Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/899218-2a19-4d0f-9f1e-ef38e8ce33d1/1/heFV5VddOefwnd5Clbay4dweXN4.roa
File: heFV5VddOefwnd5Clbay4dweXN4.roa (raw, json)
Hash identifier: slHOlpBXVhcpIkW3a75PNAxusmtDhF1810k7tci0RWY=
Subject key identifier: 85:E1:55:E5:57:5D:39:E7:F0:9D:DE:42:95:B6:B2:E1:DC:1E:5C:DE
Certificate issuer: /CN=3afa2fc06e1aa9135c2631b73becc5957b023a93
Certificate serial: 01856F824AB4A4ED020CC4F4095AA9E24C55
Authority key identifier: 3A:FA:2F:C0:6E:1A:A9:13:5C:26:31:B7:3B:EC:C5:95:7B:02:3A:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvovwG4aqRNcJjG3O-zFlXsCOpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/899218-2a19-4d0f-9f1e-ef38e8ce33d1/1/heFV5VddOefwnd5Clbay4dweXN4.roa
Signing time: Sun 01 Jan 2023 22:44:47 +0000
ROA not before: Sun 01 Jan 2023 22:44:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 15404
IP address blocks: 194.99.12.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:82:4a:b4:a4:ed:02:0c:c4:f4:09:5a:a9:e2:4c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3afa2fc06e1aa9135c2631b73becc5957b023a93
Validity
Not Before: Jan 1 22:44:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=85e155e5575d39e7f09dde4295b6b2e1dc1e5cde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b0:f1:8a:ef:56:43:dd:42:89:85:91:af:de:
3a:7f:1f:e3:84:b1:3c:03:f3:c2:53:d3:ce:1c:4e:
f7:51:c2:c5:b1:fb:96:f9:49:f0:ff:50:54:2c:45:
93:39:b3:3b:69:71:74:54:dc:06:e7:bf:0d:f2:72:
b9:17:85:fd:56:d3:1a:d1:e6:d0:a3:9a:cf:40:c1:
1b:68:0d:65:ef:57:a7:02:16:4b:86:8d:79:2f:c8:
b8:64:17:71:46:c9:a3:06:08:ab:b1:11:64:6c:1d:
da:1d:bc:70:78:ea:39:94:34:b2:e1:3d:2c:22:87:
42:88:2c:b2:70:3d:7b:d6:d9:09:f1:88:93:ae:0e:
66:79:5d:0c:4e:8e:51:76:7c:d1:66:f9:59:58:be:
ee:60:57:ed:a2:ea:d4:f3:a9:11:b9:d1:c3:a3:f0:
27:e7:c5:4e:f2:04:b7:8d:e9:d1:11:98:1c:62:8e:
55:64:86:df:4b:89:c0:ca:36:16:27:d8:0a:89:97:
72:4b:76:fd:00:71:89:bf:db:ab:e3:d3:26:57:dd:
46:94:a3:22:88:f5:00:51:96:cb:90:45:f9:84:c1:
05:1c:ba:92:a9:44:ea:b8:2b:0a:2d:b8:61:c1:81:
e8:3b:1b:9d:7b:cb:b9:63:df:ee:0e:33:4c:77:6d:
c7:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:E1:55:E5:57:5D:39:E7:F0:9D:DE:42:95:B6:B2:E1:DC:1E:5C:DE
X509v3 Authority Key Identifier:
keyid:3A:FA:2F:C0:6E:1A:A9:13:5C:26:31:B7:3B:EC:C5:95:7B:02:3A:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvovwG4aqRNcJjG3O-zFlXsCOpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/899218-2a19-4d0f-9f1e-ef38e8ce33d1/1/heFV5VddOefwnd5Clbay4dweXN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/899218-2a19-4d0f-9f1e-ef38e8ce33d1/1/OvovwG4aqRNcJjG3O-zFlXsCOpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.12.0/24
