Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/xjWZy9zVdV4vppOBWTAs2iL2zss.roa
File: xjWZy9zVdV4vppOBWTAs2iL2zss.roa (raw, json)
Hash identifier: Cb3n8kMZdoOnobXiTRd1NrCnWhk0WGHZZwvlkSVRjyY=
Subject key identifier: C6:35:99:CB:DC:D5:75:5E:2F:A6:93:81:59:30:2C:DA:22:F6:CE:CB
Certificate issuer: /CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Certificate serial: 018C62A726ECCCD04463D171037A4916E51B
Authority key identifier: E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/xjWZy9zVdV4vppOBWTAs2iL2zss.roa
Signing time: Wed 13 Dec 2023 10:09:30 +0000
ROA not before: Wed 13 Dec 2023 10:09:30 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35779
IP address blocks: 188.93.122.0/23 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:62:a7:26:ec:cc:d0:44:63:d1:71:03:7a:49:16:e5:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e93f3a41e6be524115c6c2b558bc280043a0224e
Validity
Not Before: Dec 13 10:09:30 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c63599cbdcd5755e2fa6938159302cda22f6cecb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:66:dd:69:bc:69:04:78:29:5c:16:93:9f:44:
4a:0d:32:ac:34:2d:89:a0:6f:0d:48:6b:bf:75:ef:
38:ef:58:88:cc:92:69:74:c9:c7:5c:69:ef:c7:c0:
0e:df:97:39:d7:47:7e:9a:35:4b:7b:65:94:37:81:
ec:a0:3b:b4:6b:ab:a1:58:a3:30:6c:d3:3d:a3:63:
94:ef:64:42:9f:5a:88:dc:44:3e:ce:3e:b1:07:25:
c8:e9:d0:e6:3a:83:3a:47:09:47:9a:23:73:d2:65:
e9:8e:15:1c:3a:cc:28:ac:db:f7:9e:15:e9:18:76:
58:83:9e:5b:20:6c:a4:e6:23:83:59:f2:73:d0:05:
31:23:9e:e5:f5:de:94:d9:2e:86:e2:ad:6a:43:0e:
08:97:74:c1:2e:12:08:db:34:3e:2c:ef:e0:a9:a8:
df:23:37:77:e6:67:62:1b:8f:0b:f8:8f:95:af:b5:
1e:ff:91:82:96:ca:cf:73:0f:a5:0a:83:11:d7:47:
a5:21:16:fd:f7:a3:f9:2a:7c:2b:3e:84:a0:3f:10:
85:06:fd:af:c9:40:6f:62:ea:da:9e:2d:f6:ee:e2:
16:e6:26:e8:1e:7b:d9:d4:36:61:f9:09:79:86:9e:
53:b4:7d:73:3f:cf:ee:4d:fe:f4:21:e2:4f:d7:cd:
55:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:35:99:CB:DC:D5:75:5E:2F:A6:93:81:59:30:2C:DA:22:F6:CE:CB
X509v3 Authority Key Identifier:
keyid:E9:3F:3A:41:E6:BE:52:41:15:C6:C2:B5:58:BC:28:00:43:A0:22:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6T86Qea-UkEVxsK1WLwoAEOgIk4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/xjWZy9zVdV4vppOBWTAs2iL2zss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/a1740e-8404-42d2-af5c-10e24625a4d4/1/6T86Qea-UkEVxsK1WLwoAEOgIk4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.93.122.0/23
