Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/XjolwD7J-D9J6qb1hdfsyoqCySU.roa
File: XjolwD7J-D9J6qb1hdfsyoqCySU.roa (raw, json)
Hash identifier: 9FrcYOuKfuwdZqMppsO99v16uEUoBnmZKMI5eymNeXQ=
Subject key identifier: 5E:3A:25:C0:3E:C9:F8:3F:49:EA:A6:F5:85:D7:EC:CA:8A:82:C9:25
Certificate issuer: /CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Certificate serial: 01856E26763B06C4047FC9B7A631035A3960
Authority key identifier: 20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/XjolwD7J-D9J6qb1hdfsyoqCySU.roa
Signing time: Sun 01 Jan 2023 16:24:52 +0000
ROA not before: Sun 01 Jan 2023 16:24:52 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35202
IP address blocks: 5.180.116.0/22 maxlen: 24
2a0a:6400::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6e:26:76:3b:06:c4:04:7f:c9:b7:a6:31:03:5a:39:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20a0c5400e023f93f518e43004c33bc79d2f6b21
Validity
Not Before: Jan 1 16:24:52 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e3a25c03ec9f83f49eaa6f585d7ecca8a82c925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:74:d0:e9:8e:d5:33:44:35:ba:f2:b0:e2:a1:
6c:ca:7d:14:ef:19:7a:9e:53:1d:98:53:86:83:5e:
d1:9e:1c:01:5a:3e:7f:18:e0:56:09:02:1b:39:1c:
87:18:a2:6e:2a:64:7d:20:c8:7e:a9:1b:31:ba:a9:
04:bf:31:4a:38:c3:ae:a8:1a:b8:88:07:bf:68:e5:
ce:60:24:72:19:d9:1f:e7:ec:31:18:ad:68:96:95:
7b:a7:07:a4:82:6d:b8:46:97:e0:32:57:10:2d:f6:
a3:2e:5f:2f:3b:fb:c3:b6:79:b6:a8:b5:1e:f8:c2:
2a:f3:e4:d5:08:19:4e:a2:37:03:08:93:c0:5e:ea:
47:92:d0:be:4d:9f:aa:c8:20:b4:f0:34:5a:76:30:
75:59:6a:89:d7:94:53:58:4a:1e:02:36:b9:04:51:
57:57:88:3d:71:df:46:8a:5b:8c:59:87:a8:2e:77:
71:43:e7:0b:d3:8e:d9:15:a1:79:08:98:02:37:a8:
95:4e:97:6c:ba:3d:fa:92:2c:68:e1:b5:6d:85:e1:
25:47:73:f1:3f:4c:a2:9f:f5:47:ac:85:ca:7b:e6:
53:2b:77:a9:3c:90:46:92:5b:06:1b:a3:17:15:81:
0d:f9:1a:00:67:e2:0a:49:d5:e1:2d:ec:85:46:c5:
29:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:3A:25:C0:3E:C9:F8:3F:49:EA:A6:F5:85:D7:EC:CA:8A:82:C9:25
X509v3 Authority Key Identifier:
keyid:20:A0:C5:40:0E:02:3F:93:F5:18:E4:30:04:C3:3B:C7:9D:2F:6B:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKDFQA4CP5P1GOQwBMM7x50vayE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/XjolwD7J-D9J6qb1hdfsyoqCySU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/dfeb10-9524-41a5-bbd3-0769aa6271e6/1/IKDFQA4CP5P1GOQwBMM7x50vayE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.116.0/22
IPv6:
