Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/XJkP7iSC1yPJnrYsp0wtun9-rxU.roa
File: XJkP7iSC1yPJnrYsp0wtun9-rxU.roa (raw, json)
Hash identifier: kFtd85eN/8K5+hHm+aSDTOsRyKePiaEOO2PM7YaAhX4=
Subject key identifier: 5C:99:0F:EE:24:82:D7:23:C9:9E:B6:2C:A7:4C:2D:BA:7F:7E:AF:15
Certificate issuer: /CN=01626ffd800eafa336bdf343141f03f7c393c364
Certificate serial: 0187A35F947F1231EA00EA4760C0812FA1A0
Authority key identifier: 01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/XJkP7iSC1yPJnrYsp0wtun9-rxU.roa
Signing time: Fri 21 Apr 2023 10:32:42 +0000
ROA not before: Fri 21 Apr 2023 10:32:42 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 199522
IP address blocks: 89.30.156.0/24 maxlen: 24
89.30.157.0/24 maxlen: 24
83.98.216.0/24 maxlen: 24
2001:16f8:4000::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:a3:5f:94:7f:12:31:ea:00:ea:47:60:c0:81:2f:a1:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01626ffd800eafa336bdf343141f03f7c393c364
Validity
Not Before: Apr 21 10:32:42 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c990fee2482d723c99eb62ca74c2dba7f7eaf15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ae:40:6d:95:39:58:6c:0e:9c:86:ee:02:9f:
6a:e6:ad:ec:d3:5c:cd:9d:1c:0c:84:51:1f:39:56:
88:d0:23:a4:77:94:22:92:78:9c:a7:24:d2:1d:4a:
0d:8e:24:f0:ed:39:8d:27:76:29:67:55:6a:46:2a:
13:a6:58:73:74:e4:a8:e9:1d:d7:14:d6:df:2b:c6:
fa:2a:0a:85:8d:0c:30:6b:1c:e2:3b:04:ef:a9:e4:
1c:a4:d2:35:ad:87:ee:43:03:f0:70:00:4f:ad:48:
94:2f:4d:e7:29:ea:a0:00:23:f0:49:a2:f7:a5:42:
d0:0e:7b:74:fe:e4:12:a1:a1:31:a7:09:07:cd:61:
61:65:1e:e5:a4:96:d9:cf:52:19:d7:3d:2e:cd:31:
ce:85:1b:c4:3d:62:87:0c:7b:15:6b:28:bc:a6:94:
e5:11:71:10:4a:c4:65:fd:fa:15:de:25:c4:0d:a3:
84:87:90:2f:80:11:b7:db:c9:6b:42:83:27:7b:8c:
2f:16:a2:48:9a:49:fb:16:20:54:35:9b:c7:5a:98:
ad:e2:b8:59:57:a9:77:f8:f8:94:06:46:0c:13:de:
ce:9b:db:42:66:ae:e5:db:8f:40:e4:bf:54:54:d6:
95:75:af:f0:f8:ea:75:e4:68:43:01:29:e0:07:a7:
67:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:99:0F:EE:24:82:D7:23:C9:9E:B6:2C:A7:4C:2D:BA:7F:7E:AF:15
X509v3 Authority Key Identifier:
keyid:01:62:6F:FD:80:0E:AF:A3:36:BD:F3:43:14:1F:03:F7:C3:93:C3:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AWJv_YAOr6M2vfNDFB8D98OTw2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/XJkP7iSC1yPJnrYsp0wtun9-rxU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/c4e5a0-8219-4ff9-8287-1f4bea23e4c7/1/AWJv_YAOr6M2vfNDFB8D98OTw2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.98.216.0/24
