Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/d16b46-b8cc-4456-a450-27e27c163102/1/xduwtVZPfYH0AQ1d0wA_70RT7Yk.roa
File: xduwtVZPfYH0AQ1d0wA_70RT7Yk.roa (raw, json)
Hash identifier: tPYVaXMHGI0a+OYpE1P6zsmfj4C1NZLL5QBvXe2voaw=
Subject key identifier: C5:DB:B0:B5:56:4F:7D:81:F4:01:0D:5D:D3:00:3F:EF:44:53:ED:89
Certificate issuer: /CN=eb0eb8f5487d741a8cc6d6df3b392191ed3eed3f
Certificate serial: 01857102DF5711BA2D8E00465CBE83210423
Authority key identifier: EB:0E:B8:F5:48:7D:74:1A:8C:C6:D6:DF:3B:39:21:91:ED:3E:ED:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6w649Uh9dBqMxtbfOzkhke0-7T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/d16b46-b8cc-4456-a450-27e27c163102/1/xduwtVZPfYH0AQ1d0wA_70RT7Yk.roa
Signing time: Mon 02 Jan 2023 05:44:51 +0000
ROA not before: Mon 02 Jan 2023 05:44:51 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60132
IP address blocks: 195.191.128.0/23 maxlen: 24
195.191.90.0/23 maxlen: 24
2a13:2080::/29 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:71:02:df:57:11:ba:2d:8e:00:46:5c:be:83:21:04:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb0eb8f5487d741a8cc6d6df3b392191ed3eed3f
Validity
Not Before: Jan 2 05:44:51 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c5dbb0b5564f7d81f4010d5dd3003fef4453ed89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6c:ba:69:58:d4:b7:8a:70:84:53:ce:5c:bd:
41:5d:8e:c7:e2:4f:d7:6b:7e:a2:f8:d7:9a:a9:00:
3d:80:3c:c2:de:33:e8:14:c3:08:7f:cb:9a:c4:57:
89:84:c1:67:74:5a:5a:30:a7:8c:f2:33:94:61:1e:
d0:5e:09:09:ce:c2:a8:d1:e6:9b:68:a6:78:7b:5d:
4d:b0:96:46:fb:c6:37:a6:df:82:92:82:80:b5:1c:
45:ec:6c:ee:94:63:9d:f2:4d:6a:7a:67:ea:b0:3d:
dd:a6:74:dc:e4:c7:99:79:78:fd:43:40:58:ae:9d:
3f:56:a4:c3:59:86:2e:af:21:2d:34:22:07:54:66:
6f:ba:0b:7b:7c:7c:fe:b0:db:6c:70:bc:fb:87:87:
66:05:1e:a0:3f:0a:55:42:54:22:d5:2a:c9:81:ea:
42:cb:41:69:25:31:e9:64:7c:77:95:65:db:78:e9:
13:81:d1:de:10:81:90:0b:73:7d:e2:1c:14:3b:f8:
09:21:8a:16:c1:8f:26:08:26:eb:8f:f9:3f:36:1c:
e3:eb:a6:44:c1:4b:a5:ba:50:32:11:d0:09:0a:eb:
ec:3b:01:0e:8d:8c:48:2b:5e:6f:58:6c:e4:d4:9d:
65:56:11:54:3f:3e:e2:c7:d1:d2:3a:9a:f0:0a:cc:
46:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:DB:B0:B5:56:4F:7D:81:F4:01:0D:5D:D3:00:3F:EF:44:53:ED:89
X509v3 Authority Key Identifier:
keyid:EB:0E:B8:F5:48:7D:74:1A:8C:C6:D6:DF:3B:39:21:91:ED:3E:ED:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6w649Uh9dBqMxtbfOzkhke0-7T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d16b46-b8cc-4456-a450-27e27c163102/1/xduwtVZPfYH0AQ1d0wA_70RT7Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/d16b46-b8cc-4456-a450-27e27c163102/1/6w649Uh9dBqMxtbfOzkhke0-7T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.90.0/23
