Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/981fb1-904d-499a-b93a-607ca025b94f/1/5aKZvHepL7IQ8dUdtBT5k1Ya30A.roa
File: 5aKZvHepL7IQ8dUdtBT5k1Ya30A.roa (raw, json)
Hash identifier: 8Dq0x3bX3rNYBfUe/hFqdJenXclL1cJLymWe1sh2bFQ=
Subject key identifier: E5:A2:99:BC:77:A9:2F:B2:10:F1:D5:1D:B4:14:F9:93:56:1A:DF:40
Certificate issuer: /CN=aa41c939ea95a21f3b742901dfe05f26a5777581
Certificate serial: 0183EB8AB4F2B1CF251E28A58F2DC939089D
Authority key identifier: AA:41:C9:39:EA:95:A2:1F:3B:74:29:01:DF:E0:5F:26:A5:77:75:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qkHJOeqVoh87dCkB3-BfJqV3dYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/981fb1-904d-499a-b93a-607ca025b94f/1/5aKZvHepL7IQ8dUdtBT5k1Ya30A.roa
Signing time: Tue 18 Oct 2022 14:41:19 +0000
ROA not before: Tue 18 Oct 2022 14:41:19 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 51270
IP address blocks: 194.149.94.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:eb:8a:b4:f2:b1:cf:25:1e:28:a5:8f:2d:c9:39:08:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa41c939ea95a21f3b742901dfe05f26a5777581
Validity
Not Before: Oct 18 14:41:19 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e5a299bc77a92fb210f1d51db414f993561adf40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fa:24:99:50:af:1d:be:51:bc:46:a6:57:42:
5e:f3:36:f9:08:93:5e:27:c8:1d:b5:da:a5:a0:5a:
dd:17:73:a5:bb:b4:95:41:07:6a:7d:d1:91:5d:50:
99:d5:6e:f1:7f:70:67:9e:3d:b2:34:dd:d0:2a:18:
40:69:67:df:9d:5b:2c:0c:b0:82:0c:7e:49:d2:91:
74:f9:6d:dc:08:bf:46:6c:f6:e6:d3:95:75:42:14:
c3:34:fa:15:d3:97:8c:ab:dc:33:2d:7a:06:f6:95:
63:35:fd:87:4a:cb:54:26:c4:11:41:16:bd:a9:c5:
78:a8:ab:e5:ab:d9:2a:76:b8:6a:a3:93:6e:43:31:
21:4c:27:7a:94:84:ae:36:bc:28:a0:e4:66:1f:51:
9c:9f:98:1c:cc:48:94:30:6a:5a:9f:60:86:b6:4d:
b0:14:79:84:31:ba:1e:61:b6:64:4b:2b:9e:04:cd:
87:ce:a8:b4:e9:da:95:d6:da:be:31:8a:64:47:0d:
59:3a:5d:12:45:8a:47:ea:3d:b8:b8:ee:48:df:e2:
23:16:5f:cc:79:f9:40:91:ac:24:40:5e:24:21:70:
b1:75:8a:b6:aa:55:6f:4c:cc:57:d6:76:35:19:4f:
24:d3:0d:e6:71:b6:dd:74:4a:e2:90:df:af:a9:21:
82:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A2:99:BC:77:A9:2F:B2:10:F1:D5:1D:B4:14:F9:93:56:1A:DF:40
X509v3 Authority Key Identifier:
keyid:AA:41:C9:39:EA:95:A2:1F:3B:74:29:01:DF:E0:5F:26:A5:77:75:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qkHJOeqVoh87dCkB3-BfJqV3dYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/981fb1-904d-499a-b93a-607ca025b94f/1/5aKZvHepL7IQ8dUdtBT5k1Ya30A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/981fb1-904d-499a-b93a-607ca025b94f/1/qkHJOeqVoh87dCkB3-BfJqV3dYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.149.94.0/24
