Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/XTFJGnbnLZfsLl8ah1wgD7vCY7I.roa
File: XTFJGnbnLZfsLl8ah1wgD7vCY7I.roa (raw, json)
Hash identifier: EpnR6gidKKLjb+IQoLlomjWsharJLLVlQK6LNif8fTw=
Subject key identifier: 5D:31:49:1A:76:E7:2D:97:EC:2E:5F:1A:87:5C:20:0F:BB:C2:63:B2
Certificate issuer: /CN=606857c43ca1df04cb69a4a0aac8629bdf32756b
Certificate serial: 03723DEA
Authority key identifier: 60:68:57:C4:3C:A1:DF:04:CB:69:A4:A0:AA:C8:62:9B:DF:32:75:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGhXxDyh3wTLaaSgqshim98ydWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/XTFJGnbnLZfsLl8ah1wgD7vCY7I.roa
Signing time: Sat 01 Jan 2022 09:56:09 +0000
ROA not before: Sat 01 Jan 2022 09:56:09 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 209924
IP address blocks: 193.104.91.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 57818602 (0x3723dea)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606857c43ca1df04cb69a4a0aac8629bdf32756b
Validity
Not Before: Jan 1 09:56:09 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5d31491a76e72d97ec2e5f1a875c200fbbc263b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:87:10:2c:4d:da:11:bf:e3:61:ed:81:cd:9e:
ff:62:21:00:7d:f8:90:cb:03:e3:00:36:fd:1a:e5:
1e:d6:cd:0d:51:a4:3d:ea:ab:1b:5a:36:be:20:09:
33:de:62:21:47:e6:41:33:e3:df:4f:43:de:bf:0e:
a7:53:c2:a8:ee:27:14:c1:fc:eb:9a:c0:6b:d3:1d:
77:18:b9:0a:41:5d:05:dc:1d:84:42:fb:cf:69:c5:
c0:a1:03:f1:91:99:36:bb:58:7e:62:1e:69:bd:7c:
ff:77:8b:60:9b:31:a5:ab:1e:c7:7d:0f:90:20:be:
f5:2e:36:e9:60:df:1d:33:9c:82:b7:00:6e:4f:13:
eb:45:94:99:02:1c:5a:71:af:a9:4c:33:8b:25:47:
3c:66:08:df:43:ab:56:1b:2a:a0:56:0b:36:13:a9:
e7:14:4a:98:02:26:c7:7c:53:85:e0:42:dd:b8:0b:
52:79:cb:05:56:ac:1e:26:be:db:40:96:06:3c:db:
09:e6:d8:d5:a9:96:01:b6:ee:95:ad:45:3d:e4:46:
19:0c:9d:45:5f:43:88:d6:ea:0d:db:7d:ae:95:05:
4e:65:ca:c7:63:2c:1c:b4:f3:55:5d:e1:b0:96:6c:
21:4a:e5:cc:f3:5b:cc:2d:b4:7a:ac:a9:0f:4c:35:
2e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:31:49:1A:76:E7:2D:97:EC:2E:5F:1A:87:5C:20:0F:BB:C2:63:B2
X509v3 Authority Key Identifier:
keyid:60:68:57:C4:3C:A1:DF:04:CB:69:A4:A0:AA:C8:62:9B:DF:32:75:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGhXxDyh3wTLaaSgqshim98ydWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/XTFJGnbnLZfsLl8ah1wgD7vCY7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/95d7dc-0c8b-4941-b9c1-d4710d022336/1/YGhXxDyh3wTLaaSgqshim98ydWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.91.0/24
Signature Algorithm: sha256WithRSAEncryption
