Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/XK9Pz02NlDD3BcGWlp2s0rz1rU8.roa
File: XK9Pz02NlDD3BcGWlp2s0rz1rU8.roa (raw, json)
Hash identifier: jIC/YuzGsN0FRqxpZPxxKdUluETielEm8EDPXF0OVYA=
Subject key identifier: 5C:AF:4F:CF:4D:8D:94:30:F7:05:C1:96:96:9D:AC:D2:BC:F5:AD:4F
Certificate issuer: /CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Certificate serial: 0A1196
Authority key identifier: 56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/XK9Pz02NlDD3BcGWlp2s0rz1rU8.roa
Signing time: Sun 24 Apr 2022 09:19:53 +0000
ROA not before: Sun 24 Apr 2022 09:19:53 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 59451
IP address blocks: 194.165.131.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 659862 (0xa1196)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56d0e3b28f2be33ec5a9d2ca00ac64155536cbc6
Validity
Not Before: Apr 24 09:19:53 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=5caf4fcf4d8d9430f705c196969dacd2bcf5ad4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:52:73:cc:3a:84:47:3f:3e:53:2b:d7:3e:e6:
20:c0:16:0f:1d:23:64:b1:9b:7b:78:b3:5f:09:7b:
cc:4f:e2:1b:4a:ad:94:ab:10:4b:d3:ae:6d:a8:df:
f9:72:32:9c:ba:2c:1d:67:30:71:d7:6c:36:da:50:
34:f5:95:7e:f1:77:20:f8:6a:11:6e:1e:0c:23:e5:
00:61:02:39:cd:10:9a:e0:1b:1f:39:bb:05:da:89:
95:72:81:79:75:14:15:68:b0:7c:49:a5:2d:9c:c8:
76:46:96:1c:12:86:da:5d:68:12:3e:43:9e:d7:d0:
8b:38:15:05:b6:53:58:22:4a:65:72:da:10:0f:93:
4a:88:5b:67:b1:ce:71:a2:b9:3b:80:ce:c8:b4:c9:
f1:e7:f0:3c:4a:53:60:80:f8:41:1d:e0:7f:47:84:
9c:f5:9e:0d:cf:a6:b8:9c:be:af:ea:7e:d0:f7:e9:
d8:ee:6e:26:fd:13:b1:ed:c4:e5:2b:9a:2a:80:21:
ba:68:51:f0:bb:cc:aa:be:9e:f2:9f:df:12:69:9e:
fd:f2:14:92:39:c7:39:ca:33:1a:b2:5b:ad:33:9f:
46:c6:f6:e2:46:21:3a:05:11:5b:a2:5a:99:3e:13:
e8:e3:93:a9:11:9e:0a:3a:cd:93:7a:69:11:a4:bf:
35:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:AF:4F:CF:4D:8D:94:30:F7:05:C1:96:96:9D:AC:D2:BC:F5:AD:4F
X509v3 Authority Key Identifier:
keyid:56:D0:E3:B2:8F:2B:E3:3E:C5:A9:D2:CA:00:AC:64:15:55:36:CB:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VtDjso8r4z7FqdLKAKxkFVU2y8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/XK9Pz02NlDD3BcGWlp2s0rz1rU8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/ffbf6a-72f0-401f-b2c3-8b8d72172090/1/VtDjso8r4z7FqdLKAKxkFVU2y8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.131.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:3e:64:88:fa:4e:7b:c4:43:d3:9f:76:43:2c:1b:60:65:1f:
21:d7:22:32:d8:20:54:2e:13:87:49:fe:47:be:a8:ab:9a:c1:
a4:27:34:00:80:db:f3:1f:96:9b:48:f8:81:3e:5f:f9:d0:e0:
6e:db:57:f8:7a:90:a7:92:f8:61:db:4c:5d:8a:d4:b0:ec:e9:
76:1c:b2:a5:63:e1:10:90:e4:b0:04:01:b1:ac:43:f8:9c:5b:
c8:df:ec:15:cc:da:e5:50:8b:73:9c:16:a4:e0:b1:54:33:81:
29:ea:ac:33:35:e5:a0:3f:9f:1a:fe:59:b9:0d:51:d3:ef:c3:
97:01:4a:87:2b:e9:93:e0:22:3c:ee:71:69:9d:fb:b4:99:3a:
64:5e:45:03:c3:d0:86:01:67:21:da:ec:58:8e:3a:45:3a:04:
4a:3e:24:24:81:d2:44:9f:f3:17:1b:6d:ed:2b:b4:e1:6b:27:
bc:76:01:31:dc:bf:7f:15:83:fa:75:bc:97:f1:43:a5:28:fd:
73:48:13:23:da:ff:b9:bd:45:f0:95:f9:8c:50:6a:87:14:51:
b5:49:df:6e:e8:22:a8:1a:f2:a5:a2:26:f6:91:12:9a:6d:81:
ac:43:71:2f:1c:3a:23:3d:cf:57:18:d0:ce:29:f7:18:94:38:
cb:5f:a3:70
-----BEGIN CERTIFICATE-----
MIIE7jCCA9agAwIBAgIDChGWMA0GCSqGSIb3DQEBCwUAMDMxMTAvBgNVBAMTKDU2
ZDBlM2IyOGYyYmUzM2VjNWE5ZDJjYTAwYWM2NDE1NTUzNmNiYzYwHhcNMjIwNDI0
MDkxOTUzWhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQDEyg1Y2FmNGZjZjRkOGQ5
NDMwZjcwNWMxOTY5NjlkYWNkMmJjZjVhZDRmMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAtFJzzDqERz8+UyvXPuYgwBYPHSNksZt7eLNfCXvMT+IbSq2U
qxBL065tqN/5cjKcuiwdZzBx12w22lA09ZV+8Xcg+GoRbh4MI+UAYQI5zRCa4Bsf
ObsF2omVcoF5dRQVaLB8SaUtnMh2RpYcEobaXWgSPkOe19CLOBUFtlNYIkplctoQ
D5NKiFtnsc5xork7gM7ItMnx5/A8SlNggPhBHeB/R4Sc9Z4Nz6a4nL6v6n7Q9+nY
7m4m/ROx7cTlK5oqgCG6aFHwu8yqvp7yn98SaZ798hSSOcc5yjMaslutM59Gxvbi
RiE6BRFbolqZPhPo45OpEZ4KOs2TemkRpL81ywIDAQABo4ICCTCCAgUwHQYDVR0O
BBYEFFyvT89NjZQw9wXBlpadrNK89a1PMB8GA1UdIwQYMBaAFFbQ47KPK+M+xanS
ygCsZBVVNsvGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYB
BQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQv
VnREanNvOHI0ejdGcWRMS0FLeGtGVlUyeThZLmNlcjCBjQYIKwYBBQUHAQsEgYAw
fjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkv
REVGQVVMVC9iZS9mZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkwLzEv
WEs5UHowMk5sREQzQmNHV2xwMnMwcnoxclU4LnJvYTCBgQYDVR0fBHoweDB2oHSg
coZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9m
ZmJmNmEtNzJmMC00MDFmLWIyYzMtOGI4ZDcyMTcyMDkwLzEvVnREanNvOHI0ejdG
cWRMS0FLeGtGVlUyeThZLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwqWDMA0GCSqGSIb3DQEBCwUAA4IB
AQBdPmSI+k57xEPTn3ZDLBtgZR8h1yIy2CBULhOHSf5HvqirmsGkJzQAgNvzH5ab
SPiBPl/50OBu21f4epCnkvhh20xditSw7Ol2HLKlY+EQkOSwBAGxrEP4nFvI3+wV
zNrlUItznBak4LFUM4Ep6qwzNeWgP58a/lm5DVHT78OXAUqHK+mT4CI87nFpnfu0
mTpkXkUDw9CGAWch2uxYjjpFOgRKPiQkgdJEn/MXG23tK7Thaye8dgEx3L9/FYP6
dbyX8UOlKP1zSBMj2v+5vUXwlfmMUGqHFFG1Sd9u6CKoGvKloib2kRKabYGsQ3Ev
HDojPc9XGNDOKfcYlDjLX6Nw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:50 2025 by rpki-client