Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/958cbc-c2f4-48f7-addd-e804dcbdd762/1/XASFDYZvONjPSSAkmoquCXZLZro.roa
File: XASFDYZvONjPSSAkmoquCXZLZro.roa (raw, json)
Hash identifier: +CokzeimT7P3AjV6x4oyNwMogLsZawjl35hcNm15B7A=
Subject key identifier: 5C:04:85:0D:86:6F:38:D8:CF:49:20:24:9A:8A:AE:09:76:4B:66:BA
Certificate issuer: /CN=952093150f4a46101acd7ea3a26bb438513123b5
Certificate serial: 107497E7
Authority key identifier: 95:20:93:15:0F:4A:46:10:1A:CD:7E:A3:A2:6B:B4:38:51:31:23:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lSCTFQ9KRhAazX6jomu0OFExI7U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/958cbc-c2f4-48f7-addd-e804dcbdd762/1/XASFDYZvONjPSSAkmoquCXZLZro.roa
Signing time: Sat 01 Jan 2022 04:59:01 +0000
ROA not before: Sat 01 Jan 2022 04:59:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 680
IP address blocks: 194.113.208.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 276076519 (0x107497e7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=952093150f4a46101acd7ea3a26bb438513123b5
Validity
Not Before: Jan 1 04:59:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5c04850d866f38d8cf4920249a8aae09764b66ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:6a:0d:d5:80:59:ec:e5:d3:15:7c:b1:09:7b:
2f:f1:06:4a:92:7d:4c:5c:d2:5e:1f:f1:09:f8:5f:
50:9b:25:80:cc:c9:25:dd:7a:ea:b9:91:e7:b6:e8:
e2:d0:2a:76:0b:db:18:8f:bd:1c:0d:ed:93:87:4b:
11:a6:67:1b:de:02:30:56:00:6a:47:3e:bf:2c:fe:
cd:62:8a:68:9e:a0:77:a1:fa:59:2e:ed:41:90:30:
3b:7f:bf:a4:6c:91:4e:f4:b7:7a:2b:39:10:f6:36:
d3:df:35:0f:e5:ed:2b:d5:ba:39:ef:00:17:6c:82:
de:da:ad:0c:e8:1a:b8:85:66:f0:90:db:bc:c0:35:
2b:20:03:82:0b:6c:91:7a:b3:2b:51:94:f5:f7:be:
16:c0:53:b0:2d:3d:66:8a:ec:86:90:df:40:ac:24:
04:2a:b0:94:14:e4:f7:e7:da:00:25:f2:5b:24:d7:
ee:42:27:10:39:df:ec:0a:09:c2:db:9a:0b:6a:6b:
9a:92:52:a8:26:b2:a7:b3:c5:7a:87:d4:66:9e:2e:
8e:7a:1f:02:e8:bd:e0:5b:9f:84:25:1b:95:fd:ef:
54:37:0e:06:55:14:db:a6:f7:85:7b:01:e1:72:ea:
32:e7:53:ac:8f:d1:40:b2:00:bb:0a:aa:71:fe:e9:
f5:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:04:85:0D:86:6F:38:D8:CF:49:20:24:9A:8A:AE:09:76:4B:66:BA
X509v3 Authority Key Identifier:
keyid:95:20:93:15:0F:4A:46:10:1A:CD:7E:A3:A2:6B:B4:38:51:31:23:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lSCTFQ9KRhAazX6jomu0OFExI7U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/958cbc-c2f4-48f7-addd-e804dcbdd762/1/XASFDYZvONjPSSAkmoquCXZLZro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/958cbc-c2f4-48f7-addd-e804dcbdd762/1/lSCTFQ9KRhAazX6jomu0OFExI7U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.208.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:7e:ad:00:e2:cf:9a:71:e3:33:21:3c:97:d5:9f:ee:2b:fd:
6e:0d:d8:62:c1:88:4f:e2:dd:09:3d:5e:f2:e2:f2:1b:b5:28:
7b:e7:bc:0a:c1:9f:f5:06:22:d9:90:a6:44:7f:81:51:7b:46:
61:68:4d:a8:3a:5d:2d:5e:58:02:cc:f5:1d:df:9b:28:16:3f:
88:30:4c:e6:32:bb:0f:bb:dd:2f:62:8d:74:c5:b0:0e:6b:de:
59:88:a9:f1:fc:b9:f2:6b:b1:68:c7:e2:7b:9e:66:7e:cb:4e:
9f:7a:87:cd:aa:70:c1:2d:16:31:e3:77:e2:64:a4:b2:00:57:
b8:36:22:95:b0:0b:5f:73:3d:90:ee:0d:4e:66:07:c7:21:ff:
e9:2b:33:11:77:21:6b:4d:31:9f:80:3e:a6:db:d6:27:bb:bb:
08:55:db:82:1e:31:6d:6f:38:96:a5:20:bc:c5:30:b7:ed:26:
b2:39:40:77:2d:06:72:76:5b:60:87:d1:cb:5c:11:94:21:b0:
bc:42:d7:f9:94:8e:1c:3c:33:43:1d:8f:c1:6a:d3:4b:dd:75:
ec:3a:89:1b:81:c0:74:80:dc:58:e9:48:43:7e:b1:ee:31:2e:
1b:ba:b2:a8:7e:9a:ec:a1:fe:53:af:4b:1d:40:9d:2c:5f:a3:
9f:01:ce:41
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEEHSX5zANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg5
NTIwOTMxNTBmNGE0NjEwMWFjZDdlYTNhMjZiYjQzODUxMzEyM2I1MB4XDTIyMDEw
MTA0NTkwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNWMwNDg1MGQ4NjZm
MzhkOGNmNDkyMDI0OWE4YWFlMDk3NjRiNjZiYTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANRqDdWAWezl0xV8sQl7L/EGSpJ9TFzSXh/xCfhfUJslgMzJ
Jd166rmR57bo4tAqdgvbGI+9HA3tk4dLEaZnG94CMFYAakc+vyz+zWKKaJ6gd6H6
WS7tQZAwO3+/pGyRTvS3eis5EPY20981D+XtK9W6Oe8AF2yC3tqtDOgauIVm8JDb
vMA1KyADggtskXqzK1GU9fe+FsBTsC09ZorshpDfQKwkBCqwlBTk9+faACXyWyTX
7kInEDnf7AoJwtuaC2prmpJSqCayp7PFeofUZp4ujnofAui94FufhCUblf3vVDcO
BlUU26b3hXsB4XLqMudTrI/RQLIAuwqqcf7p9bsCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRcBIUNhm842M9JICSaiq4JdktmujAfBgNVHSMEGDAWgBSVIJMVD0pGEBrN
fqOia7Q4UTEjtTAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2xTQ1RGUTlLUmhBYXpYNmpvbXUwT0ZFeEk3VS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvZmYvOTU4Y2JjLWMyZjQtNDhmNy1hZGRkLWU4MDRkY2JkZDc2Mi8x
L1hBU0ZEWVp2T05qUFNTQWttb3F1Q1haTFpyby5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZmYv
OTU4Y2JjLWMyZjQtNDhmNy1hZGRkLWU4MDRkY2JkZDc2Mi8xL2xTQ1RGUTlLUmhB
YXpYNmpvbXUwT0ZFeEk3VS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMJx0DANBgkqhkiG9w0BAQsFAAOC
AQEApH6tAOLPmnHjMyE8l9Wf7iv9bg3YYsGIT+LdCT1e8uLyG7Uoe+e8CsGf9QYi
2ZCmRH+BUXtGYWhNqDpdLV5YAsz1Hd+bKBY/iDBM5jK7D7vdL2KNdMWwDmveWYip
8fy58muxaMfie55mfstOn3qHzapwwS0WMeN34mSksgBXuDYilbALX3M9kO4NTmYH
xyH/6SszEXcha00xn4A+ptvWJ7u7CFXbgh4xbW84lqUgvMUwt+0msjlAdy0GcnZb
YIfRy1wRlCGwvELX+ZSOHDwzQx2PwWrTS9117DqJG4HAdIDcWOlIQ36x7jEuG7qy
qH6a7KH+U69LHUCdLF+jnwHOQQ==
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:37 2025 by rpki-client