Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/p9fygvVb23m_tnF7ShHOu6K3dqM.roa
File: p9fygvVb23m_tnF7ShHOu6K3dqM.roa (raw, json)
Hash identifier: S2pyWQ9wKkqwkQctvfM+K1bhPTkQ/KEixeg4XRjQuCk=
Subject key identifier: A7:D7:F2:82:F5:5B:DB:79:BF:B6:71:7B:4A:11:CE:BB:A2:B7:76:A3
Certificate issuer: /CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Certificate serial: 018572B43DA5B53687C12E0C978EBB32BDE4
Authority key identifier: FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/p9fygvVb23m_tnF7ShHOu6K3dqM.roa
Signing time: Mon 02 Jan 2023 13:38:12 +0000
ROA not before: Mon 02 Jan 2023 13:38:12 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 206600
IP address blocks: 212.70.164.0/24 maxlen: 24
195.244.159.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:b4:3d:a5:b5:36:87:c1:2e:0c:97:8e:bb:32:bd:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff698eeb2e49fcb5f9c65a99857af29ce06641d9
Validity
Not Before: Jan 2 13:38:12 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=a7d7f282f55bdb79bfb6717b4a11cebba2b776a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:7c:d2:47:ae:33:87:76:c9:6f:32:6b:ca:e5:
92:34:1a:1d:37:44:ca:13:e6:54:e6:5f:4b:b1:03:
7d:7e:8d:1d:25:9b:6e:d8:ab:de:99:57:60:17:65:
22:37:68:1c:59:e5:11:8f:b5:2b:ae:e4:ec:0c:a6:
7d:95:9b:76:9c:ed:fc:9a:4d:e0:56:84:62:e2:15:
c8:f6:46:20:f5:f1:6e:41:59:9d:5b:db:1b:f1:22:
9e:6f:fc:d0:39:a2:8d:a5:9d:1d:7c:ab:82:85:54:
d5:20:2e:32:77:60:ac:fe:c3:40:e2:83:ee:a9:fc:
15:66:ac:2d:d7:cf:15:83:c3:10:2f:c7:79:fb:89:
dd:55:83:bc:77:15:e1:f0:cd:18:24:b4:0d:ea:31:
a0:18:2d:ed:9b:4d:72:e7:7c:68:f6:5d:df:3a:93:
16:1f:a8:4a:be:22:67:50:9f:7d:cc:c7:18:7f:f4:
3f:4c:d0:17:44:1c:4e:e0:7d:03:e0:40:3b:b0:f2:
44:41:24:a6:eb:c8:93:44:23:e3:f2:29:95:a8:27:
a1:15:03:5d:82:02:05:b6:8d:9e:fc:c7:ef:6b:3a:
e4:10:66:3b:0f:e5:5c:41:8c:f5:52:5a:98:22:b5:
84:d0:b7:15:82:2b:f2:7f:ea:42:ba:e7:63:1e:61:
c3:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:D7:F2:82:F5:5B:DB:79:BF:B6:71:7B:4A:11:CE:BB:A2:B7:76:A3
X509v3 Authority Key Identifier:
keyid:FF:69:8E:EB:2E:49:FC:B5:F9:C6:5A:99:85:7A:F2:9C:E0:66:41:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_2mO6y5J_LX5xlqZhXrynOBmQdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/p9fygvVb23m_tnF7ShHOu6K3dqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/b4d75d-953a-4036-9839-57cd68d9cb4e/1/_2mO6y5J_LX5xlqZhXrynOBmQdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.244.159.0/24
