Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/412345-903e-4cc1-997a-e8682f322940/1/K5YMhf2TWwnFslHV6RA5R3PhNcU.roa
File: K5YMhf2TWwnFslHV6RA5R3PhNcU.roa (raw, json)
Hash identifier: tmBtxfg8fBtU3018gaw8OsWkQxsF1GBLCere++U5ymc=
Subject key identifier: 2B:96:0C:85:FD:93:5B:09:C5:B2:51:D5:E9:10:39:47:73:E1:35:C5
Certificate issuer: /CN=e15c506035fa8dd6091b43a4e889767fcdcc48f1
Certificate serial: 018C02FA57DE59657E3B17B03A6F7BCE7E16
Authority key identifier: E1:5C:50:60:35:FA:8D:D6:09:1B:43:A4:E8:89:76:7F:CD:CC:48:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VxQYDX6jdYJG0Ok6Il2f83MSPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/412345-903e-4cc1-997a-e8682f322940/1/K5YMhf2TWwnFslHV6RA5R3PhNcU.roa
Signing time: Fri 24 Nov 2023 20:16:49 +0000
ROA not before: Fri 24 Nov 2023 20:16:49 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 51679
IP address blocks: 193.25.194.0/24 maxlen: 24
193.25.196.0/24 maxlen: 24
193.24.36.0/24 maxlen: 24
193.25.223.0/24 maxlen: 24
2a0f:76c0::/29 maxlen: 29
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:02:fa:57:de:59:65:7e:3b:17:b0:3a:6f:7b:ce:7e:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15c506035fa8dd6091b43a4e889767fcdcc48f1
Validity
Not Before: Nov 24 20:16:49 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=2b960c85fd935b09c5b251d5e910394773e135c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:86:06:7a:77:67:c1:69:27:35:50:0b:40:68:
89:2c:65:23:53:7c:cb:37:24:50:ee:62:1d:0a:4c:
9e:3f:6f:09:3b:bc:18:2a:bb:e5:56:dc:c8:a6:72:
25:42:c2:d0:4d:f4:30:41:39:cd:6b:2e:7f:9b:75:
1b:41:04:95:0e:49:a9:05:f5:41:ef:6d:fc:a5:e0:
aa:86:0b:05:9e:b6:1c:a7:9b:7d:f3:0c:9a:55:8b:
f2:44:8d:6a:ba:12:72:93:95:15:d2:d9:3e:1d:b6:
da:00:69:55:e1:3e:d4:94:6d:d3:60:cf:f9:0f:b3:
67:42:89:57:8f:6c:95:92:2b:5a:f2:8e:10:b2:6f:
09:ac:16:b8:bc:c8:6e:18:09:ee:fd:12:f6:22:cf:
63:76:aa:9f:74:90:4e:a1:8f:8a:b2:7b:1f:25:61:
3d:38:48:50:94:2e:a8:7a:f7:b1:b5:5f:21:61:2d:
ee:3e:70:d4:1f:c9:36:cd:71:44:46:e6:f1:f9:81:
54:81:d2:6f:d8:8b:98:a1:f2:68:68:44:60:4a:1e:
13:1d:fe:91:e1:d4:a0:7e:2a:0d:34:fe:f7:5b:cd:
ae:b3:ce:ad:d6:05:8f:88:ba:cc:1f:61:b9:cb:1c:
c1:31:47:f5:fd:34:33:a3:d3:1d:d2:e0:7c:e1:92:
0e:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:96:0C:85:FD:93:5B:09:C5:B2:51:D5:E9:10:39:47:73:E1:35:C5
X509v3 Authority Key Identifier:
keyid:E1:5C:50:60:35:FA:8D:D6:09:1B:43:A4:E8:89:76:7F:CD:CC:48:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VxQYDX6jdYJG0Ok6Il2f83MSPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/412345-903e-4cc1-997a-e8682f322940/1/K5YMhf2TWwnFslHV6RA5R3PhNcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/412345-903e-4cc1-997a-e8682f322940/1/4VxQYDX6jdYJG0Ok6Il2f83MSPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.36.0/24
