Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/xPX2NxuDT5-nKv1lo2HKUoOAsqI.roa
File: xPX2NxuDT5-nKv1lo2HKUoOAsqI.roa (raw, json)
Hash identifier: 1041QimRbUvcwffzEre46vLKC9UFxExCcw2/SpmIohU=
Subject key identifier: C4:F5:F6:37:1B:83:4F:9F:A7:2A:FD:65:A3:61:CA:52:83:80:B2:A2
Certificate issuer: /CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Certificate serial: 01856F02487FF3620A421956B6FA36AC8C8B
Authority key identifier: 58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/xPX2NxuDT5-nKv1lo2HKUoOAsqI.roa
Signing time: Sun 01 Jan 2023 20:24:58 +0000
ROA not before: Sun 01 Jan 2023 20:24:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 24971
IP address blocks: 80.78.242.0/23 maxlen: 23
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:02:48:7f:f3:62:0a:42:19:56:b6:fa:36:ac:8c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5833294a1cdc1358afc439c0a72733b065a86f8b
Validity
Not Before: Jan 1 20:24:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c4f5f6371b834f9fa72afd65a361ca528380b2a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:39:bb:aa:d5:f1:a0:1a:91:6f:6f:92:2d:0a:
06:cf:70:d9:f1:1b:18:1f:8f:27:a7:c2:56:5c:a6:
e7:6a:e6:04:71:fe:c3:3e:c8:b0:f1:a7:0a:29:33:
62:9b:09:06:b3:f8:d5:3a:78:da:91:34:a8:09:31:
31:00:57:30:2b:23:50:fb:a9:fa:6a:ec:d4:f2:2e:
98:c0:4d:fe:cf:92:81:d0:72:af:6d:a7:64:03:41:
55:0e:91:45:7e:89:b6:38:d5:88:8c:97:81:9a:b3:
5a:54:00:8f:5d:5b:14:7d:f8:a2:05:68:f4:76:fe:
03:85:ec:0f:d6:ad:cc:55:94:1d:34:04:77:d5:94:
ed:8f:89:5f:64:72:ff:c9:64:24:b6:0b:db:cc:e3:
cf:a2:90:7e:f1:73:56:0d:0e:13:39:b2:ef:59:54:
e6:92:22:93:e0:b0:8b:fe:b0:7d:fe:58:4b:5f:e1:
a8:c3:8b:dc:7b:54:2b:d2:96:59:5c:9f:4f:58:ce:
e2:71:25:5d:7d:aa:1e:68:79:a4:a9:ba:98:9c:59:
f8:86:7f:8a:0d:ad:9a:46:5b:31:26:67:af:bf:54:
b2:0a:a6:f4:ba:f5:69:66:78:a3:c2:19:3f:18:45:
7c:f0:56:c4:a4:06:ca:1b:97:67:e9:c7:95:d6:6c:
7a:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:F5:F6:37:1B:83:4F:9F:A7:2A:FD:65:A3:61:CA:52:83:80:B2:A2
X509v3 Authority Key Identifier:
keyid:58:33:29:4A:1C:DC:13:58:AF:C4:39:C0:A7:27:33:B0:65:A8:6F:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WDMpShzcE1ivxDnApyczsGWob4s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/xPX2NxuDT5-nKv1lo2HKUoOAsqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/4b419c-cf8f-4c9a-94d7-bb4b65b6a0d1/1/WDMpShzcE1ivxDnApyczsGWob4s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.78.242.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:28:f2:99:09:06:40:05:90:9d:64:cc:14:b5:06:9b:76:a6:
