Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/BeNaFOOoRs8gdK_usU0nuulXXPc.roa
File: BeNaFOOoRs8gdK_usU0nuulXXPc.roa (raw, json)
Hash identifier: yqq5bf3CgVOnQAZgIHRxR3wduIB3VSBBICngd7ZtcBs=
Subject key identifier: 05:E3:5A:14:E3:A8:46:CF:20:74:AF:EE:B1:4D:27:BA:E9:57:5C:F7
Certificate issuer: /CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Certificate serial: 158E7948
Authority key identifier: 59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/BeNaFOOoRs8gdK_usU0nuulXXPc.roa
Signing time: Sat 01 Jan 2022 06:54:45 +0000
ROA not before: Sat 01 Jan 2022 06:54:45 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 199608
IP address blocks: 31.210.156.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 361658696 (0x158e7948)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Validity
Not Before: Jan 1 06:54:45 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=05e35a14e3a846cf2074afeeb14d27bae9575cf7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:92:53:9c:31:fc:c8:cc:e2:94:b1:ad:02:d9:
76:c8:50:b6:f5:13:76:9e:1e:dc:eb:84:21:f8:1e:
c0:dd:94:13:37:fd:e5:8d:11:4c:83:68:3c:62:65:
b9:f7:a2:6a:0a:42:6d:be:07:66:ef:82:2d:8b:0a:
18:5c:68:83:c1:78:71:69:49:c7:66:ce:45:62:26:
3f:7a:e3:2d:07:3e:0a:87:d8:32:93:6f:a7:66:20:
81:4e:fb:2e:18:a3:e2:d1:c3:04:dc:d7:b9:56:fd:
27:56:72:8f:29:e8:bd:94:75:52:b1:05:b8:ee:3f:
42:b6:5c:63:88:26:0c:82:2a:6e:92:45:04:2b:e5:
8c:12:1f:a5:d4:67:aa:94:f0:4a:b3:91:fd:c5:6d:
71:06:0e:dd:69:c8:88:42:ea:e2:54:89:1c:d8:e5:
9b:24:b0:2d:97:8d:23:f5:41:ff:57:0f:80:d0:c1:
a4:b1:76:f7:82:85:f5:69:8f:76:6e:26:4f:ef:07:
24:9b:e5:dd:13:7a:80:a7:6c:ee:a0:58:eb:dd:9e:
07:2d:ac:42:f6:c7:37:4f:fd:cf:7d:74:5d:2d:69:
0e:5c:d4:01:38:86:f4:2f:93:55:da:68:dd:ff:ce:
22:79:3e:b8:5f:f7:23:08:bd:a6:83:9a:e1:ba:f5:
f5:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:E3:5A:14:E3:A8:46:CF:20:74:AF:EE:B1:4D:27:BA:E9:57:5C:F7
X509v3 Authority Key Identifier:
keyid:59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/BeNaFOOoRs8gdK_usU0nuulXXPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.156.0/24
Signature Algorithm: sha256WithRSAEncryption
52:a5:3f:f7:d1:94:49:5e:b9:39:30:33:7e:b0:60:d6:c9:bb:
65:06:0c:32:7c:0e:ba:8f:42:34:9d:c3:6b:b6:ea:27:44:67:
0a:ec:d5:14:52:19:1b:eb:d1:59:46:f1:b2:39:0b:44:cd:1f:
6f:9b:aa:3f:0f:1a:50:dc:81:3a:46:9c:53:89:ce:7c:1b:b5:
