Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/YU5Js292mcrWBPy4MUFfw0M453I.roa
File: YU5Js292mcrWBPy4MUFfw0M453I.roa (raw, json)
Hash identifier: TOOERAz1fkzXHM4KFZJ6t1CKI81KsvB3ZTfA97tdtKg=
Subject key identifier: 61:4E:49:B3:6F:76:99:CA:D6:04:FC:B8:31:41:5F:C3:43:38:E7:72
Certificate issuer: /CN=5dab0b08e51f818224629fb3a211d83d5be35440
Certificate serial: 04520034
Authority key identifier: 5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/YU5Js292mcrWBPy4MUFfw0M453I.roa
Signing time: Sat 01 Jan 2022 06:52:24 +0000
ROA not before: Sat 01 Jan 2022 06:52:24 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 15576
IP address blocks: 194.56.179.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 72482868 (0x4520034)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab0b08e51f818224629fb3a211d83d5be35440
Validity
Not Before: Jan 1 06:52:24 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=614e49b36f7699cad604fcb831415fc34338e772
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d1:c9:61:b3:14:86:cb:0c:c2:db:ac:1d:0f:
5c:70:c9:b1:eb:f6:f5:96:05:be:3a:d6:88:f8:60:
98:0d:c8:b4:0a:4e:d0:76:c3:23:f3:c5:c6:2f:71:
e8:b5:a3:a1:26:50:0d:f5:07:f1:4c:b9:e2:2d:7f:
ad:c3:0f:ab:37:a6:dd:bd:99:87:a9:2b:6b:8f:d1:
0a:a0:64:ca:70:78:69:0e:bf:9c:65:58:75:31:0d:
ae:d6:6c:51:99:26:d5:01:21:82:85:de:34:e6:a1:
b1:c5:15:c3:4c:e2:5e:2b:96:d7:a9:17:b0:51:41:
bc:da:dd:3b:f8:6a:95:eb:1c:6a:87:0c:d3:ff:fb:
45:b6:4e:ea:ba:32:35:9c:52:a2:c5:70:20:f9:77:
c4:60:51:3a:99:2c:72:0e:e9:23:2e:49:11:73:5b:
a6:79:cb:5f:3d:d5:51:3d:29:c2:0e:fb:1a:48:f7:
87:f5:e0:4a:6b:ac:6e:fa:b8:c1:c0:bb:1c:3f:25:
27:b5:fa:14:3f:64:09:99:2e:7d:f6:ee:b8:2c:83:
5d:8e:21:76:ec:74:f4:56:e4:8b:ba:45:c5:9a:ef:
b2:a2:ad:9d:4b:0d:3e:b6:1f:22:6a:d6:50:d7:4f:
44:d6:a1:b4:45:d1:e3:8e:9a:d2:a6:05:4b:bf:31:
77:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:4E:49:B3:6F:76:99:CA:D6:04:FC:B8:31:41:5F:C3:43:38:E7:72
X509v3 Authority Key Identifier:
keyid:5D:AB:0B:08:E5:1F:81:82:24:62:9F:B3:A2:11:D8:3D:5B:E3:54:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XasLCOUfgYIkYp-zohHYPVvjVEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/YU5Js292mcrWBPy4MUFfw0M453I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/e62089-b98a-4fdd-9c4e-62789182a0f3/1/XasLCOUfgYIkYp-zohHYPVvjVEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.179.0/24
Signature Algorithm: sha256WithRSAEncryption
31:2b:c1:dc:17:37:f0:8e:ff:88:99:8d:27:a4:c2:ce:11:8d:
