Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/DXhCjs_fNbDRHV7HZnwpW_tvPUs.roa
File: DXhCjs_fNbDRHV7HZnwpW_tvPUs.roa (raw, json)
Hash identifier: my8kJZ/ewBTWBpXr/sMRSOhXXn17/tvdjFpH60+XgpY=
Subject key identifier: 0D:78:42:8E:CF:DF:35:B0:D1:1D:5E:C7:66:7C:29:5B:FB:6F:3D:4B
Certificate issuer: /CN=c5a1fb5bbc2fa8571e3d5f8cae4196a8d7e96c35
Certificate serial: 0924CBB2
Authority key identifier: C5:A1:FB:5B:BC:2F:A8:57:1E:3D:5F:8C:AE:41:96:A8:D7:E9:6C:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xaH7W7wvqFcePV-MrkGWqNfpbDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/DXhCjs_fNbDRHV7HZnwpW_tvPUs.roa
Signing time: Sat 01 Jan 2022 09:02:19 +0000
ROA not before: Sat 01 Jan 2022 09:02:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 2200
IP address blocks: 141.115.0.0/16 maxlen: 16
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 153406386 (0x924cbb2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5a1fb5bbc2fa8571e3d5f8cae4196a8d7e96c35
Validity
Not Before: Jan 1 09:02:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=0d78428ecfdf35b0d11d5ec7667c295bfb6f3d4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:47:ef:ac:2a:02:19:ea:7d:9d:d2:53:d4:52:
1c:59:34:50:6e:10:b1:89:ca:01:b6:f0:d1:1f:22:
31:ec:8f:da:cb:58:50:92:a4:99:2c:f4:9f:ea:07:
a2:cd:04:7f:fa:49:c1:34:36:f7:f1:8d:33:7d:05:
ed:11:f3:f1:4b:f8:c7:c3:2e:ff:d9:5e:fa:4a:76:
fe:8a:c8:d9:a6:fe:e1:1f:f7:f1:3a:99:b6:0b:80:
66:34:73:36:74:f8:4f:76:bf:92:a9:79:f8:e1:cb:
51:61:56:dc:5f:92:fa:10:e0:23:23:b2:22:fa:6a:
fb:f2:d7:2f:c5:55:ae:7a:b2:64:88:a1:be:b1:bc:
f4:9b:0e:1a:71:f2:e3:fc:88:ce:e9:d3:cd:46:64:
78:24:b8:42:08:ad:a0:c0:49:3c:bc:62:13:91:ee:
bc:b8:d6:e8:7a:fe:58:c5:f4:75:cd:50:08:f4:06:
62:a4:11:47:fd:7b:af:95:2d:f2:0c:9b:b4:03:ad:
03:1d:26:b6:be:09:98:dd:f0:5f:ab:42:98:83:e8:
eb:a9:e3:f9:a1:6c:7c:a8:8a:b0:db:ee:99:f4:16:
54:f3:34:cc:1d:16:e0:3f:10:73:b3:15:c3:18:89:
5f:b3:8b:e3:a2:46:f3:55:fa:8d:55:d0:bd:04:33:
36:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:78:42:8E:CF:DF:35:B0:D1:1D:5E:C7:66:7C:29:5B:FB:6F:3D:4B
X509v3 Authority Key Identifier:
keyid:C5:A1:FB:5B:BC:2F:A8:57:1E:3D:5F:8C:AE:41:96:A8:D7:E9:6C:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xaH7W7wvqFcePV-MrkGWqNfpbDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/DXhCjs_fNbDRHV7HZnwpW_tvPUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/deb70d-1ffd-4da0-a097-d8a0b41f46e8/1/xaH7W7wvqFcePV-MrkGWqNfpbDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.115.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:2b:a7:cc:b7:87:91:c6:bc:a3:fb:c5:a4:e6:40:9b:77:2c:
