Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/xKUofaD-UkBurvbrjBiTD2FEat0.roa
File: xKUofaD-UkBurvbrjBiTD2FEat0.roa (raw, json)
Hash identifier: HXATn1V6e/rLp+d0s8xNuwFVHKzbWx23WQN8fpFGPy0=
Subject key identifier: C4:A5:28:7D:A0:FE:52:40:6E:AE:F6:EB:8C:18:93:0F:61:44:6A:DD
Certificate issuer: /CN=75790c7ecf24d28be2e13fe069118cee27d58002
Certificate serial: 1C5DA52D
Authority key identifier: 75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/xKUofaD-UkBurvbrjBiTD2FEat0.roa
Signing time: Sat 01 Jan 2022 15:58:43 +0000
ROA not before: Sat 01 Jan 2022 15:58:43 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 204156
IP address blocks: 188.214.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 475899181 (0x1c5da52d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75790c7ecf24d28be2e13fe069118cee27d58002
Validity
Not Before: Jan 1 15:58:43 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=c4a5287da0fe52406eaef6eb8c18930f61446add
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:52:dd:44:76:e1:d6:c8:7a:95:a3:62:92:ce:
cb:71:a8:18:69:32:58:dc:8c:a5:34:bb:9d:5a:fc:
cb:0d:3e:ad:d3:a2:28:a9:1f:18:11:ba:64:cb:8d:
e3:b2:73:44:92:8d:86:72:b9:bc:96:68:f3:0e:9d:
30:e7:83:98:95:f9:ff:39:a3:0b:73:10:a7:e4:90:
55:dd:d2:4e:d0:66:d5:3b:ef:d0:29:80:6c:57:6d:
48:86:09:ba:40:4b:37:ca:30:ab:af:3b:be:00:2a:
d5:48:d5:10:8a:30:38:43:03:20:27:e6:ac:b9:06:
ef:77:cc:d2:5d:07:5c:90:e2:a6:95:6a:a9:75:b0:
a9:af:f3:95:e0:d5:26:32:bd:68:94:98:11:51:52:
93:59:ed:26:ab:18:6f:da:d6:ec:7a:48:77:df:e9:
4b:86:78:15:73:54:a6:74:20:3b:f5:60:34:9c:34:
41:e5:e1:1c:6c:b4:06:01:48:25:ec:da:c7:5e:a3:
85:0b:40:5c:73:4f:c4:44:44:78:d0:3a:d7:b7:1e:
68:ca:68:e9:93:bd:ba:29:5f:f8:e8:b8:aa:45:f8:
6f:41:43:e9:62:f6:1f:01:09:79:22:24:81:f3:b3:
bc:80:27:96:74:32:33:a7:67:cd:3d:c1:5c:ea:26:
fd:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:A5:28:7D:A0:FE:52:40:6E:AE:F6:EB:8C:18:93:0F:61:44:6A:DD
X509v3 Authority Key Identifier:
keyid:75:79:0C:7E:CF:24:D2:8B:E2:E1:3F:E0:69:11:8C:EE:27:D5:80:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dXkMfs8k0ovi4T_gaRGM7ifVgAI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/xKUofaD-UkBurvbrjBiTD2FEat0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/496d56-86ff-48be-bde3-271fde2dc655/1/dXkMfs8k0ovi4T_gaRGM7ifVgAI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.92.0/24
Signature Algorithm: sha256WithRSAEncryption
51:da:b3:36:21:bd:2b:da:5f:4d:ef:86:56:3f:72:ce:ce:a2:
