Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/dee68d-aacd-4673-ba42-9911e510a8a9/1/XlOw3UPgml7PJJeW9emUjqjuymA.roa
File: XlOw3UPgml7PJJeW9emUjqjuymA.roa (raw, json)
Hash identifier: WtNKcX+QphUdht1WrxgqRropSfzsdrm7N+Y0/GzKWN0=
Subject key identifier: 5E:53:B0:DD:43:E0:9A:5E:CF:24:97:96:F5:E9:94:8E:A8:EE:CA:60
Certificate issuer: /CN=fb4abe13942abe420f20dc149fdc57df4045c143
Certificate serial: 0185708CA86A36386AB06D6FE034B634347D
Authority key identifier: FB:4A:BE:13:94:2A:BE:42:0F:20:DC:14:9F:DC:57:DF:40:45:C1:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-0q-E5QqvkIPINwUn9xX30BFwUM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/dee68d-aacd-4673-ba42-9911e510a8a9/1/XlOw3UPgml7PJJeW9emUjqjuymA.roa
Signing time: Mon 02 Jan 2023 03:35:44 +0000
ROA not before: Mon 02 Jan 2023 03:35:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197323
IP address blocks: 91.220.47.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:70:8c:a8:6a:36:38:6a:b0:6d:6f:e0:34:b6:34:34:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb4abe13942abe420f20dc149fdc57df4045c143
Validity
Not Before: Jan 2 03:35:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5e53b0dd43e09a5ecf249796f5e9948ea8eeca60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:f4:da:23:ec:13:c1:7d:7a:af:b4:a9:90:da:
8d:d5:92:af:ef:44:f3:87:b6:5f:29:45:c6:48:44:
f9:68:47:8b:a6:49:66:3b:6f:0a:d2:e4:61:fb:fc:
41:57:00:85:00:5c:3d:d1:0c:2c:e8:86:77:bf:e2:
e7:f9:7c:39:bd:40:b5:6a:3b:f6:99:81:09:26:12:
3b:8b:37:e6:be:3d:5b:ec:82:e5:3a:b3:1d:f5:b4:
b8:3f:a4:3d:9d:be:9f:d1:e1:c2:d8:0c:c1:8d:3c:
4a:6c:71:4e:5b:ab:db:bd:10:ed:4a:ec:cc:85:d7:
d9:aa:11:a4:8f:46:12:1a:4c:fa:11:e5:f1:62:27:
ed:f4:b1:e5:5e:04:c4:35:15:25:a9:83:60:b1:98:
1f:d5:ee:0e:61:fd:34:d5:ba:bc:c4:11:4a:5c:a8:
3b:96:5e:f8:51:0f:86:a9:31:86:03:61:1d:8a:4e:
ed:a8:0d:58:ce:8b:51:ab:25:43:eb:26:8f:ab:f0:
25:e2:00:38:1c:89:45:3c:d7:ab:cd:c0:6d:c8:2d:
ad:35:43:77:40:40:e5:5d:63:0e:a6:20:59:fc:e2:
66:de:56:46:ce:ee:27:4d:7e:89:ea:f2:8c:d6:41:
4d:5b:7f:5a:c1:9e:ef:9e:75:ef:f0:c8:b6:84:c3:
49:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:53:B0:DD:43:E0:9A:5E:CF:24:97:96:F5:E9:94:8E:A8:EE:CA:60
X509v3 Authority Key Identifier:
keyid:FB:4A:BE:13:94:2A:BE:42:0F:20:DC:14:9F:DC:57:DF:40:45:C1:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-0q-E5QqvkIPINwUn9xX30BFwUM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dee68d-aacd-4673-ba42-9911e510a8a9/1/XlOw3UPgml7PJJeW9emUjqjuymA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/dee68d-aacd-4673-ba42-9911e510a8a9/1/1-0q-E5QqvkIPINwUn9xX30BFwUM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.47.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:e0:ea:85:db:ce:4c:4e:d4:5b:02:44:f7:c7:05:15:5a:61:
61:3b:21:09:70:10:4b:3f:b4:ed:78:98:6f:a3:99:64:3e:15:
fb:5e:df:b9:bd:9c:e2:d6:6d:99:be:2c:e8:31:6b:21:76:6e:
31:91:c6:af:39:28:23:c4:ae:41:48:7f:10:3c:6a:56:71:1b:
ff:83:2b:7f:df:cb:38:ba:d3:c5:a6:e4:8b:0b:f8:7a:75:1e:
be:03:76:56:b6:64:df:ab:6e:ed:90:12:35:28:e2:9a:46:85:
0a:64:c9:f8:bd:11:c1:57:98:28:40:ae:3b:31:a7:09:96:51:
0d:37:7f:0f:b8:04:0e:bf:dc:0e:39:f8:ce:f5:2c:9a:35:29:
c5:b1:a8:73:6a:44:84:63:74:54:c3:fe:e0:ef:e0:a9:c1:4e:
2a:fb:5e:cb:2e:8f:1b:9c:59:51:ab:cc:82:2f:55:3c:4b:cd:
c2:e4:21:d3:92:5f:cb:ad:84:7d:99:e7:a3:63:c9:4f:f1:a6:
15:ac:b9:f3:f3:ae:97:1e:90:de:4d:cd:9f:15:0d:32:49:b3:
c7:bc:f7:d0:16:75:dc:4f:22:d2:09:c9:cb:fd:e2:d4:c5:8d:
a6:b2:8a:11:04:f8:93:55:52:65:0a:02:28:c5:c2:5f:85:ff:
0d:d2:99:18
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYVwjKhqNjhqsG1v4DS2NDR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNGFiZTEzOTQyYWJlNDIwZjIwZGMxNDlmZGM1N2RmNDA0
NWMxNDMwHhcNMjMwMTAyMDMzNTQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTUzYjBkZDQzZTA5YTVlY2YyNDk3OTZmNWU5OTQ4ZWE4ZWVjYTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApfTaI+wTwX16r7SpkNqN1ZKv70Tz
h7ZfKUXGSET5aEeLpklmO28K0uRh+/xBVwCFAFw90Qws6IZ3v+Ln+Xw5vUC1ajv2
mYEJJhI7izfmvj1b7ILlOrMd9bS4P6Q9nb6f0eHC2AzBjTxKbHFOW6vbvRDtSuzM
hdfZqhGkj0YSGkz6EeXxYift9LHlXgTENRUlqYNgsZgf1e4OYf001bq8xBFKXKg7
ll74UQ+GqTGGA2Edik7tqA1YzotRqyVD6yaPq/Al4gA4HIlFPNerzcBtyC2tNUN3
QEDlXWMOpiBZ/OJm3lZGzu4nTX6J6vKM1kFNW39awZ7vnnXv8Mi2hMNJ8QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFF5TsN1D4JpezySXlvXplI6o7spgMB8GA1UdIwQY
MBaAFPtKvhOUKr5CDyDcFJ/cV99ARcFDMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0wcS1FNVFxdmtJUElOd1VuOXhYMzBCRndVTS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWEvZGVlNjhkLWFhY2QtNDY3My1iYTQy
LTk5MTFlNTEwYThhOS8xL1hsT3czVVBnbWw3UEpKZVc5ZW1VanFqdXltQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWEvZGVlNjhkLWFhY2QtNDY3My1iYTQyLTk5MTFlNTEwYThh
OS8xLzEtMHEtRTVRcXZrSVBJTndVbjl4WDMwQkZ3VU0uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABb3C8w
DQYJKoZIhvcNAQELBQADggEBAKHg6oXbzkxO1FsCRPfHBRVaYWE7IQlwEEs/tO14
mG+jmWQ+Ffte37m9nOLWbZm+LOgxayF2bjGRxq85KCPErkFIfxA8alZxG/+DK3/f
yzi608Wm5IsL+Hp1Hr4Ddla2ZN+rbu2QEjUo4ppGhQpkyfi9EcFXmChArjsxpwmW
UQ03fw+4BA6/3A45+M71LJo1KcWxqHNqRIRjdFTD/uDv4KnBTir7XssujxucWVGr
zIIvVTxLzcLkIdOSX8uthH2Z56NjyU/xphWsufPzrpcekN5NzZ8VDTJJs8e899AW
ddxPItIJycv94tTFjaayihEE+JNVUmUKAijFwl+F/w3SmRg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:53:24 2025 by rpki-client