Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/biv7RvsW79F1esexQh13hMwIWyY.roa
File: biv7RvsW79F1esexQh13hMwIWyY.roa (raw, json)
Hash identifier: 64tccM60WafAe/zMxoO+2QhTgxg+WMovRaKMwxc0Vl4=
Subject key identifier: 6E:2B:FB:46:FB:16:EF:D1:75:7A:C7:B1:42:1D:77:84:CC:08:5B:26
Certificate issuer: /CN=a588604d25b87b82fd1259dfe294cd8fb9ff49b4
Certificate serial: 018C8683AFCA545D07A7259049B33788EBFB
Authority key identifier: A5:88:60:4D:25:B8:7B:82:FD:12:59:DF:E2:94:CD:8F:B9:FF:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/biv7RvsW79F1esexQh13hMwIWyY.roa
Signing time: Wed 20 Dec 2023 09:17:06 +0000
ROA not before: Wed 20 Dec 2023 09:17:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 35337
IP address blocks: 194.56.211.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:86:83:af:ca:54:5d:07:a7:25:90:49:b3:37:88:eb:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a588604d25b87b82fd1259dfe294cd8fb9ff49b4
Validity
Not Before: Dec 20 09:17:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=6e2bfb46fb16efd1757ac7b1421d7784cc085b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:27:ff:0e:e2:bf:81:53:42:6b:19:17:d6:e6:
8c:a1:33:15:80:61:4f:74:de:f3:39:74:c1:ab:11:
8f:ea:5b:e0:b8:0d:d8:69:61:0f:24:34:b0:34:f8:
40:57:d0:dd:1c:28:07:1c:d4:df:8e:d9:8b:68:e2:
43:dc:da:1f:34:d2:5b:8e:36:f2:3f:3d:85:d0:d3:
21:ec:6c:77:84:61:3c:c5:02:c3:a1:45:95:43:84:
3d:f1:80:42:1a:38:8d:dc:a0:13:e4:ec:cc:50:f7:
b4:54:c3:81:6c:a3:da:81:4c:c8:37:f1:ef:53:97:
41:89:69:45:c2:06:d9:91:eb:2d:5e:69:d9:ad:da:
3b:a2:a5:da:f1:00:0a:70:0f:2a:1d:55:e9:40:86:
b5:3a:a7:a2:e0:90:53:17:d2:fe:59:43:e8:98:e2:
e0:5a:ea:13:77:55:64:77:2e:c0:15:20:8d:f0:cb:
a1:e0:d4:1c:49:83:27:d2:14:a7:18:e0:67:0d:ce:
6c:c1:be:39:5e:3e:41:78:1d:9b:54:83:24:75:a7:
79:2f:40:12:b2:4e:74:40:37:af:a0:62:50:05:4a:
1c:c0:2b:c1:1d:07:ea:e6:cc:4c:68:7c:bc:3f:b2:
ab:8a:ab:30:6a:e6:9c:63:29:6b:d7:cc:df:c5:fd:
ff:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:2B:FB:46:FB:16:EF:D1:75:7A:C7:B1:42:1D:77:84:CC:08:5B:26
X509v3 Authority Key Identifier:
keyid:A5:88:60:4D:25:B8:7B:82:FD:12:59:DF:E2:94:CD:8F:B9:FF:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/biv7RvsW79F1esexQh13hMwIWyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/510a4e-66ef-4dc1-803b-20dddbc1281d/1/pYhgTSW4e4L9Elnf4pTNj7n_SbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.211.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:58:16:30:6f:39:1a:d5:07:08:7b:d6:ef:f6:c2:16:7c:b3:
