Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/X56k4xS2BsnpaAnnLIYZtoFg0yo.roa
File: X56k4xS2BsnpaAnnLIYZtoFg0yo.roa (raw, json)
Hash identifier: 8U61ihi20x9X6Wc+2dHKYLxMyW06SJJXyV02lEG/O9s=
Subject key identifier: 5F:9E:A4:E3:14:B6:06:C9:E9:68:09:E7:2C:86:19:B6:81:60:D3:2A
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 01875C625E0FE96380FDAE2078B470BA492A
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/X56k4xS2BsnpaAnnLIYZtoFg0yo.roa
Signing time: Fri 07 Apr 2023 15:42:43 +0000
ROA not before: Fri 07 Apr 2023 15:42:43 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 210644
IP address blocks: 85.192.56.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:5c:62:5e:0f:e9:63:80:fd:ae:20:78:b4:70:ba:49:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Apr 7 15:42:43 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=5f9ea4e314b606c9e96809e72c8619b68160d32a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e7:a9:42:e4:b0:b5:88:6f:e0:db:45:95:b5:
b0:8b:23:ce:eb:8b:88:12:c5:4d:3e:d1:73:2f:a0:
5d:57:33:99:15:c5:88:14:1c:a4:9d:08:0f:fb:b4:
4c:bf:01:e2:65:72:b6:60:68:a0:23:25:fa:77:b2:
17:56:af:a3:ce:2a:eb:f0:d3:ee:d6:93:e1:4d:cf:
b2:9b:ea:3d:33:49:17:39:8a:fb:df:c0:74:bc:59:
c5:ef:44:de:41:eb:9d:2a:c9:76:cd:40:28:a4:8d:
f6:1e:30:23:b1:29:60:b7:8c:a2:d8:d7:0a:c5:02:
d7:29:2f:df:8c:62:4d:55:e2:a0:eb:d0:44:fa:f6:
1e:1c:b8:e9:9d:da:c3:a8:d3:25:a2:17:ee:7a:85:
ce:ba:25:aa:49:78:f0:fb:46:a2:00:0d:ac:07:31:
8c:24:e9:0d:54:a6:0e:69:e6:47:1b:70:62:f4:66:
25:3e:d2:48:ba:8a:5d:bf:33:a0:4a:3d:8c:f1:da:
40:ba:17:38:5b:50:6c:bf:41:e4:2e:d8:83:31:14:
e3:29:4e:2a:ec:d3:85:e8:84:9b:a4:6a:8e:ed:e0:
d5:bf:cf:fb:54:86:78:67:ff:e8:45:d0:15:78:5c:
02:8c:7a:d2:53:c4:26:61:cc:38:4e:3f:c9:b4:7d:
ec:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:9E:A4:E3:14:B6:06:C9:E9:68:09:E7:2C:86:19:B6:81:60:D3:2A
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/X56k4xS2BsnpaAnnLIYZtoFg0yo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.192.56.0/24
Signature Algorithm: sha256WithRSAEncryption
04:29:65:00:b1:31:76:f2:32:a5:d1:8e:df:96:9d:e3:02:2e:
0f:63:1d:17:52:d4:0e:83:95:b0:24:4c:be:1a:a9:aa:01:17:
41:b4:04:b7:ba:16:c0:6a:90:9b:4f:54:4b:ee:4a:df:6d:e8:
ef:ca:1c:b1:d9:64:02:d6:91:de:d5:cd:1f:40:93:2f:9e:ad:
3c:98:22:5c:b1:40:70:f4:f2:be:57:5e:d1:e9:f4:60:92:7f:
e5:1a:5a:d7:c3:58:5f:c4:ab:f2:16:1f:aa:07:13:a1:07:8a:
c6:23:00:44:ab:9e:2e:ea:c8:95:60:8b:ca:7d:71:ae:c3:b9:
2f:1b:0a:a9:67:2a:21:1d:5a:e8:36:1f:cc:ec:ed:5f:42:fa:
e7:a7:ed:39:fb:72:70:2a:5a:8b:3d:b8:0a:c4:e3:40:f9:c0:
15:13:2b:63:02:28:da:b2:f5:13:57:b5:38:ed:80:a8:1d:f2:
e1:44:ed:f9:fe:1d:4a:1b:d0:73:3e:d5:a9:18:c5:52:9a:d1:
da:66:2c:01:5a:ea:48:b3:ae:46:0c:c0:ed:55:6f:e0:b6:1b:
a7:23:9c:19:76:ab:b4:f8:e8:5d:8e:e9:6c:e5:0e:cc:74:fb:
32:a2:4d:a4:08:11:7b:88:10:84:78:bf:5d:0b:01:86:77:bf:
65:83:2e:ef
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdcYl4P6WOA/a4geLRwukkqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjMwNDA3MTU0MjQzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjllYTRlMzE0YjYwNmM5ZTk2ODA5ZTcyYzg2MTliNjgxNjBkMzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+epQuSwtYhv4NtFlbWwiyPO64uI
EsVNPtFzL6BdVzOZFcWIFByknQgP+7RMvwHiZXK2YGigIyX6d7IXVq+jzirr8NPu
1pPhTc+ym+o9M0kXOYr738B0vFnF70TeQeudKsl2zUAopI32HjAjsSlgt4yi2NcK
xQLXKS/fjGJNVeKg69BE+vYeHLjpndrDqNMlohfueoXOuiWqSXjw+0aiAA2sBzGM
JOkNVKYOaeZHG3Bi9GYlPtJIuopdvzOgSj2M8dpAuhc4W1Bsv0HkLtiDMRTjKU4q
7NOF6ISbpGqO7eDVv8/7VIZ4Z//oRdAVeFwCjHrSU8QmYcw4Tj/JtH3s9wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF+epOMUtgbJ6WgJ5yyGGbaBYNMqMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvWDU2azR4UzJCc25wYUFubkxJWVp0b0ZnMHlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcA4MA0G
CSqGSIb3DQEBCwUAA4IBAQAEKWUAsTF28jKl0Y7flp3jAi4PYx0XUtQOg5WwJEy+
GqmqARdBtAS3uhbAapCbT1RL7krfbejvyhyx2WQC1pHe1c0fQJMvnq08mCJcsUBw
9PK+V17R6fRgkn/lGlrXw1hfxKvyFh+qBxOhB4rGIwBEq54u6siVYIvKfXGuw7kv
GwqpZyohHVroNh/M7O1fQvrnp+05+3JwKlqLPbgKxONA+cAVEytjAijasvUTV7U4
7YCoHfLhRO35/h1KG9BzPtWpGMVSmtHaZiwBWupIs65GDMDtVW/gthunI5wZdqu0
+Ohdjuls5Q7MdPsyok2kCBF7iBCEeL9dCwGGd79lgy7v
-----END CERTIFICATE-----
Generated at Fri Jun 20 03:41:39 2025 by rpki-client