Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/xAfnu43CMQZB9lCFxut-so4zWTk.roa
File: xAfnu43CMQZB9lCFxut-so4zWTk.roa (raw, json)
Hash identifier: rPPjmzHKZUVctba97//l/w+ddIqHWu9gflRNopje6os=
Subject key identifier: C4:07:E7:BB:8D:C2:31:06:41:F6:50:85:C6:EB:7E:B2:8E:33:59:39
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018776BCDC92067C96572C007B31E821BA60
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/xAfnu43CMQZB9lCFxut-so4zWTk.roa
Signing time: Wed 12 Apr 2023 18:31:41 +0000
ROA not before: Wed 12 Apr 2023 18:31:41 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 41957
IP address blocks: 194.147.89.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:76:bc:dc:92:06:7c:96:57:2c:00:7b:31:e8:21:ba:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Apr 12 18:31:41 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=c407e7bb8dc2310641f65085c6eb7eb28e335939
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:f6:45:da:46:12:21:22:5f:4d:94:1a:18:ab:
63:23:93:2d:fc:d8:80:94:8e:1f:5e:00:62:75:b5:
9c:89:35:ba:59:93:f3:76:ac:9c:eb:09:26:af:ed:
c4:67:a0:a2:80:2e:5c:da:4e:97:df:82:fc:e7:23:
78:fd:b6:ce:9b:82:31:0d:36:2c:d7:07:ee:f3:9a:
35:cd:f0:09:b4:31:3c:42:ec:42:21:33:76:4c:b2:
eb:4c:bb:da:80:93:c5:f2:de:00:c7:28:94:82:8b:
cc:0d:64:76:e3:7d:44:21:42:58:b7:9d:ee:1a:ff:
04:e6:e8:e0:f2:0b:9b:f9:79:1a:82:fe:c0:33:e7:
00:6a:a2:c7:e1:9c:99:1d:65:59:8d:86:18:4d:17:
ea:54:a5:ab:08:1a:9f:8c:24:1d:28:67:1d:41:5e:
a7:f5:17:8f:a5:94:ec:f6:4f:7a:ea:f1:c0:e4:6e:
bd:2b:c9:c0:9d:b1:5b:78:f9:ee:86:f0:64:1f:66:
5b:17:2b:87:7d:ae:d1:01:7c:b6:50:89:3a:25:79:
79:60:a7:89:68:69:96:97:dc:4c:7b:8a:ea:34:a2:
28:87:0e:e7:7d:30:75:28:00:53:b0:66:9e:2e:b9:
f2:86:04:cd:db:d3:c8:5c:d9:0a:d2:ec:fb:3b:89:
f0:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:07:E7:BB:8D:C2:31:06:41:F6:50:85:C6:EB:7E:B2:8E:33:59:39
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/xAfnu43CMQZB9lCFxut-so4zWTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.89.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:1c:cb:9a:93:cc:44:b6:7f:de:b0:40:d0:c7:ef:81:b8:17:
df:10:1e:7e:4f:f5:ef:10:4d:50:83:63:4b:6c:42:24:6b:46:
f5:2f:62:4f:4c:83:2f:bb:7d:39:5c:86:80:08:b1:2a:5d:02:
a8:a3:92:7a:b9:ff:df:e3:87:df:33:7a:c3:d9:29:fc:e2:22:
eb:2e:53:43:06:66:7f:22:b0:75:99:ca:87:04:22:0c:07:f4:
6e:76:d8:0a:b7:20:72:91:02:ef:8e:40:00:2c:92:13:cb:d1:
5d:40:c8:e9:1f:9a:9f:a5:2d:21:34:3c:59:a6:39:ed:94:5e:
55:93:4b:80:58:ef:f0:40:a4:46:e8:d4:45:09:ab:7d:0d:0a:
ab:db:fa:98:2f:f5:44:b7:02:24:b9:b7:3f:c2:f9:0a:97:3d:
00:af:8b:87:b6:a9:a0:20:ea:86:4e:93:32:67:88:41:ab:e0:
7c:7e:f2:4d:22:92:96:c6:46:f9:b8:05:f8:e7:9f:c1:ff:ea:
f6:b6:b4:60:94:06:e1:f1:fa:87:f9:03:f4:0b:70:41:29:5e:
43:a4:66:8b:02:8d:3f:22:2a:80:78:1b:cc:04:5c:87:18:9b:
df:85:ae:6a:d8:95:1f:0e:48:73:51:7b:52:c2:f4:bb:13:5e:
96:92:a4:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYd2vNySBnyWVywAezHoIbpgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjMwNDEyMTgzMTQxWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDA3ZTdiYjhkYzIzMTA2NDFmNjUwODVjNmViN2ViMjhlMzM1OTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlfZF2kYSISJfTZQaGKtjI5Mt/NiA
lI4fXgBidbWciTW6WZPzdqyc6wkmr+3EZ6CigC5c2k6X34L85yN4/bbOm4IxDTYs
1wfu85o1zfAJtDE8QuxCITN2TLLrTLvagJPF8t4AxyiUgovMDWR2431EIUJYt53u
Gv8E5ujg8gub+Xkagv7AM+cAaqLH4ZyZHWVZjYYYTRfqVKWrCBqfjCQdKGcdQV6n
9RePpZTs9k966vHA5G69K8nAnbFbePnuhvBkH2ZbFyuHfa7RAXy2UIk6JXl5YKeJ
aGmWl9xMe4rqNKIohw7nfTB1KABTsGaeLrnyhgTN29PIXNkK0uz7O4nwEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMQH57uNwjEGQfZQhcbrfrKOM1k5MB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEveEFmbnU0M0NNUVpCOWxDRnh1dC1zbzR6V1RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpNZMA0G
CSqGSIb3DQEBCwUAA4IBAQC2HMuak8xEtn/esEDQx++BuBffEB5+T/XvEE1Qg2NL
bEIka0b1L2JPTIMvu305XIaACLEqXQKoo5J6uf/f44ffM3rD2Sn84iLrLlNDBmZ/
IrB1mcqHBCIMB/RudtgKtyBykQLvjkAALJITy9FdQMjpH5qfpS0hNDxZpjntlF5V
k0uAWO/wQKRG6NRFCat9DQqr2/qYL/VEtwIkubc/wvkKlz0Ar4uHtqmgIOqGTpMy
Z4hBq+B8fvJNIpKWxkb5uAX455/B/+r2trRglAbh8fqH+QP0C3BBKV5DpGaLAo0/
IiqAeBvMBFyHGJvfha5q2JUfDkhzUXtSwvS7E16WkqRS
-----END CERTIFICATE-----
Generated at Sat Jun 14 21:01:00 2025 by rpki-client