Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/eb063f-4c3c-4971-ae50-66482071b819/1/XVQL2aoJCsm7aj9PlWLj8Addm5s.roa
File: XVQL2aoJCsm7aj9PlWLj8Addm5s.roa (raw, json)
Hash identifier: 9L5ZwuQDy6ilXTxvtBee0z+7vwyQlybBmTPj4IO6mDE=
Subject key identifier: 5D:54:0B:D9:AA:09:0A:C9:BB:6A:3F:4F:95:62:E3:F0:07:5D:9B:9B
Certificate issuer: /CN=8693dfee1768739eb5976c245b5ad005b3258ec6
Certificate serial: 0185718C47AFCDF907E30544273C9685398A
Authority key identifier: 86:93:DF:EE:17:68:73:9E:B5:97:6C:24:5B:5A:D0:05:B3:25:8E:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpPf7hdoc561l2wkW1rQBbMljsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/eb063f-4c3c-4971-ae50-66482071b819/1/XVQL2aoJCsm7aj9PlWLj8Addm5s.roa
Signing time: Mon 02 Jan 2023 08:14:56 +0000
ROA not before: Mon 02 Jan 2023 08:14:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 209475
IP address blocks: 217.64.156.0/22 maxlen: 22
217.64.156.0/24 maxlen: 24
217.64.157.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:8c:47:af:cd:f9:07:e3:05:44:27:3c:96:85:39:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8693dfee1768739eb5976c245b5ad005b3258ec6
Validity
Not Before: Jan 2 08:14:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5d540bd9aa090ac9bb6a3f4f9562e3f0075d9b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:fd:95:27:63:21:4c:69:9a:e0:7b:74:23:38:
23:09:87:ac:93:c9:12:9f:d8:4e:90:8e:f1:5d:87:
7a:80:74:26:cb:17:75:a3:1d:b0:fc:62:4b:28:c2:
1e:3e:17:58:99:18:2f:e1:86:34:5e:8b:9e:18:c1:
2a:01:0a:34:89:65:43:7e:43:3c:66:30:e7:d9:55:
95:10:d3:03:52:63:54:61:e2:39:ad:2a:7f:c7:30:
b5:80:9c:a5:72:a9:d8:80:a9:4e:7b:e1:49:73:a7:
a9:70:5a:f8:49:de:93:6f:a3:82:b6:eb:3b:ee:ba:
c8:f0:16:e3:a4:30:11:93:fc:a8:5e:a9:d8:19:8b:
59:c4:01:30:c6:9a:56:f6:4e:3d:83:88:fc:df:0c:
69:b0:92:d6:11:a9:ef:f6:13:04:c3:69:7f:a9:ed:
90:db:d9:b4:3e:c1:68:0d:2e:d0:6f:07:b9:1e:a4:
3b:78:50:89:a5:6f:cf:7a:03:4f:26:ca:01:e7:4b:
40:63:9f:fd:1f:32:57:0f:79:08:d8:e7:b1:62:40:
68:ef:f4:46:04:a8:ee:70:ce:37:d6:bb:ac:f4:a2:
ef:b1:6e:61:fe:7b:f0:29:e9:2e:df:a1:4b:78:d4:
8a:b4:81:52:a7:1c:48:56:92:c6:07:de:c6:23:9e:
46:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:54:0B:D9:AA:09:0A:C9:BB:6A:3F:4F:95:62:E3:F0:07:5D:9B:9B
X509v3 Authority Key Identifier:
keyid:86:93:DF:EE:17:68:73:9E:B5:97:6C:24:5B:5A:D0:05:B3:25:8E:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpPf7hdoc561l2wkW1rQBbMljsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/eb063f-4c3c-4971-ae50-66482071b819/1/XVQL2aoJCsm7aj9PlWLj8Addm5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/eb063f-4c3c-4971-ae50-66482071b819/1/hpPf7hdoc561l2wkW1rQBbMljsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.64.156.0/22
