Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/XAUkL69UcdJyRDkhCFGF8VuZ6xM.roa
File: XAUkL69UcdJyRDkhCFGF8VuZ6xM.roa (raw, json)
Hash identifier: HAnvk2AkL8uRZmB+2U2EuDkGUktm+4s7FHoc9/kGorE=
Subject key identifier: 5C:05:24:2F:AF:54:71:D2:72:44:39:21:08:51:85:F1:5B:99:EB:13
Certificate issuer: /CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Certificate serial: 018C97118A16454870E03CD0E3E6E501C28B
Authority key identifier: 26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/XAUkL69UcdJyRDkhCFGF8VuZ6xM.roa
Signing time: Sat 23 Dec 2023 14:25:58 +0000
ROA not before: Sat 23 Dec 2023 14:25:58 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 197730
IP address blocks: 91.190.152.0/24 maxlen: 32
193.28.186.0/24 maxlen: 32
194.113.209.0/24 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:97:11:8a:16:45:48:70:e0:3c:d0:e3:e6:e5:01:c2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2672b9fb546b365e323230dcea9ba8c9fbedfeb8
Validity
Not Before: Dec 23 14:25:58 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5c05242faf5471d272443921085185f15b99eb13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6c:ff:87:3f:78:2d:1e:a2:6e:0a:1c:40:56:
bc:b2:8c:49:43:9c:79:27:11:29:5f:16:7b:37:65:
4f:d5:f6:42:20:eb:d0:67:68:44:cb:54:6b:ca:b4:
29:8b:fa:ed:3a:d0:ab:f6:6b:63:0b:dc:94:71:46:
bd:4d:7b:85:a1:8e:4d:fe:ac:a4:4a:66:5f:0d:da:
ba:60:d3:71:92:2e:64:06:f1:19:4c:12:ce:dd:91:
55:79:f2:ee:a5:ee:92:a5:fd:a9:cb:b7:47:10:47:
56:99:20:78:f5:59:c0:12:3e:cb:2e:75:c1:0f:ca:
81:10:02:4c:4a:a9:71:83:65:2e:33:fa:d4:14:67:
a7:67:d7:78:de:05:b8:89:a4:53:86:bf:26:0e:9b:
33:0d:01:e0:ea:cc:f9:be:36:3a:ed:ba:e4:7b:5a:
fa:21:ee:51:ba:e4:1e:67:cc:a4:3b:8e:41:98:9e:
22:fb:97:12:db:98:50:1e:3d:ee:f1:08:8c:6d:cd:
6a:69:f7:5e:f2:0c:e6:ac:3f:79:fc:53:d5:fc:74:
93:d1:59:04:14:33:d2:49:cd:61:40:de:8c:b3:15:
5c:7b:f9:3e:f4:16:fd:85:b9:c0:7d:0e:48:88:fc:
01:c5:6e:e5:74:ad:da:81:5a:82:07:36:0c:36:a5:
4f:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:05:24:2F:AF:54:71:D2:72:44:39:21:08:51:85:F1:5B:99:EB:13
X509v3 Authority Key Identifier:
keyid:26:72:B9:FB:54:6B:36:5E:32:32:30:DC:EA:9B:A8:C9:FB:ED:FE:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JnK5-1RrNl4yMjDc6puoyfvt_rg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/XAUkL69UcdJyRDkhCFGF8VuZ6xM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/b13b55-1288-45e6-8876-a70db58280fc/1/JnK5-1RrNl4yMjDc6puoyfvt_rg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.190.152.0/24