8a:9b:0c:e5:e0:9f:87:32:05:8b:66:ba:63:4f:2a:96:3b:32:
f3:ea:f2:1c:a8:68:3f:03:3d:f9:51:bc:34:c8:59:e7:73:52:
9e:a3:7f:18:eb:f5:ff:02:49:78:cb:8a:30:6d:e3:ef:05:e2:
f8:3c:1d:eb:05:5b:6e:52:a2:fa:60:47:df:f1:8a:77:16:40:
82:04:61:bf:3a:c7:69:f8:58:c6:e9:0a:3d:06:d4:3e:4f:84:
07:00:e7:03:3e:03:a2:b9:59:ef:9a:e2:f2:93:fa:71:de:df:
ee:82:b9:fb:ff:03:a1:61:71:01:29:af:21:d1:0a:e1:df:97:
c4:9f:04:75:c3:1c:98:46:13:01:db:56:8c:4b:95:68:32:40:
4c:a4:12:d9:36:90:7f:b5:dd:48:27:dc:d0:bb:cd:12:f3:09:
de:7c:3e:5d:7c:a3:68:35:d6:ef:b4:e9:a8:42:68:28:25:cc:
33:ad:bd:ec:93:7a:71:12:1b:65:a9:24:8a:46:2f:d5:82:50:
27:6e:16:9d:94:09:79:06:82:cd:1c:60:4d:34:61:f4:c7:f9:
06:d8:cc:23:86:96:84:f0:b8:3b:9a:ca:a4:38:9b:6e:63:18:
e6:f8:81:04
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEBFIANDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
ZGFiMGIwOGU1MWY4MTgyMjQ2MjlmYjNhMjExZDgzZDViZTM1NDQwMB4XDTIyMDEw
MTA2NTIyNFoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoNjE0ZTQ5YjM2Zjc2
OTljYWQ2MDRmY2I4MzE0MTVmYzM0MzM4ZTc3MjCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALjRyWGzFIbLDMLbrB0PXHDJsev29ZYFvjrWiPhgmA3ItApO
0HbDI/PFxi9x6LWjoSZQDfUH8Uy54i1/rcMPqzem3b2Zh6kra4/RCqBkynB4aQ6/
nGVYdTENrtZsUZkm1QEhgoXeNOahscUVw0ziXiuW16kXsFFBvNrdO/hqlescaocM
0//7RbZO6royNZxSosVwIPl3xGBROpkscg7pIy5JEXNbpnnLXz3VUT0pwg77Gkj3
h/XgSmusbvq4wcC7HD8lJ7X6FD9kCZkuffbuuCyDXY4hdux09Fbki7pFxZrvsqKt
nUsNPrYfImrWUNdPRNahtEXR446a0qYFS78xd8cCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBRhTkmzb3aZytYE/LgxQV/DQzjncjAfBgNVHSMEGDAWgBRdqwsI5R+BgiRi
n7OiEdg9W+NUQDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1hhc0xDT1VmZ1lJa1lwLXpvaEhZUFZ2alZFQS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNjQvZTYyMDg5LWI5OGEtNGZkZC05YzRlLTYyNzg5MTgyYTBmMy8x
L1lVNUpzMjkybWNyV0JQeTRNVUZmdzBNNDUzSS5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjQv
ZTYyMDg5LWI5OGEtNGZkZC05YzRlLTYyNzg5MTgyYTBmMy8xL1hhc0xDT1VmZ1lJ
a1lwLXpvaEhZUFZ2alZFQS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMI4szANBgkqhkiG9w0BAQsFAAOC
AQEAMSvB3Bc38I7/iJmNJ6TCzhGNipsM5eCfhzIFi2a6Y08qljsy8+ryHKhoPwM9
+VG8NMhZ53NSnqN/GOv1/wJJeMuKMG3j7wXi+Dwd6wVbblKi+mBH3/GKdxZAggRh
vzrHafhYxukKPQbUPk+EBwDnAz4DorlZ75ri8pP6cd7f7oK5+/8DoWFxASmvIdEK
4d+XxJ8EdcMcmEYTAdtWjEuVaDJATKQS2TaQf7XdSCfc0LvNEvMJ3nw+XXyjaDXW
77TpqEJoKCXMM6297JN6cRIbZakkikYv1YJQJ24WnZQJeQaCzRxgTTRh9Mf5BtjM
I4aWhPC4O5rKpDibbmMY5viBBA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 10:42:27 2025 by rpki-client