Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/XzMBd2cqg_bOnOPdgdhJFamKC8I.roa
File: XzMBd2cqg_bOnOPdgdhJFamKC8I.roa (raw, json)
Hash identifier: 1vO7x0EswcUuOKtiyksAgm8cjV21qbJM2mdrMP4SOmA=
Subject key identifier: 5F:33:01:77:67:2A:83:F6:CE:9C:E3:DD:81:D8:49:15:A9:8A:0B:C2
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126BC2CDEB300368A3443B5134F3A967
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/XzMBd2cqg_bOnOPdgdhJFamKC8I.roa
Signing time: Sun 29 Dec 2024 12:37:19 +0000
ROA not before: Sun 29 Dec 2024 12:37:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59797
IP address blocks: 5.160.194.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6b:c2:cd:eb:30:03:68:a3:44:3b:51:34:f3:a9:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:37:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5f330177672a83f6ce9ce3dd81d84915a98a0bc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f4:5b:2f:9e:da:d0:96:1f:8f:ab:43:f5:cc:
71:c4:10:5d:2d:bc:ef:9e:c2:1a:dc:bd:f0:1e:5f:
cc:63:55:04:7c:fe:c9:0d:2f:f6:e8:ca:b8:bc:37:
6b:c1:28:0d:7f:fa:e6:50:35:a5:b5:2f:87:db:c1:
70:56:f1:08:cf:13:30:a7:72:2a:68:52:91:4f:81:
60:82:0e:f3:22:a9:78:6e:68:d7:4b:0e:fb:48:45:
c2:49:c3:12:68:7b:f3:18:9b:c6:af:30:85:8d:fd:
a0:b5:ee:d2:09:24:88:f9:75:e1:e9:78:53:e5:7d:
99:97:f8:cd:d5:6f:52:ad:a2:35:a0:60:c7:a0:60:
db:8f:f6:82:90:e1:75:48:9f:46:94:b9:bd:25:12:
f4:f8:bd:1d:d2:96:64:49:b5:64:a1:ec:6e:1e:fd:
7c:b5:67:64:05:93:a0:d2:f7:6f:0c:b7:e2:72:c2:
04:2a:9d:a9:0f:68:79:71:c4:2b:0c:66:8d:87:df:
16:f2:44:31:e3:8d:41:a9:0f:3a:ea:df:30:0e:06:
79:52:1c:35:bc:fe:96:5d:6b:4e:b7:9e:c2:f9:8b:
15:70:dd:dd:10:2b:79:70:c6:68:0d:b3:46:84:f0:
b5:16:15:5e:cb:b3:95:7b:b3:f4:fa:21:b9:c6:a8:
3e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:33:01:77:67:2A:83:F6:CE:9C:E3:DD:81:D8:49:15:A9:8A:0B:C2
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/XzMBd2cqg_bOnOPdgdhJFamKC8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.194.0/24
Signature Algorithm: sha256WithRSAEncryption
61:d4:4a:de:4a:00:26:fe:67:eb:0e:fc:4e:7e:c6:81:9a:ef:
26:f6:25:e3:8b:f5:90:95:ff:44:7c:86:e0:c2:5b:04:7e:25:
b8:12:1e:6e:4b:71:7b:12:95:fb:b3:8b:d6:68:1b:d1:84:9e:
a2:3a:af:de:af:62:3a:c6:56:27:41:f4:29:43:4c:d6:aa:79:
35:4d:51:79:6e:f5:85:30:84:68:eb:0b:e8:81:c0:2b:df:85:
19:45:cb:12:00:1a:e5:80:7b:95:c8:ea:9e:b4:b1:32:dc:cc:
11:0b:ca:b7:be:47:1f:04:cc:c3:2f:b0:22:99:87:83:fd:31:
83:ba:99:25:5a:7a:23:d2:4c:72:b1:8d:61:f7:4f:52:79:c7:
98:af:d8:c3:e7:15:c3:83:ed:ae:0d:2a:c6:ca:e6:69:25:77:
3f:87:75:84:42:8e:e8:1b:ae:18:51:a1:75:95:29:a4:36:c9:
23:99:d5:2c:54:b7:4f:2b:48:63:83:e0:df:59:a5:a2:0b:12:
ec:84:28:7b:59:9b:09:96:17:8b:1e:05:e2:4c:10:0c:fe:e5:
c4:8f:f0:ea:fc:b4:02:3e:d6:f0:87:88:2f:ea:37:a5:bf:f8:
05:f0:9e:ef:b8:fe:4f:8d:0f:23:c6:56:de:e9:e9:d8:f1:a4:
ef:5f:e9:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQSa8LN6zADaKNEO1E086lnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjMzMDE3NzY3MmE4M2Y2Y2U5Y2UzZGQ4MWQ4NDkxNWE5OGEwYmMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/RbL57a0JYfj6tD9cxxxBBdLbzv
nsIa3L3wHl/MY1UEfP7JDS/26Mq4vDdrwSgNf/rmUDWltS+H28FwVvEIzxMwp3Iq
aFKRT4Fggg7zIql4bmjXSw77SEXCScMSaHvzGJvGrzCFjf2gte7SCSSI+XXh6XhT
5X2Zl/jN1W9SraI1oGDHoGDbj/aCkOF1SJ9GlLm9JRL0+L0d0pZkSbVkoexuHv18
tWdkBZOg0vdvDLficsIEKp2pD2h5ccQrDGaNh98W8kQx441BqQ866t8wDgZ5Uhw1
vP6WXWtOt57C+YsVcN3dECt5cMZoDbNGhPC1FhVey7OVe7P0+iG5xqg+TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8zAXdnKoP2zpzj3YHYSRWpigvCMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvWHpNQmQyY3FnX2JPbk9QZGdkaEpGYW1LQzhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABaDCMA0G
CSqGSIb3DQEBCwUAA4IBAQBh1EreSgAm/mfrDvxOfsaBmu8m9iXji/WQlf9EfIbg
wlsEfiW4Eh5uS3F7EpX7s4vWaBvRhJ6iOq/er2I6xlYnQfQpQ0zWqnk1TVF5bvWF
MIRo6wvogcAr34UZRcsSABrlgHuVyOqetLEy3MwRC8q3vkcfBMzDL7AimYeD/TGD
upklWnoj0kxysY1h909SeceYr9jD5xXDg+2uDSrGyuZpJXc/h3WEQo7oG64YUaF1
lSmkNskjmdUsVLdPK0hjg+DfWaWiCxLshCh7WZsJlheLHgXiTBAM/uXEj/Dq/LQC
Ptbwh4gv6jelv/gF8J7vuP5PjQ8jxlbe6enY8aTvX+kt
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:20:19 2025 by rpki-client