Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/77f99c-35cb-47a6-bac3-caba81c9a152/1/jZb4ILTbMxRYUkbxvaClymmuM1k.roa
File: jZb4ILTbMxRYUkbxvaClymmuM1k.roa (raw, json)
Hash identifier: KdUHmYJ4L1lkgZY2jFFfdTxql6zVQCCB1BR6ZzEkMC8=
Subject key identifier: 8D:96:F8:20:B4:DB:33:14:58:52:46:F1:BD:A0:A5:CA:69:AE:33:59
Certificate issuer: /CN=b5cafe1e3aea2f6d911ed107a08aafee979a4f51
Certificate serial: 0186DB17C7589501D6056E5D37B2F1274A17
Authority key identifier: B5:CA:FE:1E:3A:EA:2F:6D:91:1E:D1:07:A0:8A:AF:EE:97:9A:4F:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tcr-HjrqL22RHtEHoIqv7peaT1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/77f99c-35cb-47a6-bac3-caba81c9a152/1/jZb4ILTbMxRYUkbxvaClymmuM1k.roa
Signing time: Mon 13 Mar 2023 13:10:13 +0000
ROA not before: Mon 13 Mar 2023 13:10:13 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 20546
IP address blocks: 195.234.0.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:86:db:17:c7:58:95:01:d6:05:6e:5d:37:b2:f1:27:4a:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5cafe1e3aea2f6d911ed107a08aafee979a4f51
Validity
Not Before: Mar 13 13:10:13 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=8d96f820b4db3314585246f1bda0a5ca69ae3359
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:24:19:b2:e1:42:df:a8:30:33:29:87:09:4e:
ba:61:43:8f:35:35:19:fd:78:6c:b2:e0:8f:e3:5b:
7e:47:83:cf:50:f7:c4:7d:23:2a:4d:f2:e4:dc:eb:
f5:1e:91:00:e3:82:4a:ca:53:b2:c6:6a:2b:95:3b:
e3:c0:75:f6:df:a9:f2:77:63:9c:81:2b:bc:62:50:
dd:77:6c:a9:70:0e:54:c8:42:e3:f1:cb:aa:c1:19:
14:e2:b6:eb:1e:41:6e:8a:4f:22:d9:3b:e8:2d:25:
14:6f:c4:b4:03:f0:e1:be:2d:d9:8b:48:7a:5a:06:
3d:7c:bb:67:04:d4:3f:11:ed:12:d6:14:96:ad:51:
42:95:63:ee:a4:8d:ab:2d:c3:fe:cc:22:cb:29:d2:
d1:5e:42:2f:ab:02:24:e4:da:91:3f:1c:28:fc:ba:
ca:68:b7:ab:6f:43:62:41:70:2a:c7:b1:1e:c0:5e:
b9:7f:32:05:61:b7:fb:d4:be:a8:46:71:21:84:8a:
d2:f5:0b:b1:cb:8c:b3:16:bd:2a:d8:ef:d4:f9:0a:
8a:ea:ef:c3:ad:c9:75:9e:d8:a6:61:f9:d7:77:c6:
a8:30:c5:87:5e:4a:bd:5c:17:ac:a0:e1:46:7c:c9:
df:95:83:e1:b5:21:60:b4:2b:32:e3:bf:cc:34:2d:
44:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:96:F8:20:B4:DB:33:14:58:52:46:F1:BD:A0:A5:CA:69:AE:33:59
X509v3 Authority Key Identifier:
keyid:B5:CA:FE:1E:3A:EA:2F:6D:91:1E:D1:07:A0:8A:AF:EE:97:9A:4F:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tcr-HjrqL22RHtEHoIqv7peaT1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/77f99c-35cb-47a6-bac3-caba81c9a152/1/jZb4ILTbMxRYUkbxvaClymmuM1k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/77f99c-35cb-47a6-bac3-caba81c9a152/1/tcr-HjrqL22RHtEHoIqv7peaT1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.234.0.0/24
