Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/a67432-c067-4cdb-b5ad-dba5c1834601/1/l-5KNx9RsvCGyg30196DtMTNqEs.roa
File: l-5KNx9RsvCGyg30196DtMTNqEs.roa (raw, json)
Hash identifier: +V/m6ku3d7sRegwgoLq0YvLHIxtfZwWR6OgCJI4g1OY=
Subject key identifier: 97:EE:4A:37:1F:51:B2:F0:86:CA:0D:F4:D7:DE:83:B4:C4:CD:A8:4B
Certificate issuer: /CN=b209721f4548c26cf362e944a81b1acee7b24b53
Certificate serial: 01856FD52B63384AEDFA161424EDA1E80006
Authority key identifier: B2:09:72:1F:45:48:C2:6C:F3:62:E9:44:A8:1B:1A:CE:E7:B2:4B:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sglyH0VIwmzzYulEqBsazueyS1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/a67432-c067-4cdb-b5ad-dba5c1834601/1/l-5KNx9RsvCGyg30196DtMTNqEs.roa
Signing time: Mon 02 Jan 2023 00:15:19 +0000
ROA not before: Mon 02 Jan 2023 00:15:19 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 31391
IP address blocks: 192.115.208.0/22 maxlen: 24
192.115.0.0/21 maxlen: 24
2a01:4280::/32 maxlen: 64
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:6f:d5:2b:63:38:4a:ed:fa:16:14:24:ed:a1:e8:00:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b209721f4548c26cf362e944a81b1acee7b24b53
Validity
Not Before: Jan 2 00:15:19 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=97ee4a371f51b2f086ca0df4d7de83b4c4cda84b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:db:be:1c:1f:fc:a3:98:f9:95:59:06:bd:ee:
3c:63:28:3b:70:5d:e9:ff:28:e9:1e:1c:2a:43:06:
c4:83:d2:3c:49:ba:df:d8:bc:3d:75:83:ca:ad:16:
1e:89:c4:b2:bb:eb:61:a1:0c:3b:c0:38:b4:6c:13:
97:e6:1e:aa:5d:86:f8:68:91:e3:9a:87:e0:8f:ee:
ab:43:ec:a7:2f:19:88:7b:a0:95:f1:e1:7f:63:bb:
01:58:0c:f2:b1:07:2b:65:12:80:3b:02:06:73:9c:
db:fe:da:bb:6c:6f:7e:24:da:fc:a8:f4:ec:8a:12:
41:b9:91:32:ac:a8:5c:e3:f7:ac:61:c2:74:c1:9b:
f1:c4:8a:ea:2a:ed:a8:7b:41:c6:40:c2:17:36:52:
e6:7e:2d:8c:dd:b2:0a:98:af:ca:16:ec:0f:c3:46:
dd:0c:be:91:dd:1a:b4:23:38:45:84:3a:90:c0:a9:
5c:b3:8d:cc:15:47:75:dc:26:5b:91:ff:d8:38:83:
2a:a6:26:02:7d:93:80:b1:3e:b3:97:2f:d0:b8:6b:
56:e2:bc:e8:06:36:10:74:a1:e9:64:7c:c8:06:ed:
5e:a5:eb:0f:bb:f2:e9:e7:df:55:50:36:14:6c:1f:
0d:a7:3b:2c:92:a6:84:29:97:ef:15:f7:5e:03:9b:
22:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:EE:4A:37:1F:51:B2:F0:86:CA:0D:F4:D7:DE:83:B4:C4:CD:A8:4B
X509v3 Authority Key Identifier:
keyid:B2:09:72:1F:45:48:C2:6C:F3:62:E9:44:A8:1B:1A:CE:E7:B2:4B:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sglyH0VIwmzzYulEqBsazueyS1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a67432-c067-4cdb-b5ad-dba5c1834601/1/l-5KNx9RsvCGyg30196DtMTNqEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/a67432-c067-4cdb-b5ad-dba5c1834601/1/sglyH0VIwmzzYulEqBsazueyS1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.115.0.0/21
