Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/r5mXlXY07V6Iy8P0TrjlCjLDVHo.roa
File: r5mXlXY07V6Iy8P0TrjlCjLDVHo.roa (raw, json)
Hash identifier: Y9IaBhxMMh8XUECUd+Ja3ZHC5cx72W++xTYIfW2nrqM=
Subject key identifier: AF:99:97:95:76:34:ED:5E:88:CB:C3:F4:4E:B8:E5:0A:32:C3:54:7A
Certificate issuer: /CN=31b5f0acae3652a53c71a074a2347ab6f17fd3f8
Certificate serial: 01856D2F3C0BF1C988FBDC55E589B75C9DC4
Authority key identifier: 31:B5:F0:AC:AE:36:52:A5:3C:71:A0:74:A2:34:7A:B6:F1:7F:D3:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbXwrK42UqU8caB0ojR6tvF_0_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/r5mXlXY07V6Iy8P0TrjlCjLDVHo.roa
Signing time: Sun 01 Jan 2023 11:54:50 +0000
ROA not before: Sun 01 Jan 2023 11:54:50 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200312
IP address blocks: 194.156.140.0/22 maxlen: 27
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6d:2f:3c:0b:f1:c9:88:fb:dc:55:e5:89:b7:5c:9d:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b5f0acae3652a53c71a074a2347ab6f17fd3f8
Validity
Not Before: Jan 1 11:54:50 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=af9997957634ed5e88cbc3f44eb8e50a32c3547a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:58:43:cb:21:55:d2:9f:42:de:15:c5:24:02:
9e:24:af:4b:b4:dd:ec:87:ab:cc:74:e6:e9:0b:bd:
7c:a4:53:06:cf:1f:5d:a6:50:51:5a:77:26:aa:2b:
76:a6:62:f9:3a:fb:5f:70:1b:3d:f2:23:c1:76:e9:
8c:07:51:0b:ff:1a:3d:d0:23:66:a2:18:38:97:0d:
8f:33:63:83:c1:03:75:f4:f4:9c:7e:57:2e:34:8f:
ad:c6:e3:9b:6b:a1:df:85:34:36:e5:d7:4f:bf:90:
7e:e8:22:47:e8:25:6f:23:b1:a1:90:2f:64:9f:8a:
53:a5:1c:ef:74:33:4b:f4:b0:de:5d:98:b4:f6:31:
73:41:b2:9f:b5:ff:17:5d:bf:fc:ef:bd:e1:35:1e:
f6:14:c9:b4:84:f9:e8:46:59:2b:ab:0b:fa:64:ed:
f8:0e:f2:90:5c:81:c8:16:be:dd:9d:53:51:a8:dd:
47:42:6f:16:f4:7d:76:6d:f5:5c:b8:6a:f2:f7:56:
7e:40:f3:79:ac:54:b0:f9:8b:5e:7f:3f:54:09:cf:
bd:e2:9b:46:d6:66:de:30:a9:78:cd:28:0a:95:77:
09:1b:78:fc:ef:54:91:a4:22:0d:0f:01:91:ca:0c:
e9:f1:01:e9:eb:2c:10:3c:f9:99:f7:42:72:45:37:
f4:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:99:97:95:76:34:ED:5E:88:CB:C3:F4:4E:B8:E5:0A:32:C3:54:7A
X509v3 Authority Key Identifier:
keyid:31:B5:F0:AC:AE:36:52:A5:3C:71:A0:74:A2:34:7A:B6:F1:7F:D3:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbXwrK42UqU8caB0ojR6tvF_0_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/r5mXlXY07V6Iy8P0TrjlCjLDVHo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ecbe01-18ab-4fbd-9dc3-bcd52da15644/1/MbXwrK42UqU8caB0ojR6tvF_0_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.140.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:6f:2e:3a:bc:61:42:50:ae:65:9a:94:f1:15:72:b3:b6:8b:
1d:ac:25:59:4b:68:f3:91:a3:52:78:c0:4e:f8:5a:a6:31:31:
b2:ce:ba:89:18:5f:d0:3b:7c:de:46:fa:72:e8:f0:d9:f8:5b:
33:6e:00:f5:81:1f:f0:ae:71:6c:30:31:b1:51:32:13:72:01:
87:90:b9:49:ba:0a:3d:5f:db:3d:70:c4:18:24:8d:42:2d:ff:
0f:db:aa:1c:dd:60:95:60:83:f0:88:fc:b7:a8:43:ad:eb:33:
11:e1:ee:e3:e9:00:4d:d3:6c:26:f8:20:c4:1e:e6:ca:9d:2d:
85:01:a0:a0:ed:d0:64:5d:0a:83:57:8f:73:b3:5b:95:52:8b:
5b:b5:4a:58:e1:3b:3f:ee:c7:97:50:ac:1b:56:61:8b:70:4e:
66:cf:b3:89:a4:9c:78:74:b3:07:af:c1:49:cd:55:39:47:51:
1e:1f:f9:b7:7c:47:ca:67:aa:02:34:2e:a7:a8:b1:6f:81:d9:
56:99:c2:cc:74:d9:67:e4:12:fa:84:de:2f:76:06:99:ae:d6:
1b:c2:6a:9c:ae:61:e2:72:7a:2b:42:90:a8:17:d8:16:cb:f6:
c5:7a:6c:03:ea:09:38:3d:06:01:c2:f7:f8:2e:cf:f6:e5:8d:
31:31:98:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVtLzwL8cmI+9xV5Ym3XJ3EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjVmMGFjYWUzNjUyYTUzYzcxYTA3NGEyMzQ3YWI2ZjE3
ZmQzZjgwHhcNMjMwMTAxMTE1NDUwWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjk5OTc5NTc2MzRlZDVlODhjYmMzZjQ0ZWI4ZTUwYTMyYzM1NDdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmFhDyyFV0p9C3hXFJAKeJK9LtN3s
h6vMdObpC718pFMGzx9dplBRWncmqit2pmL5OvtfcBs98iPBdumMB1EL/xo90CNm
ohg4lw2PM2ODwQN19PScflcuNI+txuOba6HfhTQ25ddPv5B+6CJH6CVvI7GhkC9k
n4pTpRzvdDNL9LDeXZi09jFzQbKftf8XXb/8773hNR72FMm0hPnoRlkrqwv6ZO34
DvKQXIHIFr7dnVNRqN1HQm8W9H12bfVcuGry91Z+QPN5rFSw+Ytefz9UCc+94ptG
1mbeMKl4zSgKlXcJG3j871SRpCINDwGRygzp8QHp6ywQPPmZ90JyRTf0dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK+Zl5V2NO1eiMvD9E645Qoyw1R6MB8GA1UdIwQY
MBaAFDG18KyuNlKlPHGgdKI0erbxf9P4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJYd3JLNDJVcVU4Y2FCMG9qUjZ0dkZfMF9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9lY2JlMDEtMThhYi00ZmJkLTlkYzMt
YmNkNTJkYTE1NjQ0LzEvcjVtWGxYWTA3VjZJeThQMFRyamxDakxEVkhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9lY2JlMDEtMThhYi00ZmJkLTlkYzMtYmNkNTJkYTE1NjQ0
LzEvTWJYd3JLNDJVcVU4Y2FCMG9qUjZ0dkZfMF9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwpyMMA0G
CSqGSIb3DQEBCwUAA4IBAQAsby46vGFCUK5lmpTxFXKztosdrCVZS2jzkaNSeMBO
+FqmMTGyzrqJGF/QO3zeRvpy6PDZ+FszbgD1gR/wrnFsMDGxUTITcgGHkLlJugo9
X9s9cMQYJI1CLf8P26oc3WCVYIPwiPy3qEOt6zMR4e7j6QBN02wm+CDEHubKnS2F
AaCg7dBkXQqDV49zs1uVUotbtUpY4Ts/7seXUKwbVmGLcE5mz7OJpJx4dLMHr8FJ
zVU5R1EeH/m3fEfKZ6oCNC6nqLFvgdlWmcLMdNln5BL6hN4vdgaZrtYbwmqcrmHi
cnorQpCoF9gWy/bFemwD6gk4PQYBwvf4Ls/25Y0xMZin
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:31:29 2025 by rpki-client