Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xd6XRp-VPQbEcfxAsdjc_uPPPCQ.roa
File: Xd6XRp-VPQbEcfxAsdjc_uPPPCQ.roa (raw, json)
Hash identifier: zr8XFJhafkSGFDW2Wz1LuiVICofAKJA9+e7I3ylkCc0=
Subject key identifier: 5D:DE:97:46:9F:95:3D:06:C4:71:FC:40:B1:D8:DC:FE:E3:CF:3C:24
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01856CCAC757077909A03792DD5EA747D73D
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xd6XRp-VPQbEcfxAsdjc_uPPPCQ.roa
Signing time: Sun 01 Jan 2023 10:05:06 +0000
ROA not before: Sun 01 Jan 2023 10:05:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1257
IP address blocks: 193.234.87.0/24 maxlen: 24
192.71.220.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
192.71.180.0/24 maxlen: 24
193.180.207.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:ca:c7:57:07:79:09:a0:37:92:dd:5e:a7:47:d7:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 1 10:05:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5dde97469f953d06c471fc40b1d8dcfee3cf3c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:31:ee:69:06:54:10:a1:ac:ad:58:82:ac:52:
45:45:e5:6f:e2:27:20:79:d9:bf:76:b5:af:56:e5:
8a:e7:44:b7:ae:bd:2b:fa:c2:d6:9a:76:b6:a1:f4:
84:ca:10:06:dd:02:49:dd:15:84:b5:15:99:5b:e6:
5a:26:4f:e2:8d:a1:ec:29:84:05:9e:ac:8f:21:3a:
f5:ac:d0:ca:8f:e0:3c:3e:a2:33:42:7e:e4:9c:20:
e6:76:00:27:12:5e:0e:46:24:66:dc:19:37:5d:8a:
a4:0c:71:d3:fa:bc:29:ea:79:75:8f:88:f8:08:3b:
0a:36:19:56:df:cc:0c:9e:91:ba:7c:e3:4c:7e:9a:
fc:0b:53:a6:70:df:93:5f:e1:26:3c:24:f2:8a:f8:
ff:d3:bc:05:96:6d:60:e5:af:0b:70:01:38:69:30:
ed:6d:9f:59:ec:ab:36:57:f1:3c:ed:d2:5b:53:d0:
fb:0e:c5:fa:92:ec:c6:7d:72:d4:28:ef:35:71:54:
ff:66:38:f2:03:04:0d:a1:82:c5:2e:ac:48:a3:cd:
f8:b8:aa:4f:80:37:16:24:a8:75:82:36:6e:19:9b:
db:de:6c:5d:f5:d2:f6:a4:63:39:e2:ba:5e:f6:42:
de:14:e6:94:ee:ea:c4:0e:04:89:60:91:cb:71:1e:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DE:97:46:9F:95:3D:06:C4:71:FC:40:B1:D8:DC:FE:E3:CF:3C:24
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Xd6XRp-VPQbEcfxAsdjc_uPPPCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.180.0/24
192.71.220.0/24
193.180.207.0/24
193.180.247.0/24
193.234.87.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:84:5a:60:fc:10:34:19:5d:5c:a4:54:1f:9d:16:be:a5:88:
98:e3:ef:a4:c2:10:4a:87:6f:eb:b8:18:7f:8a:b4:ca:06:30:
63:b3:15:83:33:ce:58:03:f1:5f:d1:71:0f:01:19:53:76:68:
cb:34:d9:da:5d:27:1d:80:4b:8d:ce:48:55:be:3b:a9:69:0f:
cd:a2:55:82:b4:08:46:e9:08:cb:5a:59:10:df:d8:e5:4c:93:
f4:56:41:15:5a:3d:43:eb:01:4d:08:a1:aa:99:c8:b9:cd:c8:
63:60:58:a1:5c:04:d8:70:a7:93:49:1b:8d:a5:b0:fd:63:fe:
8b:da:e6:07:8d:53:35:59:3f:25:a9:52:02:1d:70:a5:7a:cf:
f1:7d:a3:f4:87:75:33:13:02:83:29:19:38:b0:d8:2b:ed:e0:
5c:1a:e3:a9:12:4d:56:9b:1d:62:7b:74:e1:1b:3c:5a:c0:bf:
9f:c7:52:8e:eb:d0:fd:d8:d3:cf:15:9f:b6:b1:64:c3:52:bb:
bc:0a:07:54:57:19:72:66:bb:47:b0:be:c6:96:d7:df:e4:87:
dc:73:0d:31:37:1d:51:83:0f:10:c6:10:20:6c:0c:2c:6f:2d:
7f:8b:ab:54:83:94:23:c2:cf:e8:2b:93:65:60:d2:64:ee:67:
52:25:8a:7d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYVsysdXB3kJoDeS3V6nR9c9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjMwMTAxMTAwNTA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRlOTc0NjlmOTUzZDA2YzQ3MWZjNDBiMWQ4ZGNmZWUzY2YzYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAijHuaQZUEKGsrViCrFJFReVv4icg
edm/drWvVuWK50S3rr0r+sLWmna2ofSEyhAG3QJJ3RWEtRWZW+ZaJk/ijaHsKYQF
nqyPITr1rNDKj+A8PqIzQn7knCDmdgAnEl4ORiRm3Bk3XYqkDHHT+rwp6nl1j4j4
CDsKNhlW38wMnpG6fONMfpr8C1OmcN+TX+EmPCTyivj/07wFlm1g5a8LcAE4aTDt
bZ9Z7Ks2V/E87dJbU9D7DsX6kuzGfXLUKO81cVT/ZjjyAwQNoYLFLqxIo834uKpP
gDcWJKh1gjZuGZvb3mxd9dL2pGM54rpe9kLeFOaU7urEDgSJYJHLcR43MQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFF3el0aflT0GxHH8QLHY3P7jzzwkMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvWGQ2WFJwLVZQUWJFY2Z4QXNkamNfdVBQUENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwEe0AwQA
wEfcAwQAwbTPAwQAwbT3AwQAwepXMA0GCSqGSIb3DQEBCwUAA4IBAQBchFpg/BA0
GV1cpFQfnRa+pYiY4++kwhBKh2/ruBh/irTKBjBjsxWDM85YA/Ff0XEPARlTdmjL
NNnaXScdgEuNzkhVvjupaQ/NolWCtAhG6QjLWlkQ39jlTJP0VkEVWj1D6wFNCKGq
mci5zchjYFihXATYcKeTSRuNpbD9Y/6L2uYHjVM1WT8lqVICHXCles/xfaP0h3Uz
EwKDKRk4sNgr7eBcGuOpEk1Wmx1ie3ThGzxawL+fx1KO69D92NPPFZ+2sWTDUru8
CgdUVxlyZrtHsL7Gltff5Ifccw0xNx1Rgw8QxhAgbAwsby1/i6tUg5Qjws/oK5Nl
YNJk7mdSJYp9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:28 2025 by rpki-client