33:61:48:98:70:5c:37:44:12:c5:a4:27:f0:57:ed:46:d3:b8:
42:d5:99:55:9e:5c:d2:db:a2:6f:9b:2b:c6:b6:1e:60:d8:4f:
9b:a2:76:c9:0a:a7:7f:8f:47:5d:3e:1b:d4:98:de:db:db:b3:
53:68:38:7f:bb:74:c1:af:d1:dd:fd:50:be:5a:b4:2d:7d:4f:
e1:b8:83:c1:d2:ee:89:82:3a:0a:58:b7:aa:36:98:eb:b2:04:
30:c2:cc:cc:c8:3e:de:cd:ab:11:e3:64:43:8e:36:48:9a:fa:
c0:d4:7f:aa:cf:44:bd:01:79:f2:22:a8:7c:06:9d:f1:48:2f:
64:85:4c:4a:c1:93:db:77:79:fc:6d:55:b2:1f:56:0b:cb:16:
c5:72:f0:80:cd:b1:26:a8:74:89:dd:b5:9a:0e:5a:4a:59:13:
8b:94:c5:a9:6f:a7:a7:4e:0b:d0:f1:8d:ba:fc:61:fd:83:28:
2d:22:bd:4d:2a:66:9e:43:29:b1:07:2f:d9:72:86:26:a4:0e:
52:c0:65:a2:e4:9b:00:6b:8c:70:87:c1:25:eb:03:b5:44:95:
26:e5:d9:e5:f8:2e:6b:2b:70:94:8c:b9:9e:a8:1f:d5:80:43:
a5:33:a2:2e:9d:e5:4e:19:0e:d9:92:85:b4:ef:ba:32:5d:7b:
b1:ef:b5:76
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEA3I96jANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg2
MDY4NTdjNDNjYTFkZjA0Y2I2OWE0YTBhYWM4NjI5YmRmMzI3NTZiMB4XDTIyMDEw
MTA5NTYwOVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWQzMTQ5MWE3NmU3
MmQ5N2VjMmU1ZjFhODc1YzIwMGZiYmMyNjNiMjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJ+HECxN2hG/42Htgc2e/2IhAH34kMsD4wA2/RrlHtbNDVGk
PeqrG1o2viAJM95iIUfmQTPj309D3r8Op1PCqO4nFMH865rAa9Mddxi5CkFdBdwd
hEL7z2nFwKED8ZGZNrtYfmIeab18/3eLYJsxpasex30PkCC+9S426WDfHTOcgrcA
bk8T60WUmQIcWnGvqUwziyVHPGYI30OrVhsqoFYLNhOp5xRKmAImx3xTheBC3bgL
UnnLBVasHia+20CWBjzbCebY1amWAbbula1FPeRGGQydRV9DiNbqDdt9rpUFTmXK
x2MsHLTzVV3hsJZsIUrlzPNbzC20eqypD0w1LvkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRdMUkaductl+wuXxqHXCAPu8JjsjAfBgNVHSMEGDAWgBRgaFfEPKHfBMtp
pKCqyGKb3zJ1azAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1lHaFh4RHloM3dUTGFhU2dxc2hpbTk4eWRXcy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZWIvOTVkN2RjLTBjOGItNDk0MS1iOWMxLWQ0NzEwZDAyMjMzNi8x
L1hURkpHbmJuTFpmc0xsOGFoMXdnRDd2Q1k3SS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZWIv
OTVkN2RjLTBjOGItNDk0MS1iOWMxLWQ0NzEwZDAyMjMzNi8xL1lHaFh4RHloM3dU
TGFhU2dxc2hpbTk4eWRXcy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMFoWzANBgkqhkiG9w0BAQsFAAOC
AQEAM2FImHBcN0QSxaQn8FftRtO4QtWZVZ5c0tuib5srxrYeYNhPm6J2yQqnf49H
XT4b1Jje29uzU2g4f7t0wa/R3f1Qvlq0LX1P4biDwdLuiYI6Cli3qjaY67IEMMLM
zMg+3s2rEeNkQ442SJr6wNR/qs9EvQF58iKofAad8UgvZIVMSsGT23d5/G1Vsh9W
C8sWxXLwgM2xJqh0id21mg5aSlkTi5TFqW+np04L0PGNuvxh/YMoLSK9TSpmnkMp
sQcv2XKGJqQOUsBlouSbAGuMcIfBJesDtUSVJuXZ5fguaytwlIy5nqgf1YBDpTOi
Lp3lThkO2ZKFtO+6Ml17se+1dg==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:30 2024 by rpki-client on console-fra.rpki-client.org