Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/e709de-6b2d-4be4-8503-a1e4877cee48/1/1ragYMT66PULeAwGPXn3HBT_uCE.roa
File: 1ragYMT66PULeAwGPXn3HBT_uCE.roa (raw, json)
Hash identifier: cGjiR87fmczTVChJcS3xeqbGGb9WILYlAsGLqPvVK0M=
Subject key identifier: D6:B6:A0:60:C4:FA:E8:F5:0B:78:0C:06:3D:79:F7:1C:14:FF:B8:21
Certificate issuer: /CN=e7e5c4c99d6131049982af9ad9b86602b2929bb8
Certificate serial: 01856BC0FA702A7045A8110CEDC6FBE4DC2D
Authority key identifier: E7:E5:C4:C9:9D:61:31:04:99:82:AF:9A:D9:B8:66:02:B2:92:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5-XEyZ1hMQSZgq-a2bhmArKSm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/e709de-6b2d-4be4-8503-a1e4877cee48/1/1ragYMT66PULeAwGPXn3HBT_uCE.roa
Signing time: Sun 01 Jan 2023 05:14:47 +0000
ROA not before: Sun 01 Jan 2023 05:14:47 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 50463
IP address blocks: 194.56.215.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6b:c0:fa:70:2a:70:45:a8:11:0c:ed:c6:fb:e4:dc:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7e5c4c99d6131049982af9ad9b86602b2929bb8
Validity
Not Before: Jan 1 05:14:47 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=d6b6a060c4fae8f50b780c063d79f71c14ffb821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:29:5c:ec:a1:98:80:c0:5c:d4:db:2d:32:51:
f7:cc:3c:e3:be:ef:2e:33:93:ed:ed:05:3b:2f:dd:
c9:b2:fe:16:35:91:8d:b8:7d:cb:b2:6f:2b:6d:24:
cc:40:46:67:58:f1:2c:5c:18:76:ce:03:2c:30:33:
6d:a5:ea:fb:92:7f:32:ab:76:f5:44:e7:5c:31:aa:
22:9d:e3:63:7d:1d:da:c8:3b:82:d9:25:f1:71:04:
c3:34:d7:ef:3d:f8:8e:af:92:c6:99:b5:a6:30:b3:
20:e5:6d:09:df:36:c2:48:cd:91:6c:0a:2d:ab:25:
6c:88:b3:9d:12:b8:f4:bb:d9:ac:1e:9b:cd:24:91:
1c:20:ac:90:2f:1c:79:e9:a6:33:27:fb:b8:2f:24:
f6:af:6d:42:73:b8:53:14:7b:92:8d:52:31:36:bc:
e1:2e:bb:82:47:74:59:87:dd:0f:1c:4c:80:3f:e6:
7a:6a:88:6e:0a:4b:15:f2:62:1a:79:d6:2c:0a:f2:
de:8b:2f:9f:69:f1:09:b9:8b:24:da:91:a3:ed:ae:
33:b0:99:d4:9e:09:0d:5a:2c:c7:bd:c0:5f:49:25:
7f:a9:3c:44:2f:17:41:60:87:6b:4d:98:1a:68:3b:
4f:53:b5:bf:bc:d6:a7:72:d7:aa:78:ce:70:7a:93:
c0:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:B6:A0:60:C4:FA:E8:F5:0B:78:0C:06:3D:79:F7:1C:14:FF:B8:21
X509v3 Authority Key Identifier:
keyid:E7:E5:C4:C9:9D:61:31:04:99:82:AF:9A:D9:B8:66:02:B2:92:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5-XEyZ1hMQSZgq-a2bhmArKSm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e709de-6b2d-4be4-8503-a1e4877cee48/1/1ragYMT66PULeAwGPXn3HBT_uCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/e709de-6b2d-4be4-8503-a1e4877cee48/1/5-XEyZ1hMQSZgq-a2bhmArKSm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.215.0/24
