Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/u0FCb129iX6-4auLL-0HFKnZAIE.roa
File: u0FCb129iX6-4auLL-0HFKnZAIE.roa (raw, json)
Hash identifier: 4JLyIadDfnazblSrKVeMZ9KM6PqlK9LHzhXBP0GvFQI=
Subject key identifier: BB:41:42:6F:5D:BD:89:7E:BE:E1:AB:8B:2F:ED:07:14:A9:D9:00:81
Certificate issuer: /CN=be1a887e7653a2de44f13163e187037326a29a03
Certificate serial: 2FF35433
Authority key identifier: BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/u0FCb129iX6-4auLL-0HFKnZAIE.roa
Signing time: Sat 01 Jan 2022 09:00:38 +0000
ROA not before: Sat 01 Jan 2022 09:00:38 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 12521
IP address blocks: 5.199.224.0/21 maxlen: 21
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 804475955 (0x2ff35433)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be1a887e7653a2de44f13163e187037326a29a03
Validity
Not Before: Jan 1 09:00:38 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=bb41426f5dbd897ebee1ab8b2fed0714a9d90081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:88:86:a8:d2:2e:88:3a:3e:dc:21:5c:5e:13:
b0:f0:cf:1d:a5:f5:04:7a:fa:f8:dc:57:b4:f1:9a:
21:41:37:eb:6d:7e:aa:9f:af:2d:1e:00:5b:a3:97:
a0:75:6f:12:9f:59:53:1c:30:d0:4d:4e:ab:f4:5d:
7b:d5:ca:2a:cd:9e:51:1c:5f:7f:22:a6:54:f4:60:
af:e9:26:3a:5a:13:61:c5:f0:52:63:15:a0:26:28:
9c:9d:57:cf:79:9d:fb:54:98:62:7b:d3:5c:ef:ca:
1f:5d:44:84:fc:08:55:55:3b:97:78:8a:5f:35:ee:
0f:e2:8a:90:7f:ff:09:44:7b:d6:31:7f:92:89:3a:
35:55:bb:8c:f2:7d:47:a4:db:91:9d:a8:91:4e:9d:
ed:23:ff:d6:d4:5d:1f:b5:8c:aa:07:98:b1:16:cf:
06:25:21:51:9d:8c:e9:f3:00:04:99:71:21:d6:72:
c4:4c:88:d5:5d:70:00:79:f0:a4:2b:61:ff:87:5b:
75:10:83:99:06:99:c2:cb:94:f3:10:b0:ac:8b:b8:
80:d2:10:30:01:c3:f7:56:81:1d:0f:ec:e5:fe:8a:
4d:64:0b:4f:08:ab:9c:75:a7:14:0a:67:6b:31:a5:
04:09:5a:39:3f:03:68:c1:36:9b:f0:9c:42:18:d7:
85:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:41:42:6F:5D:BD:89:7E:BE:E1:AB:8B:2F:ED:07:14:A9:D9:00:81
X509v3 Authority Key Identifier:
keyid:BE:1A:88:7E:76:53:A2:DE:44:F1:31:63:E1:87:03:73:26:A2:9A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vhqIfnZTot5E8TFj4YcDcyaimgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/u0FCb129iX6-4auLL-0HFKnZAIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8b443e-f3c8-4ba0-9e96-86c541ca9d71/1/vhqIfnZTot5E8TFj4YcDcyaimgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.199.224.0/21
Signature Algorithm: sha256WithRSAEncryption
4d:a0:f9:09:b4:60:c0:c8:09:5b:47:7c:2e:e8:41:74:92:39:
