Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/s5cAFHce9p5sIdAGTHS5Sw08McY.roa
File: s5cAFHce9p5sIdAGTHS5Sw08McY.roa (raw, json)
Hash identifier: rOa2AyCSxVlVZa+YjMgzwtCHbLXOhvp5Bx0A3hRSGh8=
Subject key identifier: B3:97:00:14:77:1E:F6:9E:6C:21:D0:06:4C:74:B9:4B:0D:3C:31:C6
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 0189FE2686E7D5DE8BE4C8E98A18C56E295D
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/s5cAFHce9p5sIdAGTHS5Sw08McY.roa
Signing time: Wed 16 Aug 2023 11:41:24 +0000
ROA not before: Wed 16 Aug 2023 11:41:24 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 60790
IP address blocks: 194.110.172.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:fe:26:86:e7:d5:de:8b:e4:c8:e9:8a:18:c5:6e:29:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Aug 16 11:41:24 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=b3970014771ef69e6c21d0064c74b94b0d3c31c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:35:2c:d5:9c:a6:4e:35:34:a1:27:5a:42:14:
85:c7:dc:d9:ee:c1:95:ea:dd:02:96:0f:e5:64:0d:
8c:6d:d2:08:c2:da:53:11:e6:e8:c8:8b:c3:9b:d7:
2e:04:c2:b5:cf:64:a4:22:84:59:d2:10:87:5b:aa:
4a:4a:8d:71:27:fb:ef:e5:40:da:3d:a8:b2:9c:9c:
4e:b0:88:38:89:0e:50:de:90:2b:f1:d9:40:6a:9f:
b1:ed:c8:57:6c:b0:02:33:0c:3e:9c:fa:22:49:45:
06:2b:e4:2c:ae:95:2e:4b:68:63:14:f6:4a:93:0b:
d5:d4:6b:5c:59:e5:db:e5:da:c5:46:c3:cf:ed:17:
d9:bd:2b:37:8e:98:bc:b4:82:dd:ae:7b:4c:34:0f:
13:eb:3e:38:3e:94:9f:03:70:85:2a:5f:9a:8b:56:
de:79:06:fc:3a:76:c6:54:fa:e6:42:ca:d2:e1:2f:
b7:c2:a5:14:9a:fd:ee:96:4f:8e:e5:9a:41:71:1a:
b4:c9:1c:40:80:63:a9:25:66:48:f1:54:63:71:21:
80:78:fd:0c:67:bb:b9:f2:45:9b:ae:88:8f:3c:20:
8e:cc:de:30:1c:dc:4e:08:68:60:d4:93:da:4d:35:
fc:e3:f9:de:94:a1:71:ab:73:58:08:2c:e5:a6:7b:
7a:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:97:00:14:77:1E:F6:9E:6C:21:D0:06:4C:74:B9:4B:0D:3C:31:C6
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/s5cAFHce9p5sIdAGTHS5Sw08McY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.172.0/24
Signature Algorithm: sha256WithRSAEncryption
37:b5:f2:ad:97:ba:6e:cc:76:fb:5c:ab:e5:f8:8e:a4:89:ee:
a5:61:a9:dd:a1:bd:38:c5:ec:84:c3:b1:cc:b3:d6:62:0a:68:
2b:2b:31:77:58:e5:f4:17:79:30:aa:82:3a:a4:9e:29:74:ad:
3a:5f:25:e0:57:a1:de:2a:3d:9a:8d:da:a6:4b:e2:81:b9:ba:
a4:b4:61:63:b0:80:9e:31:7b:34:40:13:20:58:14:6c:15:2f:
51:51:06:51:4f:a9:47:d0:02:1e:b3:23:cb:05:b1:aa:0e:d5:
59:c3:7e:71:9c:88:19:9f:ac:26:aa:43:7b:b3:03:c1:eb:38:
5d:2d:ed:ae:be:69:41:bb:4c:ce:55:63:06:e2:a1:bd:ac:87:
e4:cc:df:85:6a:ad:48:f7:88:f9:44:cd:ec:e1:ae:73:0d:4f:
a1:1c:18:ba:07:41:79:24:df:35:db:c8:ef:13:a4:33:65:76:
2d:3d:1f:af:f9:0e:6e:d9:27:4b:ee:ad:e7:61:56:52:47:55:
70:31:7d:7c:81:b1:fc:be:f8:5a:b7:4a:8d:c1:2c:24:59:96:
5b:0b:c6:68:e1:9b:87:fa:96:79:49:10:96:e3:e5:cc:f6:59:
27:b2:7d:6c:ef:80:14:c0:e1:6c:e7:9c:9a:b9:ca:92:be:12:
8b:d6:78:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYn+Jobn1d6L5MjpihjFbildMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjMwODE2MTE0MTI0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzk3MDAxNDc3MWVmNjllNmMyMWQwMDY0Yzc0Yjk0YjBkM2MzMWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozUs1ZymTjU0oSdaQhSFx9zZ7sGV
6t0Clg/lZA2MbdIIwtpTEeboyIvDm9cuBMK1z2SkIoRZ0hCHW6pKSo1xJ/vv5UDa
PaiynJxOsIg4iQ5Q3pAr8dlAap+x7chXbLACMww+nPoiSUUGK+QsrpUuS2hjFPZK
kwvV1GtcWeXb5drFRsPP7RfZvSs3jpi8tILdrntMNA8T6z44PpSfA3CFKl+ai1be
eQb8OnbGVPrmQsrS4S+3wqUUmv3ulk+O5ZpBcRq0yRxAgGOpJWZI8VRjcSGAeP0M
Z7u58kWbroiPPCCOzN4wHNxOCGhg1JPaTTX84/nelKFxq3NYCCzlpnt6/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOXABR3HvaebCHQBkx0uUsNPDHGMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvczVjQUZIY2U5cDVzSWRBR1RIUzVTdzA4TWNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwm6sMA0G
CSqGSIb3DQEBCwUAA4IBAQA3tfKtl7puzHb7XKvl+I6kie6lYandob04xeyEw7HM
s9ZiCmgrKzF3WOX0F3kwqoI6pJ4pdK06XyXgV6HeKj2ajdqmS+KBubqktGFjsICe
MXs0QBMgWBRsFS9RUQZRT6lH0AIesyPLBbGqDtVZw35xnIgZn6wmqkN7swPB6zhd
Le2uvmlBu0zOVWMG4qG9rIfkzN+Faq1I94j5RM3s4a5zDU+hHBi6B0F5JN8128jv
E6QzZXYtPR+v+Q5u2SdL7q3nYVZSR1VwMX18gbH8vvhat0qNwSwkWZZbC8Zo4ZuH
+pZ5SRCW4+XM9lknsn1s74AUwOFs55yaucqSvhKL1nhF
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:45:25 2025 by rpki-client