Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XuG1KMh5fQ6LhDF64ZXXCU-Z3CE.roa
File: XuG1KMh5fQ6LhDF64ZXXCU-Z3CE.roa (raw, json)
Hash identifier: zH934y0jFAZuUCd8sIzpHViFSk5+BOMj9HCcO14K5Mc=
Subject key identifier: 5E:E1:B5:28:C8:79:7D:0E:8B:84:31:7A:E1:95:D7:09:4F:99:DC:21
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0185340D9EFB523DD2D4D9847E8222162B8F
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XuG1KMh5fQ6LhDF64ZXXCU-Z3CE.roa
Signing time: Wed 21 Dec 2022 09:39:45 +0000
ROA not before: Wed 21 Dec 2022 09:39:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 14445
IP address blocks: 87.254.8.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:34:0d:9e:fb:52:3d:d2:d4:d9:84:7e:82:22:16:2b:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Dec 21 09:39:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5ee1b528c8797d0e8b84317ae195d7094f99dc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0d:1b:25:e8:6e:34:c2:86:47:6d:93:b1:02:
e5:8f:97:d4:52:b7:6d:ba:5e:a3:d7:16:3f:3d:fd:
9c:a9:64:d4:f9:9b:42:56:c0:0c:61:b4:97:bd:5d:
98:e5:04:30:6a:c4:ed:ab:8c:1e:18:89:9d:77:02:
00:54:d9:c9:e0:b3:bc:c9:50:96:b6:13:04:3f:eb:
87:6e:06:71:09:34:4f:86:f3:c2:54:a3:f7:57:a0:
78:d7:50:07:f2:50:12:cc:80:fd:77:13:1a:3b:7e:
b1:1b:ff:f9:9e:0a:2d:b9:e7:1e:df:c1:8d:f3:d1:
c3:43:29:f2:56:ee:de:1a:24:48:47:ef:01:6d:c7:
c7:e7:65:87:07:4d:1e:25:81:8f:e9:0b:49:69:93:
ec:fd:b1:4a:dd:70:9d:dc:49:68:36:b2:d4:2e:42:
06:9a:1a:7a:11:f7:5e:28:68:75:38:6b:0c:4a:f9:
cd:8b:dc:d5:0f:fe:d7:74:5a:ea:69:ec:3a:58:12:
02:19:cd:44:dd:61:cc:7e:57:54:dc:bb:f3:28:ca:
69:e3:23:73:2f:25:01:ec:29:9d:d1:d9:9d:c2:eb:
4b:48:8c:5c:65:b8:ca:e1:6c:e7:9b:3b:a3:8c:ba:
04:ea:41:ce:b4:c7:78:82:f6:3d:50:af:33:99:09:
83:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:E1:B5:28:C8:79:7D:0E:8B:84:31:7A:E1:95:D7:09:4F:99:DC:21
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/XuG1KMh5fQ6LhDF64ZXXCU-Z3CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.254.8.0/24
Signature Algorithm: sha256WithRSAEncryption
21:13:62:48:3c:e7:54:d1:6d:95:a7:25:c0:7c:92:4b:dc:93:
f5:f4:c2:a1:92:0b:ce:ed:e5:7b:b6:75:34:b0:84:b5:95:25:
1f:3e:01:e2:34:a6:af:76:d5:17:e6:44:c5:b3:ed:94:7c:4d:
fa:6e:9d:14:a0:10:cd:ce:e3:26:f4:58:8d:26:3c:cd:ab:9d:
fb:55:f3:11:6e:42:34:fe:48:03:7d:1e:f4:2b:99:c0:d0:89:
ba:4c:85:e7:6f:ad:6d:e0:37:65:e3:a0:cd:dd:aa:4c:35:85:
de:a3:9c:d4:24:4f:98:8d:f8:76:4f:73:56:33:5a:5e:6d:dc:
5e:c1:ff:29:cb:5a:86:99:60:8c:26:1a:e8:2f:b8:c7:b7:46:
7f:f6:ff:d2:28:ac:3f:a8:73:50:04:8d:77:12:b8:3e:55:0c:
80:bb:d1:94:ec:41:01:7a:85:fa:18:59:84:80:dd:7d:d3:19:
1e:29:70:c2:6f:17:8b:6b:e7:6e:6d:fd:b4:f7:69:a8:55:4f:
d4:95:6c:67:41:73:86:b2:b6:6a:5c:ca:e2:12:6b:ff:d6:96:
43:fe:c8:1c:7c:8f:a9:64:f9:07:85:e0:8e:99:43:ac:94:97:
39:60:a3:0f:72:d0:95:c2:5e:30:7d:0b:dc:e7:c1:2a:c3:5d:
80:b0:16:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYU0DZ77Uj3S1NmEfoIiFiuPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjIxMjIxMDkzOTQ1WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWUxYjUyOGM4Nzk3ZDBlOGI4NDMxN2FlMTk1ZDcwOTRmOTlkYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA0bJehuNMKGR22TsQLlj5fUUrdt
ul6j1xY/Pf2cqWTU+ZtCVsAMYbSXvV2Y5QQwasTtq4weGImddwIAVNnJ4LO8yVCW
thMEP+uHbgZxCTRPhvPCVKP3V6B411AH8lASzID9dxMaO36xG//5ngotuece38GN
89HDQynyVu7eGiRIR+8BbcfH52WHB00eJYGP6QtJaZPs/bFK3XCd3EloNrLULkIG
mhp6EfdeKGh1OGsMSvnNi9zVD/7XdFrqaew6WBICGc1E3WHMfldU3LvzKMpp4yNz
LyUB7Cmd0dmdwutLSIxcZbjK4WznmzujjLoE6kHOtMd4gvY9UK8zmQmDKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF7htSjIeX0Oi4QxeuGV1wlPmdwhMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvWHVHMUtNaDVmUTZMaERGNjRaWFhDVS1aM0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV/4IMA0G
CSqGSIb3DQEBCwUAA4IBAQAhE2JIPOdU0W2VpyXAfJJL3JP19MKhkgvO7eV7tnU0
sIS1lSUfPgHiNKavdtUX5kTFs+2UfE36bp0UoBDNzuMm9FiNJjzNq537VfMRbkI0
/kgDfR70K5nA0Im6TIXnb61t4Ddl46DN3apMNYXeo5zUJE+Yjfh2T3NWM1pebdxe
wf8py1qGmWCMJhroL7jHt0Z/9v/SKKw/qHNQBI13Erg+VQyAu9GU7EEBeoX6GFmE
gN190xkeKXDCbxeLa+dubf2092moVU/UlWxnQXOGsrZqXMriEmv/1pZD/sgcfI+p
ZPkHheCOmUOslJc5YKMPctCVwl4wfQvc58Eqw12AsBYK
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:05:48 2023 by rpki-client on console-fra.rpki-client.org