195.191.128.0/23
IPv6:
2a13:2080::/29
Signature Algorithm: sha256WithRSAEncryption
03:b0:f6:7a:35:f3:20:9a:1c:e6:10:9a:75:fe:10:83:84:71:
c9:58:d1:1b:c9:9d:f4:12:73:e6:31:5a:52:69:0e:7c:71:80:
52:7f:b1:bb:fb:00:2c:04:de:89:f5:3f:35:a7:e4:a0:ad:95:
86:f2:38:84:59:c1:5e:9c:1c:b6:28:c5:2b:0f:d5:a6:71:f2:
51:92:d8:cc:cf:77:b1:aa:24:68:47:8b:6f:e6:fc:13:8f:af:
ef:81:78:20:8b:94:c4:98:ae:8f:ad:74:b5:de:ea:e5:b0:c6:
af:f0:3c:20:f6:61:e6:f0:02:91:90:2a:76:0c:77:53:a0:60:
a2:e2:9b:04:f7:a1:22:ad:56:24:53:1e:83:36:6c:d8:e0:79:
bc:da:01:7d:8b:16:6d:19:81:88:f1:39:b3:5e:37:7c:7c:06:
3e:3c:53:6e:03:7d:38:7c:b4:55:e8:90:92:43:84:56:49:40:
a3:ac:7a:5a:dc:7c:05:1c:61:e0:43:66:3c:f1:8d:5f:44:28:
ec:7b:ee:67:b3:86:bb:0a:dd:a8:5b:0a:42:e1:3f:5a:d3:93:
f3:ad:6e:13:dc:61:a2:db:34:35:8b:e5:46:f6:e1:f3:e3:d9:
be:c9:69:9e:d1:3c:97:1f:cf:da:4c:9d:99:bc:6c:dd:1e:01:
47:8c:26:9f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVxAt9XEbotjgBGXL6DIQQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMGViOGY1NDg3ZDc0MWE4Y2M2ZDZkZjNiMzkyMTkxZWQz
ZWVkM2YwHhcNMjMwMTAyMDU0NDUxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWRiYjBiNTU2NGY3ZDgxZjQwMTBkNWRkMzAwM2ZlZjQ0NTNlZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmy6aVjUt4pwhFPOXL1BXY7H4k/X
a36i+NeaqQA9gDzC3jPoFMMIf8uaxFeJhMFndFpaMKeM8jOUYR7QXgkJzsKo0eab
aKZ4e11NsJZG+8Y3pt+CkoKAtRxF7GzulGOd8k1qemfqsD3dpnTc5MeZeXj9Q0BY
rp0/VqTDWYYuryEtNCIHVGZvugt7fHz+sNtscLz7h4dmBR6gPwpVQlQi1SrJgepC
y0FpJTHpZHx3lWXbeOkTgdHeEIGQC3N94hwUO/gJIYoWwY8mCCbrj/k/Nhzj66ZE
wUululAyEdAJCuvsOwEOjYxIK15vWGzk1J1lVhFUPz7ix9HSOprwCsxGlwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMXbsLVWT32B9AENXdMAP+9EU+2JMB8GA1UdIwQY
MBaAFOsOuPVIfXQajMbW3zs5IZHtPu0/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnc2NDlVaDlkQnFNeHRiZk96a2hrZTAtN1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9kMTZiNDYtYjhjYy00NDU2LWE0NTAt
MjdlMjdjMTYzMTAyLzEveGR1d3RWWlBmWUgwQVExZDB3QV83MFJUN1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9kMTZiNDYtYjhjYy00NDU2LWE0NTAtMjdlMjdjMTYzMTAy
LzEvNnc2NDlVaDlkQnFNeHRiZk96a2hrZTAtN1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBw79aAwQB
w7+AMA0EAgACMAcDBQMqEyCAMA0GCSqGSIb3DQEBCwUAA4IBAQADsPZ6NfMgmhzm
EJp1/hCDhHHJWNEbyZ30EnPmMVpSaQ58cYBSf7G7+wAsBN6J9T81p+SgrZWG8jiE
WcFenBy2KMUrD9WmcfJRktjMz3exqiRoR4tv5vwTj6/vgXggi5TEmK6PrXS13url
sMav8Dwg9mHm8AKRkCp2DHdToGCi4psE96EirVYkUx6DNmzY4Hm82gF9ixZtGYGI
8TmzXjd8fAY+PFNuA304fLRV6JCSQ4RWSUCjrHpa3HwFHGHgQ2Y88Y1fRCjse+5n
s4a7Ct2oWwpC4T9a05PzrW4T3GGi2zQ1i+VG9uHz49m+yWme0TyXH8/aTJ2ZvGzd
HgFHjCaf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:49 2025 by rpki-client