Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/rA5Krpa930_G4wMGzqgTGPniOaw.roa
File: rA5Krpa930_G4wMGzqgTGPniOaw.roa (raw, json)
Hash identifier: YYXO5sxJaMK28jCMIdsXdjVJqmmQFX2ofOjDejIQN04=
Subject key identifier: AC:0E:4A:AE:96:BD:DF:4F:C6:E3:03:06:CE:A8:13:18:F9:E2:39:AC
Certificate issuer: /CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Certificate serial: 018461923AF4A0959324A0F8E58570746551
Authority key identifier: 56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/rA5Krpa930_G4wMGzqgTGPniOaw.roa
Signing time: Thu 10 Nov 2022 12:44:44 +0000
ROA not before: Thu 10 Nov 2022 12:44:44 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 16509
IP address blocks: 194.176.117.0/24 maxlen: 24
2a13:14c0::/32 maxlen: 48
2a13:14c1::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:84:61:92:3a:f4:a0:95:93:24:a0:f8:e5:85:70:74:65:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56ad9b2c227b413c505813294faadb6dbbc2dd66
Validity
Not Before: Nov 10 12:44:44 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=ac0e4aae96bddf4fc6e30306cea81318f9e239ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:8a:85:70:d7:ac:d4:fd:ca:e7:5c:d2:21:78:
66:d2:fa:2f:9c:97:7a:35:4c:59:c3:49:82:25:32:
6e:a2:1f:9b:be:21:8b:bf:9a:35:12:6e:b0:a7:1f:
0c:33:d0:cc:66:fc:c7:cf:f8:fc:ec:fd:79:2b:ee:
e4:e8:a7:66:fd:9f:7e:2c:e1:e0:ca:fe:a3:c6:16:
c1:7d:41:e3:0e:e7:8c:20:f8:17:48:2c:14:51:f3:
31:70:d4:d9:26:8f:4b:a1:8d:b3:85:ab:c5:7c:2f:
f3:43:22:d9:ef:33:23:fd:1d:d5:9f:47:73:3d:34:
4c:99:04:fe:1a:89:27:b8:17:41:48:2c:6b:ab:b5:
af:39:5a:26:66:28:49:86:38:99:af:a8:12:af:f7:
b2:e2:9d:24:d3:aa:95:89:7b:e3:7f:cb:2d:af:23:
71:02:71:8c:3f:1f:6b:8e:9d:23:fd:7f:2a:b1:26:
8c:8b:a6:1a:1f:03:f6:7a:52:3c:7e:c6:85:de:7c:
97:b9:a9:55:20:6a:f5:aa:4d:da:93:b5:70:16:12:
40:b0:3b:09:86:6b:25:b8:55:ea:3b:09:f6:3f:33:
b0:a2:c7:d8:ab:7d:2d:24:3b:cf:36:3b:86:4f:78:
34:9d:62:05:69:45:f1:ec:7c:43:2b:ee:6c:1a:90:
53:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:0E:4A:AE:96:BD:DF:4F:C6:E3:03:06:CE:A8:13:18:F9:E2:39:AC
X509v3 Authority Key Identifier:
keyid:56:AD:9B:2C:22:7B:41:3C:50:58:13:29:4F:AA:DB:6D:BB:C2:DD:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/rA5Krpa930_G4wMGzqgTGPniOaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/fdffe3-010f-4c6a-bd96-718b8c7c9335/1/Vq2bLCJ7QTxQWBMpT6rbbbvC3WY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.176.117.0/24
IPv6:
2a13:14c0::/31
Signature Algorithm: sha256WithRSAEncryption