Signature Algorithm: sha256WithRSAEncryption
27:05:3d:f0:ef:f5:80:18:c6:a6:ea:0d:2e:96:35:44:8f:4a:
c2:18:3d:c0:31:2f:e4:48:59:0c:45:f8:95:b6:95:fe:4f:ef:
c5:64:7b:24:e1:b9:94:1e:81:64:5d:be:48:be:9b:21:75:49:
3d:6b:6b:b2:94:0b:eb:28:bd:5a:23:94:80:dc:c2:22:32:4c:
dd:47:de:c2:5e:ef:2c:45:4f:c6:8a:fa:05:6c:6c:c0:60:22:
b8:71:cf:f2:38:e7:d6:f9:98:96:e0:e5:63:af:42:5e:74:6d:
10:5d:6c:d4:1c:71:da:ed:64:32:7c:a9:9c:c5:61:14:01:11:
b8:59:bd:a9:66:c9:26:27:5d:54:7a:6c:94:de:1d:7c:a9:12:
6f:24:f3:62:76:3b:e4:73:dd:99:da:5a:74:99:09:82:f3:58:
24:86:97:6a:73:7b:00:46:4a:32:5d:47:85:52:48:a1:bb:60:
55:22:74:47:aa:3d:fa:46:44:bb:ed:78:13:0d:e8:23:dc:59:
64:45:21:fe:fe:05:d5:f3:18:1e:fe:82:37:b2:fe:56:b0:4b:
4e:65:39:40:95:31:8e:4e:74:80:5d:d2:82:80:3f:18:6c:72:
ac:3c:5e:e2:82:b5:10:3c:41:7b:e7:9a:c1:63:f7:85:de:f2:
78:6d:c5:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVrwPpwKnBFqBEM7cb75NwtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3ZTVjNGM5OWQ2MTMxMDQ5OTgyYWY5YWQ5Yjg2NjAyYjI5
MjliYjgwHhcNMjMwMTAxMDUxNDQ3WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmI2YTA2MGM0ZmFlOGY1MGI3ODBjMDYzZDc5ZjcxYzE0ZmZiODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiClc7KGYgMBc1NstMlH3zDzjvu8u
M5Pt7QU7L93Jsv4WNZGNuH3Lsm8rbSTMQEZnWPEsXBh2zgMsMDNtper7kn8yq3b1
ROdcMaoineNjfR3ayDuC2SXxcQTDNNfvPfiOr5LGmbWmMLMg5W0J3zbCSM2RbAot
qyVsiLOdErj0u9msHpvNJJEcIKyQLxx56aYzJ/u4LyT2r21Cc7hTFHuSjVIxNrzh
LruCR3RZh90PHEyAP+Z6aohuCksV8mIaedYsCvLeiy+fafEJuYsk2pGj7a4zsJnU
ngkNWizHvcBfSSV/qTxELxdBYIdrTZgaaDtPU7W/vNancteqeM5wepPAqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNa2oGDE+uj1C3gMBj159xwU/7ghMB8GA1UdIwQY
MBaAFOflxMmdYTEEmYKvmtm4ZgKykpu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNS1YRXlaMWhNUVNaZ3EtYTJiaG1BcktTbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9lNzA5ZGUtNmIyZC00YmU0LTg1MDMt
YTFlNDg3N2NlZTQ4LzEvMXJhZ1lNVDY2UFVMZUF3R1BYbjNIQlRfdUNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9lNzA5ZGUtNmIyZC00YmU0LTg1MDMtYTFlNDg3N2NlZTQ4
LzEvNS1YRXlaMWhNUVNaZ3EtYTJiaG1BcktTbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjjXMA0G
CSqGSIb3DQEBCwUAA4IBAQAnBT3w7/WAGMam6g0uljVEj0rCGD3AMS/kSFkMRfiV
tpX+T+/FZHsk4bmUHoFkXb5IvpshdUk9a2uylAvrKL1aI5SA3MIiMkzdR97CXu8s
RU/GivoFbGzAYCK4cc/yOOfW+ZiW4OVjr0JedG0QXWzUHHHa7WQyfKmcxWEUARG4
Wb2pZskmJ11UemyU3h18qRJvJPNidjvkc92Z2lp0mQmC81gkhpdqc3sARkoyXUeF
Ukihu2BVInRHqj36RkS77XgTDegj3FlkRSH+/gXV8xge/oI3sv5WsEtOZTlAlTGO
TnSAXdKCgD8YbHKsPF7igrUQPEF755rBY/eF3vJ4bcW1
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:33:58 2025 by rpki-client