Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/XpdpAwK6Xci6g-o5H_I58Biac3k.roa
File: XpdpAwK6Xci6g-o5H_I58Biac3k.roa (raw, json)
Hash identifier: c6UcL2EDROQO/KdZeYNjX3o4sUa3PgkrxyjqEDrAC9I=
Subject key identifier: 5E:97:69:03:02:BA:5D:C8:BA:83:EA:39:1F:F2:39:F0:18:9A:73:79
Certificate issuer: /CN=ddc88232c07de2cdcb96eaf9e751550baa66c588
Certificate serial: 01EA50
Authority key identifier: DD:C8:82:32:C0:7D:E2:CD:CB:96:EA:F9:E7:51:55:0B:AA:66:C5:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/XpdpAwK6Xci6g-o5H_I58Biac3k.roa
Signing time: Tue 15 Mar 2022 18:25:53 +0000
ROA not before: Tue 15 Mar 2022 18:25:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 8538
IP address blocks: 192.162.104.0/22 maxlen: 22
195.8.115.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 125520 (0x1ea50)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ddc88232c07de2cdcb96eaf9e751550baa66c588
Validity
Not Before: Mar 15 18:25:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5e97690302ba5dc8ba83ea391ff239f0189a7379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4c:4d:72:06:ea:d5:82:69:5f:09:69:3f:7d:
7b:67:8d:2c:3e:86:b3:35:52:d9:da:92:2c:57:f4:
e5:d5:5d:ee:12:26:e3:9f:4a:7f:19:97:9e:0e:72:
cc:09:0c:31:a3:32:3a:43:d0:a0:9f:9a:ab:ee:e2:
a8:79:91:35:cd:fd:c7:97:0e:77:6b:6e:53:94:32:
f4:ac:f0:95:3f:cb:c0:e2:29:42:95:25:fa:72:c3:
7e:07:f0:8f:5d:e6:14:7f:3e:0a:65:12:0e:f3:87:
29:61:57:f3:86:b2:9d:64:a3:91:b1:f9:8e:b7:f6:
5c:a3:c4:a3:22:ca:ba:55:80:dd:8e:70:86:69:00:
67:05:26:7a:53:57:ce:32:b5:1f:b6:51:56:87:d7:
c1:a2:a3:6a:0a:a0:7c:84:59:a6:40:39:07:ac:73:
d8:39:56:fc:e2:04:06:00:1e:8f:64:9d:08:c5:ef:
b6:9b:86:10:f9:d6:f1:37:e0:a2:61:ad:fb:1c:ef:
e8:e4:ca:c0:57:d5:ad:54:7d:1f:7d:af:4d:5b:7f:
58:85:84:0d:4f:5f:e3:1a:60:bb:7d:f0:51:3a:fb:
29:4c:4c:62:40:60:f3:20:92:a4:97:8a:46:0c:4d:
15:b7:5c:f3:d8:6e:36:c2:39:d8:a3:f5:05:f7:61:
7f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:97:69:03:02:BA:5D:C8:BA:83:EA:39:1F:F2:39:F0:18:9A:73:79
X509v3 Authority Key Identifier:
keyid:DD:C8:82:32:C0:7D:E2:CD:CB:96:EA:F9:E7:51:55:0B:AA:66:C5:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ciCMsB94s3Llur551FVC6pmxYg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/XpdpAwK6Xci6g-o5H_I58Biac3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/0c96d4-c760-4aa6-85db-42c79b03b4df/1/3ciCMsB94s3Llur551FVC6pmxYg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.104.0/22
195.8.115.0/24
Signature Algorithm: sha256WithRSAEncryption
90:c8:ca:51:c4:2a:ff:ea:e1:a6:a2:08:9e:12:a8:65:6a:0a:
e7:ca:93:cd:b9:b7:2e:5a:93:3c:87:6c:39:67:1a:74:fe:d3:
23:1b:67:67:71:15:1b:b0:69:b3:1d:cc:32:94:2b:4c:30:9a:
db:1a:78:be:69:e7:02:0d:75:c7:bd:c6:64:3b:4f:bd:86:b8:
32:e6:65:30:b1:19:0a:75:b5:1c:81:1e:00:2f:46:c5:33:ef:
be:9d:b8:6e:2f:42:d1:5f:ff:53:c0:95:18:b8:bc:e5:fe:05:
4a:29:45:2c:db:ae:d2:50:07:04:95:3f:f8:64:73:88:b4:1f:
8d:ff:6a:c9:10:23:7c:b1:8b:dd:0a:4a:c8:61:de:1a:7f:e2:
5f:f5:72:48:a6:76:b2:c5:7d:ba:b6:86:0a:5e:fa:b7:b3:82:
52:cb:aa:1d:ed:cc:d9:dd:5a:d8:cf:cb:b8:7d:e7:59:60:91:
28:d0:8d:d8:e4:83:85:cc:53:cc:de:0f:8b:e8:bc:55:94:6b:
51:4a:4c:51:a0:1d:73:b7:fd:4b:8b:34:07:7a:87:c6:eb:bf:
11:ee:6f:63:6f:13:44:26:17:94:00:09:9d:b6:2f:59:bc:8b:
e5:02:27:b1:46:50:31:86:a6:15:4e:cd:3c:67:24:7a:d3:e4:
c1:c9:f2:6d
-----BEGIN CERTIFICATE-----
MIIE9DCCA9ygAwIBAgIDAepQMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKGRk
Yzg4MjMyYzA3ZGUyY2RjYjk2ZWFmOWU3NTE1NTBiYWE2NmM1ODgwHhcNMjIwMzE1
MTgyNTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1ZTk3NjkwMzAyYmE1
ZGM4YmE4M2VhMzkxZmYyMzlmMDE4OWE3Mzc5MIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAqkxNcgbq1YJpXwlpP317Z40sPoazNVLZ2pIsV/Tl1V3uEibj
n0p/GZeeDnLMCQwxozI6Q9Cgn5qr7uKoeZE1zf3Hlw53a25TlDL0rPCVP8vA4ilC
lSX6csN+B/CPXeYUfz4KZRIO84cpYVfzhrKdZKORsfmOt/Zco8SjIsq6VYDdjnCG
aQBnBSZ6U1fOMrUftlFWh9fBoqNqCqB8hFmmQDkHrHPYOVb84gQGAB6PZJ0Ixe+2
m4YQ+dbxN+CiYa37HO/o5MrAV9WtVH0ffa9NW39YhYQNT1/jGmC7ffBROvspTExi
QGDzIJKkl4pGDE0Vt1zz2G42wjnYo/UF92F/KwIDAQABo4ICDzCCAgswHQYDVR0O
BBYEFF6XaQMCul3IuoPqOR/yOfAYmnN5MB8GA1UdIwQYMBaAFN3IgjLAfeLNy5bq
+edRVQuqZsWIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
M2NpQ01zQjk0czNMbHVyNTUxRlZDNnBteFlnLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9lNC8wYzk2ZDQtYzc2MC00YWE2LTg1ZGItNDJjNzliMDNiNGRmLzEv
WHBkcEF3SzZYY2k2Zy1vNUhfSTU4QmlhYzNrLnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC8w
Yzk2ZDQtYzc2MC00YWE2LTg1ZGItNDJjNzliMDNiNGRmLzEvM2NpQ01zQjk0czNM
bHVyNTUxRlZDNnBteFlnLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCUG
CCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwKJoAwQAwwhzMA0GCSqGSIb3DQEB
CwUAA4IBAQCQyMpRxCr/6uGmogieEqhlagrnypPNubcuWpM8h2w5Zxp0/tMjG2dn
cRUbsGmzHcwylCtMMJrbGni+aecCDXXHvcZkO0+9hrgy5mUwsRkKdbUcgR4AL0bF
M+++nbhuL0LRX/9TwJUYuLzl/gVKKUUs267SUAcElT/4ZHOItB+N/2rJECN8sYvd
CkrIYd4af+Jf9XJIpnayxX26toYKXvq3s4JSy6od7czZ3VrYz8u4fedZYJEo0I3Y
5IOFzFPM3g+L6LxVlGtRSkxRoB1zt/1LizQHeofG678R7m9jbxNEJheUAAmdti9Z
vIvlAiexRlAxhqYVTs08ZyR60+TByfJt
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:27 2023 by rpki-client on console-fra.rpki-client.org