Signature Algorithm: sha256WithRSAEncryption
42:eb:94:51:9b:b0:8d:c8:d4:0a:a2:2f:54:eb:3b:9a:39:90:
02:12:8b:64:52:d7:06:62:5a:98:8e:76:ce:a8:67:e2:67:3b:
12:f4:0c:90:8e:1f:0e:00:81:9e:c8:e3:fb:c2:e5:e8:37:34:
65:02:95:4b:72:53:2b:ea:80:a8:f4:ee:b5:9f:fd:4f:5e:74:
fc:a7:1e:a4:ce:1c:30:55:c0:e5:86:85:29:ec:87:70:e9:04:
52:53:a3:2e:89:0f:5f:47:57:13:b2:cc:17:6e:f2:8d:a9:3f:
bc:8a:40:85:1d:d1:46:7a:71:a2:79:5d:fe:91:87:cc:7c:0c:
e9:76:88:c6:ec:8a:90:36:7e:94:2e:23:14:50:3e:69:75:53:
8b:8d:e4:b7:c9:aa:05:83:e4:31:51:bb:ae:0b:12:36:6d:36:
e6:dc:d2:d7:e8:f2:e8:45:0d:37:3f:2d:95:a5:e1:4d:ad:b3:
b5:bc:d4:65:38:e3:22:3b:a0:ef:22:f7:c9:8d:56:e2:a1:ab:
1f:a3:16:8f:b9:46:1d:28:ee:71:38:24:39:6a:cd:7a:f8:c0:
75:ff:93:0c:98:fb:a0:00:5f:86:6a:b5:40:5b:33:d2:a4:4c:
b3:66:bc:82:b7:61:a7:ae:51:d9:11:ba:81:ab:ae:8d:b1:de:
83:8e:b7:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVxjEevzfkH4wVEJzyWhTmKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTNkZmVlMTc2ODczOWViNTk3NmMyNDViNWFkMDA1YjMy
NThlYzYwHhcNMjMwMTAyMDgxNDU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDU0MGJkOWFhMDkwYWM5YmI2YTNmNGY5NTYyZTNmMDA3NWQ5YjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmP2VJ2MhTGma4Ht0IzgjCYesk8kS
n9hOkI7xXYd6gHQmyxd1ox2w/GJLKMIePhdYmRgv4YY0XoueGMEqAQo0iWVDfkM8
ZjDn2VWVENMDUmNUYeI5rSp/xzC1gJylcqnYgKlOe+FJc6epcFr4Sd6Tb6OCtus7
7rrI8BbjpDARk/yoXqnYGYtZxAEwxppW9k49g4j83wxpsJLWEanv9hMEw2l/qe2Q
29m0PsFoDS7Qbwe5HqQ7eFCJpW/PegNPJsoB50tAY5/9HzJXD3kI2OexYkBo7/RG
BKjucM431rus9KLvsW5h/nvwKeku36FLeNSKtIFSpxxIVpLGB97GI55GLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF1UC9mqCQrJu2o/T5Vi4/AHXZubMB8GA1UdIwQY
MBaAFIaT3+4XaHOetZdsJFta0AWzJY7GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBQZjdoZG9jNTYxbDJ3a1cxclFCYk1sanNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS9lYjA2M2YtNGMzYy00OTcxLWFlNTAt
NjY0ODIwNzFiODE5LzEvWFZRTDJhb0pDc203YWo5UGxXTGo4QWRkbTVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS9lYjA2M2YtNGMzYy00OTcxLWFlNTAtNjY0ODIwNzFiODE5
LzEvaHBQZjdoZG9jNTYxbDJ3a1cxclFCYk1sanNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQC2UCcMA0G
CSqGSIb3DQEBCwUAA4IBAQBC65RRm7CNyNQKoi9U6zuaOZACEotkUtcGYlqYjnbO
qGfiZzsS9AyQjh8OAIGeyOP7wuXoNzRlApVLclMr6oCo9O61n/1PXnT8px6kzhww
VcDlhoUp7Idw6QRSU6MuiQ9fR1cTsswXbvKNqT+8ikCFHdFGenGieV3+kYfMfAzp
dojG7IqQNn6ULiMUUD5pdVOLjeS3yaoFg+QxUbuuCxI2bTbm3NLX6PLoRQ03Py2V
peFNrbO1vNRlOOMiO6DvIvfJjVbioasfoxaPuUYdKO5xOCQ5as16+MB1/5MMmPug
AF+GarVAWzPSpEyzZryCt2GnrlHZEbqBq66Nsd6DjrfN
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:28 2025 by rpki-client