Signature Algorithm: sha256WithRSAEncryption
a2:5c:b9:96:6e:06:67:da:b2:08:21:24:d4:e3:a9:4a:74:be:
56:76:67:82:12:7a:4f:c1:0f:c5:75:11:5d:c2:74:1a:71:d6:
63:e6:31:7d:27:a1:20:27:09:b8:bd:a5:d7:c4:0a:4a:ed:47:
c6:39:13:9e:11:73:8a:be:6d:49:90:20:a6:17:33:c0:7d:90:
76:5f:66:7c:ca:a3:be:34:a3:52:f4:c7:5a:be:29:17:a6:e1:
37:51:f4:aa:97:b9:ef:67:49:99:11:9c:05:11:51:c2:3d:e1:
51:dd:66:e3:7f:4d:57:eb:ed:cc:80:dc:72:1f:b6:14:5d:73:
44:33:2e:4b:7d:23:fa:8a:18:20:21:35:5b:7c:80:d0:02:92:
07:85:0b:51:32:c2:ed:fd:46:a5:db:66:11:bb:a1:84:d3:19:
ee:8a:7f:f6:52:f0:8d:12:31:4f:b4:6e:13:d9:61:b2:f8:93:
01:d7:19:37:e3:ba:b7:f0:63:8f:a4:0a:4e:e6:01:e3:9d:6f:
a1:ba:06:32:eb:52:70:36:36:e2:8c:9e:cc:3b:35:19:0b:2f:
b4:4f:55:c9:3b:7d:1d:9c:6c:00:5e:a6:53:40:ac:e7:a7:ab:
fc:4c:d0:a7:6c:50:27:e4:8c:f6:59:e7:8f:0b:35:b3:89:ad:
7c:f9:fd:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYxipybszNBEY9FxA3pJFuUbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5M2YzYTQxZTZiZTUyNDExNWM2YzJiNTU4YmMyODAwNDNh
MDIyNGUwHhcNMjMxMjEzMTAwOTMwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNjM1OTljYmRjZDU3NTVlMmZhNjkzODE1OTMwMmNkYTIyZjZjZWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmbdabxpBHgpXBaTn0RKDTKsNC2J
oG8NSGu/de8471iIzJJpdMnHXGnvx8AO35c510d+mjVLe2WUN4HsoDu0a6uhWKMw
bNM9o2OU72RCn1qI3EQ+zj6xByXI6dDmOoM6RwlHmiNz0mXpjhUcOsworNv3nhXp
GHZYg55bIGyk5iODWfJz0AUxI57l9d6U2S6G4q1qQw4Il3TBLhII2zQ+LO/gqajf
Izd35mdiG48L+I+Vr7Ue/5GClsrPcw+lCoMR10elIRb996P5KnwrPoSgPxCFBv2v
yUBvYurani327uIW5iboHnvZ1DZh+Ql5hp5TtH1zP8/uTf70IeJP181VFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMY1mcvc1XVeL6aTgVkwLNoi9s7LMB8GA1UdIwQY
MBaAFOk/OkHmvlJBFcbCtVi8KABDoCJOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMt
MTBlMjQ2MjVhNGQ0LzEveGpXWnk5elZkVjR2cHBPQldUQXMyaUwyenNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9hMTc0MGUtODQwNC00MmQyLWFmNWMtMTBlMjQ2MjVhNGQ0
LzEvNlQ4NlFlYS1Va0VWeHNLMVdMd29BRU9nSWs0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBvF16MA0G
CSqGSIb3DQEBCwUAA4IBAQCiXLmWbgZn2rIIISTU46lKdL5WdmeCEnpPwQ/FdRFd
wnQacdZj5jF9J6EgJwm4vaXXxApK7UfGOROeEXOKvm1JkCCmFzPAfZB2X2Z8yqO+
NKNS9MdavikXpuE3UfSql7nvZ0mZEZwFEVHCPeFR3Wbjf01X6+3MgNxyH7YUXXNE
My5LfSP6ihggITVbfIDQApIHhQtRMsLt/Ual22YRu6GE0xnuin/2UvCNEjFPtG4T
2WGy+JMB1xk347q38GOPpApO5gHjnW+hugYy61JwNjbijJ7MOzUZCy+0T1XJO30d
nGwAXqZTQKznp6v8TNCnbFAn5Iz2WeePCzWzia18+f2C
-----END CERTIFICATE-----
Generated at Thu Apr 17 12:12:53 2025 by rpki-client