Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/n5YzqoX5xmCumHHEd4dZRtYuOkQ.roa
File: n5YzqoX5xmCumHHEd4dZRtYuOkQ.roa (raw, json)
Hash identifier: eF8cWDUw58eK3vm7Jg9P1BXYazc1AU/59Rbu5sLQSPA=
Subject key identifier: 9F:96:33:AA:85:F9:C6:60:AE:98:71:C4:77:87:59:46:D6:2E:3A:44
Certificate issuer: /CN=7475a2c9588fc695d2754283dcd3d123d1f77811
Certificate serial: 0689F62E
Authority key identifier: 74:75:A2:C9:58:8F:C6:95:D2:75:42:83:DC:D3:D1:23:D1:F7:78:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dHWiyViPxpXSdUKD3NPRI9H3eBE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/n5YzqoX5xmCumHHEd4dZRtYuOkQ.roa
Signing time: Sat 01 Jan 2022 09:57:01 +0000
ROA not before: Sat 01 Jan 2022 09:57:01 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 39227
IP address blocks: 194.6.192.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 109704750 (0x689f62e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7475a2c9588fc695d2754283dcd3d123d1f77811
Validity
Not Before: Jan 1 09:57:01 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=9f9633aa85f9c660ae9871c477875946d62e3a44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:e9:be:c7:1c:8e:9e:bd:09:d2:ac:26:96:
e0:68:8d:1b:29:f3:8f:69:ab:01:08:a6:ad:f4:1b:
c4:12:8b:47:c3:03:83:7e:ea:34:cf:07:d4:8d:a8:
39:fe:6c:46:63:e3:7f:11:9c:99:88:e6:0a:8a:9e:
eb:2a:f1:36:67:78:55:2d:f5:bd:52:22:e6:cb:80:
7e:d4:15:55:44:08:fd:bf:36:c3:62:0e:80:45:5a:
12:a6:e3:fe:91:8b:05:08:96:1b:41:4a:f8:db:f9:
82:e8:8d:5e:87:31:35:03:49:7c:59:f1:2c:f3:71:
bf:bd:e4:d6:54:7b:51:ee:95:a1:3e:88:6a:5f:6f:
c4:8d:94:90:bb:0f:83:6a:90:27:7d:bb:4d:dd:02:
b3:5e:d4:b5:eb:2c:3d:cb:d8:ce:98:74:48:d4:15:
f7:85:ce:83:15:1c:d2:bd:e7:30:66:df:37:d4:f4:
57:ef:5b:75:7f:8e:14:f7:3a:7b:a5:5b:d1:f7:f3:
63:30:9d:75:62:dd:88:e9:34:62:fb:c8:05:dd:fd:
32:a8:cd:52:e0:c6:1c:25:5b:68:20:60:e4:03:11:
c6:f2:74:0c:fa:ae:a0:7a:98:2a:a4:9b:36:57:f0:
43:9d:29:97:1c:c2:a3:9b:94:e8:4e:b7:77:7b:ea:
d7:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:96:33:AA:85:F9:C6:60:AE:98:71:C4:77:87:59:46:D6:2E:3A:44
X509v3 Authority Key Identifier:
keyid:74:75:A2:C9:58:8F:C6:95:D2:75:42:83:DC:D3:D1:23:D1:F7:78:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dHWiyViPxpXSdUKD3NPRI9H3eBE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/n5YzqoX5xmCumHHEd4dZRtYuOkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2898e6-0d79-454e-ab54-40be0c463b90/1/dHWiyViPxpXSdUKD3NPRI9H3eBE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.6.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:f9:fb:36:38:98:ae:4f:b0:6f:a4:ef:39:6c:ec:a1:a8:d6:
c0:5d:b6:92:03:e6:a5:c5:3d:1c:4c:74:05:73:92:32:63:d4:
c3:93:e5:64:24:f0:b7:12:7d:09:60:e4:48:94:c8:bf:e7:49:
3e:5e:fe:93:d3:15:fa:9c:74:e5:d1:1a:e8:58:7b:3f:16:7e:
07:5b:c4:c4:2c:1c:70:2b:88:55:78:d0:42:22:65:c1:c0:d5:
e0:db:6b:e5:d5:1d:74:1e:41:50:05:65:c3:66:d0:4e:f6:af:
e7:be:d2:f0:68:44:85:35:c8:b7:f6:8b:37:38:74:04:89:95:
f5:0a:c0:1b:cc:28:90:09:59:71:9b:dd:5d:5a:69:3e:ff:53:
77:77:0b:62:bd:db:5d:a5:1c:84:5b:3b:6b:dc:ad:a3:59:9e:
2e:a7:36:40:23:cf:3e:cb:ce:13:11:9f:5b:78:85:65:f4:6b:
8b:0b:0a:43:2f:ab:b5:5f:69:09:23:1f:c2:96:cd:e0:44:a2:
dc:77:a4:45:cd:53:b8:95:a0:76:56:ad:6f:91:51:a1:9d:12:
4f:35:84:cc:2c:f9:3a:b5:db:2d:12:57:eb:6b:6e:31:49:31:
2b:ea:02:22:29:90:81:0a:9f:2e:62:6a:e8:ee:e9:e6:56:06:
2b:fe:e2:75
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBon2LjANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NDc1YTJjOTU4OGZjNjk1ZDI3NTQyODNkY2QzZDEyM2QxZjc3ODExMB4XDTIyMDEw
MTA5NTcwMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoOWY5NjMzYWE4NWY5
YzY2MGFlOTg3MWM0Nzc4NzU5NDZkNjJlM2E0NDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALHx6b7HHI6evQnSrCaW4GiNGynzj2mrAQimrfQbxBKLR8MD
g37qNM8H1I2oOf5sRmPjfxGcmYjmCoqe6yrxNmd4VS31vVIi5suAftQVVUQI/b82
w2IOgEVaEqbj/pGLBQiWG0FK+Nv5guiNXocxNQNJfFnxLPNxv73k1lR7Ue6VoT6I
al9vxI2UkLsPg2qQJ327Td0Cs17UtessPcvYzph0SNQV94XOgxUc0r3nMGbfN9T0
V+9bdX+OFPc6e6Vb0ffzYzCddWLdiOk0YvvIBd39MqjNUuDGHCVbaCBg5AMRxvJ0
DPquoHqYKqSbNlfwQ50plxzCo5uU6E63d3vq16kCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBSfljOqhfnGYK6YccR3h1lG1i46RDAfBgNVHSMEGDAWgBR0daLJWI/GldJ1
QoPc09Ej0fd4ETAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RIV2l5VmlQeHBYU2RVS0QzTlBSSTlIM2VCRS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMGYvMjg5OGU2LTBkNzktNDU0ZS1hYjU0LTQwYmUwYzQ2M2I5MC8x
L241WXpxb1g1eG1DdW1ISEVkNGRaUnRZdU9rUS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMGYv
Mjg5OGU2LTBkNzktNDU0ZS1hYjU0LTQwYmUwYzQ2M2I5MC8xL2RIV2l5VmlQeHBY
U2RVS0QzTlBSSTlIM2VCRS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsIGwDANBgkqhkiG9w0BAQsFAAOC
AQEAe/n7NjiYrk+wb6TvOWzsoajWwF22kgPmpcU9HEx0BXOSMmPUw5PlZCTwtxJ9
CWDkSJTIv+dJPl7+k9MV+px05dEa6Fh7PxZ+B1vExCwccCuIVXjQQiJlwcDV4Ntr
5dUddB5BUAVlw2bQTvav577S8GhEhTXIt/aLNzh0BImV9QrAG8wokAlZcZvdXVpp
Pv9Td3cLYr3bXaUchFs7a9yto1meLqc2QCPPPsvOExGfW3iFZfRriwsKQy+rtV9p
CSMfwpbN4ESi3HekRc1TuJWgdlatb5FRoZ0STzWEzCz5OrXbLRJX62tuMUkxK+oC
IimQgQqfLmJq6O7p5lYGK/7idQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:59:58 2025 by rpki-client