Signature Algorithm: sha256WithRSAEncryption
05:e1:ca:11:5d:48:9f:c1:0d:a3:01:3c:c5:59:a0:2a:8d:9b:
23:b7:f9:36:c4:c2:bf:79:68:80:a4:bb:1e:9d:e3:1e:e5:8f:
ea:30:46:3e:c5:eb:5d:07:01:ff:2e:32:3d:05:9a:77:c7:d7:
7f:cd:3e:22:f8:89:00:9c:7b:c6:03:79:82:7d:b6:dd:4f:8b:
d2:e5:cd:d0:ab:9a:1d:74:13:3f:21:a8:cd:5c:00:ec:3c:fa:
78:eb:83:3b:01:3a:a0:ce:e1:25:73:52:f5:aa:53:3b:ba:a6:
00:e7:82:b0:48:02:36:c8:e1:33:5c:e9:a8:16:a6:49:c8:fb:
f0:2d:f2:99:cb:de:17:5c:ce:cb:db:55:cd:54:11:b2:d5:ca:
9e:88:08:c1:9e:61:f6:24:96:bd:6f:cf:63:4b:27:d6:e4:97:
7c:7c:30:93:82:55:f6:c1:b1:15:bb:9b:30:5e:4e:83:ea:30:
22:da:b5:11:7f:f3:84:d2:44:39:e3:e0:ae:6d:26:c1:fe:e4:
0d:52:6b:9a:27:6a:cd:4e:6d:dc:05:d9:9f:71:9e:da:1a:c4:
8d:86:d3:27:fa:ca:01:2b:89:3d:cf:04:56:fc:7e:04:96:5c:
8c:d7:30:d4:2c:1a:57:d1:05:3b:b9:5d:9e:25:12:b7:90:74:
9f:54:1e:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYPrirTysc8lHiiljy3JOQidMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNDFjOTM5ZWE5NWEyMWYzYjc0MjkwMWRmZTA1ZjI2YTU3
Nzc1ODEwHhcNMjIxMDE4MTQ0MTE5WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWEyOTliYzc3YTkyZmIyMTBmMWQ1MWRiNDE0Zjk5MzU2MWFkZjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhPokmVCvHb5RvEamV0Je8zb5CJNe
J8gdtdqloFrdF3Olu7SVQQdqfdGRXVCZ1W7xf3Bnnj2yNN3QKhhAaWffnVssDLCC
DH5J0pF0+W3cCL9GbPbm05V1QhTDNPoV05eMq9wzLXoG9pVjNf2HSstUJsQRQRa9
qcV4qKvlq9kqdrhqo5NuQzEhTCd6lISuNrwooORmH1Gcn5gczEiUMGpan2CGtk2w
FHmEMboeYbZkSyueBM2Hzqi06dqV1tq+MYpkRw1ZOl0SRYpH6j24uO5I3+IjFl/M
eflAkawkQF4kIXCxdYq2qlVvTMxX1nY1GU8k0w3mcbbddErikN+vqSGCtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOWimbx3qS+yEPHVHbQU+ZNWGt9AMB8GA1UdIwQY
MBaAFKpByTnqlaIfO3QpAd/gXyald3WBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWtISk9lcVZvaDg3ZENrQjMtQmZKcVYzZFlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy85ODFmYjEtOTA0ZC00OTlhLWI5M2Et
NjA3Y2EwMjViOTRmLzEvNWFLWnZIZXBMN0lROGRVZHRCVDVrMVlhMzBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy85ODFmYjEtOTA0ZC00OTlhLWI5M2EtNjA3Y2EwMjViOTRm
LzEvcWtISk9lcVZvaDg3ZENrQjMtQmZKcVYzZFlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpVeMA0G
CSqGSIb3DQEBCwUAA4IBAQAF4coRXUifwQ2jATzFWaAqjZsjt/k2xMK/eWiApLse
neMe5Y/qMEY+xetdBwH/LjI9BZp3x9d/zT4i+IkAnHvGA3mCfbbdT4vS5c3Qq5od
dBM/IajNXADsPPp464M7ATqgzuElc1L1qlM7uqYA54KwSAI2yOEzXOmoFqZJyPvw
LfKZy94XXM7L21XNVBGy1cqeiAjBnmH2JJa9b89jSyfW5Jd8fDCTglX2wbEVu5sw
Xk6D6jAi2rURf/OE0kQ54+CubSbB/uQNUmuaJ2rNTm3cBdmfcZ7aGsSNhtMn+soB
K4k9zwRW/H4EllyM1zDULBpX0QU7uV2eJRK3kHSfVB4B
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:23 2025 by rpki-client