Signature Algorithm: sha256WithRSAEncryption
28:cd:2f:18:00:d1:e3:f2:d7:5a:7e:f2:1f:e4:8c:37:a3:eb:
c7:4c:f2:45:f3:fb:1a:af:a8:d1:b6:63:f1:20:97:37:ac:97:
7f:c2:c6:6a:45:c6:04:2c:52:85:c8:77:4d:90:07:04:28:8a:
cc:c8:bc:ce:5c:01:3f:07:d1:3c:95:d3:38:7f:13:84:c8:25:
ca:b8:80:23:42:6e:ac:c0:cf:14:39:ef:31:76:55:1d:2d:f4:
c4:45:ce:ac:78:d6:c5:50:20:28:96:68:b8:d0:75:9e:5f:4f:
ad:67:9e:b1:40:3c:d3:9a:e6:ab:63:ec:36:45:bd:da:c2:8f:
b7:3d:12:ce:e2:3b:df:4e:76:b4:7b:8d:8a:d4:36:11:83:b7:
7b:4c:99:ee:51:48:54:ba:43:ab:6d:51:75:92:8b:92:2d:0d:
b1:89:99:ba:4e:66:3a:c0:66:f5:a3:24:ac:70:79:e1:8a:7f:
88:e8:1b:a7:c3:01:66:9f:ba:5a:0a:8e:8d:80:8d:7b:e0:47:
c7:0d:dd:aa:52:33:b4:e1:21:ee:16:b9:0d:74:8b:af:87:4f:
c0:67:0b:69:df:59:42:a5:d7:b7:35:68:00:72:7f:96:52:96:
ff:ff:6b:3f:fc:8a:b2:8c:4d:22:6f:12:fc:bb:57:fd:ec:b2:
73:8a:68:b8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYbbF8dYlQHWBW5dN7LxJ0oXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1Y2FmZTFlM2FlYTJmNmQ5MTFlZDEwN2EwOGFhZmVlOTc5
YTRmNTEwHhcNMjMwMzEzMTMxMDEzWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDk2ZjgyMGI0ZGIzMzE0NTg1MjQ2ZjFiZGEwYTVjYTY5YWUzMzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiQZsuFC36gwMymHCU66YUOPNTUZ
/XhssuCP41t+R4PPUPfEfSMqTfLk3Ov1HpEA44JKylOyxmorlTvjwHX236nyd2Oc
gSu8YlDdd2ypcA5UyELj8cuqwRkU4rbrHkFuik8i2TvoLSUUb8S0A/Dhvi3Zi0h6
WgY9fLtnBNQ/Ee0S1hSWrVFClWPupI2rLcP+zCLLKdLRXkIvqwIk5NqRPxwo/LrK
aLerb0NiQXAqx7EewF65fzIFYbf71L6oRnEhhIrS9Quxy4yzFr0q2O/U+QqK6u/D
rcl1ntimYfnXd8aoMMWHXkq9XBesoOFGfMnflYPhtSFgtCsy47/MNC1EmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI2W+CC02zMUWFJG8b2gpcpprjNZMB8GA1UdIwQY
MBaAFLXK/h466i9tkR7RB6CKr+6Xmk9RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGNyLUhqcnFMMjJSSHRFSG9JcXY3cGVhVDFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi83N2Y5OWMtMzVjYi00N2E2LWJhYzMt
Y2FiYTgxYzlhMTUyLzEvalpiNElMVGJNeFJZVWtieHZhQ2x5bW11TTFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi83N2Y5OWMtMzVjYi00N2E2LWJhYzMtY2FiYTgxYzlhMTUy
LzEvdGNyLUhqcnFMMjJSSHRFSG9JcXY3cGVhVDFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw+oAMA0G
CSqGSIb3DQEBCwUAA4IBAQAozS8YANHj8tdafvIf5Iw3o+vHTPJF8/sar6jRtmPx
IJc3rJd/wsZqRcYELFKFyHdNkAcEKIrMyLzOXAE/B9E8ldM4fxOEyCXKuIAjQm6s
wM8UOe8xdlUdLfTERc6seNbFUCAolmi40HWeX0+tZ56xQDzTmuarY+w2Rb3awo+3
PRLO4jvfTna0e42K1DYRg7d7TJnuUUhUukOrbVF1kouSLQ2xiZm6TmY6wGb1oySs
cHnhin+I6BunwwFmn7paCo6NgI174EfHDd2qUjO04SHuFrkNdIuvh0/AZwtp31lC
pde3NWgAcn+WUpb//2s//IqyjE0ibxL8u1f97LJzimi4
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:34 2025 by rpki-client