Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/Xd-88v2OQuT6CafAiFIQgVGpQYk.roa
File: Xd-88v2OQuT6CafAiFIQgVGpQYk.roa (raw, json)
Hash identifier: dso90gs79no1dCLfGjY/huL/cd5qyhKL+nOr+JRqQhc=
Subject key identifier: 5D:DF:BC:F2:FD:8E:42:E4:FA:09:A7:C0:88:52:10:81:51:A9:41:89
Certificate issuer: /CN=73dd2894568aebd05ad6432d53cf70e2cd788e6e
Certificate serial: 01856C011FC90A65834CD45AC592D7FCF0E0
Authority key identifier: 73:DD:28:94:56:8A:EB:D0:5A:D6:43:2D:53:CF:70:E2:CD:78:8E:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c90olFaK69Ba1kMtU89w4s14jm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/Xd-88v2OQuT6CafAiFIQgVGpQYk.roa
Signing time: Sun 01 Jan 2023 06:24:51 +0000
ROA not before: Sun 01 Jan 2023 06:24:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 49984
IP address blocks: 5.199.232.0/21 maxlen: 21
185.42.128.0/22 maxlen: 22
178.210.128.0/19 maxlen: 19
2a01:a240::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6c:01:1f:c9:0a:65:83:4c:d4:5a:c5:92:d7:fc:f0:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73dd2894568aebd05ad6432d53cf70e2cd788e6e
Validity
Not Before: Jan 1 06:24:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5ddfbcf2fd8e42e4fa09a7c08852108151a94189
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:e3:13:f3:4b:da:2a:74:7f:45:47:7b:ab:21:
7f:3c:42:e9:ce:df:f6:55:b3:e9:37:b4:3a:03:3a:
e4:e1:f7:95:76:c3:28:d6:06:1e:19:e7:7f:76:54:
10:3f:8b:49:d6:b6:a0:26:99:aa:3b:9e:f8:53:52:
e9:67:70:5b:13:0d:15:dc:21:0d:2c:e9:5d:23:94:
a4:f8:71:ed:ce:9d:fe:29:e1:51:f5:32:fe:09:62:
6a:2f:25:66:c6:ea:7f:09:03:b4:5f:f0:3d:2c:66:
e9:bb:09:3b:7a:b3:4f:f2:dd:80:c3:fe:bb:82:cc:
6a:d9:50:71:b2:09:20:55:fd:fd:9b:79:dd:4a:22:
8b:20:2a:eb:2d:5d:8f:17:1d:b4:c8:87:31:0d:a0:
e1:21:39:ac:26:71:14:c9:53:b3:7c:73:09:ba:17:
61:76:4c:c7:c5:d1:6e:0d:24:a1:27:f2:69:f5:99:
4f:33:3e:ab:e6:64:9e:8c:19:d4:a8:34:73:24:28:
de:2c:44:7b:6a:60:f1:ca:7e:e4:9b:17:42:fa:31:
ad:9a:6a:65:76:b8:b8:0d:27:ea:67:1d:4f:6d:33:
ad:8b:dd:5a:0a:c2:69:2c:1f:2e:73:1f:12:64:46:
f0:f8:05:79:ad:45:72:e7:bd:f4:4c:1f:1a:07:79:
12:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:DF:BC:F2:FD:8E:42:E4:FA:09:A7:C0:88:52:10:81:51:A9:41:89
X509v3 Authority Key Identifier:
keyid:73:DD:28:94:56:8A:EB:D0:5A:D6:43:2D:53:CF:70:E2:CD:78:8E:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c90olFaK69Ba1kMtU89w4s14jm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/Xd-88v2OQuT6CafAiFIQgVGpQYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/a1d20e-50a2-44dc-b1e8-a67dca8a088c/1/c90olFaK69Ba1kMtU89w4s14jm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.232.0/21
