Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/S61vxHn1LRD-0jOgL_v28NylWkw.roa
File: S61vxHn1LRD-0jOgL_v28NylWkw.roa (raw, json)
Hash identifier: J8iAkQAJzuzktR2GNKU/0lEt+NCyP2JkjcdY6b+dUkE=
Subject key identifier: 4B:AD:6F:C4:79:F5:2D:10:FE:D2:33:A0:2F:FB:F6:F0:DC:A5:5A:4C
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 0188F77A70A95B931DCD22A5D122EB1EB26E
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/S61vxHn1LRD-0jOgL_v28NylWkw.roa
Signing time: Mon 26 Jun 2023 11:32:56 +0000
ROA not before: Mon 26 Jun 2023 11:32:56 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 834
IP address blocks: 195.180.128.0/22 maxlen: 24
194.233.151.0/24 maxlen: 24
194.233.148.0/24 maxlen: 24
194.233.149.0/24 maxlen: 24
194.64.89.0/24 maxlen: 24
194.163.92.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:f7:7a:70:a9:5b:93:1d:cd:22:a5:d1:22:eb:1e:b2:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Jun 26 11:32:56 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4bad6fc479f52d10fed233a02ffbf6f0dca55a4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:a9:92:db:c7:04:b9:1d:b9:93:77:c9:af:56:
20:3f:c6:83:e9:f5:48:e8:b8:41:8d:c8:34:3d:c1:
72:e4:59:be:b1:48:7a:21:99:2d:03:69:18:94:90:
2c:4e:ee:8c:45:ca:48:ea:58:72:6a:5c:d2:f9:d7:
fc:fd:b6:7e:20:9a:84:b3:87:b8:72:1d:ea:12:1f:
0b:7a:74:56:57:ea:0c:49:07:b3:0e:da:11:24:01:
df:80:18:46:6f:fd:5c:f1:c5:f5:26:41:d5:55:bc:
9c:45:aa:c7:c2:e6:44:4f:60:22:ca:18:d8:17:1a:
53:67:72:9b:39:91:a3:e2:52:f4:85:44:f4:6e:d7:
0e:cd:0b:56:3c:c2:29:a8:dc:f2:f5:47:bb:71:b6:
61:f8:42:e3:22:53:b4:23:15:d6:ba:a8:af:09:db:
d6:cf:da:c5:75:ed:72:4a:c5:91:38:f7:69:7e:54:
c3:d6:84:cd:c7:6c:43:f7:a3:4c:44:55:bb:c6:85:
7e:45:33:d8:e4:2a:ba:b3:14:94:7d:d1:85:39:0c:
93:16:f6:6c:07:69:70:9b:5e:87:be:c8:3a:8a:76:
5d:fe:ce:13:9b:7f:8f:31:d6:a7:d5:4f:5a:b4:87:
77:69:ca:d4:aa:ee:aa:c0:81:94:68:f8:bc:55:d9:
10:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:AD:6F:C4:79:F5:2D:10:FE:D2:33:A0:2F:FB:F6:F0:DC:A5:5A:4C
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/S61vxHn1LRD-0jOgL_v28NylWkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.89.0/24
194.163.92.0/24
194.233.148.0/23
194.233.151.0/24
195.180.128.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:e8:38:dd:17:4c:ea:16:9f:d0:88:cb:28:ef:2f:2b:21:cc:
37:1b:ec:f5:5d:59:d7:4e:54:5b:99:f2:15:d0:ec:62:38:0b:
4d:62:29:3a:f2:75:55:c2:16:a8:1c:eb:0a:c1:7a:c4:bd:dd:
f7:60:8f:bd:4b:71:07:8f:5e:11:14:65:1a:44:3e:32:67:c2:
d7:08:70:d6:81:15:37:22:79:4e:83:c1:80:1c:f3:f5:45:f6:
80:e9:48:7d:05:2a:a2:71:cf:ec:00:3b:b5:2d:3d:63:7c:f6:
6c:3c:32:a1:59:3f:3e:68:44:8a:a5:0f:94:d8:07:7d:b1:dd:
d9:9c:12:e8:cd:3e:71:7d:f0:33:43:ea:6d:cc:e6:32:97:33:
ac:d8:be:f7:d4:47:10:d5:bb:5e:0b:89:a0:8e:36:a3:21:db:
61:51:5f:0a:cb:c9:3e:ed:9c:24:5a:ca:c4:31:53:74:9d:5d:
32:34:48:4b:7c:30:34:a6:27:d8:ba:15:3a:b1:47:f9:8e:e2:
22:12:dd:a6:4d:e3:0d:9e:1c:e0:b8:e1:b2:21:96:e6:f3:63:
9d:dc:91:5f:ad:87:0f:fa:36:ac:e9:0c:b3:17:c5:d8:74:8c:
a4:b0:7f:13:bf:55:b1:c4:72:53:6f:ae:0b:78:e4:42:07:e5:
7d:53:bc:3d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYj3enCpW5MdzSKl0SLrHrJuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMwNjI2MTEzMjU2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmFkNmZjNDc5ZjUyZDEwZmVkMjMzYTAyZmZiZjZmMGRjYTU1YTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgamS28cEuR25k3fJr1YgP8aD6fVI
6LhBjcg0PcFy5Fm+sUh6IZktA2kYlJAsTu6MRcpI6lhyalzS+df8/bZ+IJqEs4e4
ch3qEh8LenRWV+oMSQezDtoRJAHfgBhGb/1c8cX1JkHVVbycRarHwuZET2AiyhjY
FxpTZ3KbOZGj4lL0hUT0btcOzQtWPMIpqNzy9Ue7cbZh+ELjIlO0IxXWuqivCdvW
z9rFde1ySsWROPdpflTD1oTNx2xD96NMRFW7xoV+RTPY5Cq6sxSUfdGFOQyTFvZs
B2lwm16Hvsg6inZd/s4Tm3+PMdan1U9atId3acrUqu6qwIGUaPi8VdkQ/wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEutb8R59S0Q/tIzoC/79vDcpVpMMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvUzYxdnhIbjFMUkQtMGpPZ0xfdjI4TnlsV2t3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAwkBZAwQA
wqNcAwQBwumUAwQAwumXAwQCw7SAMA0GCSqGSIb3DQEBCwUAA4IBAQCo6DjdF0zq
Fp/QiMso7y8rIcw3G+z1XVnXTlRbmfIV0OxiOAtNYik68nVVwhaoHOsKwXrEvd33
YI+9S3EHj14RFGUaRD4yZ8LXCHDWgRU3InlOg8GAHPP1RfaA6Uh9BSqicc/sADu1
LT1jfPZsPDKhWT8+aESKpQ+U2Ad9sd3ZnBLozT5xffAzQ+ptzOYylzOs2L731EcQ
1bteC4mgjjajIdthUV8Ky8k+7ZwkWsrEMVN0nV0yNEhLfDA0pifYuhU6sUf5juIi
Et2mTeMNnhzguOGyIZbm82Od3JFfrYcP+jas6QyzF8XYdIyksH8Tv1WxxHJTb64L
eORCB+V9U7w9
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:44 2025 by rpki-client