89.30.156.0/23
IPv6:
2001:16f8:4000::/48
Signature Algorithm: sha256WithRSAEncryption
8d:c3:0a:5f:97:97:10:03:da:2a:26:9c:d3:ca:ec:dc:e8:ea:
a6:65:89:b1:d6:f2:a1:85:53:00:6f:dc:7d:a9:ac:36:b8:cd:
11:d3:f8:a9:d1:df:88:b2:81:b6:bd:c7:91:83:1e:c8:0d:1c:
a0:8f:da:fd:7b:85:8f:2d:5b:4e:e5:e7:6e:2c:c7:5f:ec:36:
bf:89:6b:30:f5:6d:32:d3:af:e8:cf:87:fe:e9:24:80:95:21:
58:5c:f4:90:6e:ca:f7:52:64:77:9f:ed:4c:c7:c1:d1:ea:59:
bb:61:a0:4e:e5:c8:b1:d1:a1:b4:a4:91:8f:13:21:9f:6e:a8:
84:23:1e:bf:82:ba:e4:da:ba:65:ea:e6:cb:c3:4e:33:04:c7:
62:70:ed:49:d7:38:3a:d3:39:a0:b9:5e:01:82:c3:57:9e:1d:
2d:13:e0:a4:fb:52:af:bd:8d:20:7f:f7:a6:92:55:09:ac:ae:
e4:38:82:60:c1:bb:45:86:d1:9a:05:7d:f7:f1:d1:cf:e6:58:
55:e5:1e:b3:30:a5:7d:99:ad:d0:22:44:8b:39:67:1c:f6:a0:
62:fe:3f:65:d5:be:72:45:7f:da:72:b6:53:cc:20:a6:12:b5:
f4:96:ee:8b:50:6e:0f:89:f5:68:5e:90:97:a8:47:4f:c5:c8:
22:a6:ac:5d
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYejX5R/EjHqAOpHYMCBL6GgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxNjI2ZmZkODAwZWFmYTMzNmJkZjM0MzE0MWYwM2Y3YzM5
M2MzNjQwHhcNMjMwNDIxMTAzMjQyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Yzk5MGZlZTI0ODJkNzIzYzk5ZWI2MmNhNzRjMmRiYTdmN2VhZjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAga5AbZU5WGwOnIbuAp9q5q3s01zN
nRwMhFEfOVaI0COkd5QiknicpyTSHUoNjiTw7TmNJ3YpZ1VqRioTplhzdOSo6R3X
FNbfK8b6KgqFjQwwaxziOwTvqeQcpNI1rYfuQwPwcABPrUiUL03nKeqgACPwSaL3
pULQDnt0/uQSoaExpwkHzWFhZR7lpJbZz1IZ1z0uzTHOhRvEPWKHDHsVayi8ppTl
EXEQSsRl/foV3iXEDaOEh5AvgBG328lrQoMne4wvFqJImkn7FiBUNZvHWpit4rhZ
V6l3+PiUBkYME97Om9tCZq7l249A5L9UVNaVda/w+Op15GhDASngB6dnywIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFFyZD+4kgtcjyZ62LKdMLbp/fq8VMB8GA1UdIwQY
MBaAFAFib/2ADq+jNr3zQxQfA/fDk8NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODct
MWY0YmVhMjNlNGM3LzEvWEprUDdpU0MxeVBKbnJZc3Awd3R1bjktcnhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jNGU1YTAtODIxOS00ZmY5LTgyODctMWY0YmVhMjNlNGM3
LzEvQVdKdl9ZQU9yNk0ydmZOREZCOEQ5OE9UdzJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAU2LYAwQB
WR6cMA8EAgACMAkDBwAgARb4QAAwDQYJKoZIhvcNAQELBQADggEBAI3DCl+XlxAD
2iomnNPK7Nzo6qZlibHW8qGFUwBv3H2prDa4zRHT+KnR34iygba9x5GDHsgNHKCP
2v17hY8tW07l524sx1/sNr+JazD1bTLTr+jPh/7pJICVIVhc9JBuyvdSZHef7UzH
wdHqWbthoE7lyLHRobSkkY8TIZ9uqIQjHr+CuuTaumXq5svDTjMEx2Jw7UnXODrT
OaC5XgGCw1eeHS0T4KT7Uq+9jSB/96aSVQmsruQ4gmDBu0WG0ZoFfffx0c/mWFXl
HrMwpX2ZrdAiRIs5Zxz2oGL+P2XVvnJFf9pytlPMIKYStfSW7otQbg+J9WhekJeo
R0/FyCKmrF0=
-----END CERTIFICATE-----
Generated at Thu Apr 17 13:30:31 2025 by rpki-client