b3:2b:d1:8b:ba:7a:73:ce:d1:2e:c7:da:50:ab:68:b7:bb:38:
73:75:d1:de:43:84:51:1d:51:1d:27:85:60:02:80:60:d6:42:
e6:29:7e:62:33:5b:f3:e0:d2:a0:8e:7a:41:ce:0b:07:f1:85:
c3:a1:0f:92:5d:a7:86:33:90:b4:e0:a6:29:80:3a:01:09:8b:
fd:27:13:dd:d4:a5:5d:72:f7:0d:b4:40:89:1c:d1:64:6a:4f:
aa:88:6e:75:8c:75:77:8c:ba:81:e3:b2:24:d2:39:b2:5b:5e:
96:ee:8c:52:1f:5e:50:86:ce:43:c8:0e:74:c4:29:39:3f:ce:
11:40:15:a8:38:6e:2a:77:5e:89:c1:10:d0:e9:d8:ce:19:0c:
2a:db:1a:ce:29:b0:d1:f8:07:96:b1:8d:a1:8d:da:bf:b9:79:
d9:63:6c:57:9b:cd:ca:fd:8e:19:3d:fb:e4:01:ac:d6:42:b9:
94:15:d2:71:dd:47:53:db:98:75:49:d2:8a:77:58:4c:32:03:
a5:1a:9c:1d:be:a1:df:8f:cf:ee:3c:27:04:7b:94:33:43:d3:
15:27:bc:6a:2f:71:33:ae:de:70:ad:f8:03:ca:17:ea:60:00:
e5:20:3e:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyGg6/KVF0HpyWQSbM3iOv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1ODg2MDRkMjViODdiODJmZDEyNTlkZmUyOTRjZDhmYjlm
ZjQ5YjQwHhcNMjMxMjIwMDkxNzA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTJiZmI0NmZiMTZlZmQxNzU3YWM3YjE0MjFkNzc4NGNjMDg1YjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCf/DuK/gVNCaxkX1uaMoTMVgGFP
dN7zOXTBqxGP6lvguA3YaWEPJDSwNPhAV9DdHCgHHNTfjtmLaOJD3NofNNJbjjby
Pz2F0NMh7Gx3hGE8xQLDoUWVQ4Q98YBCGjiN3KAT5OzMUPe0VMOBbKPagUzIN/Hv
U5dBiWlFwgbZkestXmnZrdo7oqXa8QAKcA8qHVXpQIa1Oqei4JBTF9L+WUPomOLg
WuoTd1Vkdy7AFSCN8Muh4NQcSYMn0hSnGOBnDc5swb45Xj5BeB2bVIMkdad5L0AS
sk50QDevoGJQBUocwCvBHQfq5sxMaHy8P7KriqswauacYylr18zfxf3/SwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4r+0b7Fu/RdXrHsUIdd4TMCFsmMB8GA1UdIwQY
MBaAFKWIYE0luHuC/RJZ3+KUzY+5/0m0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFloZ1RTVzRlNEw5RWxuZjRwVE5qN25fU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81MTBhNGUtNjZlZi00ZGMxLTgwM2It
MjBkZGRiYzEyODFkLzEvYml2N1J2c1c3OUYxZXNleFFoMTNoTXdJV3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81MTBhNGUtNjZlZi00ZGMxLTgwM2ItMjBkZGRiYzEyODFk
LzEvcFloZ1RTVzRlNEw5RWxuZjRwVE5qN25fU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjjTMA0G
CSqGSIb3DQEBCwUAA4IBAQCOWBYwbzka1QcIe9bv9sIWfLOzK9GLunpzztEux9pQ
q2i3uzhzddHeQ4RRHVEdJ4VgAoBg1kLmKX5iM1vz4NKgjnpBzgsH8YXDoQ+SXaeG
M5C04KYpgDoBCYv9JxPd1KVdcvcNtECJHNFkak+qiG51jHV3jLqB47Ik0jmyW16W
7oxSH15Qhs5DyA50xCk5P84RQBWoOG4qd16JwRDQ6djOGQwq2xrOKbDR+AeWsY2h
jdq/uXnZY2xXm83K/Y4ZPfvkAazWQrmUFdJx3UdT25h1SdKKd1hMMgOlGpwdvqHf
j8/uPCcEe5QzQ9MVJ7xqL3Ezrt5wrfgDyhfqYADlID7T
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:14:14 2025 by rpki-client