Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/qCEpbXjJJFgvEpsypV0z5wSEc1M.roa
File: qCEpbXjJJFgvEpsypV0z5wSEc1M.roa (raw, json)
Hash identifier: awUDifHZyh8VeDcu1U1b3wGK1Yt551d1KTp7Ltp0Ips=
Subject key identifier: A8:21:29:6D:78:C9:24:58:2F:12:9B:32:A5:5D:33:E7:04:84:73:53
Certificate issuer: /CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Certificate serial: 018C5ECCC0ED72C8DBA9B7C8B79187D99128
Authority key identifier: D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/qCEpbXjJJFgvEpsypV0z5wSEc1M.roa
Signing time: Tue 12 Dec 2023 16:12:06 +0000
ROA not before: Tue 12 Dec 2023 16:12:06 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 5650
IP address blocks: 195.180.224.0/22 maxlen: 22
194.163.192.0/20 maxlen: 20
195.180.196.0/22 maxlen: 22
194.64.152.0/22 maxlen: 22
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:5e:cc:c0:ed:72:c8:db:a9:b7:c8:b7:91:87:d9:91:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d747017564c711bcbd57680a0dfd00f2a5d099db
Validity
Not Before: Dec 12 16:12:06 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a821296d78c924582f129b32a55d33e704847353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5a:fe:d6:98:10:b7:ae:86:82:b9:05:d6:ab:
72:d0:94:db:a2:f5:6c:50:f2:4a:f3:ec:97:c1:e4:
59:15:42:02:35:39:06:4e:6a:3b:10:d8:e3:22:9e:
d7:2e:20:f3:5f:9d:66:63:0c:56:bc:f9:83:be:a6:
d8:b3:cf:3e:ee:96:04:8d:af:5f:c2:f0:cb:70:3b:
d9:7e:d0:ec:82:bb:d8:e3:a5:28:dc:34:3e:2d:0a:
cf:c6:70:93:52:13:9a:89:ff:87:58:c1:6b:6c:fc:
06:8f:ff:f8:03:59:c4:94:76:b7:85:6e:47:49:49:
4e:45:fe:04:e8:cd:43:4d:9c:ce:05:9e:ff:aa:a3:
44:e4:65:30:2a:79:9b:1c:72:ef:7c:b3:10:11:bc:
c8:83:b5:e1:ca:db:20:6f:50:a0:07:a6:54:dd:38:
4b:ea:3e:8e:e7:50:0b:c3:ab:4c:95:48:77:b7:02:
dc:3f:22:1d:1e:cc:c6:ab:38:84:f5:b1:75:84:27:
73:66:f9:26:a3:a3:1b:48:8c:82:4a:5d:fc:a2:b5:
9d:bc:53:9c:33:0e:cc:5b:82:68:4b:00:17:fa:00:
7a:23:4e:f8:bf:8f:20:05:84:fd:6e:34:ee:5f:5a:
aa:08:c8:89:2a:de:7c:8d:9b:78:e7:ed:92:ed:92:
8c:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:21:29:6D:78:C9:24:58:2F:12:9B:32:A5:5D:33:E7:04:84:73:53
X509v3 Authority Key Identifier:
keyid:D7:47:01:75:64:C7:11:BC:BD:57:68:0A:0D:FD:00:F2:A5:D0:99:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/10cBdWTHEby9V2gKDf0A8qXQmds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/qCEpbXjJJFgvEpsypV0z5wSEc1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/ba2362-0cc5-49bd-a522-4f0e8ce11a7d/1/10cBdWTHEby9V2gKDf0A8qXQmds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.64.152.0/22