2a0a:6400::/29
Signature Algorithm: sha256WithRSAEncryption
43:8c:49:4e:30:00:44:7f:c2:23:d4:7c:ac:fe:e4:73:f2:04:
c0:71:aa:82:38:57:0e:94:c1:a6:37:0b:c6:25:10:3e:bd:5a:
ec:4a:94:87:ad:28:f2:e2:a7:74:a9:bf:0c:e2:00:33:24:29:
d9:26:5c:e0:3c:f3:8c:56:10:d5:f0:24:27:f3:6f:18:ba:91:
e2:b2:a3:4d:c8:99:4b:a8:ec:54:3f:3c:93:93:30:05:34:13:
70:b3:13:3c:bb:2e:40:2b:73:f7:41:5f:c0:f6:31:53:8f:9f:
56:f2:8c:c2:72:80:db:92:0e:7e:11:af:84:cb:62:35:cd:ea:
cb:c5:62:d4:12:92:46:b0:eb:97:f9:a1:79:ee:60:7e:79:e2:
fa:d4:1a:32:4b:a6:f3:8d:8c:81:1e:9a:91:da:23:bc:40:eb:
75:54:9e:40:c5:8c:18:35:9d:47:44:75:ce:42:a4:5d:ec:00:
ad:fb:44:5c:89:76:e1:85:3e:5d:3f:e5:db:1f:3b:de:50:43:
4a:35:82:4f:05:c8:50:57:65:c1:2c:2f:bd:91:c5:32:9d:25:
a9:f6:03:28:3e:f1:0f:9a:04:88:a6:bc:59:6a:4d:30:3d:4f:
43:d5:63:05:09:7f:5f:8d:01:49:e3:17:e2:f4:fb:97:59:65:
04:f7:14:c4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYVuJnY7BsQEf8m3pjEDWjlgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYTBjNTQwMGUwMjNmOTNmNTE4ZTQzMDA0YzMzYmM3OWQy
ZjZiMjEwHhcNMjMwMTAxMTYyNDUyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTNhMjVjMDNlYzlmODNmNDllYWE2ZjU4NWQ3ZWNjYThhODJjOTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA53TQ6Y7VM0Q1uvKw4qFsyn0U7xl6
nlMdmFOGg17RnhwBWj5/GOBWCQIbORyHGKJuKmR9IMh+qRsxuqkEvzFKOMOuqBq4
iAe/aOXOYCRyGdkf5+wxGK1olpV7pwekgm24RpfgMlcQLfajLl8vO/vDtnm2qLUe
+MIq8+TVCBlOojcDCJPAXupHktC+TZ+qyCC08DRadjB1WWqJ15RTWEoeAja5BFFX
V4g9cd9GiluMWYeoLndxQ+cL047ZFaF5CJgCN6iVTpdsuj36kixo4bVtheElR3Px
P0yin/VHrIXKe+ZTK3epPJBGklsGG6MXFYEN+RoAZ+IKSdXhLeyFRsUp+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF46JcA+yfg/Seqm9YXX7MqKgsklMB8GA1UdIwQY
MBaAFCCgxUAOAj+T9RjkMATDO8edL2shMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMt
MDc2OWFhNjI3MWU2LzEvWGpvbHdEN0otRDlKNnFiMWhkZnN5b3FDeVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9kZmViMTAtOTUyNC00MWE1LWJiZDMtMDc2OWFhNjI3MWU2
LzEvSUtERlFBNENQNVAxR09Rd0JNTTd4NTB2YXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCBbR0MA0E
AgACMAcDBQMqCmQAMA0GCSqGSIb3DQEBCwUAA4IBAQBDjElOMABEf8Ij1Hys/uRz
8gTAcaqCOFcOlMGmNwvGJRA+vVrsSpSHrSjy4qd0qb8M4gAzJCnZJlzgPPOMVhDV
8CQn828YupHisqNNyJlLqOxUPzyTkzAFNBNwsxM8uy5AK3P3QV/A9jFTj59W8ozC
coDbkg5+Ea+Ey2I1zerLxWLUEpJGsOuX+aF57mB+eeL61BoyS6bzjYyBHpqR2iO8
QOt1VJ5AxYwYNZ1HRHXOQqRd7ACt+0RciXbhhT5dP+XbHzveUENKNYJPBchQV2XB
LC+9kcUynSWp9gMoPvEPmgSIprxZak0wPU9D1WMFCX9fjQFJ4xfi9PuXWWUE9xTE
-----END CERTIFICATE-----
Generated at Sun Apr 20 03:35:32 2025 by rpki-client