193.25.194.0/24
193.25.196.0/24
193.25.223.0/24
IPv6:
2a0f:76c0::/29
Signature Algorithm: sha256WithRSAEncryption
5a:af:e8:e7:ca:2e:0f:8b:5e:12:cb:0c:cc:e3:19:b6:76:1b:
18:e0:db:32:2c:37:32:4d:36:90:83:a7:ac:a4:7f:48:bf:d3:
f9:da:a6:63:75:e2:69:b6:ca:cf:3a:54:75:6d:01:60:9f:70:
e3:22:ef:07:96:f5:bc:c0:2b:fe:55:d9:b1:2c:62:2b:6b:70:
5a:56:30:ce:db:22:48:a6:da:ed:6b:5b:ea:8e:60:22:ef:55:
5e:b7:11:e1:80:e4:64:e7:72:ac:77:c3:c8:40:29:0d:c9:55:
d9:94:ef:73:93:e4:b8:c4:fc:77:cc:d4:bd:d6:12:db:a6:6d:
23:71:ce:03:ca:68:7e:ad:19:cd:79:9f:a2:f3:c5:df:3a:82:
87:66:65:e2:f3:bb:59:da:d0:30:40:c2:04:72:a0:c3:08:08:
eb:05:8a:20:74:21:da:21:24:08:19:e3:e9:d8:85:72:1b:26:
d3:9f:7f:7a:4d:84:7b:63:c4:fb:4e:69:d5:a4:b3:0d:fa:7e:
e2:c1:f1:df:2c:59:f8:30:bb:69:16:07:2f:4c:a2:fc:4c:45:
c5:b8:2e:b0:b7:de:d7:1b:a7:8e:2b:ee:43:a3:0b:92:8f:13:
fa:d3:3d:20:9a:6c:67:8d:52:bb:a2:55:c0:a2:10:9d:f6:5d:
7a:9b:d0:6f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYwC+lfeWWV+OxewOm97zn4WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNWM1MDYwMzVmYThkZDYwOTFiNDNhNGU4ODk3NjdmY2Rj
YzQ4ZjEwHhcNMjMxMTI0MjAxNjQ5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk2MGM4NWZkOTM1YjA5YzViMjUxZDVlOTEwMzk0NzczZTEzNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIYGendnwWknNVALQGiJLGUjU3zL
NyRQ7mIdCkyeP28JO7wYKrvlVtzIpnIlQsLQTfQwQTnNay5/m3UbQQSVDkmpBfVB
7238peCqhgsFnrYcp5t98wyaVYvyRI1quhJyk5UV0tk+HbbaAGlV4T7UlG3TYM/5
D7NnQolXj2yVkita8o4Qsm8JrBa4vMhuGAnu/RL2Is9jdqqfdJBOoY+KsnsfJWE9
OEhQlC6oevextV8hYS3uPnDUH8k2zXFERubx+YFUgdJv2IuYofJoaERgSh4THf6R
4dSgfioNNP73W82us86t1gWPiLrMH2G5yxzBMUf1/TQzo9Md0uB84ZIONwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCuWDIX9k1sJxbJR1ekQOUdz4TXFMB8GA1UdIwQY
MBaAFOFcUGA1+o3WCRtDpOiJdn/NzEjxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZ4UVlEWDZqZFlKRzBPazZJbDJmODNNU1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80MTIzNDUtOTAzZS00Y2MxLTk5N2Et
ZTg2ODJmMzIyOTQwLzEvSzVZTWhmMlRXd25Gc2xIVjZSQTVSM1BoTmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80MTIzNDUtOTAzZS00Y2MxLTk5N2EtZTg2ODJmMzIyOTQw
LzEvNFZ4UVlEWDZqZFlKRzBPazZJbDJmODNNU1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwRgkAwQA
wRnCAwQAwRnEAwQAwRnfMA0EAgACMAcDBQMqD3bAMA0GCSqGSIb3DQEBCwUAA4IB
AQBar+jnyi4Pi14SywzM4xm2dhsY4NsyLDcyTTaQg6espH9Iv9P52qZjdeJptsrP
OlR1bQFgn3DjIu8HlvW8wCv+VdmxLGIra3BaVjDO2yJIptrta1vqjmAi71VetxHh
gORk53Ksd8PIQCkNyVXZlO9zk+S4xPx3zNS91hLbpm0jcc4Dymh+rRnNeZ+i88Xf
OoKHZmXi87tZ2tAwQMIEcqDDCAjrBYogdCHaISQIGePp2IVyGybTn396TYR7Y8T7
TmnVpLMN+n7iwfHfLFn4MLtpFgcvTKL8TEXFuC6wt97XG6eOK+5DowuSjxP60z0g
mmxnjVK7olXAohCd9l16m9Bv
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:43:49 2025 by rpki-client