Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/RielnDcXXpHVggurOL8_5MleE8Q.roa
File: RielnDcXXpHVggurOL8_5MleE8Q.roa (raw, json)
Hash identifier: qp4h0yO29ruN1/fwq6RUFwJthtAKYzbEuYWN8dNGsS4=
Subject key identifier: 46:27:A5:9C:37:17:5E:91:D5:82:0B:AB:38:BF:3F:E4:C9:5E:13:C4
Certificate issuer: /CN=8cd52439cac2719b64e85b26ff0ea8468d57960e
Certificate serial: 0B1DFCB7
Authority key identifier: 8C:D5:24:39:CA:C2:71:9B:64:E8:5B:26:FF:0E:A8:46:8D:57:96:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/RielnDcXXpHVggurOL8_5MleE8Q.roa
Signing time: Sat 01 Jan 2022 10:04:21 +0000
ROA not before: Sat 01 Jan 2022 10:04:21 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 208727
IP address blocks: 194.48.230.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 186514615 (0xb1dfcb7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8cd52439cac2719b64e85b26ff0ea8468d57960e
Validity
Not Before: Jan 1 10:04:21 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=4627a59c37175e91d5820bab38bf3fe4c95e13c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:b6:84:94:4d:6f:54:5b:55:90:7a:1a:59:42:
65:16:da:97:6f:50:aa:69:e5:7e:45:c1:20:b3:9c:
97:f2:7c:98:c6:08:be:a0:ff:50:20:54:ad:57:e7:
44:a3:5b:a7:f7:2e:9e:ab:93:6a:db:04:84:3e:74:
4e:3c:48:be:0f:40:f6:87:2d:c2:49:f5:c2:43:20:
1b:1b:62:2a:e9:e7:4a:f8:e0:e6:75:aa:7e:da:8c:
33:57:89:42:a8:94:d4:3f:db:04:fa:2d:67:3a:fb:
8e:3f:0d:5e:80:46:ee:76:92:bf:13:66:f4:a0:90:
73:15:67:0b:79:f5:ec:60:6c:ca:62:cb:20:2b:fc:
1b:3a:1e:6f:d3:75:fe:03:c9:f6:f6:7e:67:a9:cf:
98:d9:be:df:9c:1f:b1:42:dd:a3:8f:71:92:1a:38:
6e:1d:4f:8f:2d:1b:fd:1b:19:4b:35:cd:c9:12:ac:
a2:00:3b:81:03:fa:4d:63:48:f2:05:8a:a8:36:96:
7a:56:b7:5b:89:b8:30:67:5a:42:93:36:7c:03:1b:
ec:30:03:57:be:26:ea:79:9e:74:36:89:4c:cc:a2:
31:22:44:fa:d7:2f:db:e2:91:a4:ec:57:e6:e3:c6:
31:b1:8f:05:06:85:ce:1e:e6:8b:9d:02:a0:65:97:
f1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:27:A5:9C:37:17:5E:91:D5:82:0B:AB:38:BF:3F:E4:C9:5E:13:C4
X509v3 Authority Key Identifier:
keyid:8C:D5:24:39:CA:C2:71:9B:64:E8:5B:26:FF:0E:A8:46:8D:57:96:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/RielnDcXXpHVggurOL8_5MleE8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/cd3711-7084-4b15-bc25-3e4a026df000/1/jNUkOcrCcZtk6Fsm_w6oRo1Xlg4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.230.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:dc:6c:38:73:15:b1:0d:f3:a7:61:d4:97:f8:aa:0c:ec:97:
6e:46:d9:62:55:25:7f:79:4a:52:dd:a5:2f:e9:83:22:d4:f6:
ae:00:1c:29:ae:d7:b4:1a:32:f7:24:38:40:30:d1:9e:4b:37:
d7:66:1d:48:05:78:a1:fa:5f:75:03:17:da:9b:ee:49:d6:b8:
c1:f4:16:26:14:fa:24:e1:b3:a7:ce:41:0d:db:09:d2:e2:ea:
a6:6a:3a:52:67:69:b6:e6:79:5e:44:89:8a:c2:bf:f1:d3:46:
19:11:4c:70:13:51:a1:ee:9b:51:d9:fb:34:b0:f4:5a:c4:95:
72:ce:13:99:ec:36:60:4f:70:e2:d1:fa:39:ee:d1:75:77:2f:
96:e0:11:78:8b:00:58:a6:7d:16:94:52:3b:b0:9d:c6:7e:3e:
57:a9:c3:dc:a1:cd:f2:51:44:6e:3d:fa:61:0c:8a:b9:d3:42:
c9:0d:1c:f7:0d:27:00:e9:39:b6:03:9a:5a:43:30:98:b4:4c:
e7:1f:f6:36:b1:96:96:7f:d4:c5:8c:54:b7:86:5e:33:cd:cc:
94:0c:bb:84:8b:8b:dc:c2:f8:b6:00:c6:b3:9f:47:e4:e2:1a:
c2:3b:62:91:91:d3:42:48:e6:53:2f:b4:19:70:3b:32:06:25:
46:4b:c5:d1
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIECx38tzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg4
Y2Q1MjQzOWNhYzI3MTliNjRlODViMjZmZjBlYTg0NjhkNTc5NjBlMB4XDTIyMDEw
MTEwMDQyMVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNDYyN2E1OWMzNzE3
NWU5MWQ1ODIwYmFiMzhiZjNmZTRjOTVlMTNjNDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAN+2hJRNb1RbVZB6GllCZRbal29QqmnlfkXBILOcl/J8mMYI
vqD/UCBUrVfnRKNbp/cunquTatsEhD50TjxIvg9A9octwkn1wkMgGxtiKunnSvjg
5nWqftqMM1eJQqiU1D/bBPotZzr7jj8NXoBG7naSvxNm9KCQcxVnC3n17GBsymLL
ICv8Gzoeb9N1/gPJ9vZ+Z6nPmNm+35wfsULdo49xkho4bh1Pjy0b/RsZSzXNyRKs
ogA7gQP6TWNI8gWKqDaWela3W4m4MGdaQpM2fAMb7DADV74m6nmedDaJTMyiMSJE
+tcv2+KRpOxX5uPGMbGPBQaFzh7mi50CoGWX8bkCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRGJ6WcNxdekdWCC6s4vz/kyV4TxDAfBgNVHSMEGDAWgBSM1SQ5ysJxm2To
Wyb/DqhGjVeWDjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2pOVWtPY3JDY1p0azZGc21fdzZvUm8xWGxnNC5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMjcvY2QzNzExLTcwODQtNGIxNS1iYzI1LTNlNGEwMjZkZjAwMC8x
L1JpZWxuRGNYWHBIVmdndXJPTDhfNU1sZUU4US5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMjcv
Y2QzNzExLTcwODQtNGIxNS1iYzI1LTNlNGEwMjZkZjAwMC8xL2pOVWtPY3JDY1p0
azZGc21fdzZvUm8xWGxnNC5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMIw5jANBgkqhkiG9w0BAQsFAAOC
AQEAXdxsOHMVsQ3zp2HUl/iqDOyXbkbZYlUlf3lKUt2lL+mDItT2rgAcKa7XtBoy
9yQ4QDDRnks312YdSAV4ofpfdQMX2pvuSda4wfQWJhT6JOGzp85BDdsJ0uLqpmo6
UmdptuZ5XkSJisK/8dNGGRFMcBNRoe6bUdn7NLD0WsSVcs4Tmew2YE9w4tH6Oe7R
dXcvluAReIsAWKZ9FpRSO7Cdxn4+V6nD3KHN8lFEbj36YQyKudNCyQ0c9w0nAOk5
tgOaWkMwmLRM5x/2NrGWln/UxYxUt4ZeM83MlAy7hIuL3ML4tgDGs59H5OIawjti
kZHTQkjmUy+0GXA7MgYlRkvF0Q==
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:23:48 2025 by rpki-client