Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7fa9ed-b087-40cd-a016-d957b8c54c94/1/4CVDBQfk8f0JoDVNfZdW5KmUxW4.roa
File: 4CVDBQfk8f0JoDVNfZdW5KmUxW4.roa (raw, json)
Hash identifier: nHMDkuPjeJ0/eX1hxXDiElZwvPgenFN5gDxk2itGma8=
Subject key identifier: E0:25:43:05:07:E4:F1:FD:09:A0:35:4D:7D:97:56:E4:A9:94:C5:6E
Certificate issuer: /CN=f6aed6d5ce415797c1285f7ef6fd043c6466e7de
Certificate serial: 0183D27575143FAC283691B0DE2410B5670C
Authority key identifier: F6:AE:D6:D5:CE:41:57:97:C1:28:5F:7E:F6:FD:04:3C:64:66:E7:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9q7W1c5BV5fBKF9-9v0EPGRm594.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7fa9ed-b087-40cd-a016-d957b8c54c94/1/4CVDBQfk8f0JoDVNfZdW5KmUxW4.roa
Signing time: Thu 13 Oct 2022 17:47:36 +0000
ROA not before: Thu 13 Oct 2022 17:47:36 +0000
ROA not after: Sat 01 Jul 2023 00:00:00 +0000
asID: 207777
IP address blocks: 195.182.29.0/24 maxlen: 24
195.182.27.0/24 maxlen: 24
195.182.37.0/24 maxlen: 24
195.182.24.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:83:d2:75:75:14:3f:ac:28:36:91:b0:de:24:10:b5:67:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6aed6d5ce415797c1285f7ef6fd043c6466e7de
Validity
Not Before: Oct 13 17:47:36 2022 GMT
Not After : Jul 1 00:00:00 2023 GMT
Subject: CN=e025430507e4f1fd09a0354d7d9756e4a994c56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:34:b0:78:5c:b3:3f:44:29:26:18:0c:c6:f8:
42:af:f1:9e:b7:0e:29:a5:60:38:e3:56:ae:64:df:
a8:0f:c3:8d:57:19:72:71:8d:8a:85:70:1b:bd:82:
cd:f8:41:0e:fe:df:12:b1:03:b6:57:4a:f7:49:4b:
90:b6:1a:ff:dc:7f:50:97:6b:52:0a:05:4c:45:10:
c3:6f:a1:f1:40:16:e0:92:77:45:30:48:0c:1d:6d:
27:4f:a4:74:4e:e1:12:5d:a4:e6:ae:f4:83:88:03:
7a:63:82:ed:1f:0b:f1:16:87:2e:81:35:ab:c4:89:
e0:a2:72:c2:4c:c4:79:27:dd:61:21:74:a5:71:e5:
21:af:81:07:f7:15:f6:48:ac:0f:b9:ce:3d:3a:a2:
db:e4:55:20:62:e3:46:e2:73:53:74:f8:ca:b5:ba:
b9:d5:37:64:57:ba:15:84:a5:99:57:64:d5:29:63:
ed:ac:6d:4c:6a:0c:f9:99:7e:a7:f6:f7:ee:f7:04:
03:c4:39:b4:84:07:ee:ea:37:d0:da:17:0e:bb:b7:
f0:c9:76:a5:65:b5:ad:8a:5d:25:3d:02:d7:c3:f2:
07:33:82:fd:3a:02:03:cd:af:26:04:df:0b:30:97:
43:70:65:08:f2:4f:79:25:15:90:59:a9:15:d0:16:
3c:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:25:43:05:07:E4:F1:FD:09:A0:35:4D:7D:97:56:E4:A9:94:C5:6E
X509v3 Authority Key Identifier:
keyid:F6:AE:D6:D5:CE:41:57:97:C1:28:5F:7E:F6:FD:04:3C:64:66:E7:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9q7W1c5BV5fBKF9-9v0EPGRm594.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7fa9ed-b087-40cd-a016-d957b8c54c94/1/4CVDBQfk8f0JoDVNfZdW5KmUxW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7fa9ed-b087-40cd-a016-d957b8c54c94/1/9q7W1c5BV5fBKF9-9v0EPGRm594.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.182.24.0/24