194.163.192.0/20
195.180.196.0/22
195.180.224.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:41:ad:23:c2:a8:9f:43:8e:f2:89:03:5e:ff:e9:93:d6:ab:
01:8d:42:e1:0f:05:96:c6:22:97:fb:c8:52:b1:e3:9e:3c:ad:
4d:29:78:0f:5c:c0:23:99:d3:d5:08:5b:47:0f:18:92:52:95:
95:6f:d5:80:c3:6d:3d:b3:00:66:74:d9:d3:78:ec:a9:81:de:
7e:72:e5:4c:35:e6:e4:d7:51:0b:61:98:b9:94:04:d5:7d:6d:
d2:7a:90:73:19:89:92:86:e9:fd:ed:9f:4e:ae:a2:d2:29:e1:
83:45:48:b6:45:b9:00:ee:af:14:f2:f4:6c:19:c4:cb:e5:03:
98:e2:82:17:aa:d6:68:11:6d:e1:af:43:c9:d2:87:5f:60:78:
fe:52:fe:83:df:84:49:82:43:d4:76:55:ae:c8:44:33:ee:7e:
c9:7c:4d:0a:ed:da:16:9f:06:d0:32:92:30:3e:01:15:0e:25:
c5:37:ec:65:03:35:49:da:64:7b:df:0a:a8:e4:81:42:40:28:
31:26:83:dc:7d:2b:1a:b1:c4:dc:9f:20:0a:c4:36:9d:f7:aa:
dc:e4:a2:53:e8:8e:4d:ce:2e:64:53:68:79:aa:9d:12:f5:dc:
6a:c0:d1:19:bb:75:e2:5e:db:28:ac:b9:2e:22:8c:b2:40:5f:
f2:da:fb:a0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYxezMDtcsjbqbfIt5GH2ZEoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NDcwMTc1NjRjNzExYmNiZDU3NjgwYTBkZmQwMGYyYTVk
MDk5ZGIwHhcNMjMxMjEyMTYxMjA2WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhODIxMjk2ZDc4YzkyNDU4MmYxMjliMzJhNTVkMzNlNzA0ODQ3MzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxVr+1pgQt66GgrkF1qty0JTbovVs
UPJK8+yXweRZFUICNTkGTmo7ENjjIp7XLiDzX51mYwxWvPmDvqbYs88+7pYEja9f
wvDLcDvZftDsgrvY46Uo3DQ+LQrPxnCTUhOaif+HWMFrbPwGj//4A1nElHa3hW5H
SUlORf4E6M1DTZzOBZ7/qqNE5GUwKnmbHHLvfLMQEbzIg7Xhytsgb1CgB6ZU3ThL
6j6O51ALw6tMlUh3twLcPyIdHszGqziE9bF1hCdzZvkmo6MbSIyCSl38orWdvFOc
Mw7MW4JoSwAX+gB6I074v48gBYT9bjTuX1qqCMiJKt58jZt45+2S7ZKMQQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKghKW14ySRYLxKbMqVdM+cEhHNTMB8GA1UdIwQY
MBaAFNdHAXVkxxG8vVdoCg39APKl0JnbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjIt
NGYwZThjZTExYTdkLzEvcUNFcGJYakpKRmd2RXBzeXBWMHo1d1NFYzFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9iYTIzNjItMGNjNS00OWJkLWE1MjItNGYwZThjZTExYTdk
LzEvMTBjQmRXVEhFYnk5VjJnS0RmMEE4cVhRbWRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCwkCYAwQE
wqPAAwQCw7TEAwQCw7TgMA0GCSqGSIb3DQEBCwUAA4IBAQA6Qa0jwqifQ47yiQNe
/+mT1qsBjULhDwWWxiKX+8hSseOePK1NKXgPXMAjmdPVCFtHDxiSUpWVb9WAw209
swBmdNnTeOypgd5+cuVMNebk11ELYZi5lATVfW3SepBzGYmShun97Z9OrqLSKeGD
RUi2RbkA7q8U8vRsGcTL5QOY4oIXqtZoEW3hr0PJ0odfYHj+Uv6D34RJgkPUdlWu
yEQz7n7JfE0K7doWnwbQMpIwPgEVDiXFN+xlAzVJ2mR73wqo5IFCQCgxJoPcfSsa
scTcnyAKxDad96rc5KJT6I5Nzi5kU2h5qp0S9dxqwNEZu3XiXtsorLkuIoyyQF/y
2vug
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:59 2025 by rpki-client