212.70.164.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:53:17:f5:1d:99:52:55:51:fc:33:ca:31:19:2e:10:9a:d6:
c5:53:32:cf:18:4c:6d:7d:53:a3:f2:c9:82:ac:db:00:01:35:
3f:43:43:9c:dc:37:99:2e:93:d4:8c:03:dc:ff:d7:76:9a:9c:
9e:ba:65:38:5d:f4:1e:24:36:09:d4:72:44:59:87:97:cd:c3:
27:e4:fa:12:3b:53:6a:8f:ba:ec:2e:56:7d:34:88:ab:f3:3c:
ad:26:f1:ea:7e:c2:a0:5f:61:41:b0:e9:95:8c:ef:ac:8a:28:
f4:dc:8d:ae:9c:c5:3a:36:b4:14:16:b1:b5:1e:a7:a6:86:e2:
a6:84:b6:1f:5c:c5:77:67:4b:60:58:ad:a0:c6:10:92:7b:6d:
3f:7b:fb:cc:88:46:64:25:10:2e:4e:3e:3e:da:a3:37:1a:e1:
33:4f:a3:19:14:d1:fc:43:d3:8e:c8:8d:f7:32:11:9c:a3:d3:
f7:d6:32:7e:ae:ca:27:4a:bf:01:1c:fc:f4:93:3a:f7:44:b1:
4d:da:1d:e4:b5:25:61:c2:d4:93:cf:b9:2b:bd:ae:e2:29:53:
04:a8:db:87:23:fe:d9:40:b9:5d:39:4c:f2:98:b8:c5:62:54:
21:20:f1:d3:c8:2c:5e:26:f5:a9:08:44:b7:57:f5:db:85:ec:
6f:fe:1f:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYVytD2ltTaHwS4Ml467Mr3kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmNjk4ZWViMmU0OWZjYjVmOWM2NWE5OTg1N2FmMjljZTA2
NjQxZDkwHhcNMjMwMTAyMTMzODEyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhN2Q3ZjI4MmY1NWJkYjc5YmZiNjcxN2I0YTExY2ViYmEyYjc3NmEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHzSR64zh3bJbzJryuWSNBodN0TK
E+ZU5l9LsQN9fo0dJZtu2KvemVdgF2UiN2gcWeURj7UrruTsDKZ9lZt2nO38mk3g
VoRi4hXI9kYg9fFuQVmdW9sb8SKeb/zQOaKNpZ0dfKuChVTVIC4yd2Cs/sNA4oPu
qfwVZqwt188Vg8MQL8d5+4ndVYO8dxXh8M0YJLQN6jGgGC3tm01y53xo9l3fOpMW
H6hKviJnUJ99zMcYf/Q/TNAXRBxO4H0D4EA7sPJEQSSm68iTRCPj8imVqCehFQNd
ggIFto2e/MfvazrkEGY7D+VcQYz1UlqYIrWE0LcVgivyf+pCuudjHmHDSwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKfX8oL1W9t5v7Zxe0oRzruit3ajMB8GA1UdIwQY
MBaAFP9pjusuSfy1+cZamYV68pzgZkHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4Mzkt
NTdjZDY4ZDljYjRlLzEvcDlmeWd2VmIyM21fdG5GN1NoSE91NkszZHFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9iNGQ3NWQtOTUzYS00MDM2LTk4MzktNTdjZDY4ZDljYjRl
LzEvXzJtTzZ5NUpfTFg1eGxxWmhYcnluT0JtUWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw/SfAwQA
1EakMA0GCSqGSIb3DQEBCwUAA4IBAQAdUxf1HZlSVVH8M8oxGS4QmtbFUzLPGExt
fVOj8smCrNsAATU/Q0Oc3DeZLpPUjAPc/9d2mpyeumU4XfQeJDYJ1HJEWYeXzcMn
5PoSO1Nqj7rsLlZ9NIir8zytJvHqfsKgX2FBsOmVjO+siij03I2unMU6NrQUFrG1
HqemhuKmhLYfXMV3Z0tgWK2gxhCSe20/e/vMiEZkJRAuTj4+2qM3GuEzT6MZFNH8
Q9OOyI33MhGco9P31jJ+rsonSr8BHPz0kzr3RLFN2h3ktSVhwtSTz7krva7iKVME
qNuHI/7ZQLldOUzymLjFYlQhIPHTyCxeJvWpCES3V/Xbhexv/h+1
-----END CERTIFICATE-----
Generated at Tue Apr 22 00:29:06 2025 by rpki-client