Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/xInI4ee6YySnWhnuLjLHFELtMOg.roa
File: xInI4ee6YySnWhnuLjLHFELtMOg.roa (raw, json)
Hash identifier: Q+sy/QFLYe84cItBwv+0XLeDfhk+9QMb4SjtlXq0mlg=
Subject key identifier: C4:89:C8:E1:E7:BA:63:24:A7:5A:19:EE:2E:32:C7:14:42:ED:30:E8
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 01891D860AF6AD3307747C7F1690BF64C1EF
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/xInI4ee6YySnWhnuLjLHFELtMOg.roa
Signing time: Mon 03 Jul 2023 20:51:11 +0000
ROA not before: Mon 03 Jul 2023 20:51:11 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 208486
IP address blocks: 78.159.131.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:1d:86:0a:f6:ad:33:07:74:7c:7f:16:90:bf:64:c1:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 3 20:51:11 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c489c8e1e7ba6324a75a19ee2e32c71442ed30e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:c1:a6:f2:f0:7d:25:2f:df:6f:a3:67:29:29:
99:df:6a:34:2d:d5:17:90:f0:ab:42:82:72:46:92:
79:55:63:34:a2:92:de:5c:c4:73:d3:c4:9f:6c:55:
12:79:a5:af:15:9d:c5:2d:b1:6a:45:4e:3e:ca:3e:
51:bb:6b:1f:5f:fc:c8:69:81:7f:eb:8d:17:5e:0c:
b1:3d:52:16:9e:d6:4f:da:1c:bf:af:99:7e:b2:50:
f8:e7:a1:21:04:ac:55:79:e4:d7:31:7b:37:f7:f1:
3a:b7:e0:1f:83:30:e9:70:b3:98:82:8c:b3:20:89:
97:32:60:2d:00:3f:3e:df:58:30:f1:1c:a0:91:37:
ee:4e:9e:71:04:c4:ce:32:81:76:07:00:d5:9c:8c:
b7:96:49:0a:2b:8d:9b:c1:c5:93:7c:f5:d4:54:45:
c0:9b:91:89:00:ad:5a:ac:dd:ea:eb:57:65:a9:43:
fb:01:f6:72:a5:ef:8f:48:e9:0f:50:19:20:1d:d4:
7c:c8:6b:17:e3:41:ad:12:51:46:9a:b9:ff:ae:e7:
5d:93:d4:13:b9:2f:93:eb:d5:b8:da:0c:86:48:06:
d6:35:9b:8e:54:84:e8:2f:d3:81:96:07:71:e2:d5:
68:b3:b2:03:28:ba:cf:00:b7:c3:db:d2:83:31:7d:
44:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:89:C8:E1:E7:BA:63:24:A7:5A:19:EE:2E:32:C7:14:42:ED:30:E8
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/xInI4ee6YySnWhnuLjLHFELtMOg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.159.131.0/24
93.152.209.0/24
93.152.215.0/24
93.152.217.0/24
93.152.221.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:95:63:3d:08:12:ba:e2:54:84:b9:e5:78:24:2c:1f:5e:3e:
63:47:fa:b7:23:80:af:a2:78:1d:65:48:a0:31:7d:11:82:20:
fd:6f:14:47:d9:3c:34:88:62:9f:c0:28:8c:41:21:22:3c:1c:
b7:07:0c:b2:42:ab:1c:5a:1f:10:83:01:ea:50:f0:51:e0:a0:
dc:b9:62:ca:1c:3c:32:32:5e:c2:3d:5b:c8:ff:b4:c0:04:a8:
1e:3d:d8:6b:7d:41:41:a1:a3:cc:64:2f:49:2a:f5:79:bd:3c:
ee:da:ae:8a:75:ff:68:dc:8c:da:8e:41:95:b4:2a:b0:52:db:
06:2b:ca:50:b7:7c:82:8f:2a:8c:90:54:f3:08:cd:c7:c5:38:
dc:e0:1a:84:04:0e:71:ed:dd:f4:c0:ca:55:35:9f:48:d4:49:
ec:e3:0d:4d:4c:07:5b:aa:80:4c:5f:ad:4c:29:5a:78:34:3f:
6e:11:63:ff:aa:d9:a9:3b:90:64:cd:eb:8b:b7:f7:13:fe:c9:
b5:17:d6:3a:e2:76:42:72:d7:40:2d:91:a3:26:00:56:78:d1:
9a:df:60:ea:e3:0c:5f:04:bd:72:ed:07:6f:58:c2:8a:a2:03:
d6:60:0a:c4:68:68:ac:08:8c:e5:7e:16:39:94:d1:3a:3c:38:
d9:0d:b1:6f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYkdhgr2rTMHdHx/FpC/ZMHvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjMwNzAzMjA1MTExWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDg5YzhlMWU3YmE2MzI0YTc1YTE5ZWUyZTMyYzcxNDQyZWQzMGU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MGm8vB9JS/fb6NnKSmZ32o0LdUX
kPCrQoJyRpJ5VWM0opLeXMRz08SfbFUSeaWvFZ3FLbFqRU4+yj5Ru2sfX/zIaYF/
640XXgyxPVIWntZP2hy/r5l+slD456EhBKxVeeTXMXs39/E6t+AfgzDpcLOYgoyz
IImXMmAtAD8+31gw8RygkTfuTp5xBMTOMoF2BwDVnIy3lkkKK42bwcWTfPXUVEXA
m5GJAK1arN3q61dlqUP7AfZype+PSOkPUBkgHdR8yGsX40GtElFGmrn/ruddk9QT
uS+T69W42gyGSAbWNZuOVIToL9OBlgdx4tVos7IDKLrPALfD29KDMX1ERwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMSJyOHnumMkp1oZ7i4yxxRC7TDoMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEveEluSTRlZTZZeVNuV2hudUxqTEhGRUx0TU9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATp+DAwQA
XZjRAwQAXZjXAwQAXZjZAwQAXZjdMA0GCSqGSIb3DQEBCwUAA4IBAQCalWM9CBK6
4lSEueV4JCwfXj5jR/q3I4CvongdZUigMX0RgiD9bxRH2Tw0iGKfwCiMQSEiPBy3
BwyyQqscWh8QgwHqUPBR4KDcuWLKHDwyMl7CPVvI/7TABKgePdhrfUFBoaPMZC9J
KvV5vTzu2q6Kdf9o3IzajkGVtCqwUtsGK8pQt3yCjyqMkFTzCM3HxTjc4BqEBA5x
7d30wMpVNZ9I1Ens4w1NTAdbqoBMX61MKVp4ND9uEWP/qtmpO5BkzeuLt/cT/sm1
F9Y64nZCctdALZGjJgBWeNGa32Dq4wxfBL1y7QdvWMKKogPWYArEaGisCIzlfhY5
lNE6PDjZDbFv
-----END CERTIFICATE-----
Generated at Mon May 5 23:23:51 2025 by rpki-client