2e:08:b2:c4:29:92:3e:ef:4d:e2:49:5f:36:95:04:ea:e0:b6:
0f:71:77:39:11:94:66:27:ad:ad:4c:52:0b:22:12:d7:a4:5f:
18:de:3c:f8:be:f2:2e:47:10:87:78:0d:f2:df:64:05:05:7e:
80:a4:79:f4:8f:2e:42:c9:28:64:7b:b4:b7:88:fc:e3:df:a2:
d1:f1:af:8f:8e:0e:e2:47:09:13:90:58:ac:5a:4a:6f:3e:94:
3a:ff:79:81:39:23:0e:d2:d7:44:55:11:1e:25:96:d2:c1:dc:
d1:19:37:e2:97:d5:ad:8c:cf:b0:26:9c:1e:ff:e4:e0:2a:de:
1c:2c:49:56:fe:6a:0f:97:4a:9e:d8:05:ab:a8:d0:32:3d:1b:
a1:d8:f2:0a:a4:f3:03:cf:82:d5:96:d9:ce:df:93:f0:6d:72:
bb:25:46:36:30:3f:83:4e:80:3d:82:88:f7:92:0b:d6:4b:0d:
26:eb:9d:22:45:98:ae:0b:03:01:d3:8e:ad:a8:56:b5:da:5f:
12:e0:2d:ab:cb:af:60:fc:1e:77:62:c4:30:4c:10:31:48:8d:
39:f8:1f:1b:1e:be:c8:a9:a2:c8:a9:46:85:38:2c:d5:0b:b5:
16:a8:8c:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvAkh/82IKQhlWtvo2rIyLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4MzMyOTRhMWNkYzEzNThhZmM0MzljMGE3MjczM2IwNjVh
ODZmOGIwHhcNMjMwMTAxMjAyNDU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNGY1ZjYzNzFiODM0ZjlmYTcyYWZkNjVhMzYxY2E1MjgzODBiMmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxjm7qtXxoBqRb2+SLQoGz3DZ8RsY
H48np8JWXKbnauYEcf7DPsiw8acKKTNimwkGs/jVOnjakTSoCTExAFcwKyNQ+6n6
auzU8i6YwE3+z5KB0HKvbadkA0FVDpFFfom2ONWIjJeBmrNaVACPXVsUffiiBWj0
dv4DhewP1q3MVZQdNAR31ZTtj4lfZHL/yWQktgvbzOPPopB+8XNWDQ4TObLvWVTm
kiKT4LCL/rB9/lhLX+Gow4vce1Qr0pZZXJ9PWM7icSVdfaoeaHmkqbqYnFn4hn+K
Da2aRlsxJmevv1SyCqb0uvVpZnijwhk/GEV88FbEpAbKG5dn6ceV1mx6/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMT19jcbg0+fpyr9ZaNhylKDgLKiMB8GA1UdIwQY
MBaAFFgzKUoc3BNYr8Q5wKcnM7BlqG+LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDct
YmI0YjY1YjZhMGQxLzEveFBYMk54dURUNS1uS3YxbG8ySEtVb09Bc3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80YjQxOWMtY2Y4Zi00YzlhLTk0ZDctYmI0YjY1YjZhMGQx
LzEvV0RNcFNoemNFMWl2eERuQXB5Y3pzR1dvYjRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBUE7yMA0G
CSqGSIb3DQEBCwUAA4IBAQCiKPKZCQZABZCdZMwUtQabdqYuCLLEKZI+703iSV82
lQTq4LYPcXc5EZRmJ62tTFILIhLXpF8Y3jz4vvIuRxCHeA3y32QFBX6ApHn0jy5C
yShke7S3iPzj36LR8a+Pjg7iRwkTkFisWkpvPpQ6/3mBOSMO0tdEVREeJZbSwdzR
GTfil9WtjM+wJpwe/+TgKt4cLElW/moPl0qe2AWrqNAyPRuh2PIKpPMDz4LVltnO
35PwbXK7JUY2MD+DToA9goj3kgvWSw0m650iRZiuCwMB046tqFa12l8S4C2ry69g
/B53YsQwTBAxSI05+B8bHr7IqaLIqUaFOCzVC7UWqIyD
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:51:41 2025 by rpki-client