5c:9b:f3:a0:6c:3a:0e:ec:5b:18:92:9e:4f:29:fa:c2:af:48:
da:10:df:af:3f:b7:4f:c9:a3:71:d1:7a:f9:f8:7d:30:70:a8:
5c:a5:c0:f8:e8:72:53:b2:71:f8:98:ce:dd:76:66:85:d4:2f:
cb:6a:e9:e6:e1:90:5a:e2:d9:c6:d0:12:7c:37:f9:72:62:09:
e5:18:23:95:f7:2c:a8:d3:22:9e:85:35:66:6c:d1:d1:18:3d:
a6:6c:af:17:53:ea:85:18:b0:2f:ec:5d:33:41:28:a2:a3:50:
44:ed:eb:dd:1d:5d:10:40:21:0c:19:dd:30:8e:67:54:fa:f6:
1c:ee:4b:36:c2:12:40:c0:16:40:a4:63:f0:8d:33:2b:97:8c:
7a:91:c4:a1:34:25:02:47:21:30:c6:65:fe:87:56:f4:79:25:
1b:0e:0a:a0:c1:72:9d:af:a5:fd:b2:27:4c:83:d6:f7:13:ca:
85:b3:72:b9:1e:1d:a5:04:9e:23:13:dd:a2:dd:52:5b:92:d5:
71:5a:d4:1b:d0:33:24:53:1f:01:07:58:c8:a9:82:a4:00:2f:
01:c1:9b:10:fa:c3:0a:0b:44:aa:e3:fb:ff:29:45:8c:69:09:
52:17:9c:1c:25:30:0e:cb:da:7b:01:ef:8c:4a:81:ea:9d:c0:
6c:84:a4:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYRhkjr0oJWTJKD45YVwdGVRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWQ5YjJjMjI3YjQxM2M1MDU4MTMyOTRmYWFkYjZkYmJj
MmRkNjYwHhcNMjIxMTEwMTI0NDQ0WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzBlNGFhZTk2YmRkZjRmYzZlMzAzMDZjZWE4MTMxOGY5ZTIzOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIqFcNes1P3K51zSIXhm0vovnJd6
NUxZw0mCJTJuoh+bviGLv5o1Em6wpx8MM9DMZvzHz/j87P15K+7k6Kdm/Z9+LOHg
yv6jxhbBfUHjDueMIPgXSCwUUfMxcNTZJo9LoY2zhavFfC/zQyLZ7zMj/R3Vn0dz
PTRMmQT+GoknuBdBSCxrq7WvOVomZihJhjiZr6gSr/ey4p0k06qViXvjf8stryNx
AnGMPx9rjp0j/X8qsSaMi6YaHwP2elI8fsaF3nyXualVIGr1qk3ak7VwFhJAsDsJ
hmsluFXqOwn2PzOwosfYq30tJDvPNjuGT3g0nWIFaUXx7HxDK+5sGpBTSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKwOSq6Wvd9PxuMDBs6oExj54jmsMB8GA1UdIwQY
MBaAFFatmywie0E8UFgTKU+q2227wt1mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYt
NzE4YjhjN2M5MzM1LzEvckE1S3JwYTkzMF9HNHdNR3pxZ1RHUG5pT2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9mZGZmZTMtMDEwZi00YzZhLWJkOTYtNzE4YjhjN2M5MzM1
LzEvVnEyYkxDSjdRVHhRV0JNcFQ2cmJiYnZDM1dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwrB1MA0E
AgACMAcDBQEqExTAMA0GCSqGSIb3DQEBCwUAA4IBAQBcm/OgbDoO7FsYkp5PKfrC
r0jaEN+vP7dPyaNx0Xr5+H0wcKhcpcD46HJTsnH4mM7ddmaF1C/Launm4ZBa4tnG
0BJ8N/lyYgnlGCOV9yyo0yKehTVmbNHRGD2mbK8XU+qFGLAv7F0zQSiio1BE7evd
HV0QQCEMGd0wjmdU+vYc7ks2whJAwBZApGPwjTMrl4x6kcShNCUCRyEwxmX+h1b0
eSUbDgqgwXKdr6X9sidMg9b3E8qFs3K5Hh2lBJ4jE92i3VJbktVxWtQb0DMkUx8B
B1jIqYKkAC8BwZsQ+sMKC0Sq4/v/KUWMaQlSF5wcJTAOy9p7Ae+MSoHqncBshKTg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:52:00 2024 by rpki-client on console-fra.rpki-client.org