7f:94:14:18:cb:e5:e8:98:c7:b0:6d:4e:ba:33:6b:cf:96:10:
df:22:d8:a7:bd:8e:8d:e9:ee:f6:10:3b:98:bb:19:8c:2b:e0:
b5:df:53:9c:e1:cf:18:e8:21:b5:83:6d:71:e6:b3:d7:66:17:
db:0e:4f:b3:1b:75:45:31:f2:20:5a:80:8c:d0:be:f2:b0:71:
0d:75:39:ac:88:7f:2a:7a:52:42:c8:37:6a:6e:37:76:ce:56:
66:ec:a0:55:f3:c2:69:f1:b1:de:a4:7c:1d:c4:39:d9:95:88:
67:65:f4:cb:38:77:b5:69:80:82:e9:4f:db:c9:37:df:99:15:
fc:60:43:75:5b:dd:8b:5c:85:67:b4:7f:9f:ff:97:01:fc:c8:
4a:70:5e:78:32:d4:d4:b1:26:9c:fa:5f:82:e9:82:c5:a3:b1:
37:69:df:f8:ea:8e:c7:fe:19:7e:14:46:08:a6:9c:4c:93:ff:
be:4f:c9:d2
-----BEGIN CERTIFICATE-----
MIIE7zCCA9egAwIBAgIEFY55SDANBgkqhkiG9w0BAQsFADAzMTEwLwYDVQQDEyg1
OTJlN2MxZjIzOTRjM2UzYWFhOGNjYjY0N2ZkODM2NzFkNjA5OGI3MB4XDTIyMDEw
MTA2NTQ0NVoXDTIzMDcwMTAwMDAwMFowMzExMC8GA1UEAxMoMDVlMzVhMTRlM2E4
NDZjZjIwNzRhZmVlYjE0ZDI3YmFlOTU3NWNmNzCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAMSSU5wx/MjM4pSxrQLZdshQtvUTdp4e3OuEIfgewN2UEzf9
5Y0RTINoPGJlufeiagpCbb4HZu+CLYsKGFxog8F4cWlJx2bORWImP3rjLQc+CofY
MpNvp2YggU77Lhij4tHDBNzXuVb9J1ZyjynovZR1UrEFuO4/QrZcY4gmDIIqbpJF
BCvljBIfpdRnqpTwSrOR/cVtcQYO3WnIiELq4lSJHNjlmySwLZeNI/VB/1cPgNDB
pLF294KF9WmPdm4mT+8HJJvl3RN6gKds7qBY692eBy2sQvbHN0/9z310XS1pDlzU
ATiG9C+TVdpo3f/OInk+uF/3Iwi9poOa4br19T0CAwEAAaOCAgkwggIFMB0GA1Ud
DgQWBBQF41oU46hGzyB0r+6xTSe66Vdc9zAfBgNVHSMEGDAWgBRZLnwfI5TD46qo
zLZH/YNnHWCYtzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxU
L1dTNThIeU9Vdy1PcXFNeTJSXzJEWngxZ21MYy5jZXIwgY0GCCsGAQUFBwELBIGA
MH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5
L0RFRkFVTFQvNGYvOTU3MWQ2LTk3NGYtNDMyNy1iOWUwLTQ0M2JlNjNmYzEyMy8x
L0JlTmFGT09vUnM4Z2RLX3VzVTBudXVsWFhQYy5yb2EwgYEGA1UdHwR6MHgwdqB0
oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYv
OTU3MWQ2LTk3NGYtNDMyNy1iOWUwLTQ0M2JlNjNmYzEyMy8xL1dTNThIeU9Vdy1P
cXFNeTJSXzJEWngxZ21MYy5jcmwwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAB/SnDANBgkqhkiG9w0BAQsFAAOC
AQEAUqU/99GUSV65OTAzfrBg1sm7ZQYMMnwOuo9CNJ3Da7bqJ0RnCuzVFFIZG+vR
WUbxsjkLRM0fb5uqPw8aUNyBOkacU4nOfBu1f5QUGMvl6JjHsG1OujNrz5YQ3yLY
p72Ojenu9hA7mLsZjCvgtd9TnOHPGOghtYNtceaz12YX2w5Psxt1RTHyIFqAjNC+
8rBxDXU5rIh/KnpSQsg3am43ds5WZuygVfPCafGx3qR8HcQ52ZWIZ2X0yzh3tWmA
gulP28k335kV/GBDdVvdi1yFZ7R/n/+XAfzISnBeeDLU1LEmnPpfgumCxaOxN2nf
+OqOx/4ZfhRGCKacTJP/vk/J0g==
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:51:32 2025 by rpki-client