193.28.186.0/24
194.113.209.0/24
Signature Algorithm: sha256WithRSAEncryption
47:b4:1b:c9:c5:43:ae:6d:48:c9:b9:77:4a:09:9c:5b:9d:1a:
61:27:f0:ed:7d:57:37:25:87:9f:c1:3d:17:ba:90:08:43:08:
35:2c:09:a4:6d:af:0c:1c:4c:22:8d:59:16:e8:d2:b3:25:92:
72:7d:3e:0f:c8:3f:24:a1:b9:24:d4:24:9f:66:50:3c:52:17:
03:df:f9:01:bd:76:c0:75:d7:5f:8c:04:43:45:8e:9e:30:1d:
64:29:ca:fd:29:b1:3f:3e:71:8c:33:56:9a:01:e1:ab:17:f3:
93:1f:05:02:e8:6b:a4:4f:b1:d9:61:b6:f5:44:a5:f6:42:91:
2c:6a:b2:b9:b4:2f:b9:95:52:7d:4c:69:32:fd:b6:97:a0:5d:
e1:d6:84:c2:ff:d0:5e:d7:db:bf:66:fb:ad:ee:ef:3a:48:f3:
a4:4b:61:6b:55:22:14:21:fe:c1:ff:47:3e:05:c0:dd:7e:27:
54:2d:56:11:95:92:45:17:49:73:af:ec:3b:be:3e:6c:6d:b6:
9b:68:f5:9c:0b:65:93:f9:14:c2:8c:cb:31:10:96:ef:89:fc:
bb:f7:4f:fe:a0:54:cc:95:85:14:70:a7:52:4c:c4:61:be:80:
4f:0a:26:1e:f0:24:27:41:11:2f:35:a3:93:ce:08:e8:04:7f:
24:9b:bf:60
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYyXEYoWRUhw4DzQ4+blAcKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NzJiOWZiNTQ2YjM2NWUzMjMyMzBkY2VhOWJhOGM5ZmJl
ZGZlYjgwHhcNMjMxMjIzMTQyNTU4WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzA1MjQyZmFmNTQ3MWQyNzI0NDM5MjEwODUxODVmMTViOTllYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWz/hz94LR6ibgocQFa8soxJQ5x5
JxEpXxZ7N2VP1fZCIOvQZ2hEy1RryrQpi/rtOtCr9mtjC9yUcUa9TXuFoY5N/qyk
SmZfDdq6YNNxki5kBvEZTBLO3ZFVefLupe6Spf2py7dHEEdWmSB49VnAEj7LLnXB
D8qBEAJMSqlxg2UuM/rUFGenZ9d43gW4iaRThr8mDpszDQHg6sz5vjY67brke1r6
Ie5RuuQeZ8ykO45BmJ4i+5cS25hQHj3u8QiMbc1qafde8gzmrD95/FPV/HST0VkE
FDPSSc1hQN6MsxVce/k+9Bb9hbnAfQ5IiPwBxW7ldK3agVqCBzYMNqVPIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFwFJC+vVHHSckQ5IQhRhfFbmesTMB8GA1UdIwQY
MBaAFCZyuftUazZeMjIw3OqbqMn77f64MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYt
YTcwZGI1ODI4MGZjLzEvWEFVa0w2OVVjZEp5UkRraENGR0Y4VnVaNnhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9iMTNiNTUtMTI4OC00NWU2LTg4NzYtYTcwZGI1ODI4MGZj
LzEvSm5LNS0xUnJObDR5TWpEYzZwdW95ZnZ0X3JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW76YAwQA
wRy6AwQAwnHRMA0GCSqGSIb3DQEBCwUAA4IBAQBHtBvJxUOubUjJuXdKCZxbnRph
J/DtfVc3JYefwT0XupAIQwg1LAmkba8MHEwijVkW6NKzJZJyfT4PyD8kobkk1CSf
ZlA8UhcD3/kBvXbAdddfjARDRY6eMB1kKcr9KbE/PnGMM1aaAeGrF/OTHwUC6Guk
T7HZYbb1RKX2QpEsarK5tC+5lVJ9TGky/baXoF3h1oTC/9Be19u/Zvut7u86SPOk
S2FrVSIUIf7B/0c+BcDdfidULVYRlZJFF0lzr+w7vj5sbbabaPWcC2WT+RTCjMsx
EJbvify790/+oFTMlYUUcKdSTMRhvoBPCiYe8CQnQREvNaOTzgjoBH8km79g
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:06:01 2025 by rpki-client