178.210.128.0/19
185.42.128.0/22
IPv6:
2a01:a240::/32
Signature Algorithm: sha256WithRSAEncryption
a1:45:aa:56:b7:d2:97:49:82:70:f3:c8:63:25:d1:b1:ee:0a:
e1:a3:49:77:3b:f6:65:05:d3:22:9c:9a:5c:fd:c4:c5:67:85:
b5:3f:3f:74:03:c9:47:06:15:f6:ad:ef:95:b3:16:06:c4:cf:
3b:40:68:79:91:d0:4e:07:b4:14:6b:02:67:b6:29:14:ae:3e:
9f:b5:b0:06:ce:00:65:c5:17:84:a6:47:76:e4:ed:9d:02:17:
14:87:9a:4c:00:b8:cf:e4:35:bc:9c:c4:d9:1e:66:08:eb:65:
69:09:17:f2:0e:46:ac:7c:f4:ea:65:d3:8b:f7:7f:e4:cc:ab:
e0:23:58:d9:59:bd:91:0b:8d:1b:88:2a:19:7c:ad:b8:c7:0e:
27:b7:b3:03:60:63:ab:30:55:97:bc:5a:38:66:f4:33:3e:0d:
c7:a2:a5:4c:dd:75:b5:45:fe:71:52:b3:12:72:c3:ed:58:3a:
33:8a:cb:c2:db:2b:fc:ff:1d:17:2c:d6:7b:c3:50:67:a8:18:
0b:ed:ee:a0:b5:59:b7:0a:56:7d:cb:a5:6d:40:df:ae:93:71:
f3:bb:a9:eb:85:bd:f6:8f:7c:92:9a:46:87:ec:7c:20:49:f1:
aa:12:1d:be:fe:51:1e:a5:a9:4d:e2:a2:bf:12:4c:42:9a:e7:
37:d8:c8:09
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYVsAR/JCmWDTNRaxZLX/PDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGQyODk0NTY4YWViZDA1YWQ2NDMyZDUzY2Y3MGUyY2Q3
ODhlNmUwHhcNMjMwMTAxMDYyNDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGRmYmNmMmZkOGU0MmU0ZmEwOWE3YzA4ODUyMTA4MTUxYTk0MTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgOMT80vaKnR/RUd7qyF/PELpzt/2
VbPpN7Q6Azrk4feVdsMo1gYeGed/dlQQP4tJ1ragJpmqO574U1LpZ3BbEw0V3CEN
LOldI5Sk+HHtzp3+KeFR9TL+CWJqLyVmxup/CQO0X/A9LGbpuwk7erNP8t2Aw/67
gsxq2VBxsgkgVf39m3ndSiKLICrrLV2PFx20yIcxDaDhITmsJnEUyVOzfHMJuhdh
dkzHxdFuDSShJ/Jp9ZlPMz6r5mSejBnUqDRzJCjeLER7amDxyn7kmxdC+jGtmmpl
dri4DSfqZx1PbTOti91aCsJpLB8ucx8SZEbw+AV5rUVy5730TB8aB3kSZQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFF3fvPL9jkLk+gmnwIhSEIFRqUGJMB8GA1UdIwQY
MBaAFHPdKJRWiuvQWtZDLVPPcOLNeI5uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzkwb2xGYUs2OUJhMWtNdFU4OXc0czE0am00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS9hMWQyMGUtNTBhMi00NGRjLWIxZTgt
YTY3ZGNhOGEwODhjLzEvWGQtODh2Mk9RdVQ2Q2FmQWlGSVFnVkdwUVlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS9hMWQyMGUtNTBhMi00NGRjLWIxZTgtYTY3ZGNhOGEwODhj
LzEvYzkwb2xGYUs2OUJhMWtNdFU4OXc0czE0am00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBcfoAwQF
stKAAwQCuSqAMA0EAgACMAcDBQAqAaJAMA0GCSqGSIb3DQEBCwUAA4IBAQChRapW
t9KXSYJw88hjJdGx7grho0l3O/ZlBdMinJpc/cTFZ4W1Pz90A8lHBhX2re+VsxYG
xM87QGh5kdBOB7QUawJntikUrj6ftbAGzgBlxReEpkd25O2dAhcUh5pMALjP5DW8
nMTZHmYI62VpCRfyDkasfPTqZdOL93/kzKvgI1jZWb2RC40biCoZfK24xw4nt7MD
YGOrMFWXvFo4ZvQzPg3HoqVM3XW1Rf5xUrMScsPtWDozisvC2yv8/x0XLNZ7w1Bn
qBgL7e6gtVm3ClZ9y6VtQN+uk3Hzu6nrhb32j3ySmkaH7HwgSfGqEh2+/lEepalN
4qK/EkxCmuc32MgJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:31 2025 by rpki-client