Signature Algorithm: sha256WithRSAEncryption
10:00:d6:56:54:16:8d:bd:59:ff:ba:37:36:78:0b:ad:68:29:
7e:cf:63:ca:d4:47:d0:a5:22:60:75:a5:13:d4:90:e2:30:af:
c0:11:e5:42:4a:c8:4c:58:86:9c:ad:da:1f:83:7a:a3:5a:ba:
b1:89:e7:9e:37:ba:72:8e:2d:5c:15:72:ed:e6:52:a0:fa:a3:
ff:e5:11:a3:3a:9b:95:88:63:32:23:12:90:09:f2:a4:eb:c0:
40:6e:70:bf:ae:8f:e2:04:49:86:62:6a:44:80:14:c8:a9:2c:
9f:48:0d:87:0c:02:79:ad:d2:a3:68:95:2e:9e:42:6a:72:e0:
95:18:1b:4c:2e:05:88:8c:44:93:ec:8f:b0:cb:69:5f:1d:c1:
43:a0:e2:85:95:e9:6d:ba:5e:70:ca:e7:51:24:4d:45:29:46:
ff:8d:16:69:80:fc:49:64:df:1d:dd:ea:4c:66:45:41:9f:30:
6c:52:7a:b5:8a:10:6e:37:19:3d:98:e1:d4:77:40:a5:ec:f1:
5a:7f:50:1e:17:30:88:ba:48:e5:93:32:c3:3a:54:8f:5d:fd:
17:28:e7:d7:58:60:d2:a1:ce:ba:57:b1:cc:2b:72:42:16:78:
65:90:08:3f:5f:fe:5d:f4:1c:9e:e0:bd:61:8d:55:d8:3b:c8:
f2:5f:3f:1c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVvgkq0pO0CDMT0CVqp4kxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZmEyZmMwNmUxYWE5MTM1YzI2MzFiNzNiZWNjNTk1N2Iw
MjNhOTMwHhcNMjMwMTAxMjI0NDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWUxNTVlNTU3NWQzOWU3ZjA5ZGRlNDI5NWI2YjJlMWRjMWU1Y2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLDxiu9WQ91CiYWRr946fx/jhLE8
A/PCU9POHE73UcLFsfuW+Unw/1BULEWTObM7aXF0VNwG578N8nK5F4X9VtMa0ebQ
o5rPQMEbaA1l71enAhZLho15L8i4ZBdxRsmjBgirsRFkbB3aHbxweOo5lDSy4T0s
IodCiCyycD171tkJ8YiTrg5meV0MTo5RdnzRZvlZWL7uYFftourU86kRudHDo/An
58VO8gS3jenREZgcYo5VZIbfS4nAyjYWJ9gKiZdyS3b9AHGJv9ur49MmV91GlKMi
iPUAUZbLkEX5hMEFHLqSqUTquCsKLbhhwYHoOxude8u5Y9/uDjNMd23HDwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIXhVeVXXTnn8J3eQpW2suHcHlzeMB8GA1UdIwQY
MBaAFDr6L8BuGqkTXCYxtzvsxZV7AjqTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZvdndHNGFxUk5jSmpHM08tekZsWHNDT3BNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi84OTkyMTgtMmExOS00ZDBmLTlmMWUt
ZWYzOGU4Y2UzM2QxLzEvaGVGVjVWZGRPZWZ3bmQ1Q2xiYXk0ZHdlWE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi84OTkyMTgtMmExOS00ZDBmLTlmMWUtZWYzOGU4Y2UzM2Qx
LzEvT3ZvdndHNGFxUk5jSmpHM08tekZsWHNDT3BNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmMMMA0G
CSqGSIb3DQEBCwUAA4IBAQAQANZWVBaNvVn/ujc2eAutaCl+z2PK1EfQpSJgdaUT
1JDiMK/AEeVCSshMWIacrdofg3qjWrqxieeeN7pyji1cFXLt5lKg+qP/5RGjOpuV
iGMyIxKQCfKk68BAbnC/ro/iBEmGYmpEgBTIqSyfSA2HDAJ5rdKjaJUunkJqcuCV
GBtMLgWIjEST7I+wy2lfHcFDoOKFleltul5wyudRJE1FKUb/jRZpgPxJZN8d3epM
ZkVBnzBsUnq1ihBuNxk9mOHUd0Cl7PFaf1AeFzCIukjlkzLDOlSPXf0XKOfXWGDS
oc66V7HMK3JCFnhlkAg/X/5d9Bye4L1hjVXYO8jyXz8c
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:35:42 2025 by rpki-client