e8:f2:18:b6:d3:32:71:12:1b:ae:49:6e:4e:d7:71:0b:2d:f7:
31:9e:d7:1b:1b:cd:5e:28:89:b7:87:a3:d5:cf:a9:c8:7b:86:
54:a6:4a:0c:cc:f6:c5:8e:f6:fa:79:df:39:76:ae:36:27:a8:
36:41:7b:a0:aa:0f:15:49:6f:8a:a4:92:2f:e2:32:0d:e8:6e:
fb:6b:67:7e:ed:fb:fa:7a:0c:94:4d:c5:63:cf:64:da:eb:a4:
5b:5a:d8:be:c4:cf:b1:8e:59:09:29:e9:62:b4:ef:5d:76:59:
5b:e7:d0:13:45:07:db:68:7b:32:4b:86:d2:91:e9:3f:10:51:
40:a6:b8:5c:8a:d0:7e:48:c9:55:e0:6f:92:fe:bb:18:d4:64:
f7:f7:0b:3f:ab:e8:20:81:2f:89:01:88:c1:1e:93:dd:66:6d:
fa:e9:ab:35:5a:86:65:00:c7:ed:1b:ea:62:cc:0b:49:20:7b:
9b:2d:14:72:ee:24:f2:8e:47:51:b9:0d:76:2a:e8:29:9f:dd:
3f:b4:27:60:c4:01:c8:89:f1:40:70:fe:3b:2e:24:7f:fb:04:
bd:06:a4:aa:a0:b6:f2:74:af:75:eb:b8:dc:9a:ee:4f:d9:8b:
c1:88:af:b0
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEL/NUMzANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyhi
ZTFhODg3ZTc2NTNhMmRlNDRmMTMxNjNlMTg3MDM3MzI2YTI5YTAzMB4XDTIyMDEw
MTA5MDAzOFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYmI0MTQyNmY1ZGJk
ODk3ZWJlZTFhYjhiMmZlZDA3MTRhOWQ5MDA4MTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAOOIhqjSLog6PtwhXF4TsPDPHaX1BHr6+NxXtPGaIUE3621+
qp+vLR4AW6OXoHVvEp9ZUxww0E1Oq/Rde9XKKs2eURxffyKmVPRgr+kmOloTYcXw
UmMVoCYonJ1Xz3md+1SYYnvTXO/KH11EhPwIVVU7l3iKXzXuD+KKkH//CUR71jF/
kok6NVW7jPJ9R6TbkZ2okU6d7SP/1tRdH7WMqgeYsRbPBiUhUZ2M6fMABJlxIdZy
xEyI1V1wAHnwpCth/4dbdRCDmQaZwsuU8xCwrIu4gNIQMAHD91aBHQ/s5f6KTWQL
TwirnHWnFApnazGlBAlaOT8DaME2m/CcQhjXhXUCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBS7QUJvXb2Jfr7hq4sv7QcUqdkAgTAfBgNVHSMEGDAWgBS+Goh+dlOi3kTx
MWPhhwNzJqKaAzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L3ZocUlmblpUb3Q1RThURmo0WWNEY3lhaW1nTS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvMzQvOGI0NDNlLWYzYzgtNGJhMC05ZTk2LTg2YzU0MWNhOWQ3MS8x
L3UwRkNiMTI5aVg2LTRhdUxMLTBIRktuWkFJRS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMzQv
OGI0NDNlLWYzYzgtNGJhMC05ZTk2LTg2YzU0MWNhOWQ3MS8xL3ZocUlmblpUb3Q1
RThURmo0WWNEY3lhaW1nTS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAwXH4DANBgkqhkiG9w0BAQsFAAOC
AQEATaD5CbRgwMgJW0d8LuhBdJI56PIYttMycRIbrkluTtdxCy33MZ7XGxvNXiiJ
t4ej1c+pyHuGVKZKDMz2xY72+nnfOXauNieoNkF7oKoPFUlviqSSL+IyDehu+2tn
fu37+noMlE3FY89k2uukW1rYvsTPsY5ZCSnpYrTvXXZZW+fQE0UH22h7MkuG0pHp
PxBRQKa4XIrQfkjJVeBvkv67GNRk9/cLP6voIIEviQGIwR6T3WZt+umrNVqGZQDH
7RvqYswLSSB7my0Ucu4k8o5HUbkNdiroKZ/dP7QnYMQByInxQHD+Oy4kf/sEvQak
qqC28nSvdeu43JruT9mLwYivsA==
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:19:11 2025 by rpki-client