Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/9wLbAzlAL7Ov1od4Ujv-4b4vHew.roa
File: 9wLbAzlAL7Ov1od4Ujv-4b4vHew.roa (raw, json)
Hash identifier: q003cXU4Q/EUWjRqePu5U8YwVilM3HifbDq9KWR/o+g=
Subject key identifier: F7:02:DB:03:39:40:2F:B3:AF:D6:87:78:52:3B:FE:E1:BE:2F:1D:EC
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0189AB461F5A2FA812112F502679A12B71BA
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/9wLbAzlAL7Ov1od4Ujv-4b4vHew.roa
Signing time: Mon 31 Jul 2023 09:27:26 +0000
ROA not before: Mon 31 Jul 2023 09:27:26 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 1239
IP address blocks: 195.180.224.0/22 maxlen: 22
195.180.232.0/22 maxlen: 22
195.180.228.0/22 maxlen: 22
194.163.192.0/20 maxlen: 22
194.163.96.0/20 maxlen: 24
195.180.196.0/22 maxlen: 22
62.138.64.0/22 maxlen: 22
195.180.200.0/22 maxlen: 22
194.64.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:89:ab:46:1f:5a:2f:a8:12:11:2f:50:26:79:a1:2b:71:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jul 31 09:27:26 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=f702db0339402fb3afd68778523bfee1be2f1dec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:09:52:93:a1:b5:c8:ac:85:b6:69:7a:4e:d5:
ea:e9:43:a3:91:0d:36:29:3e:7d:b6:9d:39:b1:ef:
3a:96:35:79:57:ce:02:42:97:36:79:34:d4:89:14:
eb:09:17:bb:11:a5:a8:5f:91:0c:22:d8:9d:d5:1b:
4e:68:d3:2f:ce:7e:02:dd:26:57:df:f5:82:d1:75:
1f:a1:b5:68:74:b5:35:62:f6:b4:e0:7c:79:24:29:
8f:d1:72:06:9d:22:d2:9f:b5:f3:8f:9c:c2:8d:c0:
ed:dc:af:b2:3d:b0:59:8d:7c:30:ab:c5:f4:a9:ea:
30:d3:90:94:40:de:b0:ee:e5:1b:1e:e4:10:8e:52:
1b:8a:7e:fb:66:cc:07:3a:c0:2c:74:3a:b7:3e:a0:
9f:28:17:06:47:b7:31:b4:af:87:d4:5e:b6:22:61:
60:bb:08:e0:b7:f9:21:49:3d:14:e5:02:71:2d:4a:
5a:ef:d7:07:c2:70:2a:19:fb:d9:79:84:dc:ea:f9:
b6:de:99:3a:93:ad:fe:99:44:b2:4d:36:3c:bf:cf:
3c:55:a9:c3:b2:25:b0:65:c9:3e:33:bd:17:15:3b:
20:88:24:04:82:dd:55:43:8b:69:93:88:d2:a7:3c:
d1:2f:11:bb:ca:03:9d:24:34:ee:d5:12:1e:49:57:
7e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:02:DB:03:39:40:2F:B3:AF:D6:87:78:52:3B:FE:E1:BE:2F:1D:EC
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/9wLbAzlAL7Ov1od4Ujv-4b4vHew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.138.64.0/22
194.64.152.0/22
194.163.96.0/20
194.163.192.0/20
195.180.196.0-195.180.203.255
195.180.224.0-195.180.235.255
Signature Algorithm: sha256WithRSAEncryption
05:2f:52:b8:a1:73:2b:fe:4e:88:7f:11:1b:b4:a4:92:34:09:
81:8c:c5:bc:5a:0b:5b:7e:81:f2:f9:ac:36:a7:90:3c:01:29:
41:e2:18:04:7f:89:54:0c:4f:92:50:2b:2c:06:42:c6:34:7d:
5b:2c:9b:0e:e2:48:e7:97:6f:d1:76:41:46:4e:cf:ab:de:0e:
59:b7:d9:e1:b0:49:7d:83:98:ab:6e:9b:10:a1:80:02:5d:1b:
32:a8:97:a7:c1:d5:45:d1:c4:61:d5:eb:e8:cb:a3:0f:8d:5a:
34:e5:eb:98:b8:7a:57:c1:10:67:0d:17:cc:f0:75:b6:8f:ee:
fd:21:f7:59:10:38:3a:14:bb:ae:58:61:b1:f3:9f:64:03:98:
48:ff:9b:39:23:2f:38:29:3b:0c:4a:d7:94:a4:36:83:65:63:
ee:03:88:0a:c6:6d:1e:43:ae:a4:6c:d8:9b:8b:78:16:cf:c9:
f9:b0:90:f8:5a:23:2e:1d:23:73:a8:9f:df:e7:cb:e0:b3:60:
48:42:8c:6d:7b:bf:2e:5f:82:7a:da:56:f8:a4:7f:62:bc:c0:
55:1c:f9:95:79:06:27:36:84:97:34:20:d3:05:50:51:92:0d:
37:f6:7d:6e:d8:f8:8d:e8:72:ce:09:6c:5b:7d:b8:a7:60:84:
a3:ed:5b:f0
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYmrRh9aL6gSES9QJnmhK3G6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwNzMxMDkyNzI2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNzAyZGIwMzM5NDAyZmIzYWZkNjg3Nzg1MjNiZmVlMWJlMmYxZGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyAlSk6G1yKyFtml6TtXq6UOjkQ02
KT59tp05se86ljV5V84CQpc2eTTUiRTrCRe7EaWoX5EMItid1RtOaNMvzn4C3SZX
3/WC0XUfobVodLU1Yva04Hx5JCmP0XIGnSLSn7Xzj5zCjcDt3K+yPbBZjXwwq8X0
qeow05CUQN6w7uUbHuQQjlIbin77ZswHOsAsdDq3PqCfKBcGR7cxtK+H1F62ImFg
uwjgt/khST0U5QJxLUpa79cHwnAqGfvZeYTc6vm23pk6k63+mUSyTTY8v888VanD
siWwZck+M70XFTsgiCQEgt1VQ4tpk4jSpzzRLxG7ygOdJDTu1RIeSVd+KwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFPcC2wM5QC+zr9aHeFI7/uG+Lx3sMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvOXdMYkF6bEFMN092MW9kNFVqdi00YjR2SGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQCPopAAwQC
wkCYAwQEwqNgAwQEwqPAMAwDBALDtMQDBALDtMgwDAMEBcO04AMEAsO06DANBgkq
hkiG9w0BAQsFAAOCAQEABS9SuKFzK/5OiH8RG7SkkjQJgYzFvFoLW36B8vmsNqeQ
PAEpQeIYBH+JVAxPklArLAZCxjR9WyybDuJI55dv0XZBRk7Pq94OWbfZ4bBJfYOY
q26bEKGAAl0bMqiXp8HVRdHEYdXr6MujD41aNOXrmLh6V8EQZw0XzPB1to/u/SH3
WRA4OhS7rlhhsfOfZAOYSP+bOSMvOCk7DErXlKQ2g2Vj7gOICsZtHkOupGzYm4t4
Fs/J+bCQ+FojLh0jc6if3+fL4LNgSEKMbXu/Ll+CetpW+KR/YrzAVRz5lXkGJzaE
lzQg0wVQUZINN/Z9btj4jehyzglsW324p2CEo+1b8A==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:41 2025 by rpki-client