195.182.27.0/24
195.182.29.0/24
195.182.37.0/24
Signature Algorithm: sha256WithRSAEncryption
be:80:4f:83:90:47:38:08:03:a2:b0:0b:1e:29:33:4e:7c:c9:
bb:4f:3c:13:ff:a4:e6:6d:91:aa:a8:88:73:de:17:ee:ad:28:
d8:3d:0d:21:50:e2:c1:b6:8f:ee:17:9a:5e:07:23:cf:62:aa:
b8:de:d2:1a:8d:32:88:04:31:30:59:e5:82:ca:fd:bd:54:a0:
e7:90:d3:33:97:ab:94:3b:cc:4e:ea:63:0b:5a:87:c2:16:59:
92:95:7d:c1:ee:55:a3:62:94:d0:5b:38:0c:41:e9:02:a9:17:
15:0f:48:ea:35:01:e9:2f:7f:f3:61:a7:b1:e4:4b:2f:5c:db:
f6:7a:66:9e:45:ec:4f:62:a0:dd:d3:c6:16:66:f2:3e:19:cb:
06:1a:52:00:9f:8f:18:16:ac:42:73:47:c4:62:d8:66:3a:81:
5a:04:6b:3a:d5:7e:72:b1:cc:7d:df:b3:fd:a2:d2:1e:e3:7d:
9b:14:ac:b5:4e:37:cb:c9:03:70:f8:c0:fb:bf:cb:22:ec:8f:
09:e3:b8:5b:87:45:dc:08:34:cf:c8:83:79:f7:47:40:f6:72:
47:e4:4d:2f:98:85:a3:b6:34:82:6b:69:c4:aa:f5:5c:53:4d:
e4:ef:ed:65:79:41:0c:b4:f0:71:82:03:e8:83:c0:88:0e:04:
f1:f4:23:b6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYPSdXUUP6woNpGw3iQQtWcMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YWVkNmQ1Y2U0MTU3OTdjMTI4NWY3ZWY2ZmQwNDNjNjQ2
NmU3ZGUwHhcNMjIxMDEzMTc0NzM2WhcNMjMwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI1NDMwNTA3ZTRmMWZkMDlhMDM1NGQ3ZDk3NTZlNGE5OTRjNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzSweFyzP0QpJhgMxvhCr/Getw4p
pWA441auZN+oD8ONVxlycY2KhXAbvYLN+EEO/t8SsQO2V0r3SUuQthr/3H9Ql2tS
CgVMRRDDb6HxQBbgkndFMEgMHW0nT6R0TuESXaTmrvSDiAN6Y4LtHwvxFocugTWr
xIngonLCTMR5J91hIXSlceUhr4EH9xX2SKwPuc49OqLb5FUgYuNG4nNTdPjKtbq5
1TdkV7oVhKWZV2TVKWPtrG1Magz5mX6n9vfu9wQDxDm0hAfu6jfQ2hcOu7fwyXal
ZbWtil0lPQLXw/IHM4L9OgIDza8mBN8LMJdDcGUI8k95JRWQWakV0BY8yQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOAlQwUH5PH9CaA1TX2XVuSplMVuMB8GA1UdIwQY
MBaAFPau1tXOQVeXwShffvb9BDxkZufeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXE3VzFjNUJWNWZCS0Y5LTl2MEVQR1JtNTk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83ZmE5ZWQtYjA4Ny00MGNkLWEwMTYt
ZDk1N2I4YzU0Yzk0LzEvNENWREJRZms4ZjBKb0RWTmZaZFc1S21VeFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83ZmE5ZWQtYjA4Ny00MGNkLWEwMTYtZDk1N2I4YzU0Yzk0
LzEvOXE3VzFjNUJWNWZCS0Y5LTl2MEVQR1JtNTk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAw7YYAwQA
w7YbAwQAw7YdAwQAw7YlMA0GCSqGSIb3DQEBCwUAA4IBAQC+gE+DkEc4CAOisAse
KTNOfMm7TzwT/6TmbZGqqIhz3hfurSjYPQ0hUOLBto/uF5peByPPYqq43tIajTKI
BDEwWeWCyv29VKDnkNMzl6uUO8xO6mMLWofCFlmSlX3B7lWjYpTQWzgMQekCqRcV
D0jqNQHpL3/zYaex5EsvXNv2emaeRexPYqDd08YWZvI+GcsGGlIAn48YFqxCc0fE
YthmOoFaBGs61X5yscx937P9otIe432bFKy1TjfLyQNw+MD7v8si7I8J47hbh0Xc
CDTPyIN590dA9nJH5E0vmIWjtjSCa2nEqvVcU03k7+1leUEMtPBxggPog8CIDgTx
9CO2
-----END CERTIFICATE-----
Generated at Sat Apr 19 05:48:11 2025 by rpki-client