b2:86:ac:d0:b1:57:0a:f3:2c:50:ff:d5:6b:c5:26:3d:69:66:
ac:7d:bc:0d:83:f1:6b:2e:28:70:86:7c:d4:40:ea:e2:b9:ae:
51:9e:b5:19:70:dd:43:4c:f1:89:39:1f:dd:c5:61:3c:3b:0a:
8c:af:7d:6a:2c:56:f3:e0:58:10:d3:3d:c3:2a:46:d7:d0:dd:
6e:a4:d9:17:ff:2f:6b:92:70:34:6a:42:37:01:05:f9:19:3d:
71:50:c3:4a:cd:50:10:f3:cd:83:97:a9:f1:4f:3a:8b:68:0f:
7f:32:b5:9a:75:f3:ee:19:a0:49:f4:c5:c0:2a:a5:23:a6:ea:
d9:7f:d1:c9:b2:5e:50:cf:bd:9d:35:8c:fc:fb:62:5d:05:ac:
15:b9:eb:14:49:52:ca:96:25:5a:59:cf:72:a7:1f:53:a4:95:
59:b8:a1:5c:e2:57:ea:47:39:1f:57:3e:93:57:69:74:3e:c7:
a3:05:b0:48:0b:79:fb:79:7b:3a:bc:e8:ac:34:21:c6:8b:46:
33:9e:bb:91:21:bf:d1:47:4b:6f:aa:15:3d:15:d4:b6:63:bc:
f9:c3:ea:7f:44:fc:de:61:5b:86:f0:d3:81:76:7c:91:e5:7c:
7c:7f:14:8b
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEHF2lLTANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg3
NTc5MGM3ZWNmMjRkMjhiZTJlMTNmZTA2OTExOGNlZTI3ZDU4MDAyMB4XDTIyMDEw
MTE1NTg0M1oXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoYzRhNTI4N2RhMGZl
NTI0MDZlYWVmNmViOGMxODkzMGY2MTQ0NmFkZDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALVS3UR24dbIepWjYpLOy3GoGGkyWNyMpTS7nVr8yw0+rdOi
KKkfGBG6ZMuN47JzRJKNhnK5vJZo8w6dMOeDmJX5/zmjC3MQp+SQVd3STtBm1Tvv
0CmAbFdtSIYJukBLN8owq687vgAq1UjVEIowOEMDICfmrLkG73fM0l0HXJDippVq
qXWwqa/zleDVJjK9aJSYEVFSk1ntJqsYb9rW7HpId9/pS4Z4FXNUpnQgO/VgNJw0
QeXhHGy0BgFIJezax16jhQtAXHNPxEREeNA617ceaMpo6ZO9uilf+Oi4qkX4b0FD
6WL2HwEJeSIkgfOzvIAnlnQyM6dnzT3BXOom/ZMCAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBTEpSh9oP5SQG6u9uuMGJMPYURq3TAfBgNVHSMEGDAWgBR1eQx+zyTSi+Lh
P+BpEYzuJ9WAAjAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L2RYa01mczhrMG92aTRUX2dhUkdNN2lmVmdBSS5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvODIvNDk2ZDU2LTg2ZmYtNDhiZS1iZGUzLTI3MWZkZTJkYzY1NS8x
L3hLVW9mYUQtVWtCdXJ2YnJqQmlURDJGRWF0MC5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvODIv
NDk2ZDU2LTg2ZmYtNDhiZS1iZGUzLTI3MWZkZTJkYzY1NS8xL2RYa01mczhrMG92
aTRUX2dhUkdNN2lmVmdBSS5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEALzWXDANBgkqhkiG9w0BAQsFAAOC
AQEAUdqzNiG9K9pfTe+GVj9yzs6isoas0LFXCvMsUP/Va8UmPWlmrH28DYPxay4o
cIZ81EDq4rmuUZ61GXDdQ0zxiTkf3cVhPDsKjK99aixW8+BYENM9wypG19DdbqTZ
F/8va5JwNGpCNwEF+Rk9cVDDSs1QEPPNg5ep8U86i2gPfzK1mnXz7hmgSfTFwCql
I6bq2X/RybJeUM+9nTWM/PtiXQWsFbnrFElSypYlWlnPcqcfU6SVWbihXOJX6kc5
H1c+k1dpdD7HowWwSAt5+3l7OrzorDQhxotGM567kSG/0UdLb6oVPRXUtmO8+cPq
f0T83mFbhvDTgXZ8keV8fH8Uiw==
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:06:20 2025 by rpki-client