Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/xam7dHDfU7rZIxZ5X6ViIC7NoAE.roa
File: xam7dHDfU7rZIxZ5X6ViIC7NoAE.roa (raw, json)
Hash identifier: vSq8Zof2K2LV81EfPWV+RWhZil0EeAxfO+DhqNCtEu4=
Subject key identifier: C5:A9:BB:74:70:DF:53:BA:D9:23:16:79:5F:A5:62:20:2E:CD:A0:01
Certificate issuer: /CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Certificate serial: 34D2D45A
Authority key identifier: 5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/xam7dHDfU7rZIxZ5X6ViIC7NoAE.roa
Signing time: Sat 01 Jan 2022 13:55:38 +0000
ROA not before: Sat 01 Jan 2022 13:55:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 42
IP address blocks: 194.0.36.0/24 maxlen: 24
2001:678:4c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 886232154 (0x34d2d45a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e8d3c0b6414c9c86e3c94a714dfb269cb5e9169
Validity
Not Before: Jan 1 13:55:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c5a9bb7470df53bad92316795fa562202ecda001
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:9f:87:e7:42:67:0a:5b:21:19:58:7a:bb:f4:
f8:61:8e:94:07:cc:62:d0:1b:34:36:02:c3:75:65:
5f:18:0b:45:86:46:b3:4f:5a:38:f7:87:38:ec:67:
3b:e6:11:88:26:44:be:70:17:e9:2c:b5:e3:8a:48:
25:f4:c4:6b:30:d7:98:89:6d:a9:e4:94:df:20:ab:
f6:d1:b7:58:6e:73:0c:da:be:d2:f1:fb:cb:bf:81:
f0:71:6a:af:1d:a7:66:35:42:6c:57:4d:13:14:79:
46:e8:d2:30:d8:3d:4a:c9:53:5a:2b:96:3b:45:03:
62:27:3a:bc:13:c9:17:8f:bb:b5:17:5d:47:cf:4b:
3c:10:62:ec:6b:52:c4:1c:4e:43:20:96:cb:62:b2:
58:cf:dd:d1:34:32:8f:b3:c1:e5:e1:45:72:45:13:
57:7a:17:3d:71:3a:de:4f:b7:c1:9c:65:6b:7e:50:
bc:ea:19:fb:ab:d6:65:6e:98:fe:e5:b5:d3:fc:33:
76:8f:70:42:ee:20:68:7f:7c:ad:9c:33:08:a6:1d:
07:5f:27:7c:c0:55:92:6c:f1:15:5e:bf:1f:f4:01:
0c:bb:e8:47:39:f6:ce:1e:c4:ba:a8:a7:2c:c3:d3:
4c:73:7c:56:15:a4:02:69:67:af:ad:e1:83:7f:c0:
d9:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A9:BB:74:70:DF:53:BA:D9:23:16:79:5F:A5:62:20:2E:CD:A0:01
X509v3 Authority Key Identifier:
keyid:5E:8D:3C:0B:64:14:C9:C8:6E:3C:94:A7:14:DF:B2:69:CB:5E:91:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xo08C2QUychuPJSnFN-yactekWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/xam7dHDfU7rZIxZ5X6ViIC7NoAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/ec3531-82f8-4b4d-b590-23430950609c/1/Xo08C2QUychuPJSnFN-yactekWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.36.0/24
IPv6:
2001:678:4c::/48
Signature Algorithm: sha256WithRSAEncryption
42:b7:90:5f:2d:eb:73:9b:ad:7c:37:c1:90:9f:33:92:ff:63:
3d:b4:4f:3b:9e:af:5d:2e:e2:29:0e:1a:6b:a5:fa:26:21:d3:
16:35:dc:c2:3d:99:27:51:c4:26:56:4b:c4:fd:4d:b5:4d:88:
15:d0:58:32:3c:17:da:55:a1:15:de:dd:80:0c:b2:75:f1:41:
f7:1f:d8:2c:80:70:a6:06:2b:b0:b7:a4:87:f0:5c:c8:30:37:
29:3b:e2:80:e1:5c:1a:43:2c:79:c3:45:71:c1:7d:8b:cc:4f:
a0:30:88:27:d5:07:99:ec:41:18:0b:2c:d3:01:35:da:c5:a2:
ba:74:f7:bb:1b:e9:34:41:58:f2:e8:4d:5a:0a:7e:3e:98:85:
80:57:a6:89:49:8c:fe:1e:30:6d:7d:29:08:f9:e2:af:51:37:
62:75:1e:42:7d:0c:43:2c:45:7a:5b:b0:21:42:3e:40:90:57:
16:a2:04:6d:57:c1:87:a5:15:f5:13:02:17:90:92:de:36:40:
4d:fe:64:c6:0b:6a:62:79:e9:f7:7a:e8:45:34:79:6e:88:d1:
93:a6:c7:47:61:ed:2d:1e:ea:4a:98:44:69:7c:69:70:c2:25:
4e:4d:67:24:82:d5:f5:fb:df:63:ca:5e:82:72:61:52:4e:ba:
b5:ea:9e:9c
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgIENNLUWjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZThkM2MwYjY0MTRjOWM4NmUzYzk0YTcxNGRmYjI2OWNiNWU5MTY5MB4XDTIyMDEw
MTEzNTUzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzVhOWJiNzQ3MGRm
NTNiYWQ5MjMxNjc5NWZhNTYyMjAyZWNkYTAwMTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJSfh+dCZwpbIRlYerv0+GGOlAfMYtAbNDYCw3VlXxgLRYZG
s09aOPeHOOxnO+YRiCZEvnAX6Sy144pIJfTEazDXmIltqeSU3yCr9tG3WG5zDNq+
0vH7y7+B8HFqrx2nZjVCbFdNExR5RujSMNg9SslTWiuWO0UDYic6vBPJF4+7tRdd
R89LPBBi7GtSxBxOQyCWy2KyWM/d0TQyj7PB5eFFckUTV3oXPXE63k+3wZxla35Q
vOoZ+6vWZW6Y/uW10/wzdo9wQu4gaH98rZwzCKYdB18nfMBVkmzxFV6/H/QBDLvo
Rzn2zh7EuqinLMPTTHN8VhWkAmlnr63hg3/A2T8CAwEAAaOCAhowggIWMB0GA1Ud
DgQWBBTFqbt0cN9TutkjFnlfpWIgLs2gATAfBgNVHSMEGDAWgBRejTwLZBTJyG48
lKcU37Jpy16RaTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hvMDhDMlFVeWNodVBKU25GTi15YWN0ZWtXay5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZGMvZWMzNTMxLTgyZjgtNGI0ZC1iNTkwLTIzNDMwOTUwNjA5Yy8x
L3hhbTdkSERmVTdyWkl4WjVYNlZpSUM3Tm9BRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZGMv
ZWMzNTMxLTgyZjgtNGI0ZC1iNTkwLTIzNDMwOTUwNjA5Yy8xL1hvMDhDMlFVeWNo
dVBKU25GTi15YWN0ZWtXay5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAw
BggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMIAJDAPBAIAAjAJAwcAIAEGeABM
MA0GCSqGSIb3DQEBCwUAA4IBAQBCt5BfLetzm618N8GQnzOS/2M9tE87nq9dLuIp
DhprpfomIdMWNdzCPZknUcQmVkvE/U21TYgV0FgyPBfaVaEV3t2ADLJ18UH3H9gs
gHCmBiuwt6SH8FzIMDcpO+KA4VwaQyx5w0VxwX2LzE+gMIgn1QeZ7EEYCyzTATXa
xaK6dPe7G+k0QVjy6E1aCn4+mIWAV6aJSYz+HjBtfSkI+eKvUTdidR5CfQxDLEV6
W7AhQj5AkFcWogRtV8GHpRX1EwIXkJLeNkBN/mTGC2pieen3euhFNHluiNGTpsdH
Ye0tHupKmERpfGlwwiVOTWckgtX1+99jyl6CcmFSTrq16p6c
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:47:26 2025 by rpki-client