22:81:89:e4:7e:8b:97:54:71:4e:31:3d:79:ee:a1:cf:0e:7f:
4a:5d:53:b7:68:f4:33:0f:54:f8:4a:a8:e2:7e:40:77:1c:6f:
d4:93:3c:d8:ea:e2:39:af:c6:eb:48:18:86:03:e3:b7:f8:8e:
a7:48:44:e9:54:90:1a:0e:5f:f5:82:e0:91:cf:1c:bb:09:cb:
48:34:06:60:47:c0:07:61:1a:ba:2f:02:8a:a8:40:27:89:48:
b4:e7:a3:fa:a5:74:8c:b5:55:a9:8e:eb:9c:d0:01:c7:13:1d:
67:96:d1:ec:65:52:ce:14:a1:8b:1a:af:a2:f4:7e:37:63:4b:
f0:8b:cc:69:b8:34:ca:57:22:1b:8c:a5:8a:d0:4a:84:8f:5f:
21:ef:c9:dd:aa:5f:28:9c:08:e1:f9:ed:db:6e:85:1e:37:78:
de:7d:a8:cd:d7:61:d7:d4:45:0b:65:f5:7d:26:ca:52:a0:61:
66:93:db:e1:19:8b:04:5c:85:7e:b8:7e:28:f7:c7:6c:73:9c:
e5:3f:f2:21:fb:4d:5a:d1:c4:68:ea:70:ca:a6:81:13:ab:c4:
e6:4d:1c:32:e4:ac:0c:f5:b4:5b:64:ae:47:04:47:11:a0:bd:
f5:a3:f2:fe
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIECSTLsjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhj
NWExZmI1YmJjMmZhODU3MWUzZDVmOGNhZTQxOTZhOGQ3ZTk2YzM1MB4XDTIyMDEw
MTA5MDIxOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMGQ3ODQyOGVjZmRm
MzViMGQxMWQ1ZWM3NjY3YzI5NWJmYjZmM2Q0YjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANhH76wqAhnqfZ3SU9RSHFk0UG4QsYnKAbbw0R8iMeyP2stY
UJKkmSz0n+oHos0Ef/pJwTQ29/GNM30F7RHz8Uv4x8Mu/9le+kp2/orI2ab+4R/3
8TqZtguAZjRzNnT4T3a/kql5+OHLUWFW3F+S+hDgIyOyIvpq+/LXL8VVrnqyZIih
vrG89JsOGnHy4/yIzunTzUZkeCS4QgitoMBJPLxiE5HuvLjW6Hr+WMX0dc1QCPQG
YqQRR/17r5Ut8gybtAOtAx0mtr4JmN3wX6tCmIPo66nj+aFsfKiKsNvumfQWVPM0
zB0W4D8Qc7MVwxiJX7OL46JG81X6jVXQvQQzNpcCAwEAAaOCAggwggIEMB0GA1Ud
DgQWBBQNeEKOz981sNEdXsdmfClb+289SzAfBgNVHSMEGDAWgBTFoftbvC+oVx49
X4yuQZao1+lsNTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3hhSDdXN3d2cUZjZVBWLU1ya0dXcU5mcGJEVS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZTQvZGViNzBkLTFmZmQtNGRhMC1hMDk3LWQ4YTBiNDFmNDZlOC8x
L0RYaENqc19mTmJEUkhWN0habndwV190dlBVcy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZTQv
ZGViNzBkLTFmZmQtNGRhMC1hMDk3LWQ4YTBiNDFmNDZlOC8xL3hhSDdXN3d2cUZj
ZVBWLU1ya0dXcU5mcGJEVS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAe
BggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAI1zMA0GCSqGSIb3DQEBCwUAA4IB
AQAJK6fMt4eRxryj+8Wk5kCbdywigYnkfouXVHFOMT157qHPDn9KXVO3aPQzD1T4
SqjifkB3HG/UkzzY6uI5r8brSBiGA+O3+I6nSETpVJAaDl/1guCRzxy7CctINAZg
R8AHYRq6LwKKqEAniUi056P6pXSMtVWpjuuc0AHHEx1nltHsZVLOFKGLGq+i9H43
Y0vwi8xpuDTKVyIbjKWK0EqEj18h78ndql8onAjh+e3bboUeN3jefajN12HX1EUL
ZfV9JspSoGFmk9vhGYsEXIV+uH4o98dsc5zlP/Ih+01a0cRo6nDKpoETq8TmTRwy
5KwM9bRbZK5HBEcRoL31o/L+
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:09:10 2025 by rpki-client