192.115.208.0/22
IPv6:
2a01:4280::/32
Signature Algorithm: sha256WithRSAEncryption
0e:7d:f6:24:a2:65:c7:51:29:83:26:65:5a:cc:fe:e2:c2:c8:
d0:63:a2:32:00:fb:f2:b5:a1:aa:77:04:11:0c:bf:71:f5:80:
41:04:61:4a:83:1a:bc:0c:36:d6:ca:8b:5d:e6:65:52:c3:89:
eb:9a:ab:e1:c8:b6:fc:4c:c3:62:97:24:1c:d8:37:bc:00:02:
33:36:99:a5:b1:57:16:17:54:f7:fa:da:79:ed:58:04:6a:13:
af:18:bd:be:90:15:fb:1e:9e:42:5b:46:8f:6a:27:93:1b:e0:
7d:23:2c:d5:50:6b:b0:da:8b:96:c4:99:d2:39:59:5d:c3:df:
4f:db:61:14:51:80:81:87:b7:42:63:1e:fb:3b:26:23:f5:12:
27:fb:31:ab:27:1d:c0:28:34:64:22:8e:83:f2:40:85:8b:be:
04:13:ad:f9:6a:5d:0b:4e:20:8a:73:2b:9f:2e:6b:f5:bf:f5:
ac:53:e5:d8:b5:c5:dc:99:0b:e2:0c:8d:ba:e7:6b:95:b6:bc:
9b:17:c9:43:ea:c0:1f:e1:74:99:a4:10:f4:58:c4:75:de:0b:
5b:da:5c:ff:ba:4e:bb:9a:ea:d0:fe:de:59:2c:00:b4:2b:15:
b3:12:6b:bd:1e:ba:5a:95:51:74:69:70:6e:f6:ea:40:e9:39:
ab:75:5f:69
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYVv1StjOErt+hYUJO2h6AAGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMDk3MjFmNDU0OGMyNmNmMzYyZTk0NGE4MWIxYWNlZTdi
MjRiNTMwHhcNMjMwMTAyMDAxNTE5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2VlNGEzNzFmNTFiMmYwODZjYTBkZjRkN2RlODNiNGM0Y2RhODRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNu+HB/8o5j5lVkGve48Yyg7cF3p
/yjpHhwqQwbEg9I8Sbrf2Lw9dYPKrRYeicSyu+thoQw7wDi0bBOX5h6qXYb4aJHj
mofgj+6rQ+ynLxmIe6CV8eF/Y7sBWAzysQcrZRKAOwIGc5zb/tq7bG9+JNr8qPTs
ihJBuZEyrKhc4/esYcJ0wZvxxIrqKu2oe0HGQMIXNlLmfi2M3bIKmK/KFuwPw0bd
DL6R3Rq0IzhFhDqQwKlcs43MFUd13CZbkf/YOIMqpiYCfZOAsT6zly/QuGtW4rzo
BjYQdKHpZHzIBu1epesPu/Lp599VUDYUbB8NpzsskqaEKZfvFfdeA5sifQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJfuSjcfUbLwhsoN9Nfeg7TEzahLMB8GA1UdIwQY
MBaAFLIJch9FSMJs82LpRKgbGs7nsktTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2dseUgwVkl3bXp6WXVsRXFCc2F6dWV5UzFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS9hNjc0MzItYzA2Ny00Y2RiLWI1YWQt
ZGJhNWMxODM0NjAxLzEvbC01S054OVJzdkNHeWczMDE5NkR0TVROcUVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS9hNjc0MzItYzA2Ny00Y2RiLWI1YWQtZGJhNWMxODM0NjAx
LzEvc2dseUgwVkl3bXp6WXVsRXFCc2F6dWV5UzFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDwHMAAwQC
wHPQMA0EAgACMAcDBQAqAUKAMA0GCSqGSIb3DQEBCwUAA4IBAQAOffYkomXHUSmD
JmVazP7iwsjQY6IyAPvytaGqdwQRDL9x9YBBBGFKgxq8DDbWyotd5mVSw4nrmqvh
yLb8TMNilyQc2De8AAIzNpmlsVcWF1T3+tp57VgEahOvGL2+kBX7Hp5CW0aPaieT
G+B9IyzVUGuw2ouWxJnSOVldw99P22EUUYCBh7dCYx77OyYj9RIn+zGrJx3AKDRk
Io6D8kCFi74EE635al0LTiCKcyufLmv1v/WsU+XYtcXcmQviDI2652uVtrybF8lD
6sAf4XSZpBD0WMR13gtb2lz/uk67murQ/t5ZLAC0KxWzEmu9HrpalVF0aXBu9upA
6TmrdV9p
-----END CERTIFICATE-----
Generated at Tue May 13 13:24:57 2025 by rpki-client