Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/65aea5-ffef-4278-982e-a7a73194028e/1/SHjsl6paTKHkUcO6DoggsR618uU.roa
File: SHjsl6paTKHkUcO6DoggsR618uU.roa (raw, json)
Hash identifier: j7ikc9rq5TZ2b6Nt4jy5iCuU41fH4Mw4L1I5WGeG15w=
Subject key identifier: 48:78:EC:97:AA:5A:4C:A1:E4:51:C3:BA:0E:88:20:B1:1E:B5:F2:E5
Certificate issuer: /CN=5c757007aebf00098a800228db1f5930ee66e675
Certificate serial: 018CAB941B5CD62BD9D4789CE61B428F2562
Authority key identifier: 5C:75:70:07:AE:BF:00:09:8A:80:02:28:DB:1F:59:30:EE:66:E6:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XHVwB66_AAmKgAIo2x9ZMO5m5nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/65aea5-ffef-4278-982e-a7a73194028e/1/SHjsl6paTKHkUcO6DoggsR618uU.roa
Signing time: Wed 27 Dec 2023 14:00:59 +0000
ROA not before: Wed 27 Dec 2023 14:00:59 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 56921
IP address blocks: 195.128.146.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ab:94:1b:5c:d6:2b:d9:d4:78:9c:e6:1b:42:8f:25:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c757007aebf00098a800228db1f5930ee66e675
Validity
Not Before: Dec 27 14:00:59 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=4878ec97aa5a4ca1e451c3ba0e8820b11eb5f2e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:40:43:f8:88:97:ba:0d:0a:04:85:f0:45:25:
16:6d:de:9a:f5:d6:d9:bd:0b:4d:ca:0f:04:07:4b:
83:ba:27:43:ac:e0:49:44:61:74:a6:eb:3e:3d:ad:
52:f9:09:8c:af:8c:7a:f0:24:27:2a:54:82:d4:f7:
d8:d6:f0:9e:4c:70:39:32:ad:2d:c2:d6:68:cf:72:
ff:b3:7a:a9:b4:04:03:38:8c:28:4d:52:92:a4:42:
42:12:95:a6:d7:5a:84:a2:2f:a1:6e:58:62:3f:9d:
2a:d9:cf:89:f6:1a:08:c2:a5:82:b2:ed:d2:29:7c:
13:63:31:2c:f0:64:29:89:ce:7e:49:79:de:15:bc:
ee:df:81:30:b9:a3:78:3f:6f:f7:c8:f5:61:1c:e0:
de:ed:69:b5:99:35:8d:04:5c:72:1c:78:37:33:9f:
92:c8:f8:91:d2:98:f0:4f:57:3b:68:62:f6:6e:bb:
bb:e8:64:95:1b:f4:0e:d6:52:25:2c:51:5d:c2:79:
58:63:6a:7b:7f:b0:f4:14:f6:b9:4a:64:0b:54:43:
50:b9:ce:5b:39:19:51:3a:4d:e9:55:cd:8b:ed:ab:
dc:29:8e:9a:e1:5f:94:2e:5c:ff:7a:74:e6:42:ec:
a9:0b:95:c8:fd:b5:51:38:9d:67:58:a7:aa:f2:14:
a5:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:78:EC:97:AA:5A:4C:A1:E4:51:C3:BA:0E:88:20:B1:1E:B5:F2:E5
X509v3 Authority Key Identifier:
keyid:5C:75:70:07:AE:BF:00:09:8A:80:02:28:DB:1F:59:30:EE:66:E6:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XHVwB66_AAmKgAIo2x9ZMO5m5nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/65aea5-ffef-4278-982e-a7a73194028e/1/SHjsl6paTKHkUcO6DoggsR618uU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/65aea5-ffef-4278-982e-a7a73194028e/1/XHVwB66_AAmKgAIo2x9ZMO5m5nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.146.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:0e:df:5e:50:14:79:55:70:18:88:79:2c:2d:0b:f7:91:86:
d6:58:24:f3:8c:0e:40:e5:6b:c5:7b:aa:cc:f1:b9:d8:d9:86:
dc:c7:40:47:d8:af:02:01:3d:86:be:d2:3d:9b:8e:ec:8e:bf:
e1:e3:fb:4f:3a:a0:58:94:0e:3d:5c:b3:a5:06:53:4b:eb:7d:
3b:ad:09:db:4b:03:78:7a:c7:be:6a:3a:d9:30:ee:fb:b1:14:
35:2f:07:ca:36:f4:47:12:75:f9:ce:78:19:64:ab:0f:99:57:
14:b4:fb:12:f1:5f:ff:64:4c:d6:71:62:e1:33:af:23:92:71:
34:3d:b4:c4:c5:88:39:70:4c:b2:a4:f5:51:b2:d0:b1:49:85:
39:32:39:ce:aa:54:19:d3:ba:ea:3a:47:56:31:a9:7f:bf:a2:
21:67:7a:7a:ac:e9:d4:71:44:0d:45:34:85:7c:7a:4b:ca:ed:
ae:b3:e3:d8:dd:e1:13:08:6e:19:ca:44:87:c2:69:aa:a9:fa:
24:27:f7:b7:46:46:df:9a:2f:66:e5:28:42:66:b8:ef:7f:a1:
57:14:12:cd:fc:a4:c6:e3:f7:cd:d7:8d:c8:74:2c:e4:68:ca:
ef:37:64:62:b5:cf:6f:12:17:2a:a1:2e:13:5f:ac:8f:fc:b4:
53:f8:df:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYyrlBtc1ivZ1Hic5htCjyViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNzU3MDA3YWViZjAwMDk4YTgwMDIyOGRiMWY1OTMwZWU2
NmU2NzUwHhcNMjMxMjI3MTQwMDU5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODc4ZWM5N2FhNWE0Y2ExZTQ1MWMzYmEwZTg4MjBiMTFlYjVmMmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEBD+IiXug0KBIXwRSUWbd6a9dbZ
vQtNyg8EB0uDuidDrOBJRGF0pus+Pa1S+QmMr4x68CQnKlSC1PfY1vCeTHA5Mq0t
wtZoz3L/s3qptAQDOIwoTVKSpEJCEpWm11qEoi+hblhiP50q2c+J9hoIwqWCsu3S
KXwTYzEs8GQpic5+SXneFbzu34EwuaN4P2/3yPVhHODe7Wm1mTWNBFxyHHg3M5+S
yPiR0pjwT1c7aGL2bru76GSVG/QO1lIlLFFdwnlYY2p7f7D0FPa5SmQLVENQuc5b
ORlROk3pVc2L7avcKY6a4V+ULlz/enTmQuypC5XI/bVROJ1nWKeq8hSlewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEh47JeqWkyh5FHDug6IILEetfLlMB8GA1UdIwQY
MBaAFFx1cAeuvwAJioACKNsfWTDuZuZ1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEhWd0I2Nl9BQW1LZ0FJbzJ4OVpNTzVtNW5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS82NWFlYTUtZmZlZi00Mjc4LTk4MmUt
YTdhNzMxOTQwMjhlLzEvU0hqc2w2cGFUS0hrVWNPNkRvZ2dzUjYxOHVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS82NWFlYTUtZmZlZi00Mjc4LTk4MmUtYTdhNzMxOTQwMjhl
LzEvWEhWd0I2Nl9BQW1LZ0FJbzJ4OVpNTzVtNW5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CSMA0G
CSqGSIb3DQEBCwUAA4IBAQB6Dt9eUBR5VXAYiHksLQv3kYbWWCTzjA5A5WvFe6rM
8bnY2Ybcx0BH2K8CAT2GvtI9m47sjr/h4/tPOqBYlA49XLOlBlNL6307rQnbSwN4
ese+ajrZMO77sRQ1LwfKNvRHEnX5zngZZKsPmVcUtPsS8V//ZEzWcWLhM68jknE0
PbTExYg5cEyypPVRstCxSYU5MjnOqlQZ07rqOkdWMal/v6IhZ3p6rOnUcUQNRTSF
fHpLyu2us+PY3eETCG4ZykSHwmmqqfokJ/e3Rkbfmi9m5ShCZrjvf6FXFBLN/KTG
4/fN143IdCzkaMrvN2Ritc9vEhcqoS4TX6yP/LRT+N/0
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:13:22 2025 by rpki-client