllLCrhGhEfQDbD0T9LKMmZvrN1KKA92e7AjFF64qH43T/zHhAB1cB
H0++vAdF+8TFRsHziK6zA2glk2AtpYbOIiWkJDji13MLhNDRb79524L3Bqw1r4Tv
rKgv0UCAoKSEjT9Hd9xC9scEwKG3HmCXrjq5jBk35kXqWPx9VTrRtZh3rio8M3rf
hAOUHd0e1j+2cQspHTZqfiRNj3csqX1lnctP+dboatCana2LBWkCAtYFIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFzeY02je3nffK/lACap+wjnSIp5MB8GA1UdIwQY
MBaAFC75V6ui7wA1KFDiAkZMcdM8qBRIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYt
MDRhMjdjNGQ1NDUzLzEvWE41alRhTjdlZDk4ci1VQUpxbjdDT2RJaW5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9hNTg0ZTQtY2NkNC00YzRmLTlkMTYtMDRhMjdjNGQ1NDUz
LzEvTHZsWHE2THZBRFVvVU9JQ1JreHgwenlvRkVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwTZDMA0G
CSqGSIb3DQEBCwUAA4IBAQAW/NL1+4GYHlSnY6Hyg5r3Ih9LPVvJPMMypt1/Z5CW
f7c3gQfHwZALXatm2lHFWuDBLsRjj0I6VITZ3PLwYgIzXPyMu5pnqyMD/5xvDuvf
nulDqf7SGKmaifZg6ax1yqnCmqFX+SF+oFNKzycB1nAwEtfnnKwtoxltU7xlO6k/
WaoV2btZ2cMoUqqMwKnUibinzrltxIFoWBJmIYzssFKPQPJG5gr0w9zww6Ct1CGG
wn01QS/9rzYapgGjPJGuKLL+4eIByueElAd+9BLo2qIuOKd5nmvWNWWlvAWF0tsW
wirUftYYtX0PNnZ5QOW8bvMDRxG49oKKJs5K5eF+UbQW
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:58:34 2025 by rpki-client